> <a href="https://protonmail.ch/blog/protonmail-threat-model/" rel="nofollow">https://protonmail.ch/blog/protonmail-threat-model/</a><p>I'm always skeptical of browser/JS based crypto, but it is nice to see that they're at least upfront with the risks involved in doing such a thing.<p>They probably downplay the risk of a MITM attack a little much, but otherwise I'm glad to see they're realistic about possible weaknesses of the platform.
This sounds really good. The only disappointment is that it seems there is no business model that allows email providers and services like this to provide Unlimited encrypted email (no limitations i.e. Gmail-esque) absolutely free to all users. I'd be willing to gamble that if anyone could sustain this for a couple years, people would leave Gmail in droves, no one I know likes having to use the USA/NSA/google/big brother tagteam, but they still don't value the invasion of privacy enough to pay for it.
From reading the service description, this is an encrypted messaging service that happens to have email notifications.<p>I can't write messages with my preferred mail client, can't read messages with my preferred mail client and I can't access my (old) messages while offline. non-protonmail-users will receive a notification with a link that they received a message, not the actual message that they can keep for archiving purposes, offline use etc. I wonder if and how they handle searching mailboxes.<p>Neat, but not mail.<p>edit: typo. darn.
And none of the employees are US citizens that can be compelled by the US government in a way that they're not allowed to talk about it (even to other employees) to compromise the security of the service?<p>I'm not sure that having a Swiss company makes any difference in a case where people have ties to the US. Does anyone else know better than me on this topic?<p>edit: It looks like the goal is that you don't even have to trust protonmail: "For this reason, we are also unable to do password recovery. If you forget your decryption password, we cannot recover your data." <a href="https://protonmail.ch/pages/security_details.php" rel="nofollow">https://protonmail.ch/pages/security_details.php</a>
It appears they silently closed a critical vulnerability recently [0]<p>[0] <a href="https://twitter.com/StackSmashing/status/474214532114812928" rel="nofollow">https://twitter.com/StackSmashing/status/474214532114812928</a>
The security details page[1] makes for interesting reading. Hopefully the new norm is 'E2E' encryption. It's actually starting to feel inevitable, and the hopelessness that followed in the wake of the 'Summer of Security' is perhaps evaporating bit by bit, through universal encryption, bit by bit.<p>-<p>[1] <a href="https://protonmail.ch/pages/security_details.php" rel="nofollow">https://protonmail.ch/pages/security_details.php</a>
This made me chuckle...<p>From the threat model article here: <a href="https://protonmail.ch/blog/protonmail-threat-model/" rel="nofollow">https://protonmail.ch/blog/protonmail-threat-model/</a><p>"NOT RECOMMENDED:<p>Edward Snowden – If you are Edward Snowden, or the next Edward Snowden, we would not recommend that you use ProtonMail. And in case Mr. Snowden was foolish enough to try, we have already blocked the username snowden@protonmail.ch"
Wonder what the cost is going to be when it goes live.<p>Running infrastructure in those DC's can't be cheap (compared to regular co-lo facilities). Thats on top of probably having to deploy more gear (or higher perf gear than a regular email provider) since the work load is probably CPU heavy.
Looks interesting, but I think if you trust non-open source encryption, you are basically a knave. Even with really smart people behind it, unless it's completely open, they could be compelled to put backdoors into it.
So, if I send an ecrypted protonmail to someone else's yahoo mail, what happens? Is it only encrypted in the protonmail ecosystem?<p>True end to end encryption would mean everything is transferred as an encypted thing, and only people with a key can open it. If any email you send out ultimately is unencrypted so that the other side can read it, we aren't much closer than where we started are we?<p>If an email ends up in an unencrypted IMAP mailbox on a server somewhere, how is that more secure than what happens now?
I wonder how they will stand up against requests from the swiss government regarding lawful intercept access. Which, for larger providers is mandatory to participate in.
This is a dupe of <a href="https://news.ycombinator.com/item?id=7757420" rel="nofollow">https://news.ycombinator.com/item?id=7757420</a>.