undefined | Better HN

0 pointsbad_user7y ago0 comments

>> Decryption is done in the browsers so it's not passing through the servers unencrypted.

That cannot be for unencrypted emails, which is how most communications over email are going to be, because:

1. Most people or businesses are not on ProtonMail

2. Usage of PGP is nice, but very few people have published PGP keys

3. Opening a link to view a message is a big problem; personally I ignore such emails, can’t remember the last time that happened

It also doesn’t work for unencrypted emails being sent to you, which are a majority.

If I were to guess 99%+ of emails sent or received by ProtonMail customers are seen by ProtonMail’s servers in unencrypted form.

And this is why ProtonMail is snake oil.

0 comments

dane-pgp7y ago

You're accusing ProtonMail of being snake oil because people can send unencrypted emails to ProtonMail users? If it didn't allow receiving such emails, it wouldn't be an email service, so it sounds like "encrypted email service" is something that you have made impossible by definition.

Perhaps, rather than focusing on "most communications over email" (which don't involve ProtonMail's users whatsoever), it's more fair to ask whether ProtonMail enables encrypted communications with non-ProtonMail email users, and what threat models it is reasonably secure against.

You're right, though, that there are trade-offs to be made when it comes to using web-delivered JavaScript (although these problems need to be solved at the web platform layer [0], not unilaterally by a single service provider), and ProtonMail do not exactly advertise their security limitations (and nor do any other webmail providers).

[0] https://tools.ietf.org/html/draft-yasskin-http-origin-signed...

bad_userOP7y ago

>> You're accusing ProtonMail of being snake oil because people can send unencrypted emails to ProtonMail users?

Don't downplay the problem. An overwhelming majority of email that ProtonMail users get is in fact unencrypted. Not only that, but an overwhelming majority of email that ProtonMail users send is unencrypted as well.

It might get encrypted after the fact, but that email passes through their servers, which means ProtonMail can be coerced into doing blanket surveillance if the law allows it and any claims that ProtonMail protects you from that are bullshit.

>> "encrypted email service" is something that you have made impossible by definition.

It's not my definition, that's just what you get with email.

E2E encrypted email can only work if it's optional (e.g. PGP, when both parties agree on the keys), which is for secrecy, not privacy, because a majority of email sent or received will be unencrypted, because that's just how email was designed, that's how it works.

I don't have a problem btw with ProtonMail's implementation per se. Certainly it has value in certain contexts ... like if all of your work colleagues or all of your family is on ProtonMail, then you can have some peace of mind, but then again for a controlled, small group you can just go with PGP directly, which would be more trustworthy actually.

The problem is that many of the claims being made are bullshit. No, ProtonMail is not 100% e2e encrypted, in common use their servers will see most of your emails sent and received unencrypted and it will not protect your privacy.

So that's why it is snake oil.

Leace7y ago

> An overwhelming majority of email that ProtonMail users get is in fact unencrypted. Not only that, but an overwhelming majority of email that ProtonMail users send is unencrypted as well.

Could you cite your sources? I'm wondering what are the exact percentages.

j / k navigate · click thread line to collapse