CTemplar is Dead (AKA Lessons About Email Sovereignty)
Icelandic encrypted email provider CTemplar went under this week. I could list dozens of reasons this comes as no surprise to me – and another dozen ways this was poorly handled – but that’s neither here nor there. There’s no reason to kick somebody while they’re down. Instead let’s focus what we can learn from this, because there’s two important lessons.
Lesson 1: Beware the Little Guys
In the privacy space, we are very skeptical of new services, and rightfully so. There’s a lot at play here. First there’s the fact that the privacy space is rife with scams, both direct and indirect. Direct scams would be the ten thousand new “shitcoins” that pop up each day who’s only purpose is to make someone rich in a pump-and-dump scheme – or an actual, outright honeypot service like Anom. An indirect scam would be services that lull you into a false sense of security with buzzwords like “encrypted” and “private” when what they really mean is “for now” or “moreso than the other guy” (if they even mean that much).
Assuming that a new project is honest and well meaning, they can still easily make mistakes with poor implementation, poor wording, or bugs. Security and privacy are both important – and incredibly easy to screw up, sometimes badly.
Last but not least, even the honest services face the same uphill battle you’ll find in literally any market: it’s hard to compete with the name brands – Proton, Tutanota, DuckDuckGo, Mullvad, etc. These are brands who have proven themselves (whether you like them or not) time and time again. You’re new. You’re nobody. Why should anyone believe you? What do you offer that they don’t? What do you do differently and/or better? What challenges will I have to overcome to benefit from your product (such as the Network Effect)?
That said, there’s nothing wrong with supporting the new guys. I think you should, actually. I was a new guy once. I still am, in a lot of ways. Tutanota was once the new guy. Signal. Tor. Your favorite privacy or security service or tool was once new and untested. It’s good to research a product and then decide “I like this, this is good, I want to support this.” But you need to remember that we have no idea what’s going on behind the scenes. Depending on the available research and your skill level, you may not know if the product’s implementation is secure. We may not know their financial situation. We may not know if some drug kingpin is using the service and they’ll be served with some kind of legal order that forces them to fold. There’s a million things that could happen, and we just don’t know. I don’t think this counts as a reason to stay away – if you never support the projects you like, they’ll die for certain. But even if you do support them, they might die anyways through no fault of yours. So always keep backups, always keep redundancies, and always be prepared to wake up one day and find out your emails won’t send. This leads us to an even more important and easier-to-practice point.
Lesson 2: Control Your Data
Frequently when we talk about “controlling your data,” we think of things like self-hosting, reducing data transmission (via tools like firewalls, DNS, or uBlock Origin), or not using a service altogether. But sometimes it’s a bit more complex than that. This is actually a subject I’ve been wanting to discuss for quite some time. Sometimes “controlling your data” can mean controlling how it gets handled, or where it goes.
Let’s look at this through the lens of email and CTemplar. Most of my long-time readers know that I recommend the use of an email masking service like SimpleLogin or AnonAddy. There’s numerous practical reasons for this which I outline on that page, but one that I haven’t discussed in depth (and should probably add) is the ability to quickly and easily redirect your emails in a situation exactly like this one. Right now, a lot of CTemplar users are scrambling to get all their accounts moved over to a new provider. While SimpleLogin & AnonAddy don’t make this a one-click process, they do make it easier than logging into a billion websites and manually changing and verifying everything. It can all be done from one simple dashboard in just a few minutes, no verification required.
There’s another layer of protection here I strongly recommend: custom domains. The default email addresses provided by SimpleLogin and AnonAddy are fine for the small stuff, they present two issues. First, a lot of companies don’t typically like these kinds of services, so it’s usually only a matter of time before they start getting blocklisted. These two services are attempting to circumvent that by constantly adding new domains, but they can only do so much. It’s a constant cat-and-mouse. Second, what happens if one of these services go under? It’s happened before, and it can happen again. In fact, that’s why we’re talking about this right now: a company went under and now the users have to find something else. With a custom domain, if your email-forwarding solution of choice ever goes out of business, you just point the records at a new provider, whether that’s another forwarding service or an email provider directly.
A quick note: I know setting up a custom domain sounds hard, but it’s REALLY not. You buy a domain name you like from a website (common privacy recommendations include 1984, NameCheap, Orange, and PorkBun), then you go check the help page on your email forwarding service of choice for instructions on how to add your custom domain. More often than not, they have very simple, straightforward instructions and sometimes even have screenshots. Same if you decide to cut out the forwarding service and use an email provider directly.
Having your own domain is the ultimate power in controlling your email data (except for self-hosting, but I don’t recommend that for a lot of reasons). Unless the domain registrar disappears or blocks you (which, in my experience, is highly unlikely) then it doesn’t matter who goes out of business. You can always just point your emails somewhere new and keep going with almost no disruption.
Controlling your data is important and powerful. It makes you independent, it makes you resilient, and it makes your life simpler by being prepared for when things change – and in tech, things are always changing. Part of threat modeling is planning for what could go wrong and then putting systems in place to mitigate it if it happens. Maybe you weren’t affected by this CTemplar situation. That doesn’t mean you won’t be affected by the next one. Be sure to review the products and services you use and plan ahead. There’s always room to improve. Take this time to learn some lessons and apply the necessary changes to your own posture.