I generally just use tor browser and proton (verified through a disposable email address only accessed via the tor browser) - seems secure enough for me?

I use it often...

▲ fc417fc802 a day ago | parent | next [-]

> verified through a disposable email address

To the extent it works that's a loophole. I can't speak to proton specifically but the majority of services don't want to permit disposable email because the entire point is to cut down on spam and abuse.

I can appreciate having the option of providing a phone number or email or whatever but I think the state of the ecosystem is telling. The option for anonymous email with PoW per outgoing email isn't provided despite largely addressing the commonly cited rationale for requiring some sort of verification. And we're still stuck bashing PGP, shilling for competing E2E message solutions while it's plain as day that the vast majority of commerce isn't going to move off of email any time soon. Meanwhile TLS can figure out how to distribute public keys via DNS as part of implementing ECH in all major browsers over a period of less than a decade.

▲ godelski 21 hours ago | parent [-]

While I don't use disposable emails I've been converting all my accounts to unique emails with either Firefox Relay[0] or using my personal website[1]. Bitwarden has made this easy as they let you import your Relay's API key and so every new site gets unique usernames and passwords[2]. It certainly is making it easier to block spam, and you get to know who is leaking your emails[3], and I've burned emails because of it. Frankly at this point the biggest problem is having a 20 year old gmail account. But the plus side of this type of system is that you can move your endpoint, so where Relay/CF directs the emails too, making you less reliant on your email provider[4].

There's pros and cons. On the plus side, unique identities for every site and by getting a catchall domain you can even generate valid addresses via pen and paper. Probably the biggest benefit is just searching emails. On the cons, document sharing can be a bigger pain than it already is (how is this still a pain all these years later?). Also, people get very confused when you tell them your email address is TheirCompanyName@godelski.mozmail.com (I don't actually have that domain, don't send emails there).

It's helpful but I think represents a fundamental flaw in our ecosystem.

  > And we're still stuck bashing PGP

I can't believe we haven't normalized this in the nerdy spaces, at least not to the degree of things like Signal. It is a thing that can be entirely automated and both Thunderbird and NeoMutt are able to handle this for you and make it effectively seamless. The average person does want this stuff, but they don't want to think about it. The problem is that they think their stuff is already private, or they say it can be spied on but that they're not worth spying on so they think it is effectively the same thing.

[0] https://relay.firefox.com/

[1] Cloudflare will do email forwarding for you as will plenty of others: https://www.cloudflare.com/developer-platform/products/email...

[2] What doesn't help is how prolific OAUTH is becoming.

[3] Sorry, adding +something on your gmail won't work these days.

[4] I'm actually looking. People say TutaMail but sorry, I need something I can use with either Thunderbird or NeoMutt... This is non-negotiable. Everyone has multiple email addresses these days and I'm not checking 30 different sites. The problem is already one of poor organization.

▲

mschild 15 hours ago | parent [-]

I know its effecitvely a vendor lock-in and not what you are looking for but I love the SimpleLogin integration that Proton made with Proton Pass.

I have it setup in my browser and phone. Whenever a website or app would like an email for an order or something else, it takes a single click to generate a named alias (using the website name) e Which forwards emails to my normal inbox. Replying to any received emails also uses the alias.

The SimpleLogin interface could use some improvement though. Deleting unused ones is a bit tidious.

	▲	subscribed 13 hours ago \| parent [-]
		I use SimpleLogin with custom domains but kinda meh. Brilliant for quick creation of temporary emails, but app troublesome and doesn't show the all options, but much to my disappointment they don't do proper SRS, so it invalidates any, ANY benefits from DMARC or such. Emails that with SRS would have a proper From, organisation logo from BIMI record, now immediately end up in Spam and are marked as phishing attempts. I had a better success with personal postfix server forwarding my catch-all alias mail to Gmail than I have with SimpleLogin. The only thing that is better is that replying to emails is easier, but that could be done while staying compliant with SRS. I regret buying the subscription and I won't be extending it. Should've go with a proper email service, not a glorified alias generator.

▲ jesse_dot_id a day ago | parent | prev [-]

How old are the accounts?