I signed up a while back for a beta test of Startmail, a new encrypted email service from the makers of Startpage. If you've never heard of Startpage they are my search engine of choice because they pull Google search results while anonymizing you and protecting your privacy.
Well after the leaks of the Prism Program, Startmail announced they would create an encrypted email service to protect user's privacy from the snooping eyes of governments. Their beta version just launched and here are my first impressions.
First off, this is awesome. Let me just get that out of the way right now. As a GPG user myself the hardest part about it is getting others to use it. Plus if you are trying to get your friends to use GPG and they've never used it before there is a learning curve. You also have to generate keys and share public keys and if your friend generates a new key pair because they reformatted their PC and didn't create a backup you have to go through the whole key sharing process again. It can be a big pain.
I sort of thought that Startmail was going to be similar. I thought it was just going to be a web based version of GPG and you would have to share your keys. That is not necessarily the case! You can send encrypted emails to ANYONE! The way they do it is with a shared secret password that only you and the recipient would know. Easy!
When I first logged in, it looked to me like they modeled the design after Gmail. Here is a screen shot of the interface:
The recipient receives an email saying they've received an encrypted email and to read it they need to click a link.
The cool thing is that even though you don't have to go through the hassel of sharing public PGP/GPG keys, the underlying encryption system being used is GPG which is very secure!
If you still prefer the standard PGP/GPG method of generating keys and sharing your public keys you still can! If you go into Settings > Mail Encryption you can change your encryption settings to use:
- Question & Answer Only
- Question & Answer and PGP
- Do Not Use Encryption
If you select the second option you will be prompted to generate an encrypted key pair like you would do if you were setting PGP/GPG up on your own. You can also then send encrypted email with other PGP/GPG users!
At this point I am very excited about this service. It is truly the answer for sending private emails for everyone, even your Grandmother who isn't very computer savvy.
What do you think about this service? Would you trust it? Why or why not? Let us know in the comments!