Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: How secure is Protonmail really?
27 points by lenova on Sept 29, 2018 | hide | past | web | favorite | 19 comments
... and should I move my custom domain over to it for email?

I can't actively say too much about the security of Protonmail.

However, I do know a lot of people that know the founder (Andy Yen) socially and they all uniformly think he's a scumbag. (Doing things like going to car shows with a junker saying that his nice <insert car here> is in the shop, other generally sketchy/manipulative actions.)

Overall, I'd say Protonmail is good at being a hype machine and while there may be some technical correctness in what they're doing, it's not a business you'd want to rely on.

How is showing off a junker at a car show a manipulative action?

I should've included an extra clause or two there.

Showing up with a junker with the explicit purpose to pick up chicks. And doing this repeatedly/bragging loudly about it.

On one hand it doesn't necessarily speak to the guy's technical capabilities. On the other hand, I at least wouldn't trust the guy to be principled enough to not pass this stuff over to <insert x group here>. (Especially if it was at the right price.)

May not be manipulative, but it certainly speaks to Yen's state of mind.

Insecure about his junker car?

So what?

Regarding security I can't say much, if you plan to use the e-mail professionally I would recommend another provider, as it's still not possible to bulk export e-mails (after many years of asking for that feature). For me, data security includes availability, and if I can't export my e-mails periodically I'd say it's not really secure.

ProtonMail appears to be secure so far but a couple of weeks ago there were some accusations levelled against ProtonVPN by PIA. While a lot of it was debunked but anyone pursuing the thread would be left with a bit of cynicism.

But here’s the caveat, no matter how transparent they are or how many white papers they publish, there’s no way to verify what is actually behind the hosted service. If your threat model includes a nation state then anything short of self-hosting would be risky. If your threat model involves getting away from google and trackers then it should be safe bet. For that matter even other providers like Fastmail or Zoho would be a good choice.

Only the ProtonMail web client is open-source. Their mobile apps are still closed-source, even though ProtonMail has been advertising themselves as "open source" since 2015.

September 17, 2018: "Our apps are planned to be open source by the end of the year. Your patience is greatly appreciated."


Not sure what you mean by 'secure'. If you send a person an email with ProtonMail, it defeats all the security that ProtonMail has (unless it's to another PM email). You should only rely on yourself for security. Start using PGP and demand that all your friends/relatives use PGP. Only sign in through Tor, use different emails for different services, etc.

You can't rely on a company to provide you security or privacy.

> Start using PGP and demand that all your friends/relatives use PGP. Only sign in through Tor, use different emails for different services, etc.

Good luck with that. Security that no one uses isn't security at all. Placing those demands on everyone else in your life is going to result in fewer emails, not more secure emails.

> Placing those demands on everyone else in your life is going to result in fewer emails

Sometimes this is a good thing.

It isn't a matter of whether it's "secure" or not. The problem is that their security model is based around JavaScript code being pushed to your browser where all the "cryptography" will happen. Yes, maybe your e-mails are actually encrypted. But let's think that for example their servers get compromised, by exploiting whatever vulnerability they have, or even one of their employees gets phished. The attacker will be able to serve you a malicious JavaScript file and get your passphrase and decrypt all your e-mails.

This risk is real even in the hypothetical world were everyone uses ProtonMail, but in the real world you have a bigger risk: most people don't use ProtonMail and the risk of your e-mail being included/forwarded whatever to a "plaintext" service is really high.

I would recommend to avoid ProtonMail and other e-mail services that claim to be secure, and stick to end-to-end solutions like Signal/Wire/WhatsApp.

The issue with ProtonMail is that they rely on having your private key and doing cryptography in a browser. That basically defeates the "end to end" aspect which, in my opinion, is a serious matter.

I've considered using it but saying nothing of the quality of the service itself, I saw it as a bit of a surveillance goldmine for anyone with an interest in monitoring people that use secure email, and you have to trust them absolutely, which is impossible for me so their selling point is rendered moot.

I can't say whether or not Protonmail is secure, but I'll warn you right now OP: this is a bit of a loaded question on HN. Don't expect a straight answer.

They were hacked a few months ago, though I'm not sure what it entailed. Service was down for a couple days on and off.

"... and should I move my custom domain over to it for email?"

What are you trying to achieve? What are your goals?

Nothing is secure

That wasn't the question

Applications are open for YC Summer 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact