1
00:00:00,000 --> 00:00:08,000
The next type of email services that I want to talk about, our email services that are focused on privacy

2
00:00:08,000 --> 00:00:09,000
and anonymity.

3
00:00:09,000 --> 00:00:16,000
So unlike temporary emails, these are proper email services that will give you a proper email.

4
00:00:16,000 --> 00:00:18,000
Your inbox will never expire.

5
00:00:18,000 --> 00:00:25,000
You will sign up and log in with a password similar to the way you sign up and log in to the email services

6
00:00:25,000 --> 00:00:26,000
that you're familiar with.

7
00:00:26,000 --> 00:00:28,000
Similar to Google and Hotmail.

8
00:00:28,000 --> 00:00:31,000
They offer a lot of very useful features.

9
00:00:31,000 --> 00:00:33,000
They're user friendly.

10
00:00:33,000 --> 00:00:37,000
So again, all of this is similar to the services you're used to.

11
00:00:37,000 --> 00:00:45,000
But unlike Gmail and Hotmail and all of these services that collect a lot of data about you, these

12
00:00:45,000 --> 00:00:49,000
privacy focused email services collect no data.

13
00:00:49,000 --> 00:00:50,000
They don't store any logs.

14
00:00:50,000 --> 00:00:52,000
They don't track you.

15
00:00:52,000 --> 00:00:55,000
Most of them use some sort of encryption.

16
00:00:55,000 --> 00:00:59,000
The good ones would be using end to end encryption.

17
00:00:59,000 --> 00:01:04,000
So your email will be encrypted at your end and only decrypted at the destination.

18
00:01:04,000 --> 00:01:10,000
Therefore, nobody that intercepts this email will be able to read it.

19
00:01:10,000 --> 00:01:14,000
Even the mail provider itself shouldn't be able to read it.

20
00:01:14,000 --> 00:01:22,000
Now I actually look at the services as a hybrid between the email services that we all know and use,

21
00:01:22,000 --> 00:01:29,000
such as Gmail and the email services available on the darknet that I will talk about in the next lectures.

22
00:01:29,000 --> 00:01:34,000
Because like I said, first of all, they offer all of the features that we are used to.

23
00:01:34,000 --> 00:01:40,000
They are also user friendly, but at the same time they won't track you.

24
00:01:40,000 --> 00:01:43,000
They won't keep any logs and their privacy focused.

25
00:01:43,000 --> 00:01:49,000
And another reason that makes me feel that they are like a hybrid is the fact that most of them are

26
00:01:49,000 --> 00:01:53,000
available on the clear net and on the darknet.

27
00:01:53,000 --> 00:02:00,000
So they'd have a clear net address and a darknet address, and they can communicate with both Darknet

28
00:02:00,000 --> 00:02:02,000
and clear net email providers.

29
00:02:03,000 --> 00:02:05,000
Similar to the temporary emails.

30
00:02:05,000 --> 00:02:08,000
There are a number of providers that offer these services.

31
00:02:09,000 --> 00:02:15,000
I highly encourage you to do your own research and read the privacy policy before you sign up with any

32
00:02:15,000 --> 00:02:21,000
of them and never use your real identity if you're using the services in the darknet.

33
00:02:21,000 --> 00:02:23,000
Make sure you use your fake identity.

34
00:02:24,000 --> 00:02:29,000
With that being said, a very popular example is Protonmail.

35
00:02:29,000 --> 00:02:34,000
So this is just an example of a privacy focused email provider.

36
00:02:34,000 --> 00:02:35,000
It is not the only one.

37
00:02:35,000 --> 00:02:41,000
And like I said, I highly encourage you to do your own research and read and see which is best for

38
00:02:41,000 --> 00:02:42,000
you.

39
00:02:42,000 --> 00:02:48,000
So Protonmail comes with all of the features that I just mentioned that all of the providers in this

40
00:02:48,000 --> 00:02:49,000
category offer.

41
00:02:50,000 --> 00:02:52,000
On top of that, it is open source.

42
00:02:52,000 --> 00:02:57,000
So all of the code used is available for anyone to read and analyze.

43
00:02:57,000 --> 00:03:04,000
And even if you don't know coding, you can be rest assured that people are constantly revising their

44
00:03:04,000 --> 00:03:08,000
code and will call them out if they discover anything fishy.

45
00:03:09,000 --> 00:03:17,000
Protonmail also enforces HTTPS on both on their clear net and on their darknet website, which is something

46
00:03:17,000 --> 00:03:20,000
that is rare on Darknet websites.

47
00:03:20,000 --> 00:03:23,000
And it is great because that adds an extra layer of encryption.

48
00:03:23,000 --> 00:03:25,000
It uses end to end encryption.

49
00:03:25,000 --> 00:03:32,000
So like I said, the messages that you send get encrypted at your end and only decrypted at the destination

50
00:03:32,000 --> 00:03:33,000
and vice versa.

51
00:03:33,000 --> 00:03:39,000
So even protonmail, if they wanted to read the content of your email, they won't be able to do that

52
00:03:39,000 --> 00:03:41,000
because it's going to be encrypted.

53
00:03:42,000 --> 00:03:48,000
They also use their own servers so they don't rent servers from third parties and all of their servers

54
00:03:48,000 --> 00:03:54,000
are in Switzerland, which is a country known for having good privacy laws.

55
00:03:55,000 --> 00:04:01,000
With that being said, if you read their privacy policy and their transparency page, you will see that

56
00:04:01,000 --> 00:04:08,000
they did reveal information about specific users in order to comply with court orders.

57
00:04:08,000 --> 00:04:13,000
But like I said, they keep no logs, they don't track you and everything is encrypted.

58
00:04:13,000 --> 00:04:19,000
So they don't have a lot of information anyway, even if they do reveal this information.

59
00:04:19,000 --> 00:04:25,000
And at the end of the day, like I said at the start of this section, I'm showing you all of the options

60
00:04:25,000 --> 00:04:31,000
and you should go with what suits you best in terms of why you need this account and what's your threat

61
00:04:31,000 --> 00:04:32,000
model.

62
00:04:33,000 --> 00:04:36,000
Now let's go ahead and have a look on this website.

63
00:04:36,000 --> 00:04:42,000
So right here I have their clear net website and in here I have their onion hidden service.

64
00:04:43,000 --> 00:04:50,000
For this to work, you should actually put your security settings to medium to safer so that it allows

65
00:04:50,000 --> 00:04:54,000
JavaScript to be executed on HTTPS pages.

66
00:04:54,000 --> 00:04:59,000
Now, depending on your threat model, you might not want to do this, but in general.

67
00:05:00,000 --> 00:05:06,000
Because this is only done on HTTPS pages which already has encryption and because Protonmail is open

68
00:05:06,000 --> 00:05:07,000
source.

69
00:05:07,000 --> 00:05:13,000
So all of its code is known and because of their reputation, it's not a very bad idea to do this.

70
00:05:15,000 --> 00:05:17,000
Now signing up is very simple.

71
00:05:17,000 --> 00:05:20,000
All you have to do is just click on sign up.

72
00:05:20,000 --> 00:05:22,000
I'm going to choose the free account.

73
00:05:23,000 --> 00:05:25,000
And I'm going to select it.

74
00:05:27,000 --> 00:05:29,000
And let's set up a username.

75
00:05:29,000 --> 00:05:34,000
So like I said, you want to keep in mind that you are going to use your fake identity in here.

76
00:05:35,000 --> 00:05:41,000
So I'm just going to set this to j0wk and let's put a password.

77
00:05:42,000 --> 00:05:47,000
You can also set a recovery email that you can use to recover the password with.

78
00:05:47,000 --> 00:05:52,000
I'm going to keep this to blank because I don't want to give a lot of information about myself and I'm

79
00:05:52,000 --> 00:05:54,000
going to click on Create Account.

80
00:05:55,000 --> 00:06:01,000
It's given me a warning that I'm creating an account without a recovery email, but that's fine.

81
00:06:02,000 --> 00:06:09,000
And right now, Protonmail is going to create the keys that will be used to encrypt your data, your

82
00:06:09,000 --> 00:06:09,000
emails.

83
00:06:09,000 --> 00:06:12,000
Like I said, it uses end to end encryption.

84
00:06:12,000 --> 00:06:19,000
So when you send something, it gets encrypted at your end and it will only be decrypted at the destination.

85
00:06:19,000 --> 00:06:26,000
Therefore, anyone in the middle, including Protonmail themselves, they won't be able to see the contents

86
00:06:26,000 --> 00:06:27,000
of your emails.

87
00:06:28,000 --> 00:06:33,000
Now you want to give this some time because it could take a few minutes depending on the specs of your

88
00:06:33,000 --> 00:06:34,000
computer.

89
00:06:36,000 --> 00:06:36,000
Okay.

90
00:06:36,000 --> 00:06:38,000
Now it's asking me to solve this CAPTCHA.

91
00:06:38,000 --> 00:06:41,000
So I'm going to click I'm not a robot.

92
00:06:41,000 --> 00:06:45,000
It's not accepting this probably because I'm using the Tor network.

93
00:06:45,000 --> 00:06:51,000
So the other solution would be to verify myself that I'm not a robot using an email.

94
00:06:51,000 --> 00:06:54,000
And again, you can use any email in here.

95
00:06:55,000 --> 00:07:00,000
I'm going to use a temporary email similar to the ones I showed you in the previous lectures.

96
00:07:00,000 --> 00:07:03,000
So I'm just going to go to gmail.com.

97
00:07:05,000 --> 00:07:11,000
And let's just use a different domain just in case they get a lot of domains like this one.

98
00:07:14,000 --> 00:07:16,000
And that's copy this.

99
00:07:18,000 --> 00:07:19,000
And paste it here.

100
00:07:20,000 --> 00:07:21,000
And we're going to send.

101
00:07:22,000 --> 00:07:27,000
So it's telling us that the verification code should be sent to the email that we picked.

102
00:07:27,000 --> 00:07:31,000
Let's go back and check if we actually did get this verification code.

103
00:07:32,000 --> 00:07:33,000
Perfect.

104
00:07:33,000 --> 00:07:35,000
As you can see, we have the code in here.

105
00:07:35,000 --> 00:07:38,000
It's 974, six, four, four.

106
00:07:38,000 --> 00:07:40,000
So go back here.

107
00:07:42,000 --> 00:07:46,000
And we're going to click on Complete Setup again.

108
00:07:46,000 --> 00:07:50,000
You want to be patient with this and let it load and create your account.

109
00:07:51,000 --> 00:07:52,000
And perfect.

110
00:07:52,000 --> 00:07:55,000
As you can see, the account should be set up now.

111
00:07:55,000 --> 00:07:57,000
It's asking us if we want to change the name.

112
00:07:57,000 --> 00:07:59,000
I'm going to keep it the way it is.

113
00:08:01,000 --> 00:08:02,000
Going to close these tips.

114
00:08:04,000 --> 00:08:05,000
And perfect.

115
00:08:05,000 --> 00:08:08,000
As you can see, it's a very nice user interface.

116
00:08:08,000 --> 00:08:14,000
Like I said, this really is like a hybrid between what you get on the clear net and on the dark.

117
00:08:15,000 --> 00:08:17,000
Using this is very intuitive.

118
00:08:17,000 --> 00:08:19,000
I'm not going to waste more time on it.

119
00:08:19,000 --> 00:08:22,000
This is your inbox draft sent and so on.

120
00:08:22,000 --> 00:08:24,000
You click on Compose to send a message.

121
00:08:25,000 --> 00:08:31,000
The messages that you get will show up in here in the inbox and you can from any message you can click

122
00:08:31,000 --> 00:08:31,000
on it.

123
00:08:31,000 --> 00:08:37,000
And now that you're inside the message, you can reply forward and so on.

124
00:08:37,000 --> 00:08:39,000
So that's it for this lecture.

125
00:08:39,000 --> 00:08:45,000
Just wanted to cover an example of a private kind of hybrid email service.

126
00:08:45,000 --> 00:08:50,000
Like I said, this is not the only one, so please don't take this as the only example.

127
00:08:50,000 --> 00:08:54,000
This is just an example, and I want you to understand the whole concept.

128
00:08:54,000 --> 00:09:00,000
So there is a whole number of services that operate on the same concept.

129
00:09:00,000 --> 00:09:03,000
Like I said, there are a lot of pros to this.

130
00:09:03,000 --> 00:09:11,000
As you can see in here, the only cons are the fact that it uses JavaScript and the fact that it is

131
00:09:11,000 --> 00:09:18,000
a clear net website, it is a proper company and they have complied and revealed information about their

132
00:09:18,000 --> 00:09:21,000
users when the court ordered them to do so.

133
00:09:21,000 --> 00:09:26,000
With that being said, like I said, they don't keep any logs, they don't track you and everything

134
00:09:26,000 --> 00:09:27,000
is encrypted.

135
00:09:27,000 --> 00:09:32,000
So they can't really reveal too much because they don't know too much.

136
00:09:32,000 --> 00:09:35,000
But again, read the privacy policy.

137
00:09:35,000 --> 00:09:41,000
Continue with the options that I'm going to show you and pick the option that works best for you based

138
00:09:41,000 --> 00:09:45,000
on the reason why you need this service and based on your threat model.