-
What your thoughts on Disroot? Seems to be solid and not email only. Can it be good alternative to Proton/ Tuta / Fastmail?
-
Do I need 2 different email providers, or 2 emails from same provider? Or use one and add aliases? What I’m trying to not mix: socials and miscellaneous (like shopping and travel accounts) and personal (finance, security, etc).
-
Is there a best way in terms of ecosystems or is it more of personal preferences? Is it better to stick to less apps/services in one place (like proton), or do diversification to not store everything in one place?
Love it. They are a great group.
1 Like
Disroot and Fastmail do not use zero-knowledge encryption and of the 4 you mentioned, Proton is the only one which supports cross-provider E2EE. Disroot likely has a similar level of protection to Fastmail, but not Tuta or Proton. Whether that matters to you depends on what you want to protect and who you want to protect it from.
Using separate aliases for everything is the most private and easiest to get started with, especially if you use a paid plan. On free plans you’re more likely to either run out of aliases, experience limited features, or may be more prone to having your aliases rejected by services, but it’s doable if you’re willing to spend time and effort managing it well. It’s not a bad idea to setup a secondary (non-alias) email address for situations where a service blocks all aliases. Just make sure you log into it often enough for the provider to not automatically delete the account.
(Btw if you’re willing to pay, Proton offers both premium alias domains and multiple non-aliased email addresses, so it’s all neatly in one package. Not sure if Tuta has something similar.)
There’s pros and cons to both. One benefit to diversification could be that you’re less prone to catastrophic events such as total data loss/breaches. However, it’s much less convenient and in some cases (if you use an inferior alternative) may result in worse security. I think most people are fine just sticking to one or a few services. Just be sure to use proper security and back-up practices and you’ll probably be fine.
2 Likes
If you don’t have the money, the Proton ecosystem is very usable in the free tier. It gives u a mail, password manager, VPN, and drive for free. But putting all eggs in one basket is off course worse than diversifying. If you go with Proton remember to add a second password to keep it extra safe 
1 Like
I’m not really familiar with Disroot and don’t have much thought on it.
But in my opinion larger corporate email providers have more resources to maintain security and are by necessity well supported by other services.
The lack of end-to-end encryption is also a drawback.
Otherwise they seem honest about what they’re doing and how they’re doing it. If you’re willing to try out and support the project I don’t see much reason as to why not.
Proton and Tuta both have rules against multiple free accounts in their terms of service and there are occasionally benefits and drawbacks to each. I do believe Proton has publicly stated that they only bother policing that policy if it’s abused.
Overall I would say use multiple providers.
I make one exception. A private Proton account that is never shared with anyone else and a public one that used socially can make sense. Especially if one is used primarily for things like VPN, SimpleLogin and Proton Pass and the other for Proton Mail and Drive.
There are security advantages to both a single and multiple ecosystems.
Multiple ecosystems can be use to compartmentalise risks while a single ecosystem is much more practical for implementing far higher standards of security. With 2-3 ecosystems at most it might be feasible to implement both.
Either way it’s critical to have a backup and recovery plan. What happens if you rely on a service that suddenly disappears or goes offline (even for just a day or two)? What happens if they announce a closure in the near future?
Things like local backups and registering a custom domain for email can greatly simplify any possible fallout from this sort of thing.
1 Like
I have a personal email that is associated with my real life identity, and everything else is a different alias. If you have the option for unlimited email aliases (f.i. w proton unlimited), make the most out of them. Otherwise if those are limited you could generate few general purpose ones like shopping (Amazon, Walmart, …) Social media (faceobok, instagram, …) etc.
I think there are pros and cons in both situations. Diversifying the services used reduces the dependence / trust on a single company but at the same time makes it less convenient (and potentially more pricy) to run your services. This is one of the reasons proton’s offering is very appealing. Especially if you plan to use most of their services (VPN, email, drive, calendar, notes)
1 Like
Disroot is a non-profit community group. You’ll love them. Their entire stack is FOSS and built as a way to [dogfood]( Eating your own dog food - Wikipedia ) their own services. [Everything is collaboratively maintained with the users]( Making sure you're not a bot! ). [If you have questions you can ask them directly]( Contact | Disroot.org ).
Their community is noteworthy in contributing back documentation, money, and code to the platforms they use.
Their dedication to transparency ala [Stating why Nextcloud’s e2e cannot be relied on, so it is off]( Making sure you're not a bot! ) is much more important than whether e2e is turned on arbitrarily. If you want a community approach to services, this is it.
1 Like