I'm semi-confused. If I have Express VPN on my Router, why do I need separate email protection? My outlook email goes through the router hence the VPN. (I change servers about once a week between NJ, NY and DC.
Proton VPN set up
- Thread starter Norton
- Start date
The #1 community for Gun Owners of the Northeast
Member Benefits:
No ad networks! Discuss all aspects of firearm ownership Discuss anti-gun legislation Buy, sell, and trade in the classified section Chat with Local gun shops, ranges, trainers & other businesses Discover free outdoor shooting areas View up to date on firearm-related events Share photos & video with other members ...and so much more!
Member Benefits:
gamer_jim
Podcaster
If you haven't already:
Get your own domain name. Then get the professional Proton, I think it's like $60/year. That gives you 5 some addresses on them plus unlimited alias addresses. You use your proton email ONLY for accessing your mailbox and logging into the VPN. Then use the other 5 addresses for everything else. 1 for commerce websites. Another for MDS, etc.
I believe now with Proton Mail you can also access multiple mailboxes. They have a corporate rate and I think also a family rate. So you can have one account, multiple mailboxes that you have access to since your the account owner. This isn't needed for the most part if you use the 5 extra addresses and email labels. You can set up rules to sort your mail and keep it separate. This is good if it's just you but if multiple people need to be involved then get the multiple mailbox plan.
The VPN essentially block the details of your network activities from your ISP. It doesn’t specifically protect your email communication. There are two potential weakness from using services like Yahoo, Google or Hotmail. Those services have full access to the metadata (who, what, where and when) and the actual content of your messages. Your are vulnerable if some third party successfully hacks the google servers and can access your personal information. None of your information is encrypted. This can all happen outside of your own home network, meaning your VPN has no impact. Using a service like Protonmail protects you the following ways. First your messages and the content of our stored information is totally encrypted. The Proton team has no access to that information and could not even access it if they wanted to, unless they had your actual password. Second when you send an email from proton to another proton user that message is 100% encrypted from end to end. So the content of your messages cannot be intercepted and read by anyone else.
Tutorial might take a long while. Last night I tried to collect a list of all companies/websites where my registered email was either Gmail, hotmail or yahoo. My gmail account is used like s file cabinet where I’ve saved thousands of personal business related messages. Foolishly I have a folder called “Account Info”. Well if that isn’t a welcome mat for a cyber criminal, then i don’t know what is. I guess the one bright side is that I used that folder along with my saved passwords in my chrome browser and on my phone to populate my master list of email registrations I should consider migrating to proton.
Shockingly it’s over 300 items long.
Some of them were only used one time, maybe to just buy something online. This might be half the list. I spend hours last evening simply trying to de-register and close unused accounts, in order to pare down then number of accounts that really need to be migrated to the new email.
Another thing this list made me realize was that my password strategy SUCKS. I thought I was being clever using a combination of short phrases, numbers and special characters for each site, but while examining the list in it’s entirety I can see it would still be intuitively easy for someone to at least form an educated guess if they had any hint of the scheme I was using. So I this needs to get fixed too.
My email is through Comcast.
So I doubt that Comcast cares about the content of your messages like google, Microsoft or yahoo. Since you are a paid subscriber they don’t earn revenue from data searches and selling your data. However their email is not end to end encrypted either. There may also be some vulnerability in how you access your email too.
What I don’t know is how Comcast saves your email messages. Do they have some sort if web based interface where your inbox and sent messages reside until you delete them? Is that storage encrypted and secured? If not then this is where a service like proton would be beneficial. For example if a hacker did gain access to the comcast servers and somehow was able to access your storage they could read your messages. Also if a state agency subpoenaed your information could easily be retrieved and turned over by Comcast even without your knowledge or consent. However services like proton the content of your mailbox is encrypted and even if the company wanted to turn over information they could not unlock the content without knowing your password key.
I’m realizing this. My iphone has the ability to generate long random passwords but I think I’m going to go with Bitwarden which works with iPhone too.
Bitwarden also works with DUO 2FA and I already use that app for other logins.
https://ssl-tools.net/mailservers/comcast.net
Looks like Comcast's servers support STARTTLS (commonplace nowadays, especially for a huge provider), so there's a good chance that your emails would be encrypted during transport. (Whether that TLS compliance is implicitly enforced or not is a different story.)
As Tool stated, you have no guarantees that your data is protected at rest and under other circumstances such as a data breach or active exploitation of Comcast's servers. And of course the law enforcement disclosure factor. You get extra assurances with end to end encryption offered by providers like ProtonMail.
I don’t know Bitwarden, but it’s open source which is a good sign. KeePass has apps for iOS and android, and supports time based 2FA. I’ve been using it for 5 or 6 years now and it has not given me a reason to change.
One of the nice features of full password managers is it also functions as my bookmark catalog instead of housing that information on the browser. Easy search function and keyboard shortcut to open the desired web page.
Since I’m new to the game I checked out ratings for a few and KeePass was rated very highly. In the end it was the open source non-commercial aspect that pushed me to Bitwarden. I’m sure they are all pretty similar.
I’m finding this out too. On my laptop that list is easily accessible and just clicking the link takes me to the webpage. However I just downloaded the app on my phone and sadly it doesn’t work that way. It does however automatically populate the user name and PW fields when I go to the website on my phone so maybe its not too bad. I’m thinking about just signing up for a paid account for $10 per year.
It’s interesting that this VPN thread has diverged a bit since the OP but it seems that many of these persons security and privacy strategies are really tightly linked together in practice anyway.
After a few weeks of using ProtonVPN I've noticed it can be quite a bit slower than ExpressVPN. I did a few internet speedtest with both and here are the results. Note I pay for Verizon 300mbps service
Without VPN 166mbps Download 233mbps Upload
Express VPN 142mbps Download 138mbps Upload
Proton VPN 128mbps Download 62mbps Upload. I tried again on several different servers and a few were even slower.
Also I'm not sure why but I seem to be getting a lot more Captcha requests that I seem to recall with ExpressVPN. If I see another Chimney or Fire Hydrant I'm going to throw my mouse across the room. This may not be a ProtonVPN thing but it sure is annoying. I also switched to Firefox at the same time I switched to ProtonVPN so this may be related I'm not sure.
My next step, which I'm going to need some help doing is to install ProtonVPN on my Netgate Router and then create a VLAN linked to a specific wireless network that runs through the VPN. I'm going to move a lot of traffic through that VPN/VLAN but I still want to have some stuff like Netflix to bypass the VPN. This task is over my head at this time, but if someone has done something like this and can offer assistance, I'll be grateful.
Without VPN 166mbps Download 233mbps Upload
Express VPN 142mbps Download 138mbps Upload
Proton VPN 128mbps Download 62mbps Upload. I tried again on several different servers and a few were even slower.
Also I'm not sure why but I seem to be getting a lot more Captcha requests that I seem to recall with ExpressVPN. If I see another Chimney or Fire Hydrant I'm going to throw my mouse across the room. This may not be a ProtonVPN thing but it sure is annoying. I also switched to Firefox at the same time I switched to ProtonVPN so this may be related I'm not sure.
My next step, which I'm going to need some help doing is to install ProtonVPN on my Netgate Router and then create a VLAN linked to a specific wireless network that runs through the VPN. I'm going to move a lot of traffic through that VPN/VLAN but I still want to have some stuff like Netflix to bypass the VPN. This task is over my head at this time, but if someone has done something like this and can offer assistance, I'll be grateful.
Looks like ProtonVPN just dropped their newest update which now includes Wireguard protocol. Now seeing 207mbps Download and 134mbps upload speeds. This is a big improvement over my previous post on 9/23 and even better than my previous ExpressVPN speed comparison. I'm pretty satisfied now.
Are you positive that proton mail isn't playing on the same team as the NSA? The NSA had a glitch put into 3DES to ensure that they could easily or more easily decrypt 3DES encrypted data. Many company's that were started by former employees of the NSA opened back doors or sent the NSA copies of their source code as a favor.
Way back some 25 odd years ago SecurID became susceptible in my eyes due to two former NSA employees I worked with joked about the numbers that RSA's SecurID provided. I asked them if the algorithm was compromised. They looked at each other and then both looked back at me and in unison said "no."
Debit card, hell no. Go buy a VISA or MC card with cash at a store not near you and use that to sign up.
The fact that something is open source does not obviate the belief that it isn't filled with bugs, glitches, or malicious code.
I specifically tried to use a OneVanilla.com prepaid card which purportedly would work but it didn’t. I thought about using Bitcoin but that’s not necessarily private either. It’s too bad they don’t take Monero which is anonymous.
Also I really don’t know where all of the concerns about using a masked card through a debit card come from. I can register without using my real name or address.
Proton wins important appeal in Swiss court which would have forced the email and VPN service provider to log activity and store user data on it’s systems.
https://www.swissinfo.ch/eng/proton-wins-appeal-in-swiss-court-over-surveillance-laws/47052196
Good news for privacy advocates.
https://www.swissinfo.ch/eng/proton-wins-appeal-in-swiss-court-over-surveillance-laws/47052196
Good news for privacy advocates.
Users who are viewing this thread
Latest posts
Forum statistics
Latest threads
-
Hair-trigger posting... please include more than just the "headline" (12 Viewers)- Started by Mr H
- Replies: 5
-
-
-
(Duplicate - mods please close) MoCo trans student arrested for threatening school- Started by Lafayette
- Replies: 2
-
-
-
