PrivateMail: A misleading mess
In the modern world, privacy is becoming increasingly rare. Conglomerates like Google, Microsoft, and Meta track your every move to profit from your daily activities. Moving your email to an encrypted mail service is one of the best changes you can make to enhance your day-to-day privacy. ProtonMail and Tutanota are among the most popular services, but a new contender has emerged: PrivateMail.
PrivateMail is an "encrypted" private email service offered by TorGuard. TorGuard is questionable and hypocritical (check out one of my previous VPN articles to learn why), but that story is for another day. This article focuses on the incompetence of PrivateMail's developers and their blatant deception of their customers.
Plaintext Password Transmission
PrivateMail claims to be a secure, "hacker-proof" and end-to-end encrypted email provider on its various pages:
Private Mail is secure and protects you from all forms of web attacks such as data leaks, Man in the Middle Attacks and other online exploits. Your data and contents can never be altered maliciously due to powerful end to end encryption. Our team constantly audits Private Mail's systems to provide our clients the most secure experience possible.
Source: PrivateMail Homepage
This encryption protects your data so well that not even anyone at PrivateMail will know a thing. We're just as locked out of your email as the rest of the world.
Source: Introducing PrivateMail Encrypted Email and Cloud Storage
File content is transmitted to the server in encrypted form only, and encryption keys are never transmitted to the Private-Mail server at all. Thus, it would be impossible for us to view, or decipher any of your encrypted files since only you hold the key.
However, their API calls on their login and "registration" pages say otherwise.
Before we dive into why PrivateMail's encryption is bogus, let's go over some of the basics of user data storage.
When storing user data on unencrypted services, the user's password is transmitted to the server in plaintext and then hashed before being stored in the database. Hashing the user password creates a representation that cannot be reversed but can still be compared to plaintext equivalents. For example, suppose the password is "123". The server will receive this in plaintext and compute a long string, like "202cb962ac59075b964b07152d234b70". If the server discards the plaintext password and only stores the hashed version, the hashing process cannot be reversed. This process is unverifiable and requires trust in the server. Users must trust that the server is not actually storing their plaintext passwords.
In end-to-end encrypted contexts, the user's password is the key to all of their encrypted data. Instead of server-side hashing, client-side hashing is performed on the user's device. Services like ProtonMail and Tutanota compute a hash client-side that includes the user's password and other data, like encryption metadata. The server only receives a hashed version of the user's password for authentication. As a result, the server cannot intercept and grab the user's password in transit. They will not be able to process or store the plaintext password, as they never receive it in the first place.
Now that we understand how servers handle user authentication in both encrypted and unencrypted contexts, let's examine how PrivateMail handles this process.
When logging into PrivateMail from the webmail page, the user's credentials are sent in plaintext to the server. As previously stated, this implies that PrivateMail can theoretically store the password in plaintext. Why is this a major issue? It implies that PrivateMail could read a user's emails if they wanted to. Unlike their more capable competitors, PrivateMail does not perform client-side hashing, and they can intercept a user's plaintext password.
Their claims about being "as locked out of your email as the rest of the world" are complete and utter bullshit. How are they "locked out" if they can process your plaintext password?
In addition to sending your plaintext password during login, it's the same thing on registration.
Their registration page uses an off-the-shelf product called WHMCS, a web dashboard meant for server hosting companies. They were so lazy that they couldn't even make their own registration system.
Plaintext Email Storage
When receiving emails, PrivateMail does not zero-knowledge encrypt them at rest with your keys. This means that PrivateMail can read all emails if not client-side encrypted.
In the screenshot above, the webmail app fetches the data of the selected email. Unfortunately, the data received is the plaintext version of the email. This can mean two things. Either:
- PrivateMail is server-side encrypting emails (which means it's not zero-knowledge, and they can technically read your emails)
- PrivateMail is simply just lying
The second option is the most likely, as they're already false advertising to their users on their homepages, support, and blog articles.
In the following quote, TorGuard claims to keep all users anonymous during registration by collecting no personal data:
We don't even collect information about you when you make your account. You could be anyone from anywhere, and that's the entire point. You're completely anonymous every step of the way.
Source: Introducing PrivateMail Encrypted Email and Cloud Storage
Nonetheless, their registration page literally says that they're collecting your IP address for "fraud prevention."
How are these people blatantly lying to their users like this? They're not even making an attempt to hide what they're doing...
- Google may store a cookie for collecting anonymized analytics data (you may opt-out here);
Apache web server logs
- Apache Webserver logs (see apache.org; no usernames or passwords are ever logged by the webserver and the logs are regularly purged);
Apache webserver logs contain IP addresses by default.
Sharing data with advertisers
Quoting PrivateMail's homepage:
By encrypting your email and important files with Private-Mail you can prevent marketing and advertisers from using, selling and storing your data.
Private-Mail may store and use your personally identifiable information for [...] (iii) voluntary marketing, promotional, and advertising purposes, such as to inform you of promotional offers from Private-Mail;
They also share your internet activity with "trusted third-party service providers":
- internet or other electronic network activity (e.g., browsing history, search history, and information regarding a consumer's interaction with an online site or application, or similar information);
PrivateMail is blatantly misleading its users by providing false claims on its homepage and other marketing pages, which is a blatant attempt to mislead users. Most non-tech-savvy users will not notice this, primarily because it takes some effort to determine the legitimacy of these claims, such as the transmission of plaintext passwords. Most users do not read the privacy policies of their favorite services. Instead, they blindly trust the claims to "protect user privacy," even when they may not be accurate.
A developer of Windscribe once said:
Protect their privacy … but sneaky
Sadly, PrivateMail is not a private product nor an excellent one, but a misleading mess. If you're looking for a high-quality and trustworthy private email service, I suggest looking elsewhere. My preferred one at the moment is Tutanota.