And for those who think Protonmail are the only service with a custom address, think again, because Facebook has one too: https://facebookcorewwwi.onion/
For those wondering how to generate vanity Tor onion addresses in a more efficient manner (taking advantage of your GPU): https://github.com/lachesis/scallion
Maybe doing that in the cloud would compromise the security of your vanity address. You would not own the private key. Your cloud provider could control your domain.
Vanity addresses are popular in bitcoin, but difficulty rises exponentially with each character. Most people don't want crunch random numbers for 6 months. The solution to 3rd party key generation is split keys.
Essentially the addition of keys to get the desired final key.
Generate key X, give X public address to cloud provider, they search for key Y so that X + Y == YourVanityAddress, when found they send you private Y. Private X + Y is your vanity private key.
Vanity address generated by 3rd party in a trustless environment.
I guess I don't see the point of using Tor with Facebook. So much of your identity is already tracked. It's like trying to sneak up on somebody while wearing those squeaky clown shoes.
When you have a very small subset of users who will go through the trouble of trying out Facebook's onion address, it is much easier to be successful with surveillance tools on that small sample.
Because not everyone uses their real name on Facebook, especially in a Middle Eastern country, I would imagine. And Facebook isn't just for your family and real friends anymore (and hasn't been for years).
> Vanity Onion addresses are a bad idea. They teach users to ignore part of the address instead of treating the whole address like an IP address.
This assumes that users aren't ignoring the address anyway. There is a near 100% success rate in tricking users into visiting fake URLs in laboratory conditions. While trying to explain my research to a tenured professor, she literally typed each domain I was spelling out into Firefox's search box instead of punching it in manually.
mike@snake:~$ torsocks telnet wy6zk3pmcwiyhiao.onion 25
Trying 127.42.42.0…
Connected to wy6zk3pmcwiyhiao.onion.
Escape character is ‘^]’.
220 mx1.riseup.net ESMTP (spam is not appreciated)
So if your mail service supports onion addresses, then you can just replace "@riseup.net" in a users email address with "@wy6zk3pmcwiyhiao.onion".
Alternatively, your mail service could have explicit configuration in place to identify @riseup.net addresses and route them to wy6zk3pmcwiyhiao.onion instead of the normal MX records. I do this with Exim by utilising Tors TransPort+DNSPort functionality and then adding the following Exim router:
Obviously this would be better if there was a way to dynamically advertise the onion address in the DNS instead of having to hardcode it in Exim.
[edit] - If they co-ordinated, Riseup and Protonmail, and potentially other similar privacy respecting mail services could send all their traffic over each other via Tor. If you work for either of these companies, please consider the possibility of looking into this sort of relationship.
Shouldn't you also add super enforced SSL certificate validation for such a setup? Since SMTP is usually merely opportunistic SSL, any Tor exit node could very easily strip STARTSSL (or just MITM with a fake certificate that doesn't get validated) and you're worse off than running over the normal internet?
Are we talking about using SMTP via the onion service, or just regular SMTP through an exit node? The onion service comes with its own crypto and would not need TLS on top of it (though you're free to use TLS anyway, like Facebook, if it makes sense because of how your infrastructure is set up). There's no exit node for hidden service connections (or any other node that sees the plaintext other than the hidden service itself).
If you are so threatened that you feel the need to use a Tor hidden service to reach your email provider, you should know that email --- "encrypted or not" --- provides the worst protection of all possible encryption messaging options. Don't use email for sensitive communication, and certainly don't rely on the security features of any email provider for your own safety.
It's not; it's not even close. Every message you send, message by message, HTTP request by HTTP request, depends entirely on the security of Protonmail's servers and relies on PGP, which leaks extensive metadata and has no forward secrecy. Not only that, but because you're using SMTP email, you're always one mistake away from accidentally sending plaintext.
The good secure messaging services --- particularly Signal --- make these things impossible to screw up.
Not sure what you are trying to achieve here. Do you want to stick it to the Man?
The software that is processing your communications will spend extra 0.01 seconds analyzing the data. Is that some kind of victory for you or something?
I started to make a witty post implying that you just signalled for some sort of terrorist attack using an encoded message, then I checked the calendar and posted this instead.
From ignorance, why would I (a non-interesting person in a nominally free country, with non-interesting interests that could nevertheless become interesting depending on political shifts and shit) want to use this hidden service, rather than plain old ProtonMail?
There's an argument for providing camouflage in the form of boring traffic on the Tor network to help those that are forced to use it, and whose traffic authoritarian governments and nefarious forces might actually find interesting. Otherwise, all the interesting data is conveniently gathered in one place, any given traffic on Tor is more likely to be interesting, and it makes the bad guys' jobs just a little bit easier.
There's a wide spectrum of personal preference for internet privacy, and if you're the type that doesn't trust your ISP you could potentially use TOR to add an additional layer of anonymity. If you trust your ISP there isn't much point.
While your message contents would still be encrypted when using the regular old ProtonMail site, it would expose your identity and who you are sending messages to.
IIRC, if you've created an account from your IP address or use a VPN (which virtually guarantees that an account has been created from that VPN's exit node), they force you to go the SMS route. Apparently, there's also a requirement for Tor users.
It's unfortunate because it means there's no way that a ProtonMail account can't be tracked to some static identifier (actual IP or phone number).
That still provides a way to geolocate you. It's incredibly difficult to create a usable Email address that cannot be traced in any way (i.e. purely from a Tor connection without giving any personal information).
I tried signing up a few weeks ago and definitely seemed like I was being forced to either connect SMS or backup email before I could create an account. So I didn't make one. If these things are optional they do not make it clear how to bypass that step.
Last time I tried to sign up, "captcha" was not an option, leaving only privacy-invalidating options. It might be dynamic. The criteria for them not displaying "captcha" as an option is unclear.
Could someone expand how an email service over Tor helps when the messages you sent to others still go through SMTP protocol (even with TLS) and is stored/relayed in/to unprotected severs?
In my experience with researching online drug and exploit markets as soon as a reliable Tor-hosted email provider springs up they become the default email provider for almost everybody.
Previously the default provider has been safe-mail.net but they've had a lot of issues. Before that it was TorMail, and the FBI ended up seizing all of those mailboxes since it was hosted at Freedom Hosting (and was an amateur operation) [1]
What it means is that web email providers act more like online dead drops rather than as traditional email providers. PGP use is pretty consistent in these communities - as is rotating keys and email accounts.
[1] I can't recall of the top of my head any indictements that resulted from TorMail being seized.
I finally switched from Gmail to ProtonMail this month as a New Year's resolution to make my privacy better bit by bit. Haven't tested Fastmail, but I like ProtonMail's simple webmail and the Android client a lot. Happily paying them for the service.
What are your experiences with Fastmail? Do they encrypt all your emails and in which country are their servers located?
Last year I really wanted to use ProtonMail, but the lack of SMTP and (at the time) inability to send plain text email were a big no-no for me.
So I switched from Gmail to Fastmail. I'm loving the service. The web app is pretty snappy and works really well. Even on mobile it is surprisingly responsive.
I find their UI beautiful and quite intuitive (don't read too much into this, as I am someone who really dislikes material design -- one of my grips with Gmail).
Really can't complain. I'd recommend Fastmail to anyone wanting a private mail service.
Small steps. I deleted all my posts and pictures in Facebook and then deleted my account. After Facebook I also deleted some irrelevant accounts like LinkedIn. For mobile I just disabled all Google apps and started to use a VPN connection everywhere.
I wish ProtonMail would offer more email aliases with its paid plans - credentials reuse is what often allows to snoop on someone's online identity. That would really boost its value in terms of privacy.
I was looking into possibly switching over from Fastmail while I happened upon the 5 alias limit and couldn't help but chuckle. I'd have to have an acute need for encrypted email to overlook that.
Isn't that true of all of Tor? An extremely attractive target; arguably anyone with the resources, including most state intelligence agencies, would see high value in finding exploits (and not revealing them).
I wouldn't recommend accessing email over TOR, especially not a paid account.
Infact I would not recommend accessing any public service that requires a unique account authentication over TOR.
This at least is somewhat more useful than facebook over TOR but unless you are accessing only free throwaway accounts (and never use those to communicate with anyone you know) using this somewhat defeats the purpose of TOR.
If you are using proton for additional "privacy" don't do that, since it would effectively mean that your adversary can now know your new email identity.
If you don't worry about that, then in all honesty it's somewhat redundant.
I use hushmail because it has PGP integrated into their service, including a PGP client in the webmail, yes they have a copy of my key (you can do PGP over JAVA if you want to keep the key on your computer) and yes since they are HIPAA compliant and a Canadian company they will comply with NSL but those aren't threat models i worry about.
I want to be able to use PGP easily and from anyplace and not worrying about having to carry my key with me, having PGP or GPG installed and fussing around with it if I have to access my mail in an emergency from a device that might not have a full setup.
Whilst I am aware that the NSA and other agencies with similar capabilities are technically adversaries I don't fuss about them, I'm more worried about sending my mail to the wrong person than the NSA reading my mails, if they want to they'll be able too regardless of where I host them, and I would never go toe to toe with some one who's likely to use rubber hose cryptography on me.
That's rather impossible or we wouldn't be using weird .onion addresses but just .com (at least before gTLDs became commonplace). Please read up on how they work.
Cool good to know. I guess next best would be done type of trusted directory listing - maybe orgs could somehow sign their entries on a directory page? The directory could put redirects for signed services in their path namespace. Meaning people would need
Then you might as well use the normal web. DNS is basically a directory listing with IP addresses to connect to, like a phone book; or a "trusted directory listing" as you say. Onion addresses are public keys which somehow find their way to a rendezvous point (I forgot the details).
> Is there any technical reason why they cant use protonmail.onion?
Sure, there is. You can read about it in the Tor Phishing Resistance section of the article.
> Onion site addresses are 16-character hashes of encryption keys that typically look like this: 3ens52v5u7fei76b.onion. The problem is that there is no good way to differentiate between 3ens52v5u7fei76b.onion and 3lqpblf7bsm532xz.onion, as to the human eye, both are equally unrecognizable. This opens up a phishing risk because a phishing site can trivially be created and unless the 16-character random URL is checked carefully each time, users cannot be certain they are visiting the correct onion site. From a usability standpoint, it is not really realistic to expect users to perform this check every single time.
> To bypass this problem, we used ProtonMail’s spare CPU capacity to generate millions of encryption keys and then hashed them, using a “brute force” approach to find a more human readable hash for our onion address. The end result, after expending considerable CPU time, is the following address which is much more resistant to phishing:
protonirockerxow.onion as it can be easily remembered as: proton i rocker xow
Hidden service addresses are not just regular domain names resolved via DNS, they're actually a hash of the hidden service's private (edit: public, see below) key. The fancy onion addresses out there (like Facebook's) were generated by doing a whole lot of brute-forcing to find a key that looks cool.
Yep, that's right, thanks. The public key is, of course, calculated based on the private key (these are RSA keys), hence why the brute-forcing still involves the private key, but it's not a hash of that key.
And for those who think Protonmail are the only service with a custom address, think again, because Facebook has one too: https://facebookcorewwwi.onion/
You can find a tonne more at this list:
https://github.com/chris-barry/darkweb-everywhere/tree/maste...
And staying on topic, Mailpile has their own .onion
https://raw.githubusercontent.com/chris-barry/darkweb-everyw...
reply