freedomhacker.net/list-of-secure-email-providers-that-take-privacy-serious/
Anyone here with actual experience of any secure email service for the pc?
I’ve had some experience with ProtonMail — it’s still rough around the edges, though. I’m optimistic that it will be more ready for prime time after a few more refinements.
This depends upon how much security you want. Are you concerned about the collection of metadata? i.e., who you are talking to and when? If so, you're going to need things like anonymous remailers. If you just want to encrypt the contents of your mail, you need to look for a mail client that has support for PGP/GPG. I use thunderbird with the enigmail plugin, that does a great job of making encryption/decryption/signatures pretty seamless. The big problem is getting other people to be able to handle encrypted mail.
I've been singing the virtues of encrypted mail for a long time now. Until people actually start valuing their privacy, and more email clients integrate standards-based encryption, it's a losing battle. One big problem is that the government has been putting pressure on companies for a =long= time to make sure encrypted mail remains a niche thing. If MS-Outlook (ugh) supported PGP, you'd find people a lot more accepting of it. You won't see that from Microsoft though, until they have absolutely no choice about the matter.
If you want secure mail you cannot use web-based mail like gmail. That's because decryption has to take place locally. You must control your private key, or you have no security. I could see how it might work in browser-based email, but it would be harder to implement correctly (and securely) than a standalone email client, because your browser would have to have access to your private key. Given the vulnerabilities that have come to light with browsers in general, and javascript in particular, (which would be a likely method for implementation), I just don't believe it would ultimately be workable.
Public-key cryptography is the best tool to use for encrypted email because you don't have to have previously shared a password to decrypt the message, but it's not all that is available. PGP/GPG also does symmetric algorithms like 3des and AES. Again, the big problem with using more 'conventional protocols, is that the message is encrypted with a passphrase, and you need to be able to communicate that passphrase to the recipient securely. There are some pretty straightforward ways of creating passwords algorithmically, but such methods rely emphatically on secrecy of the method you use. Security by obscurity is not something to bet your life on.
Bottom line, look for email clients with PGP or GPG integration as your best bet.