E-mail client or webmail? Which is safer?

For discussions about security.
Post Reply
Message
Author
Antipodal
Posts: 253
Joined: Thu 26 Mar 2009, 16:52
Location: The other side of the world

E-mail client or webmail? Which is safer?

#1 Post by Antipodal »

Hello everybody! :)

Using a reputed search engine I have tried to find a clear answer to the second question but I have failed.

Because I’m interested in the opinion of Puppy users and in the first "results pages" of my search I didn’t find answers coming from this forum I have decided to post these questions here.

Your answers will be greatly appreciated.

Thank you for your time

User avatar
mikeb
Posts: 11297
Joined: Thu 23 Nov 2006, 13:56

#2 Post by mikeb »

Hmmm client.

Well encryption is available for both but client avoids sadverts, unwanted news and browser bullying. If you used IE to access then you have potential virus threats too. Almost certainly will tug at your CPU/memory as well.

The pop3/imap standards have been around for years ...for example I could use say thunderbird 2 to access quite happily. Whereas webmail may decide to demand this weeks chrome release such is the web at the moment.

With a client Imap gives a webmail experience...so what you see is what is on the server.
Pop3 would in effect give you a local storage giving offline access plus if anything happens to the provider your emails are not lost. Imap can be set to do this as well though not sure how recoverable it would be in the event of a server loss.

There are other client bonuses such as ease of running multiple accounts for example.

Just my experience.

mike

Sylvander
Posts: 4416
Joined: Mon 15 Dec 2008, 11:06
Location: West Lothian, Scotland, UK

#3 Post by Sylvander »

1.
mikeb wrote:...client avoids adverts, unwanted news and browser bullying.
a. I use "SaveMyModem" [SMM] to "connect" to SAFELY take a look at what emails are on my POP3 server.
Safe because it only displays the text content; no chance of being infected whilst doing this.
b. Then I choose which emails are time-wasters, and click them for deletion, which is completed when I click "disconnect".

c. Then I run Thunderbird, and it downloads all the emails remaining on the POP3 server [after all the rubbish has been dealt with by SMM].

2.
mikeb wrote:There are other client bonuses such as ease of running multiple accounts for example.
Exactly!
I have 2 accounts for myself, and formerly there was 1 for my wife also.

I've been using the above for many years.
By both have our ISP's webmail accounts [whether we like it or not], but never normally use them.

belham2
Posts: 1715
Joined: Mon 15 Aug 2016, 22:47

Re: E-mail client or webmail? Which is safer?

#4 Post by belham2 »

Antipodal wrote:Hello everybody! :)

Using a reputed search engine I have tried to find a clear answer to the second question but I have failed.

Because I’m interested in the opinion of Puppy users and in the first "results pages" of my search I didn’t find answers coming from this forum I have decided to post these questions here.

Your answers will be greatly appreciated.

Thank you for your time

There is nothing, n-o-t-h-i-n-g currently existing today that beats the account security of Gmail + Yubikey 2fa (Versasec needs to now be included in this). **except for the Neo Yubikey, avoid this key, as discussed in this article, but also know Google is/has worked on a fix since this involves WebUSB in Chrome:
https://www.wired.com/story/chrome-yubi ... ng-webusb/
Google introduced WebUSB last year, so a curde workaround is to use a version of Chrome that doesn't have WebUSB--and use it only for email & nothing else ;-)

I have talked about this on this forum for 2 years now, for a reason.

For over 25 months, there has not been one employee at Google (or any other company using either of these 2fa) that has had a breach of their email system and/or employee account. There has even been an offering of high level reward for anyone who could crack Yubikey's 2fa......or at least make it go haywire & not function. No one has even come close to that simple requirement.

They all, Blackhats included, have talked about how infuriating it is to even try. What's even more telling, this is the stuff (yubikey/Versa 2fa) is what all the crypto currency gold diggers are now rushing to adopt.

Until the power of quantum computers becomes a sure, every day thing, this level of protection offered by the likes of Yubikey and Versa will remain indefinitely the best.

It boggles my mind that something like Yubikey has been offered by Gmail for over 2 years now, which will cost a consumer a whopping $17 (price of a basic Yubikey) to set up with a free gmail account, and people are still oblivious like an ostrich.

Forget what you think of Gmail, and their supposed watching/reading of your email. If you need the assurance of completely locking down your email, with never having to worry about anyone, including Google, getting access to your account, Yubikey 2fa "is" the best way going and will be the best way going forward. And if you lose the keys, then the account is gone forever. Because no one can ever get into it again. That is how it should be, and Google makes that crystal clear when you set it up and opt to "only" have 2FA Yubikeys as the means to access it.


Email clients, none currently existing on the planet, even the high-level-cipher-stuff we see at NATO, comes close.



P.S. Now if you are asking about what happens AFTER you get your email open, and people start doing all the dumb things they do while in email (like clicking links, letting pdfs or pics or etc etc open without being in a container) then there is nothing that is going to protect those hare-brained behaviors and no email will be "safe". But with a Yubikey, you could have a login in of "Dummy" with a password or "123456" set up with a Yubikey, and no one will ever be able to get into that account except you with that physical Yubikey.

User avatar
greengeek
Posts: 5789
Joined: Tue 20 Jul 2010, 09:34
Location: Republic of Novo Zelande

#5 Post by greengeek »

I prefer web mail because I do not trust myself to have adequate backup to protect 10 years of email data if my hard drive goes belly up or my house burns down.

I feel that using a reputable webmail provider makes my data safer over the long term.

User avatar
mikeb
Posts: 11297
Joined: Thu 23 Nov 2006, 13:56

#6 Post by mikeb »

I prefer web mail because I do not trust myself to have adequate backup to protect 10 years of email data if my hard drive goes belly up or my house burns down.

I feel that using a reputable webmail provider makes my data safer over the long term.
The approach is to set pop3 client to download emails but leave on server unless deleted locally. Then you have a copy on your server AND your hard drive. And of course make a backup of your email client profile....stick that online if you like..I do. This means copies in three places.

Had drives die but never lost an email this way .... going back to 2004.

mike

Antipodal
Posts: 253
Joined: Thu 26 Mar 2009, 16:52
Location: The other side of the world

#7 Post by Antipodal »

:) Thank you very much guys!!!
Your comments have been very helpful.

User avatar
smokey01
Posts: 2813
Joined: Sat 30 Dec 2006, 23:15
Location: South Australia :-(
Contact:

#8 Post by smokey01 »

I prefer a client because it lets me write and read emails offline. I'm not sure if this is possible with web based mail. I do a lot of travelling which includes cruising and internet is usually charged by time.

Sylvander
Posts: 4416
Joined: Mon 15 Dec 2008, 11:06
Location: West Lothian, Scotland, UK

#9 Post by Sylvander »

Does anyone know how to [easily] get SaveMyModem to blacklist domains or senders?

Post Reply