Given Proton Mail’s fashiness coming out of the woodwork, lots of folks are looking at switching away — but they have a reasonable concern: Aren’t Proton Mail’s privacy features special, different from a normal mail provider?

@inthehands I completely agree that it’s a weird and niche product category, because there aren’t many people who would pay significantly more for an objectively worse email client experience, under the promise that subverting this ONE confidentiality trust point would result in the complete collapse of their product and that they are full of employees who would whistleblow at the first whiff of it. That trust is a fragile and political thing and Proton’s founder really tarnished it

@inthehands Oh that’s a good point, I misunderstood that you were looking at this specific feature, rather than the overall benefit of using an E2EE provider when 99.9% of emails one sends / receives is not E2EE.

idk how their passphrase-locked mail is technically different than something like https://wormhole.app

@inthehands You’re correct that mail ingress / egress is exposed to the email provider, but with E2EE the provider must be intentionally and covertly wiretapping you the whole time. Most companies who receive court subpeonas are able to hand over your entire archive of data at any time, but the scope of what’s available to E2EE providers may be significantly less since your archive is stored with keys they don’t have.