Home » Articles » Interview With “Sigaint DarkNet Email” Admin
Click Here To Hide Tor

Interview With “Sigaint DarkNet Email” Admin

Recently we have conducted a short interview with one of the growing darknet email providers – Sigaint – from their homepage:

What is SIGAINT? SIGAINT is a darknet email service that allows you to send and receive email without revealing your location or identity. We provide this service to help journalists and activists combat the dragnet surveillance that exists on the Internet today. Even if you aren’t in conflict with the state or anyone in particular you as a human being deserve privacy.

You may visit them at: http://sigaintevyh2rzvw.onion.top/

What made you start a dark net mail service?

We were unhappy with the stability, security, and privacy model of other darknet email offerings, so we decided to run our own. We believe that people deserve privacy, and they should be free from allspying. They deserve dignity.

What do you offer that other services don’t?

Besides friendly, prompt, and helpful support we offer a two-tiered service. Our free offering is ad-supported, and can only be used with our webmail system.

We also offer a paid version of the service, which is only $30 for a lifetime membership. (Payable with Bitcoin or Litecoin, of course.) We call it SIGAINT Pro.

SIGAINT Pro gets you 20x the storage, IMAPS/POP3S/SMTPS access so you can use your account from almost any mail client. You also get access to our new secure Bitmessage gateway.

Do you limit any types of content?

No. Not at all. We believe in freedom of speech.

Also, there is no way for us to know what someone is using their email account for as we keep no logs and all mail is encrypted.

What do you do to make sure that your users data is protected?

SIGAINT has an enhanced server model designed with privacy in mind. We are confident to say that other services do not offer the level of privacy, features, and security that we do.

All user data is housed in a secret location that is protected by the Tor network. We operate two publicly known servers that are just proxies and contain no user data. These proxies only tunnel mail from the clearnet back to our secret data warehouse using Tor, and vice-versa. The proxies are expendable and can be replaced if needed.

Our data warehousing servers were purchased as parts locally using cash to avoid having the hardware tampered with in the mail. We can thank Edward Snowden for putting that fear into us. The servers were assembled and the operators of SIGAINT actually have physical access. We don’t just lease servers somewhere and assume they are safe. This may seem paranoid, but it is necessary.

We don’t use virtual servers or other false sense of security models to run the data warehouse either. We use bare-metal servers and a heavily hardened operating system designed to frustrate exploits and keep us safer against 0days. We feel that if we can’t be shut down legally or technically, the people we unintentionally anger will resort to hacking so we have to be prepared.

Mail between SIGAINT and other darknet email services stays on Tor as much as possible. We have peering arrangements with our competitors because we can see the mutual benefit in doing so.

The operators of the SIGAINT service are anonymous too. We can’t be legally compelled to comply with any order, nor can we because we don’t keep logs.

What is the difference at all between running a darknet and clearnet email service?

The biggest differences are the ability to mask email metadata, keep the user data physically away from spies, and the resiliency these properties offer us.

For example, if our proxies are seized or the clearnet domain is seized the SIGAINT website, email infrastructure, and user data are still online and accessible. We just replace the clearnet proxies and/or the domain and regain the bridge to the clearnet.

What are the possible dangers with running an email service that serves mostly darknet users?..

Possible misunderstandings or shortsightedness of law enforcement that may cause them to do something drastic such as seize our domain name or proxies.

How do you handle requests from law enforcement?

We handle them by replying to their emails explaining that the data they are asking for is impossible for us to retrieve.

Usually when we say the word “Tor” they don’t write back. The more persistent requests sometimes require us to educate them about Tor a bit more than usual.

Have you ever given up user data?

No. Not even once. We get requests about once a week from law enforcement, anti-terrorism departments of entire countries, and sometimes scared/concerned private individuals. We tell them all the same thing: we can’t give them what we don’t have.

Whats the craziest mail anyone ever sent using your service? (That you became aware of…)

A frustrated high school student emailed a bomb threat to his principal. The police contacted us about it and sent us a copy of the email. They also sent us a warrant which we scoffed at. The police threatened to “pull our servers down”. We laughed and told them “GFL”.

How do you prevent child abusers from using your service?

As for pedos, we don’t go actively looking for pedo accounts. If we get complaints about child luring or other sick stuff we will remove the offending email account. There was a case in the Netherlands where we had to nuke an account for child luring. It isn’t very exciting.

Any other interesting cases you had you want to share?

So we were recently contacted by the Government of Costa Rica regarding some sort of malware scam that was perpetrated upon them. For those unfamiliar with the Costa Rican government: they are extremely corrupt and probably deserve the malware. Anyway…

The person(s) who attempted the attack used SIGAINT to send the emails and try to dupe the government officials into installing malware on their computers.

They wanted us to release logs, including IP addresses, and they wanted to know where SIGAINT was situated. When we explained that the service uses Tor and that we were not going to release any information, they threatened to report us to Interpol. So now we are waiting for Interpol to email us so the cycle can start over again. :)

Another funny case…

We also had a state police “service” contact us regarding yet another pissed off student. Apparently he had threatened to shoot up his school on Halloween.

We received an “exigent circumstances warrant” demanding all logs and user data. We explained we have no logs, and that they have no jurisdiction over us so we wouldn’t provide user data. When they asked which jurisdiction we were under, we jokingly told them we were located on “the anarchic state of Tor island.”

They threatened the full force of the FBI upon us. We scoffed. They buckled like a belt, and stopped emailing us in absolute frustration.

In summary: I used to think that we could find a middle ground between security, privacy, and letting law enforcement do their “job”. Snowden showed us that if we give them and inch, they take a mile. The last shred of trust with them has been destroyed as far as I’m concerned.

Thank you for the info, to visit & try sigaint: http://sigaintevyh2rzvw.onion.top/

 

43 comments

  1. I have trusted & used Sigaint’s service for awhile but recently began to question their advertising as I noticed they displayed an advertisement for “Shadow Wallet”. Almost certain that it was a scam like so many other onion wallets & mixing services I registered an account as part of me wanted to believe that it could be a legit site if Sigaint is vouching for them by approving their advertisements to be the top advertiser for weeks.

    Long story short I sent them a very cautious test amount, and of course after my “deposit” showed up I was never able to get my coins out of Shadow Wallet despite several indications that the withdraw transacttion was processed “succesful” yea right…SCAM! To cover every base I even tried contacting them for shits and giggles but I wasn’t surprised that the only response that I got was having my account deleted…I was more disappointed that Sigaint would allow them to advertise on the site to make some quick money.

    With the $10 that was lost I could’ve got a 6 month subscription to Lelantos’ hidden email service that is paid only. They offer features like sub-accounts, alliases, automatic encryption of all incoming mail using your public pgp key and since it’s paid only of course there are no ads. So to me that communicates that they have the end users best interest in mind because in the long-term they will make far more from a wide-spread user base than they ever could selling questionable ads and featureless paid accounts.

    I actually wish that Grams would offer a hidden email service. I have actually wondered if Lelantos might actually be operated by Grams as their beliefs & values are very similar and the level of dedication they provide to end users by continually offering innovative features, services, and support without compromising their core beliefs or values. Not to mention that even GramsAdmin uses Lelantos.

    • Hey man I am pretty sure they just post up TorAds banners, so are not actual deciding who is advertised. I could be wrong but it definitely looks like TorAds, which you can read more about on the grams site

    • I was a victim of shadow wallet as well. Agree with everything you’re saying. but now I’m having a problem loging in to my sigaint.org email. any help?

      • deadangel

        I also have problems with log in sigaint.org. now for more than 24 hours ..Help? suggestions? thank you.

      • deadangel

        I have your same login with sigaint.org problem. I try to go for more than 24 h. no way .! “Problem loading page.” a help? suggestions? thank you

        • The problem with access…I have still

          • poopoo

            i also cannot access sigaint.

            The connection has timed out

            The server at sigaintevyh2rzvw.onion.top is taking too long to respond.

            The site could be temporarily unavailable or too busy. Try again in a few moments.
            If you are unable to load any pages, check your computer’s network connection.
            If your computer or network is protected by a firewall or proxy, make sure that Tor Browser is permitted to access the Web.

  2. Interesting comment!

    I was going to ask why we should use Sigaint and not Lelantos, which service is already more famous!

    So bye bye Sigaint…

  3. I am a Lelantos user. I paid for the lifetime plan. I love the fact that it is paid, however, the service still has some way to improve.

    The best feature of Lelantos is that they have a handful of domains and you can set up different email addresses on all of them, so it is not obvious to others that you use lelantos. However, one of those domains (emaildoge) went down last month and has not yet been restored. As a result, I simply don’t get the emails that people are sending me to that email address.

    I tried contacting support about this, which brings me to the second problem: Lelantos support does not respond. For a free service, that’s normal. For a paid service, that is disappointing.

    This was the second time I contacted support with the same lack of result. In December, the automatic PGP encryption bugged up and emails arrived with empty bodies (instead of being automatically pgp encrypted).

    In summary, I’d give lelantos 3 stars out of 5. I still recommend it to everyone I know. They just need to stay on top of things like keeping the domains online (worth 1 more star) and answering support emails (worth 1 more star), and then they will be 5 out 5 stars.

  4. I can confirm, that they are never replying! Strange, maybe the server are running alone now? :D

    Maybe Protonmail (based in Switzerland) will be an alternative, but I think their traffic is not tunneled through TOR network.
    But the traffic is heavily encrpyted, too!

  5. I almost went to try out Sigaint until I saw the blatant marketing attack on Lalantos. With obviously phoney marketing by pushing down another company so close together in time *most articles here dont get quick comments. Being an SEO master misinformer I see it clearly. Cannot trust a security company that lies on anything. Make sure you access that site without any type of Javascript inside of Tails. Use your own encryption so you dont end up at a commercial honeypot for the LEOs

  6. any updates since the breach this past spring?

  7. Your email system has been used this year in an abduction/kidnapping of my brother in Costa Rica. You are in fact aiding criminals with your covert email system. My family is still receiving threats and your system is in large part to blame for inability to track these criminals.

    As smug as you are, you are a criminal by association.

    • Sigaint is in no way to blame for the kidnapping of your loved one! These criminals could have used a many number of untraceable methods to contact your family, even other email services through Tor, or an anonymous email completely that cannot even be replied to. It is crazy we live in a world where someone can get kidnapped and the kidnappers are not even blamed in major part if the kidnapee is never returned or the police cannot help in time. Just as it is not a ski mask making factory’s fault that robbers use their products for crimes, an email service is not responsible for what an individual decides to do with that service in their own head without consulting the company for guidance first.

    • Mr.Invisible

      David,

      Its a shame your brother was kidnapped, although really it isn’t the fault of independant private email providers,nor are they in anyway criminal by association. I’m sure that your pain in regards to your brother is deep and we all feel for you in regards, but private email services like this are what also saves many people from being kidnapped by governments, tortured by them, and many times killed… Im sure your brother is still alive and well, where as others who have been kidnapped like him, because they spoke out of context with their governments view, are suffering quite intense pain at the moment.

      Thus, I propose for you to give us please the email of these kidnappers, so one of us could send them a trojan/RAT/bot, which maybe they will open, thus discovering your brothers location. Not all Costa Rican kidnappers are as technically savvy as one would imagine… Possibly opening a file one of sends with “bank account information”… Or a special “picture”…

      Another thing, please apologize to all of us first, and the creators of Sigaint, a beacon of true privacy and freedom, and we will see what can be done, and if these guys fall victims to our methods.

      Have a good evening,

      Mr.Invisible

    • Hello David,

      Not only is what you said untrue but your stance is that of someone who doesn’t value freedom.

      Let me put your message into context. Let’s say I live in an apartment building. Down in the lobby there are dozens of mailboxes with the apartment numbers on them. As it turns out one the people who live in this building has been receiving mail in the form of blueprints on how to build bombs, slipped right there each day into the mailbox of the offender next to all of the other people who live in the building. Using your example all of the people who live in the apartment building are guilty of receiving bomb making supplies via the mail because the other people in the apartment also use the mail.

      In no way is any user of this site guilty by association of what happened to your brother and the sigaint service itself isn’t guilty of anything either. It simply delivers message from one party to another. You are trying to find someone to blame and I find it despicable.

      As MR INVISIBLE said. Please issue us all an apology for your horrible comment.

      Chicken P

    • Natalie Fazzone

      Yes you’re right, they are aiding criminals. I can’t believe this site is even legal. They aren’t protecting freedom of speech, they’re interfering with the tracking of people doing things to harm others. If someone believes in freedom of speech and thinks that threats fall under freedom of speech they should let them make threats at their own risk, not cover them up.

  8. this is a scam ! they never ansfer and the service is totaly not working for nucleus vendors . I pay the coins to enter an accound there . also all the information there abboud top vendors are almost all scammers .

    no I have one question why need alphabay your vendors link from grams ? are they related ?
    annyway I paid 4€ to create my accound there and there is nothing happen for weeks now . if i enter my pgp they find nothing and also for my username nothing .

    last thing you must email to an non tor mail adres for help.
    LOL who is gonna buy this crap ?????
    fucking scammers they are

    • TheOneWhoRings

      Judging by your writing style I reckon you’re not the sharpest tool in the shed. Anyhoo, the service works as I’ve been using it for months now. Do not blame other people for your inability to follow a simple procedure, thanks.

  9. blaming the email provider is tantamount to blaming the car manufacturer when a drunk driver kills someone.

    Being anonymous is a part of natural law. A creator-given absolute right.

    Blame the criminals not the tools. I want to be anonymous because I love my privacy. I do not do anything illegal whatsoever. Just don’t want others sticking their noses into my business.

    How about feeding the child rapists (raping kids under 12) to crocodiles when caught? Make it public for all to see. Nice deterrent.

  10. The email-service doesn´t work well. The text in the emails doesn´t appear. If you send emails they doesn´t deliverd to the recipients. They don´t give support.

  11. Additional I triede their mixing service Pay Shild and I don´t get my coins or a reaktion from the support. They are SCAMMER!

    @deepdotweb: I don´t understand why you make advertising for them. You are the reason why I tried that service. It was a mistake!!!

  12. drew cunningham

    you guys are really complicit in the countless thefts which occur by the fraudsters who use your service……it’s total bullshit

    • Your comment is the equivalent of blaming the makers of fertilizer for people that use it to make bombs.
      This service is intended for people that have privacy or safety concerns that require anonymity, such as those trying not to be censored by an oppressive government, or kidnapped and tortured by a corrupt government.
      It is not the fault of the creator for how something is used. This includes guns.

  13. This is a good opportunity to give people ,the consideration, I know you can give, to have services that they normally won’t have. I am a USA cashier and I would like to work with someone who has the sources of Track 1& Track 2 with pin.. please contact me and I will show you a real honest Cashier. But all who have guess work need not reply.

  14. I use sigaint to remain anonymous while turning in botnets pedos to the FBI… The feds have leaks and i would not do it unless i was halfways confident my identity wont be revealed.

  15. Anonymous Custard

    I’ve only recently opened a Sigaint account. I live in the UK, and simply want to avoid the government surveillance imposed on me by the Investigatory Powers Act. Since the IPA was proposed I’ve gone dark as best I can. VPN, Tor, Protonmail and Sigaint. That should make routine tracking of my internet usage a bit more difficult for the UK government. Incredibly I know a lot of people who say ‘I’ve nothing to hide, so I’ve nothing to fear’. I disagree – we’ve all got the right to privacy, and the UK government have no justification in blanket data retention of ALL internet/phone usage of everyone in the UK!!
    Rant over.

  16. All the negativity from those against SIGAINT are guilty of misleading and possessing ulterior motives. It’s obvious to me because they make many illogical statements and then recommend an inferior product. Also, be careful I believing the trolls type online. Many of them are paid to misinform by state entities.

  17. hi what has this Email system got to offer that is better than proton mail

    • tor user

      sigaint.org is darknet. it’s more anonymous. you need tor to access sigaint which has an .onion.top address. Currently sigaint is down, both the .org and .onion.top

  18. Sigaint is shut down it seems

  19. It seems like Sigaint mail is down for 3 days now. Wonder if it’s gonna be back again…

  20. no news from sigaint.

  21. Интересно.Sigaint вообще заработает ?

  22. Pinging sigaint.org shows there is no working DNS record for the domain.

    [code]
    ping: unknown host sigaint.org
    [/code]

    Whois info is now behind PrivacyGuardian.org protection with Cloudflare DNS servers.

    I could swear this reflects a change from what was once showing an non-US domain registrant with no hidden contact info. Was it in Italy? Can’t remember.

    For now, I use mail2tor.

    http://mail2tor2zyjdctd.onion.top

    The IP I captured from signing up and sending a message (to a disposable address) shows up in Russia.

    Their whois is hidden behind WhoisGuard, which makes registrant show up in Panama.

    Good luck law enforcement getting much out of them.

    The game of whack-a-mole continues…

  23. Ex-Sigaint Fan User

    Bye Bye Sigaint… 10 days OFFLINE without any warning or news! From now on, i will ONLY use yearly paid email with no ADS… why? Because they don’t want to lose yearly money. Would you? NO!

    • EX-SIGAINT FAN USER

      Update: right now i’m using Mail2Tor and it’s fine! But i will buy lelantos email too, because i don’t want “put all my eggs in the same basket” for security reasons.

  24. FuckYourNameFieldWithARakeAttachedToARotaryHammer

    Sigaint is DOWN as of Feb 10, 2017.
    Sigaint appears to be permanently DOWN.

  25. It is annoying to see people assume the worst. Any number of reasons could explain why they are only temporarily down. I agree that after ten days of waiting it gets annoying and is easy to think that there may be a serious problem. Still without confirmation, a couple weeks unfortunately isn’t enough to know much. Give it a good month or two and if there is still no word, they likely closed their cases. Had they been busted I don’t see why the agency responsible wouldn’t just keep their servers open and monitor the activity, nothing new. So unless it was a low-level effort to shut them down, one could as easily speculate that there is some other cause.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Captcha: *