If you need secure messaging, use something other than email.
Forget security for a second, imagining every email as public record will make you more considerate and less biased writer. And from a business perspective, email should be viewed as a public legal record, because in some cases it will be used that way.
That's not to say that there shouldn't be private messaging options, it's just that email isn't one of them and was never really built to be. PGP was always sort of a tacked on solution with a lot of faults (no forward secrecy, plenty of meta data leakage, usability issues)
All that being said, I still left Gmail for Fastmail. Just because I consider every email I write to be public doesn't mean I want Google getting a free pass to mine and sell my data.
> doesn't mean I want Google getting a free pass to mine and sell my data.
AFAIK, they don't do that with gmail. Do you have any evidence to the contrary?
We need to hold Google's feet to fire on privacy, but it is also important that we do not exaggerate or distort the facts.
I'm forced to send proof of identity as well as proof of address via email. I'm receiving bank statements and countless other sensitive documents via email. And I have absolutely no other choice.
Whoever gets a hold of my email can impersonate me in almost every context.
So no, I do not consider the contents of my email public. Absolutely not!
I'm not willing to consider a service completely insecure just because it can never be completely secure.
None of these are unique to email.
This is the attitude one should take for any electronic form of communication. Even old-fashioned ink on paper letters of significance have made it into the public record for all to see.
I think this is mainly governed by expectation and received benefits.
I would let my doctor see me naked, because I'm expecting the doctor will fix my problem if I agreed to do so, and I assume the doctor will respect my privacy by not leaking information about my physical characteristics and private parts with others.
But what if it's for example the owner of my favor restaurant asking to see the same? I don't think I would go there anymore.
It's trivial to use an email provider in a more privacy-friendly jurisdiction (e.g. Mailbox.org in Germany) and with a bit of effort you can even move to a provider the PGP-encrypts incoming email which can then be decrypted by your email client (which can connect with IMAP).
Given that the first measure is near-zero effort and saves you from silent/warrantless law enforcement requests, I think it's worth it.
Encryption is a bit more annoying but it does save you from later disclosure of your emails.
https://protonmail.com/bridge/
Or did it not work for you?
Agreed. Even if you use protonmail, google still has most of your email because they have the most of everyone else's.
Part of the reason I use Protonmail(and pay for it) is because I want to support the notion that the web can be made up of different services as opposed to all being calls to .google.com or .facebook.com.
I have far more incoming emails than outgoing and most of them are automated - probably not using GMail. That includes most of the most sensitive content like invoices and account management.
Food for thought.
What's permitted is to build something that targets a particular person in such a way that it cannot possibly affect another person's security.
The example I use (though IANAL) is that a request to backdoor WhatsApp's encryption would not be permitted under the law. However I think that pushing an update that checks for a particular person's hard-coded phone number and forwards messages to law enforcement would be permitted.
The law in question: http://www5.austlii.edu.au/au/legis/cth/consol_act/ta1997214...
And what can the Australian government do that the US government can't these days?
Because you’ve got to get your email over someone’s pipes eventually.
Fastmail is excellent. If you want secure/private/not easily spoofable by a 5 year old and you’re using email.... then you’re doing it all wrong.
If they had a better app I'd gladly pay. I just can't stomach gmail anymore and Fastmail was next best.
Based on comments over in /r/protonmail there's some redesigns coming for the apps that should hopefully improve on the creature comforts.
I suppose it’s a limitation of the protocol, and it’s good that protonmail doesn’t store your emails plaintext. However, they know the encryption keys...and so will any attacker.
I went to the Office 365 email package because I get more value out of the exchange server. Any emails I want to encrypt, I will do so myself. 99.99999% of my inbox is spam and automated mailing list crap and notifications and TOS updates, with maybe one or two emails every couple of months that are actually from a human being.
I might be mistaken, but my understanding is that they encrypt your encryption keys using your password within the browser. They only store the encrypted blob and thus they are unable to decrypt any emails.
Having said that, since emails come in unencrypted anyway, they can, in theory, log everything there. Including the sender, receiver and what the email contains.
I have an account with them and spent months troubleshooting a carddav sync issue with my two Mac computers before giving up and switching contacts over to iCloud.
Proton mail seems pretty hungry for business. I inquired for a paid plan and they follow up all the time with sales people who have unique email addresses.
Many services I need do not give me an alternative. I only continue to use email because of those services.
ProtonMail feels like a one-trick pony to me. They’re cruising on the allure of privacy features but they have a ways to go on other basics.
I am a current customer and think they've got a really well-done service and app, but lately I've been wondering if it's the privacy equivalent of the Maginot Line.
I'd want my protonReaderApp to have default shred message after reading.. keep available on proton server for 48 hours after.. one click to save as pdf or zip or other safer password format, or save on protonServer longer.. with easy to change defaults..
would be nice option. I dunno maybe something like this exists?
There are several use cases for this..
a system like this could make for encrypted form storage and messaging with the right API maybe hippa compliant?
I'd expect my lawyers and accountants and such to use something like this.
Ultimately, my decision was based on the fact that ProtonMail is a Swiss company, a country whose privacy laws are stronger than Fastmail’s country of origin, Australia.
So far I’m really happy with ProtonMail as a replacement for Gmail, as a mobile-first user. The only issue is saying “ProtonMail” to people who have never heard of it (surprisingly prone to misspelling).
> This calendar key will then be symmetrically encrypted (PGP standard) using a 32-byte passphrase that is randomly generated on your device. Once it is encrypted, your calendar key will be stored on the ProtonCalendar backend server.
32-byte passphrase: might be fine, depending on what those bytes are; the interesting question is how much entropy it got generated from.
> Each member of a calendar will have a copy of the same passphrase that is encrypted and signed using their primary address key. The signature ensures that no one, not our server or any third-party adversary, changed the passphrase.
This is where it gets weird. Why do both? The obvious way to encrypt with an ECC key comes with authentication for free. Signing mostly has negative privacy implications. (I think the answer is "we incorrectly decided PGP was a good idea a long time ago and now we are stuck with its problems, which include being wrong about authenticators".)
> The invited member, if they decide to join the calendar, can decrypt the passphrase using their address key. They can also verify that the signature on the passphrase belongs to your email address key. This lets the invited member cryptographically verify that you invited them. To accept the invitation, ProtonCalendar will then pin the passphrase for the invited member by replacing your signature with one created using their own email address key. This signature will later be used by the invited member to verify the passphrase at each application start.
Again, with designs less than twenty years old you can do that without a signature.
> To accept the invitation, ProtonCalendar will then pin the passphrase for the invited member by replacing your signature with one created using their own email address key. This signature will later be used by the invited member to verify the passphrase at each application start.
what
I'm reviewing the attendee scheme next, but I need more coffee first.
Specifically this part from their whitepaper https://pbs.twimg.com/media/EKpHwB-WwAE4YN0?format=png&name=...
This is a bad idea right? We aren't supposed to decrypt then verify usually, correct? I'm told this is standard for implementations of OpenPGP, but it just seems like a horrible design (of course OpenPGP itself is probably bad).
(Mostly I think I get why Protonmail does what it does, but GPG+email is a losing horse. It also doesn't help that protonmail addresses are a mild predictor for content not worth reading. I haven't quite had Popehat's experience of protonmail being a proxy for overt, virulent white supremacy, but... certainly have seen it be a proxy for poorly informed opinions on security :-))
On a more serious note, a sibling comment asked if there's an API. And, really, for an API to work, we'd need to agree on some kind of data structures. Reading that spec, and having mucked with LDAP, IMAP and related specs, it really feels like we're still banging rocks together in how we define the semantics of data exchange.
I've been asked several times to decrypt my phone at international boarders. If you leave things to webmail, unlocking your phone doesn't give them access to your email account, or even tell them where it is. All the TSA/Cops get is my "gmail-for-phone-2018@gmail.com" address that I haven't checked since day one with the phone. My access to my real email is covered by a web browser that doesn't keep records.
I feel that it is better to have them compartmentalized.
Yes. I'm surprised they could develop it as quickly as a year in fact.
Calendars are difficult, there is a lot of hidden complexity in the way that users use calendars. They are iceberg products, they look simple from the outset but if you try making one you'll run into the myriad of edge cases.
So, yeah, calendars are hard.
Falsehoods programmers believe about time: https://infiniteundo.com/post/25326999628/falsehoods-program...
Falsehoods programmers believe about time part 2 (this one contains most of the timezone related madness): https://infiniteundo.com/post/25509354022/more-falsehoods-pr...
Feels really good to be able to migrate more personal data away from G.
I think its a testament to ProtonMail's popularity, that they get some screentime in a film with such a high-profile cast. Perhaps a techie in the film crew suggested they use it.
Disclaimer: I created it.
Am I wrong to be skeptical?
Edit: oh apparently I’m wrong to even suggest something we have other examples of
> I lost a lot of faith in Proton when I learned how much funding they took from the EU.
Unless the origins of the money are unethical (e.g. blood money), it's not where it comes from that matters, it's what's done with it. I haven't seen any misconduct from ProtonMail and the EU's motivations for giving the money seem to be economic, which makes a lot of sense. They want competitive EU tech companies.
> It just runs entirely counter to evidence we’ve seen of Snowden, 5eyes/14eyes, and other programs that the EU truly wants end to end encrypted comms for people.
The EU is not a member of the 5 eyes nor 14 eyes, some of its member states are. The EU is composed of 28 member states, so not even half are participants in those groups.
Even if the EU were a member of the 5 eyes, the EU is not a monolithic entity. The SIGINT arm of the EU (if such a thing exists) may very well oppose end to end encryption while the economic arm promotes it. The same is true in the US, where the NSA attempts to break encryption while the Department of State funds Tor development.
The way I think of the privacy ecosystem is that it makes dragnet surveillance much harder and it provides some protection if the government has specifically targeted you for data collection. So, companies/products like ProtonMail and ProtonVPN are good things. But, creating something that is 100% safe for the individual is impossible (or at best so impractical to be untenable).
The EU is one of the most privacy-conscious government entities on Earth right now, and it needs to be noted that ProtonMail is located entirely within Switzerland, an even more privacy-conscious state that is not a member of the EU.
There is no extra safe guards to encrypted email that lives on a server the more users you add. It doesn't matter. It was a point to point transfer once. All emails are SSL/TLS sent anyhow.
TOR is a different thing. It's active user browsing. If only US spies (example) used TOR, it would be pretty damn obvious what they were doing or at least show that this was vital traffic to inercept. But add in millions of normal users and it's much easier to keep your nefarious deeds hidden by just blending in with the crowd.
https://fastmail.blog/2019/08/16/jmap-new-email-open-standar...
For IMAP email, there is Proton Bridge, to get around the fact that all data on their servers is encrypted with a key that only you have.
