Why ProtonMail is more secure than Gmail

440 点作者 balderdash超过 7 年前

50 条评论

pushcx超过 7 年前

This post would be improved by discussing that their [threat model](<a href="https://en.wikipedia.org/wiki/Threat_model" rel="nofollow">https://en.wikipedia.org/wiki/Threat_model</a>) is so different than Google's that it regards some of Google's business practices as threats. And that, in turn, there are threats that Google treats as much bigger threats, bringing their own world-class security team to.Calling this fundamental difference in approach "more secure" manipulates the less-informed instead of educating and almost eliminates the chance of a worthwhile conversation about tradeoffs and values that could be very flattering to ProtonMail.

评论 #15533502 未加载

评论 #15533988 未加载

评论 #15534018 未加载

评论 #15533701 未加载

geofft超过 7 年前

Threat model, threat model, threat model.There are some people for whom "The government is literally after me, personally" is a valid threat model. There are some people for whom "Google employees with privileged access to Gmail are conspiring to be after me, personally" (one assumes there's a two-person rule for access to individual inboxes or deploying code that scans inboxes) is also a valid threat model.However, those people should consider that the government will be willing to use either software 0-days or algorithmic 0-days to attack them (see e.g. Stuxnet taking out Iran's nuclear program using a previously unknown method of generating SHA-1 collisions, that looked kind of like how the academic community knew to generate collisions but with a different fingerprint), in the government case. Or that any interaction with anyone who uses Google must be avoided, in the Google case. See e.g. <a href="https://mako.cc/copyrighteous/google-has-most-of-my-email-because-it-has-all-of-yours" rel="nofollow">https://mako.cc/copyrighteous/google-has-most-of-my-email-be...</a>For normal people (which includes me and probably everyone else commenting here)? Google seems at least as likely, probably a tiny bit more, to protect me from threats like "A personal relationship has gone bad and someone who isn't a government and isn't Google is trying to impersonate be me" or "I don't want to lose access to my email" (remember that availability is a part of security!).

评论 #15533760 未加载

评论 #15534562 未加载

评论 #15533790 未加载

评论 #15533783 未加载

评论 #15533800 未加载

评论 #15533749 未加载

uptown超过 7 年前

Here's the thing with email. You can sign up for Protonmail ... but you've still got to use email to correspond with others. And in all likelihood many of those individuals will be on GMail or some other less-secure provider unless you're using Protonmail as an enterprise solution, in which case the ratio of "secured" vs. "unsecured" recipients would likely tilt towards secured.Email is insecure, and most users don't even consider security when using it. I've seen my own social security numbers sent out via email. I've seen corporate card credit card numbers sent via emial. I've seen other confidential financial documents and a myriad of other things sent via email by people who didn't know or didn't care that the method of transmission isn't secure because frequently it's not their information at risk. In my experience, medical data is treated differently because there are laws around how it can be communicated and stored. Until there's regulation placed around other pieces of information, and those laws get enforced, I don't know that people will change how they use and abuse email.

评论 #15534263 未加载

评论 #15534524 未加载

reacharavindh超过 7 年前

The engineer in me loves the promised End-End encryption and all the cool stuff. But, the inconvenience of "unable to search contents of emails" is a deal breaker towards encrypted email for me. My primary concern was Google/Microsoft scraping my emails to build a profile of me. My emails could give away very personal information that I do not want to be used for advertising.My money finally went to Fastmail. Excellent email service - just works and doesn't try to be super smart and take over the world.

评论 #15533551 未加载

评论 #15533657 未加载

评论 #15534137 未加载

评论 #15533772 未加载

agrinman超过 7 年前

"Zero Knowledge Encryption" is just a marketing term... I wish marketing would not cross wires with real crypto, it makes me skeptical that they really know what they're doing. They're not the only company doing this and they should be called out for it like spideroak [1].ZKP[2] is real branch of cryptography and they do not use it AFAIK.[1] <a href="https://spideroak.com/articles/why-we-will-no-longer-use-the-phrase-zero-knowledge-to-describe-our-software/" rel="nofollow">https://spideroak.com/articles/why-we-will-no-longer-use-the...</a>[2] <a href="https://en.wikipedia.org/wiki/Zero-knowledge_proof" rel="nofollow">https://en.wikipedia.org/wiki/Zero-knowledge_proof</a>

评论 #15538805 未加载

评论 #15535014 未加载

评论 #15538474 未加载

idontgetproton超过 7 年前

I don't understand this. Let's say I receive a newsletter from some website.That newsletter is not PGP-encrypted, so at some point the Proton Mail servers must be able to see a plaintext version of it. That means I have to trust that they never store that plaintext version.In addition, even if they immediately encrypt it and store the encrypted version, how can they do so such that only I can read it? Is the key generated from my password? How come it's possible to reset my password with a recovery email address then? Surely they must be storing the key somewhere, in which case storing encrypted messages is pointless.EDIT: apparently my second point is incorrect, forgetting your passphrase will indeed leave your emails permanently encrypted. The first point still stands though, it's not zero-knowledge at all if they receive the plaintext of my private emails in the first place and I have to trust that they don't store it.

评论 #15533692 未加载

评论 #15533766 未加载

评论 #15533713 未加载

评论 #15533656 未加载

评论 #15533966 未加载

rahiel超过 7 年前

The end-to-end encryption is only between protonmail addresses, in practice when you email people with gmail/hotmail/yahoo etc. it doesn't matter if protonmail can't read the e-mail, the other party can. (Their solution for that is to send an e-mail that contains a password-protected link with the actual message [0], I find this procedure inconvenient.)Gmail could be as secure as Protonmail by using PGP yourself [1]. And then you can keep your desktop mail client.Also Google won't need to pay criminals if they're DDOS attacked like Protonmail in the past: <a href="https://www.forbes.com/sites/thomasbrewster/2015/11/05/protonmail-pays-to-stop-ddos/" rel="nofollow">https://www.forbes.com/sites/thomasbrewster/2015/11/05/proto...</a> (this is when I gave up on Protonmail)[0]: <a href="https://protonmail.com/support/knowledge-base/encrypt-for-outside-users/" rel="nofollow">https://protonmail.com/support/knowledge-base/encrypt-for-ou...</a>[1]: <a href="https://emailselfdefense.fsf.org/en/" rel="nofollow">https://emailselfdefense.fsf.org/en/</a>

评论 #15533753 未加载

评论 #15534006 未加载

评论 #15538092 未加载

pcrock超过 7 年前

Anyone remember HushMail? The end-to-end encrypted email service that didn't have the ability to decrypt your emails? They were eventually coerced to change their code and record passwords in order to gain access to an encrypted email account. ProtonMail is the same thing, give or take, just in Switzerland. They can be coerced just like anyone else.People whose lives are dependent on secure communication still need to manage their own PGP keys. Once protonmail makes it possible to use your own email client with your own keys, then I'd say it's worth trusting.

评论 #15533942 未加载

corobo超过 7 年前

Hows the spam filter? I fell in love with the idea of switching to other services before on their marketing copy but I'm back in Gmail. It all rests on how good the spam filtering is by default not after I've received x good and y bad emails.Unfortunately in this case it sounds like there might be a tradeoff between securing my internet postcards[1] and training spam filters.[1] and that's all they are really, postcards. We've known that for decades, you can't patch envelopes over emails at this point.

评论 #15533674 未加载

评论 #15533845 未加载

zabuni超过 7 年前

Web based encryption. Pointless. If you trust them enough not to send you bad Javascript, you trust them not to read your emails. You trust them with your private keys.If you trust them with all that why even encrypt the mail client side?

评论 #15534592 未加载

评论 #15535726 未加载

评论 #15534598 未加载

评论 #15536525 未加载

devmunchies超过 7 年前

I'm a paying user, and have to say, I think I may want to give up this extra security for Google's world class spam filtering.

评论 #15533619 未加载

评论 #15533496 未加载

评论 #15533506 未加载

ninegunpi超过 7 年前

While I love ProtonMail as an effort to popularize security for end-users and trying to come up with smart technologies to achieve that, the whole risk model behind the writeup barely stands scrutiny. What's worrying, ProtonMail (who declare security a first-class feature) use "features" instead of systems to define security of their service.If you think of it for a second, web crypto (protection against intermediaries and dishonest server) actually requires trusting the server, so no encryption-derived claims are sound if the server is dishonest. Any third party exploiting (or forcing legally) the server can make it dishonest and collect required keys in few simple steps. And, FWIW, if encryption is controlled by browser, adversary compromising the client itself can simply disable it.So, while the effort is very important (and I bet they'd be around the first people who will suggest techniques for safe in-browser crypto execution), it isn't that they can be compared security-wise other than: - ethics - security policy - competence of security teams.Isn't a level playing field for ProtonMail.And, my final problem is, 99% of people are still outside Protonmail anyway, hence the intolerant winner argument, which ruined PGP and will ruin many optional security systems on top of convenience protocols in the foreseeable future.

评论 #15534375 未加载

评论 #15533999 未加载

jabbabla超过 7 年前

Anyone thinks this would interfere with their security? <a href="https://www.reddit.com/r/ProtonMail/comments/6ru9pf/ive_had_enough_of_protonmail_heres_why/dl8irqq/" rel="nofollow">https://www.reddit.com/r/ProtonMail/comments/6ru9pf/ive_had_...</a>> The final nail in the coffin for me is this page right here: <a href="https://protonmail.com/blog/transparency-report/" rel="nofollow">https://protonmail.com/blog/transparency-report/</a> Can I draw your attention to this sentence: "After reviewing the relevant evidence forwarded by US authorities, criminal intent was apparent, so Proton Technologies AG decided to comply with the data request"

sixothree超过 7 年前

I have to mention the Direct Project. This is secure email that is in use today by a vast number of healthcare professionals.<a href="https://www.healthit.gov/providers-professionals/faqs/what-direct-project" rel="nofollow">https://www.healthit.gov/providers-professionals/faqs/what-d...</a>It uses trust bundles that hold the public key. Identity is vetted so there is no spam and it helps guarantee you are communicating with the right person.<a href="https://www.directmdemail.com/info/how-it-works/Direct-exchange" rel="nofollow">https://www.directmdemail.com/info/how-it-works/Direct-excha...</a>edit: I would also like to add that the direct trust model is starting to get used for things outside of email.

评论 #15533645 未加载

edf13超过 7 年前

Zero Knowledge EncryptionSo what happens if, say a hacker breaches the systems and makes an interception at the SMTP level... before they encrypt? They then can read your mail before ProtonMail encrypts it...There is a lot of marketing bumpf on this page without any link to detail.

ryanpcmcquen超过 7 年前

I like ProtonMail but ended up going with Tutanota for a few reasons:- Encrypted emails sent to non-Tutanota users are permanent (they expire at a maximum of 28 days with ProtonMail).- Tutanota has an email export feature.- Tutanota is WAY cheaper.

bad_user超过 7 年前

Encryption is cool, but in terms of security, Google probably hires more security researches than the entire staff of ProtonMail.> Protected by ... European privacy lawsSo is GSuite (<a href="https://gsuite.google.com/" rel="nofollow">https://gsuite.google.com/</a>)> No conflict of interestThere is no conflict of interest with G Suite either, which is governed by a different Terms of Use than normal Gmail. If that wouldn't be the case, being the "business" version, G Suite would be banned in most European companies.

评论 #15533869 未加载

Spooky23超过 7 年前

The meaningful differences come with costs too.“Zero knowledge” of email content means I can’t search my corpus of email without having all of that mail on a PC with a client that has a search feature.What’s a bigger risk to you?“End to end encryption” We’ve all had the PGP discussion. That adds a lot of complexity and a lot of cost and risk. Good luck searching it.“TLS transport” Welcome to 2017, this isn’t meaningful.It sounds like Proton Mail is a cool service. But that security comes at a capability cost and comes with other complexity that users may not understand.

评论 #15534394 未加载

cwyers超过 7 年前

I would not view being hosted outside of the US as an unalloyed good, especially for a US citizen. Legally, the NSA has a much freer hand in terms of surveillance of targets outside of the US. Putting your e-mail traffic outside of the US is no guarantee of anything, it's a set of tradeoffs. As others have noted, security isn't absolute, and depends on your threat model.

评论 #15537008 未加载

SaltySolomon超过 7 年前

So, do they employ spam filters and they can still read messages before they encrypt them if the come from a third source, right?

评论 #15535667 未加载

TheRealPomax超过 7 年前

"ProtonMail uses Zero Knowledge Encryption, which means it is technically impossible for us to decrypt user messages" is kind of false within the definition of "impossible". It is exactly as feasible for them to crack encryption as it is for any other party with an encryption and security background, so really this is "The only way for ProtonMail to read your email is by cracking it, which can be prohibitively time consuming" but really it won't be because the fact that "ProtonMail takes care of the security" means that if the service ever becomes mainstream popular, the proportion of people using easier-to-crack-than-should-reasonably-be-the-case password will skyrocket.

mungoid超过 7 年前

I have a paid account and only use protonmail for business and personal emails and use Gmail for anything else. 95% of the emails I get are junk anyway so I just try to separate that even more.It seems most people care more about spam filters and search functionality than security. Which is kind of a downfall of protonmail because it probably will never have high adoption because if you want good search and spam filters then it means your emails need to be scanned by the servers.Most people have multiple email accounts anyway, so why not use protonmail for the important emails and another service for junk account signups and everything else?

nthompson超过 7 年前

I run bandgap.io off of protonmail. I have had no problems with deliverability, have had great interactions with customer support, and enjoy using the product. After email hack after hack, I just couldn't see how I could ethically store my own users support emails unless they were end-to-end encrypted.Potential improvements: Searching the inbox isn't great, and I'd like to reduce my attack surface by moving my transactional email from sendgrid to protonmail (not yet supported). Also, it might make sense for protonmail to become an OAuth provider-I'd be willing to support it on bandgap.io

mping超过 7 年前

zero knowledge encryption means that there's no search functionality right?

评论 #15533547 未加载

评论 #15533509 未加载

评论 #15533798 未加载

评论 #15533572 未加载

sitepodmatt超过 7 年前

A heavy amount of ProtonMail's infrastructure is in New York at NYI [1] accordingly to blog posts however they say 'ProtonMail stores user data exclusively in European countries with strong privacy protections such as Switzerland.' Now I am confused[1] <a href="https://blog.fastmail.com/2017/05/13/nyi-datacentre-move/" rel="nofollow">https://blog.fastmail.com/2017/05/13/nyi-datacentre-move/</a>

评论 #15539468 未加载

robin_reala超过 7 年前

Unfortunately this doesn’t work with IMAP. That’s understandable given the encryption at their end, but it does tie you into their apps.

评论 #15533682 未加载

评论 #15534083 未加载

partycoder超过 7 年前

Just a reminder that for it to work both the recipient and sender need to use Protonmail... across the full e-mail thread.

评论 #15534122 未加载

binaryanomaly超过 7 年前

Even as a convinced protonmail user I think this post is too much advertising focused and not addressing the facts correctly. It would be better for the reputation of protonmail if they would resist launching such campaigns and stick to the real advantages that differentiate it from the competition.

Flimm超过 7 年前

What are the security guarantees when emailing someone who does not use ProtonMail? If there is an encrypted mode, can this mode be turned off? This is critically important, and yet most of these email providers who talk up their security fail to bring it up. This article is the same.

评论 #15534310 未加载

评论 #15534681 未加载

评论 #15534074 未加载

plg超过 7 年前

If the bulk of your correspondence is with people who have gmail accounts then guess what, you're pooched no matter what flavour of tin foil hat you wear.The biggest obstacle in becoming secure with email is all of the other people you correspond with over email.

coworkerblues超过 7 年前

Is it actually legal to not log anything ? They specifically claim they don't log IPs, so if someone wants an email data, all they can give him is just encrypted email dumps ? how can that be a possibility ?

woolvalley超过 7 年前

One thing that frustrates me about protonmail and most other mail providers is it's limits on email aliases, even if your using your own domain. With gmail you get an unlimited number of aliases.

amelius超过 7 年前

Very nice. One question though: how can we check if what they say is true? Is their client open-source?Also, would it be possible that if I open an email on an Android device, that Google still could read the email?

评论 #15533520 未加载

评论 #15534192 未加载

评论 #15533500 未加载

dfrankow超过 7 年前

Can you search protonmail email quickly? Search is pretty useful.

StavrosK超过 7 年前

Does anyone know how they reconcile "zero-knowledge" and allowing people to log in? Do they encrypt your private key with a KDF of your password or something?

评论 #15534115 未加载

trey-jones超过 7 年前

I've used ProtonMail for some small number of communications, and I really like it for limited use. I can't speak to using it for everyday email purposes.

rbcgerard超过 7 年前

For any ProtonMail users - what do you do for calendar?

评论 #15534266 未加载

评论 #15533873 未加载

homakov超过 7 年前

> In fact, not even ProtonMail has the ability to read your messagesProtonmail is a website which can read contents of your email, did I miss something?

literalmind超过 7 年前

"Only you can read your emails" -- surely, the party receiving the email can read it too, and guess what, they are using gmail.

josefresco超过 7 年前

So this is ProtonMail vs Free Gmail correct? Not G Suite?Why would you compare a free service with a paid one?

评论 #15535920 未加载

the_common_man超过 7 年前

Does 'millions of users' mean active users? Like those who login everyday?

cookiemonster89超过 7 年前

Yes, but it's missing a calendar. Definitely more secure though

darkhorn超过 7 年前

May be ProtonMail is owned by CIA. Who knows.

chisleu超过 7 年前

They don't take crypto currency :(

评论 #15534404 未加载

tankered超过 7 年前

Protonmail is not email, and should stop misrepresenting itself as email.My favorite 'feature' of protonmail is that you can't access your messages via imap or pop, and their suggestion regarding exporting messages is: "At this time, you are able to save individual emails by using the "Print" function found inside each email in your account."Protonmail had a very weird role in campaigning against the new sigint-law in switzerland, they used it for marketing for their service... now they say it's not that bad because protonmail advises the government on it.I am very dubious of protonmail's claims. They don't release their server-side code, so nobody can audit it. There is no way to make sure a PGP encrypted message sent to a friend is actually encrypted with their public key only, you have to trust them.You are also just one XSS away from losing your private key...The reason not to open source the backend code is... terrifying: <a href="https://protonmail.com/blog/protonmail-open-source/#comment-8919" rel="nofollow">https://protonmail.com/blog/protonmail-open-source/#comment-...</a>What about the other things that are important, like does protonmail do full disk encryption? do they log ip addresses? They require you to sign up with a phone number if you use tor, but "promise" not store that. How can we trust them?Their ToS states: "you agree to not use this Service for any unlawful or prohibited activities". But hey, if Mr. Robot uses it, it must be good!They also have a very shifty claim of e2e encryption and a weird de-facto disabling the use of pgp. They do use openpgp.js, but for encrypting your mailbox, not for actually using pgp to mail other people.They do actually support incoming pgp just fine, but I like to think of e-mail is bidirectional. To be fair, that is something they've had on their roadmap, but for almost three years now. Giving up the ability to send pgp-encrypted e-email is not a great trade-off (and let's not even get started on their notion that you're somehow better off with gmail as long as you use pgp).So, trust the server, trust the HTTPS connection, trust the browser to not have any backdoors or security flaws in all extensions, and trust other apps that can access the browser's files and syscalls. Trust us, we are in switzerland. Why do people think that switzerland makes them somehow better position to deal with legal issues? Anyone from switzerland will tell you that they are not immune from evil laws and different parts of switzerland are significantly more draconian than others. Tell me how switzerland is some safe-haven that you should use as a criteria to determine your opsec. This selling point is pure snake-oil.

评论 #15535934 未加载

datawarrior超过 7 年前

I gave up on ProtonMail. The lack of a calendar means you often need to go back to using Google Calendar or Outlook.com Calendar, kind of negating the privacy benefits if you're a heavy calendar user.Secondly, its been years and you still can't store more than a single email address for a contact. This is so incredibly ridiculous that I have an extremely hard time understanding how they get away with charging what they do.Lastly, the mobile app drives me nuts. I just can't get used to using it. You delete a message and a notification pop down drops from the top covering the next email so that you can't select it until the pop down notification goes away. This is deal breaking for me as if I have to go through 20 emails I have to sit and wait over and over and over again for this notification to go away. Yes, a message was deleted, I'm the one that deleted it, I don't need a notification telling me I did so. Infuriating to use.

评论 #15534377 未加载

评论 #15534321 未加载

评论 #15535433 未加载

vacri超过 7 年前

> ProtonMail takes the opposite approach and by default, does not monitor or record user activity, not even IP addresses.Hrm, where's the pricing? Oh, it's based on "Messages per day" and "Folders / Labels"...This doesn't detract from the meat of the article, but when user activity is involved in the pricing, you clearly can't claim 'no activity monitoring'.

onychomys超过 7 年前

It's so cute that they think that the NSA can't read PGP-encrypted messages.

评论 #15533677 未加载

评论 #15533786 未加载

matt4077超过 7 年前

Oh, wow. This makes me want to switch our work email away from Protonmail...* If you are not comfortable giving Google unlimited access to all of your intimate communications*Who would? But this is a sleight-of-hand where we somehow got from "google targets advertisement based on email content" all the way to "everyone working at google reads your email, and they all make fun of what you did last night".By those standards, Google also reads everything on protonmail. At least if you use Chrome.Besides, there are other factors than just encryption standards that impact security. The largest of all is the organisation you're trusting.Google is obviously far ahead in terms of expertise and resources. They also have far more to lose, are probably better set up to protect against rogue insiders, and are impossible to compromise with money. OTOH, they're subject to FISA courts and whatnot.

c0nst超过 7 年前

ProtonMail seems very nice, however, I'm concerned about if it is truly private.ProtonMail has being known to shutdown accounts related to right wing, anti-semantic groups. Granted that those are extreme group. However, it will become a very slippery slop. <a href="http://govtslaves.com/2017-08-29-eff-warns-that-banning-extremist-websites-based-on-their-content-is-a-dangerous-slippery-slope.html" rel="nofollow">http://govtslaves.com/2017-08-29-eff-warns-that-banning-extr...</a>"I do not agree with what you have to say, but I'll defend to the death your right to say it."Evelyn Beatrice Hall