There's plenty to criticize about Protonmail but this article is sensationalist bullshit. I'm surprised the HN population is letting itself be goaded like this.
> Leaked documents at Wikileaks show that the CIA requires emails to be stored as an EML filetype. There are several ways to store emails, and Protonmail has selected the format that the CIA requires.
Wait until they find out about other standard file formats; the possibilities for collusion are endless! The ACLU is colluding with the FBI, because both use PDF!
Yeaharguments here seem far fetched - like "developers aren't using protonmail" - based on github profiles ? My github profile is associated with my gmail account because that's what I used back in 2010 when I signed up, I've since added my personal domain but I still probably have gmail as my default on projects
Of course they don't. If something goes wrong with a service you don't want the people paid to bring it back online to also be dependant on it being up.
This article is crap:
1) Claimed redirection from .onion to .com does not deanonymize the user.
2) Protonmail does provide e2e encryption. It's just that you auto-update your client (a JavaScript app) every time you visit the website, so you have no chance to discover potential targeted backdoors.
"Preventing abuse" is generally equivalent to surveillance - identifying a session as being associated with some longer lived identities. Their explanation makes me less comfortable for why they're doing it!
Redirecting to the https site is a bit less secure than the hidden service, in that your traffic will only go over 3 hops (TOR client) rather than 6 (TOR client + hidden service circuit). But AFAIK they could also write a modified TOR client that served a hidden service without any additional hops. Those additional hops are best seen as security for the hidden service rather than the user. Also, a hidden service for a well known business is kind of a pointless marketing gimmick.
Point 2 is very problematic though, you can write a browser extension that compares the checksum of app.js, but if it changes and it is just minified obfuscated code, how will you know it's safe to execute. You don't.
Same applies of course to chat apps that offer end to end encryption.
Maybe it's safe for messages to be intercepted, but can you trust the application decrypting messages and displaying to do just that?
You can use the mobile apps for kind of migrating it. And for point 1) through. I get that it's the same infrastructure but surely they could find a way to disable ssl on onion
Indeed. The article intermixes a few very valid points (e.g. web-apps practically cannot be audited because there is absolutely no guarantee the server will serve everybody the same code and delivered code can change with every request) that one should be aware of before using a service like protonmail. But there are better articles discussing things like that.
And then it really quickly diverts into "it has ties to MIT which has ties to NSA" 6-degrees-of-Mossad drivel. Congrats, everybody who ever studied at or worked at/with MIT is a spy now.
If you're really concerned about someone stealing your e-mail don't store it on a server! I download all my e-mails to my laptop using Thunderbird, where I store them in an encrypted filesystem. I make daily encrypted backups of the e-mails which I store in the cloud, the encryption key never leaves my device. I keep 3 months of e-mails available online so I can search through them on my phone (which is an acceptable risk for me). IMHO services like Protonmail offer very little additional protection over that.
Few people remember this today but downloading e-mails was the norm in the early 2000s and before. You would only keep a few weeks or months of e-mails on the server and then either delete or download them, as providers didn't offer very generous storage quotas. It was only with the introduction of GMail that this changed because Google offered "unlimited" storage (since they wanted people to store all their e-mails online so they could mine them).
BTW Protonmail doesn't need to inject extra JS into your client and wait for you to login in to decrypt your e-mails, they receive them all in cleartext and they send out e-mails for you in cleartext so they can simply log them without any modifications to the client code.
You can have encrypted offsite backups for cheap a la backblaze (and slightly more expensive with other providers if you have principled objections to backblaze).
Depending on your POV it is either a mild story or a non-story. It certainly doesn't meet my threshold for avoiding a service, but some people are more sensitive.
I'm not trying to protect against state-level surveillance, that would be hopeless IMHO. I'm protecting against a hacker stealing my entire e-mail history from the last 5-10 years.
Even if you use a secure email service (whatever that means), the other party you're emailing with rarely does, so the NSA/CIA/MI6/whatever still has access to your 99.9% of your email traffic. If you don't want this, then don't email.
I truly don't get why we're having these discussions here on HN.
If you are attempting to leak state secrets (as was the case of Edward Snowden) or going up against a powerful state adversary, email may not be the most secure medium for communications. The Internet is generally not anonymous, and if you are breaking Swiss law, a law-abiding company such as ProtonMail can be legally compelled to log your IP address. A powerful state adversary will also be better positioned to launch one of the attacks described above against you, which may negate the privacy protection provided by ProtonMail. While we can offer more protection and security, we cannot guarantee your safety against a powerful adversary."
The only truth about Protonmail that matters is that they're the latest in a long list of startups that will let you make a new account without doxing yourself, because they're still in growth mode. Try making a new Gmail account these days through even just a basic VPN and they'll demand a retina scan.
If you're concerned about hiding your identity, you should be doing that by additional means (eg TOR browser). If you're concerned with security of your message archive, you shouldn't be using webmail. If you're concerned about metadata, you should be communicating with something other than SMTP.
What i hate is the way they use 2FA.
You can Register e.g. a yubikey or TOTP app and then your New password becomes
Short pin you generate + secondfactor all in the Passwort field together.
I love mailbox but they do not offer Monero payments (not even Bitcoin) and so are not suitable as a privacy email. Sending cash via snail mail is really too much of a hassle, especially if you own multiple nyms.
> I love mailbox but they do not offer Monero payments (not even Bitcoin) and so are not suitable as a privacy email.
When did the ability to send Monero payments (or perhaps payments in general) become a requirement for privacy email? Or are you specifically talking about a solution you would most prefer?
They are talking about the payment for the email hosting service. Not talking about sending payments to others via email as your comment seems to be talking about.
The idea being that if you want private email then you can’t pay for it with your Visa/MasterCard/AmEx/etc because if you pay for it that way then you tie your irl identity to the account.
Email is a clear text protocol by design. Not that there is something bad in it (to me focing encryption everywhere doesn't make that much sense, and for most uses of email, you don't need that level of security), but you need to always keep that in mind.
For that reason, every server that claims to offer some end to end encrypted email service is bullshit, since somewhere the mail must be decrypted to be sent out to other servers (except if you exchange mails with users of the same service, that is extremely unlikely).
In my opinion, the best thing to do is to host your own mail server. For a person with a moderate knowledge of Linux it's not that difficult to install, the most difficult thing is to configure the server and the DNS correctly with all the record required to not be considered spam, and you have full control of your mail.
Yes, your mail of course are still going out in plain text when you send them to other servers (of course these days the communicatoin is TLS encrypted, but still they can be intercepted by controlling the destination server), but otherwise the messages are on your server, that can be a physical machine with encrypted disks if you want it to (I don't care that much and I have my server on AWS).
The article that justifies this claim is absurdly unreasonable in its approach, and its titular claim easily demonstrably false. Most of its method, such as it is, hinges on complaining that people haven’t chosen to make their email address public on their GitHub profile (which is something you have to opt into), and trivially falls apart; most of the rest comes of ignoring a separation of personal and work identities and is also nonsense; and the remainder is at least mildly dubious too.
Point six is also utterly clueless, as observed by others here already, and one or two of the other points where I do know a little have claims that are misleading or speculative at best.
Doesn’t incline me to trust this article on the parts that I don’t know about, even though I agree with some of its points (most significantly that first-party encryption is largely a crock—see Fastmail’s reasoning about that in parts of https://fastmail.blog/advanced/why-we-dont-offer-pgp/).
Governments are too powerful, and with any sort of centralized resource there's little to no hope of its not being in some sort of agreement with a government (or governments). The only alternative I can think of (vaguely) is some kind decentralized mechanism in the vein of how torrents, tor, blockchain (IDK what else) work.
I don't think the current hate for ProtonMail is justified. Like I point out about Signal, it's a privacy messenger not an anonymity messenger (in reference to the phone numbers).
That said, the web-generated encryption keys in ProtonMail are an interesting exercise.
You have the choice of having a password for both logon and the mailbox or a unique password for both. You also have the ability to generate keys on your computer and upload them to the system. The combined web-generated password key is the default.
I noticed that there is likely an implied third password key when using combined web because you have the ability to change the combined logon/mailbox password key and with email addresses from more than 1 domain sharing the same inbox I observed that changing the combined key for all the domains sharing the inbox continued to allow previously sent email within the system to be readable instead of unreadable, which implies the system has its own non-visible key.
I didn't test this with separate keys for mailbox vs logon and didn't test with PC-generated keys, because to be honest, I didn't really care that much and it's a cloud-based system on the web and it's trivial to write code to label something unreadable when it actually isn't so my observation is an oversight. It's an unrealistic expectation to expect complete anonymity and privacy both. You have to trust that whatever it is, is good enough and that's all.
They're a great service for what they offer, a less hassle, more private email service.
I'm curious - for those who care about private email services - what do you do about the recipient? Or is the idea to only email those also using things like ProtonMail?
For me, it’s mostly about keeping Google or Verizon (Yahoo) from reading all of my receipts and notification emails to build a marketing profile of my entire life.
Normally email shouldn’t be used for secure communication since it is insecure by default. The best solution is to use email to set up a connection over an encrypted channel (matrix, signal, …)
I don't use protonmail for security although I know it is advertised as being a secure and private platform. I use it because they don't read my emails to personalise ads they show to me and they also don't own the biggest (or second biggest) ad platform on the planet.
I’ve been using protonmail as my email host for probably 4-5 years now and I have been less than impressed on many occasions.
For one, their iOS app sucks and has a ton of UI bugs.
For two, they offer an SMTP bridge app that you can host on your own machine to use their service with an SMTP client, but it randomly logs you out and forces you to re-enter your password (on the server side, not the client side) to keep using your email.
Your email operator has access to all your emails, your access time and pattern, end of story. You have no defense against them. It all comes down to how much trust you have.
IMHO, ProtonMail is still vastly better than Gmail, which is nothing but a ads delivery vehicle specifically targeted to you.
Is there any alternative to ProtonMail that respects its users? I'm using PM for about 4 years now and I'm seriously considering switching to anything else.
There is none. Email is insecure by design and it will always remain that way. Even if you develop something secure (whatever that may be), you still have to communicate with other email providers that are not gonna implement your security features.
GPG is a slight improvement that you can use on top of any provider and it will encrypt the content of emails (and content only, metadata will still be there and even subject lines in certain implementations), but both you and the recipient will have to use it and good luck convincing non-IT people to deal with its absolutely atrocious user experience.
In other words, treat it like a physical mailbox. Good enough for various notifications, useless if you're trying to protect anything valuable in it.
You can't really just shop for privacy. If it is important you really have to do the encryption using software under your control on the end devices. For email this would involve local email clients supporting OpenPGP or S/MIME.
For a closed group like a business you can simplify things by having a self hosted email server kept in a secure location. Less secure than end to end encrypted email, but then, few things are as secure as E2EE email. It's hard to beat a medium where the encryption can be done completely offline.
So may groups have done it, from spies to terrorists to secret lovers. It works well. While providers might be constantly combing your drafts for ad suggestions or statistics (unlikely), what brings an email to someone's attention are one or both of the endpoints. I don't think that threats are often actively thinking of the IPs of webmail visitors as endpoints, or recording the order of access in an easy to digest or process manner.
They probably would be if you were targeted, though, but that's what Tor and VPNs are for.
The biggest red flag to me when trying ProtonMail was that they opt you into password reset via SMS. How could my email be secure if my cell provider (ie, the government) owns the channel for resetting my password?
I lost emails because of this, because after i changed my password, all the emails i had were encrypted. It was my fault, i'm not digging at Protonmail.
A place to start looking would be Tutanota. How they measure up in all respects is unclear to me, but they seem to be genuinely trying to be as private as they can.
Fastmail is subject to Australian laws though. Australia a passed a troubling anti-encryption law[1], which pretty much means any tech company can be compelled to render assistance.
We have read the article that you linked carefully and we have to say that what they claim is truth is based on bunch of assumptions and mis-interpretations.
We will try to comment on the accusations in the same order as they are presented on the web page.
1. ProtonMail offers the users to log into their account through our Onion site due to privacy reasons. Some users simply prefer to use TOR and we allow them to access their accounts through our Onion site. The fact that we have an onion site does not automatically mean that we are linked to CIA. We are not related to CIA in any way, nor we have any backdoors that would allow anyone to access anyone's messages. We also do not allow sign-ups from the Onion page as part of our anti-abuse measures.
2. The claim that we do not use end-to-end encryption is a lie, and in fact, the author of the article that you linked has also linked our explanation on this topic.
Proton Technologies is majority owned by employees of the company, and is solely under Swiss jurisdiction. Information about the company and our directors are in public record, and can be found in the Swiss commercial register: http://ge.ch/hrcintapp/externalCompanyReport.action?companyO...
Regarding VMS, VMS is not an investment fund or investor. It's part of MIT (http://vms.mit.edu), which is an university in Cambridge, Massachusetts. As a company heavily focused on cryptography research, we do share research with many of the world's top research institutions, including CERN, MIT, ETH Zurich, and several other research institutes. This is actually a benefit as it ensures that our technology is thoroughly checked by others to be certain it is secure.
5. The present employer of people that used to work for us in the past does not mean anything.
6. If someone uses EML files, that cannot mean that they are automatically related to CIA. EML is a file extension that is used for an e-mail message saved to a file. EML files are widely adopted.
7. This is not correct, because we do not have access to our user's messages, nor the means to decrypt them.
Truth about Proton Mail: its shit.
I made an account 2-ish years ago. It got deleted. I dunno how. I could not make another account with that username.
Google Bots are scary and account bans affect all Google Services (and IMHO should be illegal outside of extreme situations which had been reviewed by a person well reasonable versed in he language, law and culture of country of user-origin).
