Is there anything unsavory about ProtonMail?

hedge ( @hedge@beehaw.org ) · 3 months ago

Is there anything unsavory about ProtonMail?

jarfil ( @jarfil@beehaw.org ) · edit-2 3 months ago

General rule of thumb:

Web: can change at any moment, can serve a highly secure mail web app… except to those it might decide to target, giving them zero notice, leaving close to zero trace.
Electron based “app”: if it can run random JS from the web, see first point.
Compiled app: to change its way of working, the user needs to update/download a different version. An explicit user action is required, people can notice malicious changes and warn others about them.
Compiled open source app: same as a compiled app, except people can also notice malicious changes before running the code, fork it to remove them, compile it themselves, and warn others.

ProtoMail, touts itself as a “secure web app”, which is a contradiction.

If you use an open source app to access ProtonMail’s service, the security lies in whatever app you use. At that point, might as well send E2E encrypted mail via GMail.

TL;DR: the way most people use it, is just security theatre.

Atemu ( @Atemu@lemmy.ml ) · 3 months ago

At that point, might as well send E2E encrypted mail via GMail.

From a security stand-point: Yes. From a privacy standpoint: Absolutely not.

jarfil ( @jarfil@beehaw.org ) · edit-2 3 months ago

Both privacy and security are the same in either case:

Both servers know who’s connecting
Both servers see the connecting IP
Both servers know the source and target mail addresses
Neither server knows the message’s content
Neither server controls the client’s app

The moment you go off-VPN, or use a webapp, security goes out the window.

Privacy, as in social network/contacts, goes out the window the moment you use a fixed email address; more so if it’s associated to your IRL identity.

Atemu ( @Atemu@lemmy.ml ) · 3 months ago

There’s a large difference between surrendering massive amounts of highly critical metadata aswell as some data* to a known abuser vs. an entity that prides itself in not abusing your data and which even takes specific technological measures to make it as hard for them as possible (zero access encryption at rest, automatic key discovery).

(* Partial social graph, interaction timestamps, political interests, health, hobby interests and much of that usually even in plain text data form when receiving email; stored in in plain text forever.)

jarfil ( @jarfil@beehaw.org ) · edit-2 3 months ago

known abuser vs. an entity that prides itself in not abusing your data

Right, “don’t be evil” 🙄. Corporations are corporations.

zero access encryption at rest, automatic key discovery

Also called “encryption”. Just so we’re on the same page:

1991: initial release of PGP
2016: initial proposal and implementation of WKD

Enigmail for Thunderbird supports both since 2018. The mail service, be it ProtonMail, GMail, Outlook, etc., is irrelevant regarding security or privacy.

brisk ( @brisk@aussie.zone ) · 3 months ago

FYI Thunderbird now natively supports PGP (and possibly WKD?) without the need for Enigmail.

jarfil ( @jarfil@beehaw.org ) · 3 months ago

Since 2020, with some caveats:

https://support.mozilla.org/en-US/kb/openpgp-thunderbird-howto-and-faq#w_how-do-i-get-the-public-keys-of-my-correspondents