Choosing a Secure Email Service
This is the first part of an article dedicated to choosing an email service, in which I would like to discuss the criteria for selection. I would like to point out that many, but not all, evaluation criteria are described in the material. SSL, reliable encryption, two-factor authentication, and other basic security elements are omitted; services without them will not even be considered.
Security of the Service/Breaches
Many of you are familiar with the story of Yahoo, which became a prime example of a poor email service, first being hacked and then granting access to user correspondence to intelligence agencies.
But we are more interested in not just the fact of a breach, as anyone can be hacked, but the response to the hack. The fact of the breach was hidden from users for years, while hackers had the opportunity to read correspondence during that time. We consider such behavior absolutely unacceptable and recommend that you refrain from using Yahoo's service.
Another instructive example is the hack of the email service VFEmail. In this case, hackers, having breached the servers, deleted all information, and the owners had no backups, resulting in the loss of mailbox contents. Most online services allow users to back up all emails, however, users rarely do so, which means that the loss of mailbox contents can become a significant problem.
Absence of Content Transmission to Law Enforcement
To begin with, I will show you a screenshot of a news item published on a popular Telegram channel. I do not insist on its authenticity, however, I am aware of several similar stories from various sources.
Services that care about the right to user correspondence privacy do not provide access to the contents of email inboxes. For example, we know of cases where Protonmail provided data upon request; they included the IP address at the time of mailbox registration, but no emails were disclosed.
Although this caused a negative reaction on some forums, mainly due to the fact that Protonmail violated their stated procedure for information transmission.
