Interesting. I run rainloop on my (local) server so I can have mail in my browser (while on my lan). I'll have to see if I can get bridge for linux working with that. Server is headless, so hopefully bridge is too...
Oh, bad timing. Just a few months ago I was on the fence about Protonmail vs Fastmail (vs all others) and ended jumping to Fastmail: the privacy pro didn't seem to outweigh the cons. Now with open sourcing stuff the pros do get somewhat better... But reevaluating and switching would be troublesome.... Maybe in a few years I'll revisit it :)
Yeah protonmail charging for the marginally free stuff, like domains and aliases is very disappointing. I make a new email for every account, in the form of catchall_alias@username.domain.com do I have to pay proton mail $24/month for that privilege?
Also not providing 20GB space as a default paid option in this day in age of $5/month/TB is also very disappointing.
I've been with ProtonMail a couple of years now, and recently made the step to buy my own domain to use for personal email. What I'm hoping is that whenever I want to switch provider in the future, it won't be any more trouble than to switch some DNS settings :)
The easiness to migrating away was one of the cons of Proton Mail to me, but I don't remember the exact reasons for it besides not using standard protocols. Having standard protocols really makes everything easier. With the open sourcing of the tools, maybe it will get better?
Cool. But neither the audit nor the repository explains if it's possible to create the APK in a reproducible way. Google Play distributed APKs contain their signatures, so in theory it wouldn't be possible to 1:1 reproduce the distributed ones.
However for F-droid this would allow them to sign their own APKs and provide some additional security guarantees in their supply chain.
Also a bit concerning that there is no tags yet in the repository.
If you just want a simple way to access your mail over HTTP (without the need for standards) you could probably also run imap-api[1] pointed at the Bridge. Although admittedly it does feel a bit hacky.
Or maybe also getmail or fetchmail which will download your mail over IMAP and put it in the maildir format as files.
Great to see this! On another note: there was a six month gap (unless I'm mistaken) between the iOS version being open sourced, and this Android release. I am a bit surprised that iOS got open sourced first. Is this because it did not receive the same security audit that presumably held up the release of the Android source?
> Data is actually strongly encrypted using that key before leaving the client.
Except "strongly encrypted message" you should send some extra info for server. And I'm not sure how those two types of info separated in Proton's communication protocol, so binary diff between those "parts" could be a key to select decrypt method.
Their key encryption is fairly safe, if you use one-password mode, they could intercept your password from the webinterface if they wanted, but the password exchange is solid and doesn't reveal the password while still allowing to decrypt the key.
Two password mode is technically more secure since even if the authentication exchange is cracked, the decryption key doesn't touch anything the server can see, it's locally decrypted.
I'm happy to see ProtonMail getting exposure. I moved over from gmail about a year ago, and have been quite pleased with their service.
Only downside I've seen is that there isn't a clear way to increase available data storage, independent of other billable line items (like number of users etc).
Other items on my wish list would be more customizable email filtering, I'd love to be able to create filters such as 'is this from [internet provider] and does it contain the word bill? -> inbox, else spam'
Both those things you mention as wanting exist already.
For data storage independent billing, go to Settings -> Dashboard. On Professional tier and above the data storage is a dropdown where you can increase the amount required.
For email filtering go to Settings -> Filters and create as many conditions as you want on a filter.
Interesting, I pay for the professional tier, and do not see a separate dropdown available for storage. The professional plan lists 5gb/user (at a rate of about $5/month), and the only way to scale up storage on my dashboard page is to provision more users (up to 100, so max of 500gb).
It’s a non-issue now, but yeah I’d prefer to interact with my plan the way that you describe and be able to scale storage independently (and ideally at a cheaper rate).
Regarding filters, that’s great! I didn’t see that before and will likely utilize it heavily now that I know it exists.
Ah I see, yeah the Plus plan lets you choose the storage. Professional works differently for some reason. I bet if you contacted their support they'd consider changing it though as it doesn't quite make sense as-is.
I use both protonmail and gmail, with protonmail used for things that I feel require more privacy, such as banking. One thing that I really do miss, and I understand the reasoning, is being able to effectively search for an email. Since the content is encrypted you can only search for what is in the headers.
From their pricing page[0] it looks like their highest-priced plan only goes to 20GB. That's an order of magnitude too little for me just for the current size of all my mail.
(And no, I don't want to clean up 20+ years of email. I want to pay someone else to handle archiving and indexing it and not think about it.)
I wonder if it's possible to migrate my Gmail-powered email address while keeping my family's inboxes there. I'm interested in joining Protonmail but I can't afford to pay for everyone, nor will they understand my wish to move away from Google.
I guess it can't be done as it's at the domain level, am I right?
does everyone in your family currently have the email name they want or did they have to compromise by putting numbers at the end or use similar tricks? ...because theres probably a better chance of getting the name they want with ProtonMail.
the shorter name@pm.me email address is a nice feature to have as well
been a user for a couple years. open source everything, maybe the community can help fix their basic bugs like not being able to import their VCF exported contacts into thunderbird.
ProtonMail doesn't really try to be general-purpose email client. You can either use the bridge with an email client of your choice, or you can forward your mail.
Not really the email client of your choice. In Mac OS, you can do Apple Mail and Thunderbird well, but if you try something like Airmail, it crashes the app (or other unexpected behavior). Not exactly 100% IMAP compliant for what I can tell.
"Crypto AG was a Swiss company specialising in communications and information security. It was secretly jointly owned by the American Central Intelligence Agency (CIA) and West German Federal Intelligence Service (BND) from 1970 until about 1993, with the CIA continuing as sole owner until about 2018.[1] With headquarters in Steinhausen, the company was a long-established manufacturer of encryption machines and a wide variety of cipher devices."
Basically they were world's leading manufacturer of encrypted phones & fax machines for military use and it was revealed that they were controlled by German and US intelligence all along.
My suspicion for ProtonMail is only that it's too good to be true: A small amount per month to solve all my privacy/confidentiality needs w/o really inconveniencing me? I'm in!
At least now that all PM's non-beta apps are open source, you (or someone) can audit all their client-side apps to ensure that it doesn't matter if the sever is trying to do something nefarious. As long as your encryption key and plaintext mail never leaves the client, and the encryption being used is sound, you should be safe.
Now, if it's run by the CIA/NSA/whatever, and they have found vulnerabilities in state-of-the-art encryption algorithms that we don't know about, you're hosed. But we're still hosed even if they aren't running the mail server (that just makes it easier for them to get hold of the data), so I'm not sure that's a threat model the average person could reasonably protect against anyway.
I see. Thanks for the info. PM is competitively priced for the VPN/Email market, so I can’t quite make the leap you mentioned. If your concerns are based on price it would mean the whole market is corrupt. Maybe it is, heh, I’m open to that.
I use PM because fuck Google(Gmail), and fuck my ISP for profiting off my private data. I’ve always figured the 3 letter agencies can get access when they want. I’m not doing anything nefarious so I’m happy just to battle against corporate greed.
The lesson from Crypto AG is that you have to assume that every communications provider is a CIA front. You should do things in a way where you don't have to trust anyone but yourself and your correspondent. Open source clients are thus an important moral to the Crypto AG story.
> Their audit found that our app has no outstanding vulnerabilities.
Either I'm misunderstanding what they mean by "outstanding" or this is a very bold claim. Shouldn't they be saying something like "Their audit found no vulnerabilities in our app."
I think it means that they resolved any found vulnerabilities before the audit was published. Therefore none of the found vulnerabilities were _outstanding_ when they published it. In this case _outstanding_ means that the auditors have not yet verified a fix.
This was a showstopper for me back when I decided to go with posteo.net instead. Well, better late than never, hopefully their service will become useful for more people.
I hope the open sourcing helps accelerate the pace of development.
Tangentially, my needs are very minimal and I have a couple of ProtonMail accounts on the free tier that don't get much mail (the size of the mailboxes put together would be 5MB or so). I also aggressively delete unnecessary emails quickly and empty the trash. I'm waiting for multiple account support in the official mobile client for users on the free tier (this was promised quite sometime ago).
83 comments
[ 4.7 ms ] story [ 149 ms ] thread[1]: https://github.com/ProtonMail/proton-mail-android/issues/1
Really looking forward to when Proton has near parity with the GSuite basics.
[1] https://protonmail.com/blog/proton-bridge-linux-launch/
[2] https://protonmail.com/blog/bridge-open-source/
Also not providing 20GB space as a default paid option in this day in age of $5/month/TB is also very disappointing.
However for F-droid this would allow them to sign their own APKs and provide some additional security guarantees in their supply chain.
Also a bit concerning that there is no tags yet in the repository.
https://support.google.com/googleplay/android-developer/answ...
>Note: Using app signing by Google Play is optional. You can still upload an APK and manage your own keys instead of using an app bundle
Or maybe also getmail or fetchmail which will download your mail over IMAP and put it in the maildir format as files.
[1] https://github.com/andris9/imapapi
2018 - Ask HN: How secure is Protonmail really? https://news.ycombinator.com/item?id=18101090
2019 - Ask HN: FastMail vs. ProtonMail? https://news.ycombinator.com/item?id=19372882
How secure would it be to use PM if the following conditions were met?
- you only used one of the open-source native PM apps
- you only emailed other PM users
- someone you trust audited the PM source code for the native apps
- you installed from F-Droid
So, it just like Telegram (or any other proprietary cloud/VPN/proxy service) - you really don't know what has happen on server side.
* Your e2e encryption key never gets sent to the server.
* Data is actually strongly encrypted using that key before leaving the client.
Then isn't that sufficient to prove that the server can't do anything nefarious, even if it wanted to?
Except "strongly encrypted message" you should send some extra info for server. And I'm not sure how those two types of info separated in Proton's communication protocol, so binary diff between those "parts" could be a key to select decrypt method.
Two password mode is technically more secure since even if the authentication exchange is cracked, the decryption key doesn't touch anything the server can see, it's locally decrypted.
There isn't any meaningful diff you could make.
Only downside I've seen is that there isn't a clear way to increase available data storage, independent of other billable line items (like number of users etc).
Other items on my wish list would be more customizable email filtering, I'd love to be able to create filters such as 'is this from [internet provider] and does it contain the word bill? -> inbox, else spam'
For data storage independent billing, go to Settings -> Dashboard. On Professional tier and above the data storage is a dropdown where you can increase the amount required.
For email filtering go to Settings -> Filters and create as many conditions as you want on a filter.
It’s a non-issue now, but yeah I’d prefer to interact with my plan the way that you describe and be able to scale storage independently (and ideally at a cheaper rate).
Regarding filters, that’s great! I didn’t see that before and will likely utilize it heavily now that I know it exists.
(And no, I don't want to clean up 20+ years of email. I want to pay someone else to handle archiving and indexing it and not think about it.)
[0] https://protonmail.com/pricing
I guess it can't be done as it's at the domain level, am I right?
the shorter name@pm.me email address is a nice feature to have as well
Can't see an option to enter my pop3/smtp server. Or I'm blind?
see https://en.wikipedia.org/wiki/Crypto_AG
Basically they were world's leading manufacturer of encrypted phones & fax machines for military use and it was revealed that they were controlled by German and US intelligence all along.
My suspicion for ProtonMail is only that it's too good to be true: A small amount per month to solve all my privacy/confidentiality needs w/o really inconveniencing me? I'm in!
Now, if it's run by the CIA/NSA/whatever, and they have found vulnerabilities in state-of-the-art encryption algorithms that we don't know about, you're hosed. But we're still hosed even if they aren't running the mail server (that just makes it easier for them to get hold of the data), so I'm not sure that's a threat model the average person could reasonably protect against anyway.
I use PM because fuck Google(Gmail), and fuck my ISP for profiting off my private data. I’ve always figured the 3 letter agencies can get access when they want. I’m not doing anything nefarious so I’m happy just to battle against corporate greed.
Stay suspicious though!
Either I'm misunderstanding what they mean by "outstanding" or this is a very bold claim. Shouldn't they be saying something like "Their audit found no vulnerabilities in our app."
https://www.reddit.com/r/ProtonVPN/comments/8ww4h2/protonvpn...
I'm curious about your opinions though: will the platform be riskier now for a while, since bugs will be more likely to be found?
Tangentially, my needs are very minimal and I have a couple of ProtonMail accounts on the free tier that don't get much mail (the size of the mailboxes put together would be 5MB or so). I also aggressively delete unnecessary emails quickly and empty the trash. I'm waiting for multiple account support in the official mobile client for users on the free tier (this was promised quite sometime ago).
> the probability of the app to be opensourced is very unlikely