I’m trying to get rid of my Google dependency and one of those steps was moving over to Protonmail. Now in the past few days i have been picking up signals that even Protonmail is not as clean as it might be.
Does this really impact the privacy of how i use email and so is moving to Protonmail a step forward from Google, or is Protonmail just as bad?
If so, what could be alternatives?
edit:
Some of the alternatives being mentioned in the comments are:
Email:
VPN:
edit 2 (2023):
There seems to be some new activity around this post. At the time of writing the post (2 years ago) there were some stories going as user @UnfortunateShort described in their comment. This made me question the best options available at that moment. Currently i am still a Proton user, using their Mail and Calendar service, and Mullvad for VPN.
I’ve been using protonmail/vpn for a few years now. I’ve had nothing but positive experiences. That said, I think its healthy to question any business, especially those that claim to care about your privacy. I’m curious to hear what signals you’ve picked up on.
There was this thing where a court forced them to log the IP and recipients mail addresses of a Prortonmail user, which was used as evidence against them in a legal process.
They released a statement that they do not collect this data unless a court orders them to, that they can’t and won’t collect the content of mails, which is within the law apparently, and that the law cannot force them to collect data from their VPN. They also removed the promise to never collect any data from their sites and documents, because they felt it was not appropriate under the legal circumstances.
If you want to hear my opinion about it: I give them credit for handling this transparently, explaining exactly what happened and removing a false claim from their marketing voluntarily. I do also agree that they should have never misled people into thinking Protonmail is an anonymous way of communication.
As the data collection is very limited and has to be ordered by a Swiss court, I do not feel threatened and continue to use their services.
Frankly, I think if you’re actually fearing to be persecuted for something and don’t want people to figure out who you talked to, you shouldn’t use mails to begin with. And if you do, at least use a VPN or Tor. That’s how they got the user, because they didn’t and law enforcement figured out they use Protonmail + their IP with the help of the ISP.
deleted by creator
Very true, thanks for the remark 👍
deleted by creator
Yeah, I’d like to know as well. What ought to be wrong with Proton?
It was two years ago, and it had to do with what @UnfortunateShort explains in his comment. 2 years later and i am still a happy Proton user.
Is this post two years old? If so I think we can wait a long time for a reply from OP. I too would like to know what signals they picked up on.
Has it been two years already?! Well that’s quite some time!
In short, with the steps Proton has taken in the past two years to improve their products, i am a very happy customer! Currently i am using Proton mail and Proton calendar. For a VPN i use Mullvad at the moment and i can really recommend them for a VPN service.
Regarding the VPN, i had been using Mullvad before Proton started offering theirs. Currently i am weighing of if i should use Proton for my VPN services as well, or keep some things separated between different companies, just in case.
Hah, well, two years later here you still are. Amazing!
Love to hear it! I’m also on proton, if only for mail. I’m looking forward to a storage service with support for sync, so far I’m not so happy with the product I’m using.
I check in here now and then. ;)
So 5 months later, I still use Proton Mail, still loving it. Use it in combination with Proton Calendar which also works really nice and just started really using the Proton Drive as (in the future) an alternative for Google Drive now that they have added encrypted photo sync. That feature (for Android) is still very early and i have been in touch with the helpdesk for some of the issues i am running into. But they do really feel like issues because of it being a very first version.
So for now i would say that their Drive option is quite robust and works very nice and can really serve as an alternative for one of the other big parties (yes i still do a lot with Google Drive and Dropbox so to fully migrate that will take ‘some’ time).
deleted by creator
deleted by creator
Agreed! :)
Protonmail is just the “latest” (it’s been open for a few years now) in the technocratic “online privacy” bubble. They probably willingly give backdoors to the NSA.
Basically they sell you the peace of mind, not really any actual security as far as anyone can tell. Until their code is open-source and can be independently reviewed, it’s worthless. That they are based in Switzerland doesn’t mean much because backdoors are meant to be secret. Like in any other country, there is no official organ in Switzerland that will evaluate your app and say “yes, this app is secure. We give it five stars”. However if you find they don’t respect Swiss law you have to open a lawsuit, retain a Swiss lawyer, travel there for the court date, and at that point you start to realize they’re based over there more to protect themselves than you.
There has been another encryption company operating since the 50s in Switzerland that was somewhat recently found to just be a front for the CIA. So clearly being based in Switzerland is not a gage of quality.
Their support of the Hong Kong protest was also kinda suspicious because as far as I’m aware, they’ve never been that interested in any other event. And it wasn’t just a press release that gets picked up by a few hobbyist magazines; it was a full-length email sent to every protonmail customer, even those like me who hadn’t used their account in years.
I also just read that ProtonMail would start using Google infrastructure. While the actual usage of Google’s services would be “limited”, again Proton does not explain the exact nature of this partnership and which services will be routed through Google.
I don’t believe there is any way to be completely secure on the Internet unfortunately. Snowden showed how far backdoors run. So whether you want to keep using protonmail is up to you, but outside of a decentralised p2p system, I don’t think we could fully be anonymous and secure. Maybe though it would be possible to open your own email service – you just have to rent a space on a shared server like you would when hosting a website, and then encrypt it if possible… or open your own mail server in your basement lol. Email doesn’t consume a lot of resources.
I’d argue that this:
Basically they sell you the peace of mind, not really any actual security as far as anyone can tell.
Is demonstrably false, as their encryption methods for emails at rest as well as other options (PGP) are tested. They’re also upfront with their threat protection model ("the ProtonMail threat model document specifically states that, “we cannot guarantee your safety against a powerful adversary.”) and as far as coming from Google or another free provider is concerned are a definitive step in the right direction. A good overview if OP is interested is this writeup here: https://www.techspot.com/news/82776-protonmail-review-secure-email-really-secure.html
Personally I’d be hesitant to recommend self-hosting email unless really necessary (since that has it’s own risks/threat model) and think OP would do well to start off with Tutanota or Protonmail.
As an aside if we’re alluding to Protonmail being a honey pot with the Hong Kong riots I’d rather see it stated as such; this is the second place on Lemmy I’ve seen such criticism levied when a company that has a privacy/security based product and did a statement on the protests and I don’t find it that suspect that they would be interested in furthering their brand or “putting their money where their mouth is” by coming out in support of anti-censorship/CCP measures.
Hong Kong riots
support for the riots is not “support of anti-censorship”. it had nothing to do with censorship. a brief summary of how things began:
- a man murdered his pregnant girlfriend while on holiday in taiwan
- taiwan wanted the man extradited to face charges but hong kong did not have an extradition treaty with taiwan
- an extradition bill is introduced in hong kong listing 46 crimes for which extradition may be requested by taiwan, macau, and the PRC. nine crimes listed were financial (these were later removed)
- angry rich kids realized they would not be able to commit the same financial crimes their parents did
it was never about being censored. it was about wanting to continue to exploit others without consequence.
protonmail didn’t just “come out and support” the color revolution by merely making a statement. i’m not making the assertion that their support means that they are a honey pot. i am asserting, however, that their support means that, unlike their claims, they are decidedly not “pro-freedom” (unless, of course, their definition of “freedom” is getting away with murder).
Taiwan later criticised the government of trying to strong arm the citizens with the bill and withdrew their extradition request.
Proton’s support of the what the riots turned into isn’t tainted by what sparked the controversy in my opinion.
I’d agree with you that it’s about wanting to continue to exploit without consequence, though I’d say were talking about different parties doing to exploiting.
Link for those interested in a news recap: https://www.bbc.com/news/world-asia-china-50148577
Taiwan withdrew the extradition request of the murderer of a pregnant woman for the sake of politics? That’s messed up.
edited: the first part of my comment was irrelevant to the true matter at hand so it has been removed
Proton’s support of the what the riots turned into isn’t tainted by what sparked the controversy in my opinion.
and in my opinion, this actually makes it worse. because then it becomes them promoting a blatant misrepresentation of hong kong in support of a color revolution. this means those deciding to fundraise are openly supporting the interests of the US government. which makes them less trustworthy, not more.
the argument could be made that they saw how many westerners ate up the propaganda around the situation and wanted to capitalize on it. i think that is a fair argument. but them being money-hungry makes them less trustworthy, not more.
I’d much prefer you to source your claims especially when refuting others, we simply don’t agree on this matter (though I do like reading a different side of things) - I appreiciate the discussion though all the same!
Thanks for the extensive answer, I will keep looking into it (and other alternatives) to see if there is something that fits my needs (which at this point is having multiple gmail adresses, so the only way is up i guess).
Isn’t the Protonmail client open source? https://github.com/ProtonMail/WebClient https://github.com/ProtonMail/proton-bridge. Of course they could still read all your non-encrypted mails and you’d have to verify that you are receiving the correct client code every time you connect to the web client. But for the secrecy of your encrypted mails access to the client code should be sufficient, right?
Protonmail has opensourced lots of their software in recent years.
damn I really liked proton* too.
Huh?? Everything in that comment was speculative. I keep trying to figure out what specifically wrong Protonmail, and so far it’s all been nothingburgers. This is just a wall of speculative text. I don’t understand why it’s being treated like some knock-down evidence that Protonmail is bad.
thank you for the detailed comment. i didn’t see disroot being mentioned. do you have any comments on it?
My opinion on disroot is that any organization that has a business model run on donations is inherently unsustainable. If disroot became popular, they would no longer be able to host accounts for free. They may end up creating a subscription service after that but it creates uncertainty as to how and what they will do in the future. They might decide to fold. The same thing can be said for paid services but I wouldn’t use Disroot as my main email address if a few years from now the donations stop and they say they’re shutting down. IMO
nice link about google infrastructure
it could mean that some information — such as IP address and knowledge of their attempt to connect to ProtonMail — will become visible via those third parties.
disappointing, google has their hands in everything. I just learned that Standard Notes implemented an opt-out api call to bugsnag, a company backed by Google Ventures.
ProtonMail does seem a bit fishy and flimsy. I tried their VPN for about an hour and kept getting marketing emails afterwards.
I am fucked.
They probably willingly give backdoors to the NSA.
Do you have any more elaboration on this? Is this based on a news article, or a part of their terms of service or something?
If your threat model is “corporations spying on me and profiting from my private data” then it is good option IMHO. If your threat model is “a three letter agency is after me” then don’t use e-mail.
I mean to be realistic, my email account is not more than corporations trying to profit from my private data. So to self encrypt in my tin foil basement is totally a lot of overkill.
Well put
So what are those signals you picked up? I am curious since I am a PM customer.
deleted by creator
OP post is two years old!
huh… :D
I’ve been using Mullvad VPN for about 5 or so years now and it’s been really great.
Very privacy centric - your account holds no personal information, it’s just a randomly generated number that you keep saved somewhere, and it’s really only used for payment.
It’s very reasonably priced as well - I just keep it on autopay, and every year it charges the €60 to my PayPal - but you have a lot of options for payment - including crypto and even cash!
For email I suggest getting your own domain name. That way you can easily change provider without having to tell all of your contacts to use a new email. I don’t know about all domain providers, but some provide email addresses for free with all the domains that you bought from them. It’s a really good and way to have an interesting email address, and not be dependant on any tech giant.
I personally gave up on the idea that my email will ever be secure, so I just try to use a provider that seems trustworthy, and avoid using it for anything critical. The email providers that tell you they encrypt your emails don’t really improve anything in terms of security, given that they have access to the clear text email before they encrypt it. It’s even worse if they offer a web client, they could steal your keys anytime.
There are solutions (PGP), but they are really niche and don’t provide some critical security aspects like Forward Secrecy. If you want your communications to be truly secure, use a system that was built for that (Signal, Matrix, etc… all provide pretty decent security way ahead of whatever you’ll get with email).
I like the idea of using a custom domain and changing providers if needed. Going to take that into consideration.
It’s not actually that expensive, most domains can be bought for less than 20€/year. If the registrar provides free email with it, it’s often cheaper than using a paying email service.
Or they could try to support this draft of PFS for OpenPGP.
I don’t really understand how that does anything to actually add Forward Secrecy. If someone captures all the (encrypted) emails, and then has access to the private key of the receiver, they can decypher the one time key and then decypher the message.
I looked for that before posting the first comment, and found this draft and a few discussion it. But I didn’t mention it because it’s just a draft, and because of what I said above.
Edit: I noticed it’s actually a draft from 2001
Yes, first versions are from 2001 and last from 2002. Old as you see.
deleted by creator
had to add some backdoors for an investigation warrant, so they could monitor a person involved in a blackmail case
do you know where i can read up on this?
edit: i read about it. it seems it is not an encryption backdoor but rather that they are intercepting new emails for one user before they get to the mailbox (because the emails in the mailbox are encrypted). here is a hackernews thread on it
The most concerning part about ProtonMail/VPN is that their funding came initially from the feds and many big names in Silicon Valley. Would you trust that combination of “donors” sponsoring a service that’s supposed to protect your privacy?
Lookup Mullvad. It’s a great VPN. No gizmos, no bells and whistles, and more importantly: it has been audited frequently and their client is open source.
I literally purchased 12 months of Proton VPN last night and this is one of the first posts I see today. Glad this is an old post and happy to see new positive responses.
My experiences in these two years have been nothing but positive, so (as far as i know) a good choice to go with their VPN service! :)
I would suggest you Disroot and Riseup for e-mail and Riseup for VPN.
Both those organisations have been around for quite some time right? Having their roots in activism as far as i know.
The way you seems to use the word “activism” seems a bad sense I never knew. What do you mean?
The Riseup political views are known and suggested, sometimes, in their own page.
The case of Disroot is that it has a public statement about it basically and the pictures around the website are quite legit.
The way you seems to use the word “activism” seems a bad sense I never knew. What do you mean?
It was in no way meant as a bad thing, sorry if it came over that way.
Thank you for the reply.
I don’t know if the second part of my reply helped you in some sense. At least the Disroot side which can be checked easily.
It did! Disroot has a huge mission statement where it is all written out, so that can’t be more clear than that. (i’ll also add them to the original posting as options for people in the future).
a step forward from Google, or is Protonmail just as bad
i would say it is a step forward but how much depends on your use case. if you are encrypting all your emails, protonmail allows you to do so with the body of the email (but NOT the headers). there are other providers who make this as easy. tutanota even encrypts your entire email, subjects and senders included but they recently had to comply with a court order to store new incoming emails for a certain user unencrypted.
when it comes down to it, any secure communication should not be done over email. you can always encrypt the body of the message yourself but the sender/receiver information and subject line will not be encrypted.
an alternative vpn would possibly be mullvad. the people over at privacytools also recommend ivpn so that’s another one you could look into
No, the Tutanota court order said that they had to comply with the law if information is needed for a specific use, and they can only give what they have, meaning that if you communicate with other e-mail providers such as Protonmail (who encrypt e-mails by default) they can only give the court encrypt data, which is not so useful, but for example if you get an e-mail from Gmail then they can give them that information since it’s unencrypted.
i was referring to the recent order (late last year) from a german court ruling tutanota had to “spy” on one user. tutanota cannot access the emails in that user’s mailbox because they are already encrypted but they had to comply with the court order so their solution was to write a function that prevents that specific user’s new emails from being encrypted.
Yes, I know you were referring to that case.
This is from the exact article in German you cited at the end:
[Update, Nov. 30, 12 p.m.] As Tutanota emphasized, the monitoring measure only affects newly incoming unencrypted emails. The company cannot decrypt data that is already encrypted, as well as end-to-end encrypted emails in Tutanota. [Update.]
Besides Tutanota, some other providers also store all incoming mail in encrypted form. At Protonmail it is also standard, Posteo and Mailbox.org offer encryption as an option. Tutanota provides an overview of the number of requests from authorities in its transparency report.
you write as if you’re correcting me (first comment began with “no”, second citing what i already stated) but i said nothing in contradiction - already encrypted emails won’t be unencrypted. i did not state otherwise.
It doesn’t say that, it says:
As Tutanota emphasized, the monitoring measure only affects newly incoming unencrypted emails.
This means only e-mails received after the the monitoring declared by the court was approved which are not encrypted will be sent to them. This is reinforced by the following sentence:
The company cannot decrypt data that is already encrypted,
Meaning they can’t do anything with old, encrypted e-mails.
as well as **end-to-end encrypted emails ** in Tutanota.
Meaning new encrypted e-mails.
i understood but i now see i wasn’t clear enough in my original comment. sometimes i omit things for sake of clarity but it seems i omitted too much in this case. it was not my intention to imply that all incoming emails, regardless of encryption status, would be unencrypted.
No problem, it’s just I had this exact same discussion in a Privacy Tools issue and I was sure I knew what I was talking about, also I don’t to say X service has been compromised.
deleted by creator
I heard Tutanota is worser. But I been a long time customer of Proton, since they started. Its been great for me.
Tutanota is ok. It’s not as mature as Protonmail yet, but they are on their way there.