
Goodbye FastMail: Aussie government undermining trust in tech companies - d2wa
https://www.ctrl.blog/entry/goodbye-fastmail
======
newscracker
I was considering the cheapest plan on Fastmail even though it's more than
double the cost of Posteo, mainly because of the number of aliases Fastmail
provides. But this recent development and my discomfort with what's been
happening in the U.S. (Fastmail's servers are in the U.S.) have made it easier
to look beyond Fastmail.

It looks like governments in democratic countries around the world have
decided that they must deny privacy (despite the Universal Declaration of
Human Rights having an article on privacy [1]) and have control over who's
talking to who, when, where, how (what apps/platforms they use), how often,
and about what. All these laws and lawless surveillance is very disturbing.
Except for some courts of law (and in certain cases the whims of the judges),
the public at large is at a big risk, both by being kept ignorant and by
activists being silenced.

On email, if custom domain support is not a must, I would recommend Posteo.de.
For custom domains, providers like mailbox.org, mailfence and runbox might
work. I wouldn't recommend ProtonMail or Tutanota because they make porting
email data to another provider cumbersome and impossible, respectively (IMAP
support in ProtonMail is through a bridge application, while there is no IMAP
support in Tutanota).

[1]:
[https://en.wikipedia.org/wiki/Right_to_privacy#Universal_Dec...](https://en.wikipedia.org/wiki/Right_to_privacy#Universal_Declaration_of_Human_Rights)

~~~
d2wa
I’ve moved to Mailbox.org. It’s not perfect, but they have a ton of unique
privacy features like encrypting all incoming emails with PGP (at-rest-
encryption).

They just introduced a new web interface and it’s quite buggy. However, it’s
just 12€/yr for 5 GB storage and up to three aliases (where an alias could be
a catch-all custom domain, so an unlimited number of addresses on a custom
domain).

~~~
d2wa
Update: Review of Mailbox.org: [https://www.ctrl.blog/entry/review-
mailboxorg](https://www.ctrl.blog/entry/review-mailboxorg)

------
beagle3
What does the recent Australian legislation change?

If the mail wasn’t encrypted, FastMail already had the duty to provide the
Australian government with whatever asked (through NSL equivalents)

And if you pgp encrypt before sending, they can’t read the content even if
they really want to.

Recent legislation in Australia is horrible, and affects a lot of things but
somehow Email service doesn’t seem to be one of them. (Don’t let an Australian
mail app do the encryption for you, though; those should be considered
compromised)

~~~
d2wa
Companies have to build tools that grants any law enforcement agency access to
whatever data they want on whomever they want. For an email provider, these
tools could include a search function that lets them look through every email
on the platform. Or they could just ask them to mail them a daily dump of all
new messages on a floppy disk. The point being, FastMail can’t tell the world
what assistance and access their granting the government and there is no
oversight or even transparency that could spark public debates on what is
reasonable and what isn’t.

This satirical video is a good introduction to the changes:
[https://www.youtube.com/watch?v=eW-OMR-
iWOE](https://www.youtube.com/watch?v=eW-OMR-iWOE)

------
tedbolton
I find this AA bill very concerning. I have been of Fastmail for over 5 years,
love the aliases features but gosh, I didn't realise how bad this encryption
backdoor bill is. It's like being on gmail. I found another provider that is
in Canada and allows unlimited aliases for a better price that Fastmail.

[https://www.thexyz.com](https://www.thexyz.com)

------
beart
Does it matter if your email is encrypted at rest when every recipient you
email will store it unencrypted and it is unencrypted in transit?

~~~
finnthehuman
The first step of getting a critical mass on the other side of the encryption
line is a slow stream of people migrating and seeing no immediate benefit.

This defeatist attitude is something the surveillance companies have taught
you to have. Stemming the tide is possible.

~~~
beart
In the case of email, the only way I can see a critical mass being reached is
if both Google and Microsoft start encrypting. Does anyone else even compare
to them in terms of volume of email accounts? I just find it very difficult to
imagine the general public making this happen. I think it must come from the
top down as most people don't understand or don't care.

For SSL to hit critical mass, it took the major browsers to start flagging
pages as insecure coupled with the proliferation of let's encrypt. All the
personal web pages in the world switching to SSL would not have forced the
major players in the same way.

~~~
lucideer
Encryption is done at the client level, not the account level. Yes, a large
majority of Google and MS users probably use the web uis of the service
itself, or Google/ms clients, but the point is that switching client doesn't
mandate switching provider. You can even manage your Google account via a 3rd-
party web ui.

------
brokenmachine
As an Australian, it makes me happy to see people documenting their disdain
for these insane new laws, which are a massive risk to security for everyone,
and of course privacy for _anyone_ within five eyes, not only Australians.

99.7% of the submissions in the consultation period were against these laws.
This was not the will of the Australian people and is the result of an
increasingly desperate outgoing government.

Please complain loudly and often, and take your business elsewhere. Honestly,
the whole technology world should just boycott us.

Australia is clearly now a malicious actor in the worldwide tech community,
and deserves to be shunned.

IMO that's the only possible chance we have for the average joe to realise how
bad these laws are, and for common sense to eventually prevail.

------
NikolaeVarius
So I already have a protonmail account for more sensitive emails, but I would
like a cheaper "primary" email account.

Mailbox.org and tutanoa seems to be the current leaders after fastmail?

------
oriettaxx
exactly! son of a gun

I just signed in, I was so happy, just till 1hr ago when my collegue reminded
me of this Australian issue: now I see this post.

great would be if they move some server in EU

------
lighthouse16
I recently moved to ProtonMail and I am very happy about it.

~~~
d2wa
Protonmail seems fine, but their prices are way too high. Comparable service
charge a tenth of what they ask.

~~~
qu4z-2
Also they don't support open protocols, last I checked -- specifically POP3,
imap, and SMTP. I still use Protonmail, but it's a consideration to factor in.

~~~
protonmail
We do support IMAP/SMTP via the ProtonMail Bridge.

~~~
qu4z-2
It's a proprietary binary, and I need to email you for the Linux version
(although I'm sure the latter will change once it's more stable).

My understanding is also that it's not intended to be exposed on the internet,
which leaves my Blackberry a bit out of luck.

Not to diminish your work, but the ProtonMail Bridge solution doesn't really
meet my needs in the same way native POP3 support would.

------
slowhand09
Your government is overstepping? Revolt! Oh wait, you didn't fight back when
they confiscated your firearms. Never mind.

~~~
brokenmachine
Assuming you're a US citizen, do you not think your government has overstepped
already?

Also, I would be really interested to know what effect you think your firearm
would have on the US military, assuming your government becomes hostile.

