Administered by:
Given Proton Mail’s fashiness coming out of the woodwork, lots of folks are looking at switching away — but they have a reasonable concern: Aren’t Proton Mail’s privacy features special, different from a normal mail provider?
AFAICT, the answer is yes in •theory•, but you aren’t giving up that much in •practice•.
Short 
surfacing notes I put in a reply — and likely containing inaccurations about Proton Mail, so please correct me if you have better info!
1/
In practice, email is pretty much all encrypted in transit these days (almost all SMTP and IMAP happen over SSL/TLS). You don’t need to worry about random third parties on the internet scanning your emails in transit.
Email, however, is not end-to-end encrypted: your own email provider (Gmail, your ISP, whatever) can see all your messages. Many actively scan your email to profile you. (This also applies to the email providers of the •recipients• of your emails.)
This is the problem Proton Mail claims to fix.
2/
The problem is that Proton Mail can’t fully fix it. IIUC, their E2E encryption requires active participation of both the sender and the receiver: https://proton.me/support/password-protected-emails
That means:
- No communication initiated by the other party is going to use it. Your bank account password recovery link isn’t E2E encrypted.
- If you want to keep a conversation you started with a human encrypted, the recipient has to use a clunky web portal to read & reply.
3/
- If the recipient of your communication quotes what you said in a normal email without using the Proton Mail web portal, oops! no longer encrypted.
- They say Proton-to-Proton emails are E2E encrypted, but there has to be an asterisk next to that: their SMTP server •must• get plaintext from my mail client, however briefly. [CORRECTION: They do not support SMTP except via local bridging; scratch this one]
- And the whole time, you just have to trust that this apparently fash-friendly company’s opaque software is doing what they say it’s doing.
4/
I honestly see no advantage of Proton Mail over just saying “let’s take this conversation to a secure platform (e.g. Signal).” And if you do that, you’re using a protocol that was actually •designed• for E2E encryption instead of trying to bolt it on the side.
I am not a Proton customer, so I may be missing something here. Am I?
If I do understand correctly, it seems like the security benefit of Proton Mail is mostly theoretical, weak sauce in practice.
5/
In particular, if you use Proton Mail, a hostile government wants to surveil your email, and Proton Mail (with its quisling CEO) decides to oblige:
- They can still surveil everything sent to you by other parties.
- They can still surveil anything you compose in your preferred non-Proton email client (e.g. Mail app on your phone). [CORRECTION: They lock out such clients altogether on mobile, provide fiddly local relay for desktop]
- They can still backdoor their own product offerings (which is likely to go undetected without an open protocol with multiple clients).
- I suspect (but don't know) that their architecture that supports webmail also makes blanket surveillance possible.
6/
Here’s an in-depth analysis of Proton Mail’s security architecture as of 2021:
https://eprint.iacr.org/2018/1121.pdf
It’s highly technical, but here’s the headline: “As it stands, ProtonMail does not meet its self-professed security goals when these are subjected to analysis.”
Maybe they’ve improved things since 2021. [Update: They don't think the paper makes a good case: https://proton.me/blog/cryptographic-architecture-response ]
Still, fundamentally, Proton Mail is trying to make a pig fly here; email protocol just weren’t designed for E2E encryption. There will always be leaks, slips, gaps.
7/
You might like Proton Mail because of quality of service, or privacy policy, or not hosted in the US, or other reasons like that. Fine.
But AFAICT, there is not a compelling technical argument for their service •in realistic practice• being significantly more secure or resilient to server-side surveillance than any other credible email provider.
Again, if somebody with deeper knowledge of Proton Mail’s technical guts has better info, please let me know.
/end
A very good point from @august here:
https://macaw.social/@august/113839019107602863
Proton Mail’s core product isn’t really technology; it’s •trust•.
And with a few rash words, their CEO has severely damaged that core product.
Yes, it was only a few words — but what else do we have to go on? If they’re doing something shady behind closed doors, we won't know about it until it’s far, far too late. The best we can do is just assume that where there’s smoke there’s fire.
Since this thread gained a little traction, I should clarify:
Proton Mail has done some good technical work AFAICT. I appreciate the effort to make E2EE more usable and more broadly accessible. I’m not so sure it’s a good idea to blur the boundary between “E2EE” and “not E2EE” as their product does, but respect for the heavy lifting they’ve done.
I’m not saying their product is a total hoax or anything! I’m just saying that •in practice•, the actual benefits aren’t as large as you might assume.
@inthehands good thread. I switched to Fastmail yesterday, which seems to be mostly fine on a reputational basis.