7 posts tagged with "email"

View All Tags

What is a Blockchain Email? Pros, Cons & the Future

Ever since the success of Bitcoin, Ethereum and other cryptocurrencies, developers and entrepreneurs have been looking at what other applications could the blockchain have.

One such application that is gaining momentum is email over blockchain. But what are its pros and cons and, more importantly, what is its future?

Blockchain Email Pros#

There are a couple of benefits that blockchain email offers, including:

1. Improved user privacy#

Since the blockchain is itself decentralized, meaning there is no central server with its vulnerabilities, users won’t have to “pay” for it with their data as is the case with “free” email services which collect that data and then sell them to advertisers.

2. Better security#

A blockchain is a public ledger that, while anyone can see the transaction made on, you can’t change entries.

The only way for the blockchain to be attacked is if the attacker could gain control of more than 50% of the hashrate. Since there could literally be thousands of nodes, that’s for the most part out of the question.

3. Peer-to-Peer communication#

Blockchain also eliminates the presence of a third-party service provider that would essentially have control over your data as it sits on their servers.

4. Better authentication#

Authentication is one of the biggest problems of traditional email, leading to spam, email spoofing, etc.

While this has been largely mitigated with tools such as SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail) and DMARC (Domain-based Message Authentication, Reporting and Conformance), email forging is still an issue.

Blockchain, however, is an immutable (meaning, it cannot be modified) set of records authenticated by each node/computer, so it can easily verify and authenticate that you are receiving an email from a trusted sender and not a bad actor.

Blockchain Email Cons:#

So why isn’t everyone jumping on the email over blockchain train? Well, there are a few disadvantages that we need to address as well:

1. It is often “members only”#

One of the problems that blockchain email platforms often have is that you can only email users of that platform. Since we are not talking about platforms with Gmail-like user numbers, but a few thousand at best, this creates a sort of “members only” situation.

Very often, even if you can message someone on another platform, a lot of the features that make that particular email service shine can’t be used with the outside platform.

2. Huge storage requirements#

An average email is 75KB. Not a lot, right? Now multiply that by the number of emails sent every year (more than 100 trillion and you have an enormous storage problem.

Each node in the network needs to store its own copy of the blockchain, which creates a pretty big scalability problem.

Email over Blockchain Potential#

Blockchain email probably won’t ever reach the popularity of cryptocurrencies, smart contracts, NFTs and other blockchain applications, at least not when it comes to private users, the majority of which will stick to convenient free email services like Gmail.

However, the enhanced privacy and security that it offers, as well as the authentication, could make it very attractive for businesses looking for a better anti-fraud solution.

Public Key vs Private Key Cryptography - What’s the Difference?

When it comes to cryptography and protecting your sensitive data, two terms are crucial - public and private keys.

This is because they are used to encrypt and decrypt data.

In this article, we’ll explain what these keys are, what they do and what the difference is between public key vs private key cryptography.

What is Private Key Cryptography?#

In private key cryptography, one key is used to both encrypt and decrypt the data and is then shared between the sender and the recipient.

This key can be a QR code, 64-digit hexadecimal code, 256-character binary code, etc.

The idea is just that it needs to be very long, non-guessable and random (or pseudo-random). The reason for this is that a short and guessable private key can be brute-forced by a determined hacker.

Since the private key is shared, this type of cryptography is also called symmetric.

What is Public Key Cryptography?#

In public key cryptography, there are two keys - private and public. Hence, this type is also called asymmetric.

One key, public, is used to encrypt the data from plain text into cipher text and this key can be freely shared. The other key, private, is used to decrypt the data from ciphertext back into plain text and this one is kept secret and held by the recipient.

Difference Between Public Key vs Private Key Cryptography#

There are a few distinct differences between public key vs private key cryptography.

Public Key CryptographyPrivate Key Cryptography
Used two keys. One (public) to encrypt and the other (private( to decrypt dataUses only one key (private) to both encrypt and decrypt data
One key (public) can be freely shared, while the other (private) needs to be secretly keptThe key is always kept secret
The public key can be shared freely, but the private key is shared only between the sender and recipientThe private key needs to be shared between the sender and recipient only
No danger of key loss since it is held publiclyIf the key is lost, you can lose access to the system
Uses RSA algorithmUses AES algorithm


So which one is better? Private or public key cryptography?

There’s no clear “winner” here since both types offer a different purpose and have different advantages and disadvantages.

In general, private key cryptography is better in situations where you work with large databases and closed systems and where speed over privacy is more important.

On the other hand, public key cryptography works better when sharing data across an open network, like email, which is why it is used in end-to-end encryption.

What are the Most Common Email Server Security Vulnerabilities?

Almost all of our data is stored on a server, making this an attractive target for malicious attackers. This goes even further for email servers as email is still one of the most popular ways of communicating online, especially for businesses.

If your email server is compromised and threat actors can gain access to the confidential information within it, this will result in financial losses for your company and losing valuable customers.

So let’s take a look at the most common vulnerabilities of email servers to better protect your data on them.

6 Most Common Email Server Vulnerabilities#

There are 6 most common email server vulnerabilities that you ought to pay attention to. These are:

  1. Data leakage
  2. Unauthorized data access
  3. DoS
  4. Malware
  5. Spam
  6. Poor performance and stability

Let’s explore each potential vulnerability and give you a way to prevent it.

Data Leakage#

Why do hackers attack email in the first place?

There can be several reasons, but the number one is that they want to get to the sensitive data of its owner (you, for instance).

The problem with email is that it was never built for security, but instead for ease of use. This is why your incoming and outgoing emails can be vulnerable to data leakage and a determined attacker.

The best way to protect your email data is to always use end-to-end encryption for both incoming and outgoing emails at end-points (sender and recipient), use TLS (Transport Layer Security) for emails in transit (while it travels between sender and recipient) and to use email protocols such as SMTP, IMAP and POP3.

Unauthorized Data Access#

No amount of encryption will save you if your last line of defense is weak.

What is this last line of defense?

Your password.

Unfortunately, only 35% of people use a different password for all their accounts, while 75% reuse the same password for all or some of their accounts, according to the 2019 Online Security Survey by Google and Harris Poll (yes, even Google says it's bad).

Now, expect that hackers will be even more inclined to try to bypass your email server’s authentication procedures to get access to the data in it, making password protection a must.

So how do you protect email server passwords?

The first thing you want is a strong password that can’t be easily brute-forced. That means at least 12 characters, including small and capital letters, numbers and special characters.

Here’s the difference that just 3-4 characters can make.

According to penetration testers at LMG Security, an 8-character Microsoft NT LAN Manager password can be cracked in less than 8 hours, while it would take 77,000 years for a 12-character password.

Denial of Service (DoS) Attacks#

Sometimes the attacker is not after the data that the email server contains, but instead wants to disrupt its service and prevent it from sending and receiving data.

Denial of Service or DoS is a type of cyberattack in which the attacker renders the server temporarily unavailable to its users by flooding the server with requests until the server can no longer cope with the traffic.

What is the solution?

Tprevent a DoS attack, you will need to limit how many connections you allow for the SMTP server, including both overall and simultaneous ones.


Like your personal or business email account, an email server can also be vulnerable to malicious software or malware.

In fact, malware will spread to the mail server via an infected email, which in turn was infected via an attachment most likely.

In order to prevent malware from infecting your server, you need to use third-party antivirus and antimalware security software like Kaspersky, Norton, etc, that are designed to detect, quarantine and destroy malware.


Although the ratio of normal-to-spam email messages in recent years has decreased from 71.1% of all emails being spam in April 2014 to that percentage being 45.37% in December 2021, according to Statista, spam is still a huge problem.

The main reason you might be sending email spam around is if you configure the SMTP server as an Open Mail Relay. This allows anyone on the Internet to send email (including spam) through your server.

To prevent this, configure your email server so that it only sends from authorized domains and IPs.

Poor Server Performance and Stability#

Email servers can at any moment stop working, their performance might decrease due to an attack or simple wear-and-tear.

To extend the lifespan of your email server and, more importantly, ensure uninterrupted service, you should enable SMTP authentication. This will protect the server from attacks in which the hacker sends numerous sent requests.

Additionally, you always need to have a backup server in case your main server stops working by having two MX records per domain.


As you can see, sending emails through a server is not always the best. This is why Telios email service allows you to send emails directly to the other person (via a peer-to-peer network) instead of through a server if they are online.

If the recipient is offline, Telios uses decentralized cloud storage to temporarily store your email until the other person is online.

Get Telios email today to protect your privacy and security.

Cloud Storage vs Local Storage - Which One will Better Protect Your Data?

We live in a world where data, especially our private and sensitive data, is a very valuable commodity so we need a place to store it that is both easy to access and secure.

You have two options. Cloud storage vs local storage.

In this article, we’ll explore which of the two, cloud or local, will better protect your data.

Cloud Storage vs Local Storage Main Differences#

First, it’s important to understand the difference between cloud storage and local storage.

In cloud storage, your data is stored on a remote server that you can access via the Internet. Think Google Drive, Microsoft OneDrive, iCloud, etc.

Local storage, on the other hand, is one where your data is stored on a local device (on-premises) such as the hard disk drive on your computer or a USB flash drive in your pocket.

So, now that we know the differences between the two, let’s take a look at their pros and cons.

Cloud Storage Pros#

  • Easy to access. As long as you have an Internet connection, you can access whatever data you have stored on the cloud at any time and any place.
  • Promotes collaboration. With more and more people working remotely, this can be a challenge when you need to share data with a colleague. Luckily, this has been made easier with cloud storage and all you need to do is usually give them access to a specific file you want to share with them.
  • No danger from physical damage. Your local storage device can be damaged physically, corrupted, or lost. Cloud storage will always be there and so will your data (until you delete it).
  • Free storage. For an average user, who only needs limited storage for personal use, cloud services offer free storage. For instance, Google Drive offers 15 GB, OneDrive 5 GB, iCloud 5 GB and so on.
  • Automatic backups. One of the most difficult things to do with local storage is to backup your files. But it’s also one of the most important things to do if you want to prevent losing your data. With cloud storage, however, you can automatically backup your data to the cloud and thus preserve it.
  • No maintenance costs. This is especially important for businesses that run on-premises servers. One such server can cost $150 - $300 just to monitor and maintain. This is a fee you won’t have to pay with cloud storage.

Cloud Storage Cons#

  • You don’t own the servers or the system. You only rent the servers. Now, nobody is going to kick you out to make room for another user (there’s plenty to go around), but ultimately the cloud service provider controls access to your data.
  • The cloud storage provider controls the security. Another thing that the cloud storage provider controls is the security. And it's often lackluster. This also means that cloud storage is more vulnerable to data breaches and every year you can hear about a few.
  • Cost increase. Let’s face it. 5 or even 15 Gigabytes isn’t all that much. Store a few movies, some music albums and you’ve reached the limit. Cloud storage is okay if you have GBs of data, but when you start dealing with terabytes (TBs) or higher, that’s where costs can significantly increase.
  • No Internet, no data access. The very same thing that makes cloud storage easy to access can also make it difficult. What happens when you don’t have the Internet? Simply, you can’t access your data.

Local Storage Pros#

  • Full control. With local storage, you have full control and there is no danger of losing access to your data like with cloud storage.
  • Not reliant on Internet access. As long as you have your device with you, you can access your local storage and the data on it anytime, anywhere. You are not reliant on the Internet service and your access to it.
  • Better for customization. With cloud storage, you don’t have many options if you want to customize the equipment. Whatever the provider serves you, that’s what you have to use. With local storage, on the other hand, you can buy another hard disk as an individual user or physical server if you’re a business.
  • Sometimes it makes data transfer faster. Again, this depends on the Internet, but if you have a large file to share and low bandwidth, sharing the file locally can be faster and easier via a flash drive.
  • Better security. We already mentioned that cloud storage security can be lacking. Using local storage gives you the freedom to set your own security, install whatever solutions and software you deem appropriate and thus protect your data. For instance, with cloud storage, you can’t use end-to-end encryption (E2EE) but only TLS, whereas with local storage you can (and should).

Local Storage Cons#

  • External damage. Like we said earlier, your physical device can suffer from external damage which can cause you to lose access to the data on it. Fire damage, water damage, theft, loss, etc are all very real threats that you have to deal with if you are using local storage.
  • Higher costs. If you’re a business and need a local storage server, you’ll need to be prepared for a few costs, including purchasing the server, installing it, maintenance and so on. According to Intelligent Technical Solutions a server can cost from $5000 and above and the cost will depend on a lot of different factors including its form factor (tower, rack, or blade), CPU, RAM, storage and power supply.
  • Not that good for collaboration. File sharing is less efficient with local storage than with the cloud. This can be a problem both if you need to share data with someone else or if you are moving it to another device. Your options, in this case, are: 1) a flash drive; 2) a SATA cable; 3) a USB 3.0 cable transfer.


So which one is better? Cloud storage vs local storage?

The thing is, both have their place and purpose and this is what you should primarily look for when you’re deciding between the two.

Cloud storage can be more convenient to use, but you don’t have a lot of control over it. On the other side, local storage can incur higher costs, especially for a business, but offers better customization and security.

At the end of the day, the sensitivity of your data should determine whether you should use cloud or local storage. For less sensitive data and non-personal data, cloud storage will be just fine. However, for sensitive and personal data, local storage is a much safer option.

9 Most Secure Email Services of 2022 and the Problem with Server-Based Emails

9 Most Secure Email Services of 2022 and the Problem with Server-Based Emails#

The need for a good and reliable secure email service has drastically increased in the last couple of years so it’s a good thing that there are more and more such services to choose from these days.

In this article, we have compiled the 9 most secure email services you can check out if you’re looking to protect your online data. Make sure to read until the very end as we left a little warning about these services.


If you only heard yesterday that there is such a thing as a secure and private email provider, there’s a very high chance that you heard about ProtonMail.

ProtonMail is by far the most popular secure email service around and it is available on both desktop and mobile for different OS including Windows, macOS, Linux, Android, iOS, Tor, etc.

It’s an open-source service, based in Switzerland with strong end-to-end encryption and includes zero-access encryption, meaning that you are the only one who will know your password or have the decryption key for it (even ProtonMail doesn’t).


  • Open source
  • Servers in Switzerland
  • End-to-end encryption
  • Zero-access encryption
  • Self-destruct emails


Mailfence is another popular private email, which started as a business email in 1999.

One feature that separates Mailfence from other similar providers is a built-in Keystore, which allows you to manage your OpenPGP encryption keys and send encrypted messages to non-PGP users.

In addition, Mailfence also provides digital signatures, to prove that whoever sent the email is the actual author, something that other providers lack.


  • Digital signatures
  • Built-in Keystore for managing encryption keys
  • Can send encrypted messages to non-PGP users
  • Can import contacts from Gmail, Outlook, CSV files and more
  • End-to-end encrypted


Tutanota is different from the other private emails we mention here in that it doesn’t use PGP for end-to-end encryption.

Instead, it uses AES and RSA, which allows Tutanota to combine asymmetric and symmetric keys. You can read more about the differences between the two here.

Other than that, Tutanota offers everything you’d normally expect from a secure and encrypted email service.


  • Based in Germany
  • End-to-end encryption
  • Uses AES and RSA instead of PGP
  • 2-Factor authentication
  • Strips metadata
  • Unlimited messages in the free version


Hushmail is a Canada-based secure email provider that is HIPAA-compliant and as such a very good choice for healthcare workers and patients who want to protect their private health information.

Of course, they also have plans for small business, law, or personal use, so you’ll be covered there as well.


  • Servers are in Canada
  • PGP E2EE
  • 2-Factor authentication
  • IMAP/POP3 support
  • HIPAA compliant
  • Secure web forms


StartMail is a PGP-based email provider that also allows its users to send encrypted messages to non-PGP users, provided they know the answer to a secret question.

Another good thing about StartMail is that it hides your IP, which can be used to track you online.


  • Based in the Netherlands
  • PGP encryption
  • Can send encrypted messages to non-PGP users
  • Hides your IP address


Runbox is a Norway-based secure email provider that uses renewable energy from hydroelectric power plants to power its servers.

It uses PGP encryption and 2-Factor authentication and also features IMAP, POP, SMTP and WAP support and allows you to whitelist IP addresses to access your email account to see the failed and successful login attempts


  • Norway-based
  • PGP encryption
  • 2FA
  • IP whitelisting
  • Support for IMAP, POP, SMTP and WAP protocols


Mailbox.org is not just a secure email provider, for business users, but it also offers a calendar, cloud storage, address book, video conferencing as well as a task planner.

Of course, this is all encrypted using Pretty Good Privacy (PGP) and its servers, which are located in Germany, are also eco-friendly.


  • Servers located in Germany
  • Eco-friendly
  • PGP encryption
  • Encrypted cloud storage
  • Calendar
  • Video conferencing
  • Address book


Posteo is a popular choice with all those users who, for one reason or another, need to remain anonymous, such as whistleblowers, activists, journalists and so on.

It allows you to both sign up and pay completely anonymously and has a very good migration service so you can migrate your contact list, archived emails, calendar and folder structure from another email provider like Gmail or Outlook.

One thing that’s important to mention about Posteo though is that it doesn’t use E2EE by default, but you need to enable it in the settings.


  • Based in Germany
  • Open source
  • Anonymous registration and payment options
  • Includes end-to-end encryption, though not by default
  • Supports IMAP, POP and SMTP email protocols
  • Encrypts metadata, email subjects, headers and attachments
  1. PrivateMail#

    PrivateMail is a secure email provider that is based in the United States and that’s its biggest downside.

However, it does offer some useful features like end-to-end encryption for file sharing, secure cloud storage with AES 256 encryption and self-destructing emails.


  • Servers are located in the U.S.
  • E2EE
  • AES 256 file encryption
  • Secure cloud storage
  • Self-destruct emails

Problems with Server-based Email Providers#

So at the start of the article, we said we had a little warning about these.

What was it?

One thing that all these secure email services have is that they all use servers. There are a couple of issues with this:

  1. The provider is completely dependent on the laws of the country its servers are located in.

That means, even if two users who are located in different countries are using it, with the court (and sometimes without) order, the provider must deliver their emails, metadata and other data.

  1. Some secure email providers will store your encryption/decryption keys.

As such, they will have full access to your private and sensitive data and can give it to whomever they want. This defeats the whole purpose of a secure email provider, which is that only you have access to this sort of data.

  1. Providing backdoors to governments

Normally, the email provider can withhold giving up any user data without a valid court order. However, these companies are often subjected to a lot of pressure from governments to provide a backdoor into their servers.

  1. The carbon footprint

Lastly, data centers and servers can have a substantial carbon footprint and consume a lot of energy. For example, climate researchers from Go Climate measured the carbon footprint of a 2019 Dell R640 server (which is a relatively standard server) and found that it consumes 1760.3 kWh per year, with a manufacturing climate impact of 320kg of CO2e per year.

Now, it should be noted that more and more email providers have started to use green energy, so at least it’s an issue that’s being worked on.


With a decentralized email service like Telios, you won’t run into these problems as we are using a peer-to-peer network to send emails between two Telios users.

Of course, this will only work if both users are online and both are Telios users. If one of them is offline or a non-Telios user, then the email will have to go through a server, but as Telios is using end-to-end encryption and doesn’t store your decryption keys, your emails are perfectly safe.

Looking for a secure email service? Download our decentralized email service today!

Why should you care about your email metadata?

Pierre Kraus

Pierre Kraus

Business Analyst @Telios

What is the email metadata?#

Did you know that your email metadata might be even more relevant than the email body itself? This is the reason why encrypting it is key to maintaining your privacy.

But, first thing first, what is your email metadata? It is the bits of information contained in your email header:

  • The sender
  • The recipient
  • The timestamp
  • The location

That’s already quite a lot of data, and you know that when data is processed it becomes information! Almost a decade ago, the MIT Media Lab created an application that would allow users to track their own metadata from their Gmail emails. It revealed people’s personal networks and the frequency at which they would interact with them, thus exposing personal data and relationships.

How does Telios encrypt your metadata?#

This is why Telios decided to encrypt both your email content and metadata!

The way it works is by using the secret sealed box encryption method. Meaning this encrypts the sender’s metadata outer layer with the receiver’s public key and the sender’s metadata inner layer with a temporary key pair to preserve the sender’s anonymity.

With us, all contents and destinations of your email remain private!

How to stop email spam?

Pierre Kraus

Pierre Kraus

Business Analyst @Telios

What is spam and where does it come from?#


You open your inbox and receive a $1,000,000 winning lottery ticket and a notice from the FBI for fraud. Well, your email just got spam! Ray Tomlinson created emailing to leave messages to people and not mailboxes, it also revealed itself to be very efficient to reach many people in the shortest amount of time. Like kudzu (Asian vines), spam can take control over your inbox and transform your email management into an absolute nightmare. The term "spam" was invented in the 1980s and came from a Monty Python sketch set in a cafeteria, where Vikings would sing at the top of their lungs the name of processed meat and drown out the rest of the conversation. The first unsolicited messages date back to 1864 when telegraph lines were used to send dubious investment offers to wealthy Americans. Gary Thuerk, a marketing manager for the now defunct company Digital Equipment Corporation, sent the first modern spam on the ARPANET (Advanced Research Projects Agency Network) in 1978. He used an email to solicit 400 people to advertise his line of new computers - Pandora box was open!

Email remains the leading communication tool and shows growth potential despite the rise of chat apps and social media platforms:

  • 90% of Internet users (4.03 billion worldwide)
  • 306.4 billion emails were sent and received in 2020, with a forecast estimating an 18.6% increase by 2025 However, almost half of the email traffic (47.3%) accounts for spam. They come from advertisers and scammers.

How does spam impact your privacy?#

Email addresses often represent the key to unlock access to online services. The tradeoff for opening a direct line to your inbox is the tsunami of marketing emails now flooding your inbox.

Yet, you have to give up your key to access them and brace yourself to face the tsunami of marketing communications flooding your inbox. Advertisement emails contain hidden pixel trackers. These trackers are images invisible to the naked eye. Every image on the internet is stored on a server and is automatically downloaded by your computer browser. The computer’s image request let the server know when the image was downloaded. Therefore, when you open your email the hidden pixel tracker is downloaded and reveals to the sender:

  • The time you opened the email
  • Your location (IP address)
  • Your device data

The sender receives the data every time you open the email. In 2017, a study from One More Company (OMC), a computer software startup focused on improving email intelligence, revealed that 40.6% of the total number of emails (269 billion daily that year) sent were tracked. The harvested data is turned into marketing insight and sold to third parties. According to Richard Sierra, an American artist known for his minimalist sculptures, “The product of television. Commercial television is the audience”. When it comes to marketing companies, we are the product. Additionally, scammers actively target your personal email addresses with malicious emails to obtain your private data to steal your identity or money. They find your email addresses using different tactics:

  • A company sold your email without your knowledge
  • Purchasing email lists
  • Email harvesting using bots to scour the Internet
  • Data breaches

FBI's Internet Crime Complaint Center (IC3) reported a loss of $57 million to fishing schemes for individuals in 2019 alone. Business Email Compromise (BEC) resulted in more than a $1.7 billion loss.

Take control of your inbox#

Spam is either clogging your inbox or a potential threat to your personal information. Enter Telios on the fly alias generator! Create your unique namespace, your alias(es) to better manage your inbox and keep it free from spam.

Learn more about how Telios protects you from spam with its alias feature.