Given Proton Mail’s fashiness coming out of the woodwork, lots of folks are looking at switching away — but they have a reasonable concern: Aren’t Proton Mail’s privacy features special, different from a normal mail provider?
-
@[email protected] as a former email quasi-professional I've always had some concerns along these lines, so thanks for this thread!
-
@jhlibby
I know the CEO said something bowing ro Trump, but I'm not sure what else OP and you have in mind here. Is there a good article about what they're doing that's fashy?
@inthehands -
@heymarkreeves @inthehands Thanks for recommending our private email service. Any questions, we're here to help!
-
I honestly see no advantage of Proton Mail over just saying “let’s take this conversation to a secure platform (e.g. Signal).” And if you do that, you’re using a protocol that was actually •designed• for E2E encryption instead of trying to bolt it on the side.
I am not a Proton customer, so I may be missing something here. Am I?
If I do understand correctly, it seems like the security benefit of Proton Mail is mostly theoretical, weak sauce in practice.
5/
-
@inthehands A few reasons I use protonmail (I might be wrong):
* android apps apk available
* Swiss based not US based
* Their privacy policy doesn't have marketing/profilingBut obviously disappointed with the CEO positions.
-
Paul Cantrellreplied to Paul Cantrell last edited by [email protected]
In particular, if you use Proton Mail, a hostile government wants to surveil your email, and Proton Mail (with its quisling CEO) decides to oblige:
- They can still surveil everything sent to you by other parties.
- They can still surveil anything you compose in your preferred non-Proton email client (e.g. Mail app on your phone). [CORRECTION: They lock out such clients altogether on mobile, provide fiddly local relay for desktop]
- They can still backdoor their own product offerings (which is likely to go undetected without an open protocol with multiple clients).
- I suspect (but don't know) that their architecture that supports webmail also makes blanket surveillance possible.6/
-
Paul Cantrellreplied to Paul Cantrell last edited by [email protected]
Here’s an in-depth analysis of Proton Mail’s security architecture as of 2021:
https://eprint.iacr.org/2018/1121.pdf
It’s highly technical, but here’s the headline: “As it stands, ProtonMail does not meet its self-professed security goals when these are subjected to analysis.”
Maybe they’ve improved things since 2021. [Update: They don't think the paper makes a good case: https://proton.me/blog/cryptographic-architecture-response ]
Still, fundamentally, Proton Mail is trying to make a pig fly here; email protocol just weren’t designed for E2E encryption. There will always be leaks, slips, gaps.
7/
-
You might like Proton Mail because of quality of service, or privacy policy, or not hosted in the US, or other reasons like that. Fine.
But AFAICT, there is not a compelling technical argument for their service •in realistic practice• being significantly more secure or resilient to server-side surveillance than any other credible email provider.
Again, if somebody with deeper knowledge of Proton Mail’s technical guts has better info, please let me know.
/end
-
@inthehands Thank you for that well-composed thread.
May I ask what you use for email?
-
John Mark Ockerbloomreplied to Paul Cantrell last edited by
@inthehands Not only is email not technically designed for E2E, it's not really socially designed for it. Given that email addresses get shared with various people and organizations, and they're common vectors for spam, phishing, and the like, I'd assume most email users *want* their ISP to be able to scan and filter that stuff out, rather than try to do it themselves. But that means it can't be E2E, and the users have to have a certain level of trust in their ISP.
-
@inthehands I wasn't sure where in this thread to reply, but I was told yesterday that the "secret sauce" bit to Proton (and Tuta) is that only you have the decryption key to read the contents of your email. For example, I read Tuta's security page yesterday and their email search index is on your machine, because they can't do it.
So, it's slightly better than what is obviously a protocol never intended for private communication. Having said that, I did prefer that my email was sat outside of US jurisdiction (Cloud Act) vs having to go through an international warrant.
Good thread, thanks for putting it together. Email is definitely one of those things that are old enough that people won't know this stuff. That everything is encrypted in transit is something I learned, actually.
-
@greycat
Sure. You probably know more than I do on the topic, so please correct anything I posted that looks sus. -
@_dmh @jhlibby
I don’t have an article; it’s posts on here about the CEO’s remarks — and deleted posts from the company’s official account — that I’m referring to.In my view, it’s a “where there’s smoke there’s fire” situation: if they’re doing something fashy behind closed doors, you’re not going to hear about it until it’s way, way too late.
-
@PublicWolf
Pobox, since the late 90s (!), which was bought by Fastmail in 2015 and has remained excellent since then. -
@tehstu
AIUI, Proton still kind of sort of hangs on to the secret key to provide services like webmail. Check that security paper. They may have improved things since 2021, but as you say, it’s a rickety proposition. -
I [email protected] shared this topic
-
@[email protected] I think you're almost completely correct on everything. My only nit is this point:
" They can still surveil anything you compose in your email client (e.g. Mail app on your phone)."
Proton does not work with the standard mail app in ios. You can only use their app because that's the only way to (de|en)crypt your emails. On desktop, there's a "bridge" that does that job before your client sees the email. It's like a local IMAP/SMTP server that your client talks to, and sends encrypted email up to their servers. -
@inthehands Thank you! Very kind of you to reply.
I'd been trying to choose between Tuta and Proton, but just yesterday was told of Fastmail.
Thank you again!
-
L [email protected] shared this topic
-
@Willow
Ah, I didn't know about the local IMAP/SMTP on desktop. So •some• non-Proton clients can still preserve encryption. -
H [email protected] shared this topic
-
@PublicWolf
To be clear: using Fastmail is basically just saying, “feh, email isn’t designed for E2E encryption, I just have to trust my provider.” Which I think is the correct answer, but…just to be clear.Tuta attempts to solve the same problem as Proton Mail, but is much much more explicit about where the E2E encryption boundary lives. That makes it more annoying, but probably also more secure in practice (because you’re very clear about what is and isn’t encrypted).
