
ProtonDrive Security Model - johnnyballgame
https://protonmail.com/blog/protondrive-security/
======
vertis
I tried really hard to move to protonmail and detach from a Google ecosystem,
but really struggled to import my existing emails (their import/export tool
was incredibly prone to breaking).

You're also locking yourself into an ecosystem without open apis. If you want
mail on your phone you have to use their client, if you want it on the
computer you need to install the protonmail bridge (which seems to restart
itself and overlay over the top of whatever you're doing)

The apps don't seem to behave well on MacOS either, something about how the
windows are designed means that they won't show up in the Mac cmd+tab
switcher.

All this means that their security model is irrelevant to me, if I can't do
the basic things that I need to do.

~~~
dleslie
The ProtonMail app is open source: [https://github.com/ProtonMail/proton-mail-
android](https://github.com/ProtonMail/proton-mail-android)

As is the bridge, and others.

I moved over ~6gb of emails without issue. I set up the bridge and transferred
everything from Google to ProtonMail.

~~~
dgellow
I don’t have that much emails and faced lots of issues with the import tool,
moving from a gmail account.

After more than 10 attempts and 3-4 exchange with their support I still have a
few emails that haven’t been imported successfully.

Other than that I’m a happy user. But I think that they should invest more in
the bridge and importer/exporter tool, the user experience really isn’t that
great.

~~~
lowwave
yes, very interested in the emails you can't import. I don't work for
ProtonMail btw, just have quite bit of experience with smtp and email. Just
curious from a tech perspective what kind of email you are having trouble
importing.

~~~
neltnerb
I had tons of issues with mailman added headers causing entire HTML messages
to be interpreted as plain text, rendering their encoding tags visible. I
think they fixed this. I was still a bit surprised that this was an issue 1+
years into the IMAP bridge.

Big plus is that if you complain about this to their support things actually
seem to get fixed? That was kind of a shocker, I'd suggest sending them a note
if you have issues. Though this particular IMAP transfer between accounts has
worked between my other email accounts (exchange and some linux server long
ago) and gmail since I first tried it so it's a little sad. But a smaller team
I guess? But paying for it so...

Mixed feelings for sure.

------
barrister
The problem I have with ProtonMail or ProtonVPN is that they rely upon Neustar
to handle all of their perimeter security, meaning that every single client
that accesses their services will be inspected by Neustar, which IMO defeats
the purpose. At the moment, I don't trust Neustar, and presume they're a US
military contractor (located in Virginia).

~~~
guerby
protonmail states they're using Neustar for DDoS protection of their network:

[https://protonmail.com/support/knowledge-base/email-ddos-
pro...](https://protonmail.com/support/knowledge-base/email-ddos-protection/)

Very few players have the capacity by themselve to handle a large DDoS these
days.

And I'm not sure when talking about protonmail kind of encryption that Neustar
has any special access to keys relative to say Level3, cogent or any transit
provider between you and protonmail.

But may be I misunderstood your comment?

~~~
barrister
Not as long as it's understood that I feel Neustar was a poor choice given
their line of business.

~~~
imwillofficial
Or, they are a great choice. Defense contractors have unique defensive
insight, and if properly fire-walled off from their other lines of business,
can be of a net benefit. I worked for a British defense contractor, as an
American working with the U.S. DoD. We were careful to dot our I's and cross
our T's, but over all it worked well.

~~~
XMPPwocky
Would you say the same thing if it was, say, a Chinese defense contractor?

~~~
jjcon
No why would you? The US has checks and balances to minimize abuse and keep
data requests limited to the national security domain (like most countries in
the western world or eyes alliances). The other has no such checks on those
powers.

~~~
AnonHP
Do those "checks and balances" really matter in the light of what we've
learned over the last seven years (and even before that)? It doesn't seem like
there's much of "minimization" going on from the three letter agencies.

~~~
jjcon
They do matter, completely. Has the data from national security programs ever
been used for non-national security purposes (ie in public policing for
instance)? It is rare if not unheard of in most western countries. Conversely,
it is used all the time for censorship and policing in China.

These checks and balances declared the metadata programs unconstitutional.

[https://www.cnet.com/news/appeals-court-finds-nsas-bulk-
phon...](https://www.cnet.com/news/appeals-court-finds-nsas-bulk-phone-data-
collection-was-unlawful/)

Is the system perfect? Not even close, but it does strive to minimize abuse.
Plenty of countries here in the EU have national security programs that
operate in a similar fashion. The goal shouldn’t be no data collection, it
should strive to minimize abuse and keep collection limited to that national
security concerns. None of that is true of the programs in China.

~~~
XMPPwocky
"Conversely, it is used all the time for censorship and policing in China."

Sure- in China. I'm not in China. Censorship might be a problem, but outside
of that, I'd much rather have the Chinese government (and even Chinese local
police!) have my metadata, and even data, than give the US national security
apparatus the same access.

Corporate IP is another exception to this- it's pretty clearly better that the
US, rather than China, have access to my work data.

But for, say, a Snowden-esque whistleblower in the US- can you really say
they'd be better off with, say, DHS having access to all their data instead of
the Chinese government? Obviously ideally nobody would, but for them, a system
whose failure mode is "China can associate your IP and email address" is, I
believe, dramatically better than "DHS/NSA can associate your IP and email
address".

~~~
jjcon
> But for, say, a Snowden-esque whistleblower in the US

Sure if you are acting on the state level against US or European governments
China would be better but for everyone else I think it’s extremely safe to say
US/EU.

I’ll add though that I am fairly confident the security of your data in the
hands of the Chinese Government is far less secure than when in US/EU. Just
last year hundreds of millions (yes hundreds) of social media logs and private
chats were released on the web from a hack on a Chinese surveillance system.

------
hendersoon
The killer feature here isn't end-to-end encryption, other services offer that
and you can trivially roll your own with rclone, but the flexibility to share
files on your filestore with other users without compromising that E2E
encryption. I haven't seen anyone else offering that in a usable manner.

Pretty neat stuff. I hope they open-source it so I can self-host.

~~~
bradam
There is a few end-to-end encrypted storage providers[0][1], where you can
share your files externally with other users without breaking the encryption
for a long time.

Disclaimer: I work for the second one.

[0]: Sync.com [1]: Tresorit.com

------
MisterKent
>model prevents any attacker who gains access to one of our servers from...

If an attacker gains access to your server, they can just inject javascript to
gain access to whatever they want on the client's browser. I'm a big fan of
Proton* products, and pay for a variety of their services.

However, I can't really get behind this method of data storage. But, it is the
best option I've seen for centralized file storage. Syncthing is what I
currently use for distributed storage, and I share encrypted files over that.
Anyone have a better idea?

~~~
dleslie
How many people are going to be using data storage through a web browser and
not as a phone app or desktop background service?

~~~
protonmail
ProtonDrive will launch as a web app first, but desktop and mobile apps will
follow.

------
tomohawk
Since the drive can be used to store and share docs related to sensitive
topics such as covid, will this prevent it from being used in the Apple store
unless they put filters into the app?

~~~
deathgrips
Protonmail should probably establish an Oversight Board to decide when to
delete controversial files.

~~~
or-gate
What? Why should I even trust them vs Google/other big corp?

------
imwillofficial
I went in hard with email security a year or so ago. In the end I decided it
was a broken system if security is the goal. I signed up for Hey and have
really been enjoying it. I keep any secure comms on more secure platforms like
Signal or Telegram.

~~~
soziawa
Telegram shouldn't be considered secure due to the lack of e2e encryption by
default.

~~~
theshrike79
Because 99% of people will choose the option with better UX instead of E2E.

I can grab any device (laptop, phone, tablet) and continue my group chats in
Telegram.

E2E would require me to use only one device for that specific chat, which is
makes it really hard to explain to a layperson.

~~~
dchest
Nope, there are plenty of chats with e2ee and all the conveniences you’re
mentioned.

~~~
dgellow
Do you have examples? A chat application that has E2E and also let you carry
your conversations between devices, that doesn't require you to pass through
your mobile the way WhatsApp do it?

~~~
AnonHP
Wire (wire.com) has done it. You can install Wire on multiple devices and have
the chats sync up. Every chat is E2E encrypted, one-to-one or group chats.

Even Signal Desktop does not require the communication to pass through the
phone (or even to have the phone around after setup). WhatsApp is the odd one
in this respect.

~~~
dgellow
How does Wire do it?

Regarding Signal, they say this on their website:

> Signal Desktop is a Chrome app which links with your phone, so all incoming
> and outgoing messages are displayed consistently on all your devices.

[https://signal.org/blog/signal-desktop/](https://signal.org/blog/signal-
desktop/)

That seems similar to what WhatsApp does, but I haven’t tried myself. Do you
have more details on how that would work without passing by the mobile app?

~~~
int_19h
It links to your phone to authenticate you. But from there, all messages are
sent and received directly from the servers to all clients. So if your phone
is off, but your desktop is on, the desktop client still receives them.

The catch is that if your desktop is off, it won't be able to "catch up" later
on any messages that it missed. Although I don't see why that's impossible to
implement in principle.

------
lxe
I'm guessing the password is tacked onto the URL as a fragment, which browsers
do not send to the server. But this means that it relies on the trust that
browsers follow this requirement.

~~~
natcombs
It looks like you are correct, but only if you let them generate the password.
If you define your own password, then you would have to share it via another
channel-

>> While the Proton server will know the URL, it will never receive the
password.

>> When creating a new shareable URL for a file, the web client will first
confirm that a share directing to the file exists. The passphrase of this
share must then be encrypted with the new password associated with the URL.
This new password is either randomly generated by the ProtonDrive client, or
is specified by the user.

>> In the case of randomly generated passwords, the user can choose whether
they want to include it at the end of the URL, equivalent to sharing the
content publicly. This section of the URL isn’t shared with Proton servers,
making the password and the content inaccessible to Proton. Alternatively, the
user can choose to share the password separately.

>> In the case of user-defined passwords, this option isn’t available and the
password must always be communicated separately.

------
chromedev
I simply can't get around Proton's pricing model. A lot of services already
work with rclone, which has a crypt backend on top that encrypts everything
stored in the cloud. With ProtonMail's current Visionary plan, you get 40GB of
storage for $30/mo and with ProtonDrive it looks like you'd get maybe 140GB of
storage for $30/mo. G Suite is $12/mo and you get unlimited storage. If you're
worried about security, you'd simply use GPG on top of IMAP or Mailvelope.

~~~
bradam
Would your mother understand the "simply use GPG on top of IMAP or Mailvelope"
part? These E2EE products are not for the tech savy users, who are willing to
go to the extra mile.

~~~
chromedev
Gpg4win and Mailvelope are very easy for the average user.

------
everdrive
I like protonmail a lot, and I'm a happy paying customer. But, I'm a bit sad
they're rolling this out instead of improving their mail product. I don't want
a google drive replacement. I suspect other users probably do.

But, I don't think people should generally be storing files in the cloud. And,
I with Protonmail were finally finishing support for FIDO2 authentication
rather than rolling out a cloud storage solution.

------
DevBih
Never really had issues with Bridge and have been a professional subscriber
for about 8 months. I got the subscription mainly to use my ProtonMail email
address with Thunderbird instead of mail client on MacOS. I don’t agree with
the “LAZY” way around getting a basic app install on Mac and p.c. Either way,
I’m still a satisfied customer and haven’t had any issues with my emails and
transfers.

~~~
Vaslo
I agree here. Literally never have issues with having separate phone app or
bridge on PC. Most of these complaints are the typical over engineering stuff
that gets built into things and takes up time and resources and less than 1%
care about.

------
known
If password is reset, protonmail says I will lose all my mails; Is it rational
?

~~~
thefrozenone
I recently reset my password; providing the old password any time you remember
it allows you to decrypt old emails (in the case of Proton, your password is
the AES decryption password for your PGP RSA key [0]).

[0] [https://protonmail.com/docs/business-
whitepaper.pdf](https://protonmail.com/docs/business-whitepaper.pdf)

------
waynesonfire
uh huh, still waiting for that calendar.

~~~
dillon
From what I read they weren't setup to host multiple apps and needed a
somewhat large refactor to do that. The calendar on beta.protonmail.com is
probably what will be released to production.

The only thing to smooth over, from my understanding, is the fact that they
did a lot of refactoring to become multi-app.

Disclaimer: My understanding could be wrong.

------
johnnyfaehell
For me the key feature(s) I want that Proton doesn't have is the docs and
spreadsheets. If you're already on Google Suites/apps it's hard to move over
without those.

~~~
chromedev
If you want secure email on Google you can always use GPG with IMAP or
Mailvelope. Additionally, for Drive storage you can use rclone with a crypt
overlay.

~~~
johnnyfaehell
It's more I don't want to use Google than I want secure email or secure
services.

~~~
aladine
Another vote for Fastmail.

------
Yc4win
I would _never_ trust anything *proton. They hide behind Swiss law but will
cave to any serious American request for info.

~~~
dgellow
What is your threat model?

~~~
Yc4win
Anything and everything. I'm serious.

~~~
johnnyballgame
You probably shouldn't be posting on HN.

~~~
Yc4win
I understand what this site is about so no issue here.

~~~
pbhjpbhj
Michael? Perhaps you shouldn't trust this site, it's all randoms just like
anywhere.

