129 comments

[ 2.7 ms ] story [ 186 ms ] thread
In general this seems like a good move.

But the last paragraph violates one of my common complaints: using "open source" as a buzz-word:

> Proton will always be open source

Oh really? Where can I download the source code to run my own Protonmail server? Answer: I can't.

May I direct your attention to ProtonMail's GitHub page?

https://github.com/ProtonMail

Sure, they have some things (arguably low-value, but you may disagree) on GitHub, but they do not have the main protonmail service - where I could run my own Protonmail server - on GitHub.
Setting the bar awfully high there, aren't you? Very few companies open source everything, and I'd say that it's pretty reasonable to say you support open source and open standards despite that.
If instead they said "Protonmail supports open source" then I would totally agree with you, but I think my conclusion is fair to draw from their language: "Protonmail will always be open source."
Their clients and import tools are open source, they contribute to a bunch of libraries.
Climate activist arrested after ProtonMail provided his IP address (https://news.ycombinator.com/item?id=28427259)

Did Proton redeemed this somehow?

They must comply with the legally binding Swiss order. The alternative is shutting down the business. Also note they BEGAN logging the subpoenaed IP AFTER receiving the warrant and notifying the user. They did not have IP logs ready to go.

I don’t think anyone actually reads into nuance anymore. The privacy advocates are their own worst enemy. If this bar is too low for you, there’s basically only self hosted GNU software left…

Sounds reasonable.

> The privacy advocates are their own worst enemy

Probably, but Privacy is Proton's motto. I'm just pointing at the controversy.

ProtonMail respects your privacy, but they also respect warrants issued by the Swiss authorities. If you use ProtonVPN (or no VPN) to access ProtonMail then your real IP is recorded and can be turned over. If hiding your real IP address is important than use a different non-logging VPN provider (personally I use Mullvad to access ProtonMail and everything else).
Using ProtonVPN would have actually been fine. A VPN provider isn't required to hand over real IP adresses of customers in Switzerland.
Yes.

They can't refuse this as it was required by law, and protonVPN is protected from IP logging requirements.

https://proton.me/news/climate-activist-arrest

The have also updated their privacy policy.

> 2.7 IP logging: By default, we do not keep permanent IP logs in relation with your Account. However, IP logs may be kept temporarily to combat abuse and fraud, and your IP address may be retained permanently if you are engaged in activities that breach our terms and conditions (e.g. spamming, DDoS attacks against our infrastructure, brute force attacks). The legal basis of this processing is our legitimate interest to protect our service against nefarious activities. > > If you enable authentication logging for your Account, the record of your login IP addresses is kept for as long as the feature is enabled. This feature is off by default, and all the records are deleted upon deactivation of the feature. The legal basis of this processing is consent, and you are free to opt in or opt out of that processing at any time in the security panel of your Account.

https://proton.me/legal/privacy

I removed my premium subscription after this incident and was surprised to find that all benefits for the subscription were immediately revoked. Mail was rendered undeliverable until space was clear back to 500MB.

Mind you there was still time in my subscription.

So fuck ProtonMail regardless. Others will recommend Tutanota, Fastmail… I use mailbox.org for business, all much better recommendations.

its written clearly under the cancle button that this would happen. they would give you credits for the time left in the subscription.
Wrong, it is currently

And so what? For someone to play like that it’s fair to give a refund for the unused period. Otherwise, like I said, fuck ProtonMail.

You cancelled a service and were surprised that you no longer received that service?
> there was still time in my subscription
(comment deleted)
They have a free service, there was no reason to cut him off completely unless he was over quota and then they should have logically warned him and given notice they would purge the account after x days unless it was cleaned up. So yeah this seems kind of dirty.
With ProtonMail, can I change the reply-to address on the fly? With Fast Mail, I can edit the address from the compose screen.
Are you referring to the "from" address or specifically the "reply-to"? You can change the "from" ... I am not sure about keeping the "From" the same but changing "reply-to"
(comment deleted)
Serious question for HN:

What are the opinions on moving a personal family domain on the GSuite Legacy free over to Proton?

It seems like the cost is reasonable, 9.99€/month for 15 email addresses and 3 custom domains. I have just one domain and 5 email addresses for my family so I don't need much. Curious to what everyone thinks about Proton or if there might be a better alternative. Side note: I know Proton is based in Switzerland but my family and I are based in the US. Not sure if that is something which would be a problem.

Hmm, I don't think that pricing is right, first you would need a business account so every use can have their independent login.

The cheapest option is 7$ per user, which is a big jumb from free.

https://proton.me/business/plans

Otherwise, I think they are really the best private email company.

And now with this change, they are the only privacy ecosystem out there, unless you count nextcloud which a different thing and isn't as heavily encrypted as proton.

Be aware that proton doesn't offer standard SMTP connections, you need a bridge which is only available on desktop. The same thing is true with the calendar/contacts there is no cardav/caldav sync.

I hope they are working on integrating a Dav bridge on desktop and syncing from mobile apps.

>The same thing is true with the calendar/contacts there is no cardav/caldav sync.

The lack of CardDav and CalDav are absolute deal breakers for me. If I can't get my contacts and calendars into my preferred apps on my phone there's just no way they'll get adoption from me. I stick with Fastmail because it just works for mail, calendars and contacts across all of my devices and apps.

However I would remind you that since Fastmail is based in Australia, its privacy is pretty limited.

> The new law also allows officials to approach specific individuals—such as key employees within a company—with these demands, rather than the institution itself. In practice, they can force the engineer or IT administrator in charge of vetting and pushing out a product's updates to undermine its security. In some situations, the government could even compel the individual or a small group of people to carry this out in secret. Under the Australian law, companies that fail or refuse to comply with these orders will face fines up to about $7.3 million. Individuals who resist could face prison time.

https://www.reuters.com/article/us-australia-security-data/a...

Email isn't really secure or private anyway. And Proton's email is only making email between Proton accounts private, so unless a large number of my email recipients are also on Proton it's a moot point.

I don't get the draw of Proton. If I send email to someone else outside of Proton I should assume that email is now in an insecure state.

Fastmail may not advertise privacy, but honestly, I don't think much email in general should ever be considered private, including much of what is sent from Proton.

Proton's feature is its privacy adovacay and now its ecosystem.

Its a compelete ecosystem designed with privacy in mind, and encrypting emails is not the only benefit, another ProtonMail benefit is that no one can read the stored emails, only you can do that.

Maybe so, but if the recipient of the email, or sender of the email is not using an email service that provides the same then those emails should not be considered private. They might not be accessible on my email service, but they are on someone else's.
Proton's major draw, in my view, is the storage being encrypted and not accessible unencrypted to the server, not the transmission and emails to others. While it does do relatively convenient PGP encryption to other ProtonMail users (and annoyingly inconvenient PGP encryption to others, when I've tried), these are rather limited in scope, because of the limitations on recipients.

If your concern is a major state-level actor, able to spy on every recipient/sender you're communicating with and generally tap emails being transmitted, yes, Proton offers little protection, and email is insecure. If you're worried about a data breach or targeted attack compromising your stored email in its entirety, however, it does. These are more feasible for smaller-scale attackers, and in getting an entire, potentially complete history of your emails, potentially offer something more than just spying on one email.

I'd speculate that targeted attacks are more often client-side, usually trying to steal credentials from the user, but at least the user can be careful about these. Having all your correspondence stored and readable on a server that isn't under your control means you have to trust the security of the server much more than you would with this type of encryption.

> annoyingly inconvenient PGP encryption to others, when I've tried

If the recipient has set up Web Key Directory for their key the encryption looks just like for a Proton recipient (transparent key fetch in the background). And WKD is quite common and easy to setup (eg all major Linux distros have it).

Yeah, anything in the US, New Zealand, Australia, Canada, and the UK should be considered accessible by the government and shared between the 5 upon request.
It would work if you are all fine with using the same login.

If you want separate logins, take a look at Tutanota, it's 1€/month and you can add each family member as a full user.

As to the location, there is no issue, Tutanota is based in Germany, but both options (Switzerland or Germany) are fine for usage from the US. At least I've never heard about anyone complaining.

I have Visionary, which allows for five logins if I recall right. It also has a drive replacement, and something like 12 VPN assignments. I run a few domains through it without issue.

Edit: Looks like they aren’t allowing anyone new to sign up for Visionary. That’s recent as I was seeing signups available as of a week or two ago if I recall right.

Our family did the same thing... gmail is pretty superior in most aspects, but so is their ability to search your deepest darkest secrets. a tradeoff we were fine making. that said in the year we've been using it their overall "arc of change" has been positive and this latest refresh looks to follow that trend. FWIW I use the iphone beta app through trustpilot and it's a lot better but this refresh looks like they're moving towards GA'ing that version soon.
And still no way to anonymously create an account (free or paid): https://news.ycombinator.com/item?id=28435153

Make of that what you will, after so many years and the nth redesign

Privacy != Anonymity.

I can see why they do what they do, it probably prevents a lot of spam accounts and abusive use type accounts from being created. But privacy doesn't mean anonymous. If you want anonymous I don't think Proton is for you.

I guess I don't know what sort of abuse they experience, but for spam I'd think $10 / month would be more than sufficient.
What if that $10/mo is going to result in a charge back from the stolen credit card? That, on top of spam and whatever other abuse is going on with that account.
OK, then only accept crypto for anonymous accounts.
And it would be easy for Proton, because they already accept cryptocurrency for subsequent payments after account creation, but not for the first payment during account creation (catch 22)

In the end it's their choice to continue collecting personal data, even after Swiss authorities compelled them to disclose personal data to French authorities: https://en.wikipedia.org/wiki/ProtonMail#Compliance_with_Swi...

Honestly, cryptocurrencies (I hate that these have hijacked "crypto" for their silly garbage, to me crypto will always be cryptography. Old man yells at cloud I guess..) just invite abuse. As a service provider I'd never offer cryptocurrency as payment if that service could be abused in one way or another. Just my experience, to each their own.
I don't like it either (to put it mildly) but Mullvad allows cash to be send to them, no questions asked. You can even pay for various months that way.
Proton also supports cash for renewals/upgrades, but they went out of their way to remove the cryptocurrency option and the cash option during signup...
(comment deleted)
Exactly. The reason I pay for proton mail is not so that proton mail doesn’t know I’m a customer. It’s because proton mail doesn't read my emails. Gmail/Google does. That’s what privacy is important to me as an email user.

Sometimes it feels like people scream security === anonymity === privacy and really don’t understand what they’re even yelling about.

Yet if use android Proton is stick to google push service till today, even when IMAP itself actually has push function since IMAP4.
Anonymity can be a big part of privacy, which is fairly obvious and for some people it's inside that privacy circle as a necessary component.
it is. i just created an account on there onion site using only captcha
No phone number, secondary email, or credit card info was required?
"only using captcha" so no
I just tried to register an account using the onion site. It requires JavaScript, as well as either an email or phone number for SMS. I saw no captcha when attempting to create the account.

Edit: https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7...

"If you are only given the option of email or SMS verification and would like to avoid using email or SMS verification, it is possible to do so by upgrading to a paid plan using PayPal or Bitcoin."

Yeah, I would hardly call any of those options anonymous. Pseudonymous at best.

Which .onion? The signup link on https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7... redirects to their clearnet site. Maybe it redirected you too and you landed on that one mythical Tor exit node not yet blocked by Proton, which is always rumored to exist (but I've never seen it)
As of a month or two ago, it does not redirect to the cleartext site and stays on .onion.
Right now it's staying on .onion again (and blocking anon signups), but at the time of wangler1949's comment it redirected to proton.me when I checked.
Just buy a burner and use that for your phone number during setup.
Between 2019 and 2020, I've created a few free one-time ProtonMail accounts, which I used for creating throw-away Apple IDs.

In fact, I just created one to verify. It's still possible. See for yourself:

user: testaccount.forhackernews@protonmail.com

pass: testdonotuseforseriousstuff

All I had to do was to solve a captcha with bicycles in order to prove I was human. And the dialog for recovery e-mail / phone had a "Maybe later" button.

I live in Switzerland, maybe the impossibility of anonymous account creation is a legal issue in some countries ?

Did you use Tor Browser though? They've been blocking that during signup for a long time now
No, I didn't. And I just tried with Tor Browser, but the captcha option is not available.
I have used a burner phone and anonymously obtained btc wallet with them.
btc isn't really anonymous, although it's -easily- traced it can be with a bit of resources.
That's why i said obtained not transacted
I wish U2F was supported instead of just TOTP
This change would supposedly enable this.
I'm very glad to hear it!
Personally I'm still looking forward to the new android app, as the current one is pretty crappy.

I'm using the beta app and everything is good but it still doesn't support conversation view.

(I have yet to find any open source android email app which looks as modern as proton's, maybe AOSP email?)

They have also bought [SimpelLogin](https://simplelogin.io), the email aliasing service, and promised that SL would be intgersted in the plus plans when SL Is merged into proton in 2-3 months. I'm hoping that they keep multiple domain support, even though I doubt it will happen.

As for proton calendar, its usability for me is pretty limited until they enable syncing with the OS on mobile and offer a Caldav server with desktop bridge. If they would also offer contact sync that would be super!

After five years waiting for them to implement swipe to move forward and backwards in your inbox rather than having to click and wait multiple times to move to the next message, and the same amount of time waiting for it to let me automatically open the next message after deleting the one I'm on...

Moving my email via IMAP bridge into ProtonMail resulted in many many messages being corrupted (they show HTML as TXT instead of rendering it) and duplicated.

I finally literally gave up a week ago and switched to Fastmail and am already so much happier. It's annoying, I really wanted to love Protonmail but they just do this window dressing nonsense with updated logos and website design instead of making the core product work better. I can't deal with it anymore.

It's very sad to me, I was one of their first customers :-(

interesting, I had none of these issues.

just a reminder that Fastmail is based in Australia.

However I would remind you that since Fastmail is based in Australia, its privacy is pretty limited.

> The new law also allows officials to approach specific individuals—such as key employees within a company—with these demands, rather than the institution itself. In practice, they can force the engineer or IT administrator in charge of vetting and pushing out a product's updates to undermine its security. In some situations, the government could even compel the individual or a small group of people to carry this out in secret. Under the Australian law, companies that fail or refuse to comply with these orders will face fines up to about $7.3 million. Individuals who resist could face prison time.

www.reuters.com/article/us-australia-security-data/australia-passes-bill-to-force-tech-firms-to-hand-over-encrypted-data-idUSKBN1O42SR

Yeah, I really wish protonmail had been good enough, obviously I originally got it due to the privacy features which I agree are better. But five years is a long time to then get them spending this much money to redesign their website instead of finally finishing basic features.

I really really tried to give them time, but honestly this announcement is insulting for people like me waiting for years for actual features to reach parity. I finally gave up, but I'm not happy about it and would have much rather kept giving ProtonMail money.

> just a reminder that Fastmail is based in Australia.

> However I would remind you that since Fastmail is based in Australia, its privacy is pretty limited.

And Fastmail’s data centers are in the U.S. I don’t know if they encrypt all data and logs at rest. They/the data centers could be compelled to hand over data to U.S. three-letter-agencies too, with an NSL (gag order).

I'm sure the 3 letter orgs don't set up the paper trail for NSL until they need to for a court. They are scooping up all that stuff already, email/messaging is a goldmine of info too good to wait on warrants and such. Australia is a member of 5 eyes as well, so it's all basically the same, you can bet they all share information with little to no guard rails.
Certainly an aspect of my willingness to switch was that email encryption end to end only worked with other protonmail users, and unencrypted emails in transit are already readable, and they could surely be compelled to capture my decryption password the next time I used it anyway. They're still subject to swiss law which isn't quite as libertarian as protonmail sometimes implies.

I think that for most people (or at least me) the attacks that protonmail is good for aren't especially likely and can trivially be rendered useless by the kind of adversaries they would theoretically have worked against.

Disclaimer: not a security expert, just based on my impressions. Sorry if I got any details wrong.

At least fastmail isn't Gmail sending your info to marketers.

I canceled my subscription explicitly based on just how poor the app is. conversation view is just the tip of the issues here. its very slow and buggy for me. for many years basically unchanged.
Yeah, I have to read a message 3 times before it marked as unread.
I have been using Proton products for years now. VPN is top notch at the paid level, and email is pretty great. Don't know what else to say, it's good stuff.
It took them ages to support Wireguard. I went with AirVPN a few years ago. They had support for Wireguard, and a sweet BF deal.
Looks like Visionary has been sunsetted for new subscriptions. This must be recent, as it was live a week or two ago.

A note for anyone recommending ProtonMail as that changes the calculus for many.

That change was, as far as I can tell, it was done without any prior announcement (it is announced on the new website). Unfortunately, I had been trying over last few days to figure out the best way to move my currently partially self-hosted setup to ProtonMail, and the only feasible way to do so would likely have been with the Visionary plan. ProtonMail's sudden removal of it means that I likely won't be able to switch to them, and will likely end up removing my current Professional plan.

With its removal, there is no non-business plan with multiple mailboxes. It also appears that the ability to pay additional fees per item for extra custom domains, addresses, and other features has been removed. As such, if you need more than what the largest plan offers on these (eg, you need what the old Visionary plan offered), this now appears impossible.

I'm definitely happy that my €6 per month subscription has been upgraded to Proton Unlimited. The storage boost for email is more than I'd ever use, but the ability to add more custom domains is a definite win in my book.
You very lucky my friend. I am a plus subscriber, and other than more storage nothing has changed.
More email addresses. And a catch-all for custom domain.
catch-all for such a limited amount of aliases is not that useful.
For me it is. A catch-all for my domain was the one thing I was missing.

Not sure what that has to do with the number of email aliases.

More email addresses but they all dump into the same inbox, correct?

I've been a VPN subscriber, so haven't really played around with the mail side too much.

Same inbox, yes. But you can always use filters to have them show up in different folders instead of the default inbox folder.
I'm a VPN subscriber and got upgraded to the full Unlimited plan for the remainder of my term (about 18 months).
(comment deleted)
When the calendar supports invitations, and Mail, Contacts + Calendar support delegation, I'm switching back from Microsoft.
Could be a hard thing to implement. The calender would need access to encrypted mails.
For those who like using other mail clients there is the official Protonmail Bridge[1] (for paid customers). There is also Hydroxide[2] (which I use). I am able to use Apple Mail on mobile, Aerc[3] command line mail client on desktop (MacOS and Linux), and sync with the CardDav instance for contacts.

Understandably, this is not an ideal solution for everyone -- it works awesome for me! Just a PSA for those not aware.

[1] https://proton.me/mail/bridge [2] https://github.com/emersion/hydroxide [3] https://aerc-mail.org/

I am a long time paying customer. Good to see improvements.

The one thing that keeps me from using Proton as my primary email is lack of email/calendar integration. When I get an email with an invite, I would like that to appear auto-magically on my calendar. When I assign my custom domain to Proton and use it heavily for a few months, this is what eventually makes me switch back to Apple/Gmail/FastMail.

Mm, I am a paid customer as well. I use proton mail exclusively and I like the calendar. You can add events to your calendar from an email/invite. I also share calendars with non-proton users (my wife uses user iPhone/calendar app). I haven't had any issues with it.
I was working on a side project to do exactly this, including emails from Airbnb, hotel and flight bookings, but for fastmail :) I will check if I still have the code...

I gave up on it because I wasn't sure how to solve potential privacy issues or concerns if I wanted others to be able to use it.

I was a paid customer, and I still support ProtonMail's mission, but the app experience drove me to cancel my paid subscription and go with FastMail instead. The mobile client and desktop were never in sync; I'd swipe an email to archive and it'd show back up in the inbox, etc. It happened time and time and time again and I got sick of it having to clean up after their messy app.
So much faith in the government of Montenegro, eh? Not optional anymore means I don't like it.

Also, what is the incentive as a previously paying customer to return? I see none. It does not seem to be loyal customers but current ones. So someone who subscribed last month or a few days ago (for however long) gets more benefit than me a multi year former user. OK, so where is the incentive to make me a returning customer?

Every other company on the planet seems to go with the 'screw the current loyal users, let's offer great deals for new customers only' model. One company finally does it the other way and you complain. This is the way every company should operate.
While it might be rare Humble Bundle did it as well, but then I was on the beneficiary side. My question still remains: what's my incentive to return? I get no deal whatsoever. I pay about 2 EUR a month for AirVPN as it is, and I switched to them because they had Wireguard support.
What are you referring to? What is their affiliation with Montenegro, and what is no longer optional?

Edit: Also in terms of incentives, is there another decent email provider that offers the same suite of services (end-to-end encrypted email that won't data mine you and serve ads to you?). That's still the main draw for me.

The country of Montenegro is the owner of the .me ccTLD.

Protonmail is proprietary (given the JavaScript served cannot be audited), and because it does not use an open standard.

Both Posteo and Tutanota are alternatives which don't profile you but whether they suit your needs is up to you. Hosted in Germany.

Dubai government servers are bouncing mails originating from protonmail.com. Will proton.me bypass this?
Unlikely, I doubt their IT is that incompetent to not block any new DNS entry associated with Proton
use a custom domain, it works most of the time.

however its nothing out of the ordinary to expect from the UAE.

I'm a medium-happy Protonmail user. I really wish they'd step up their core services - give us the ability to snooze emails, schedule sends for later - all of the stuff you can do in Gmail, Outlook or other modern mail clients. It's such a hard time, because I reeeeally want to like the service, but I feel like they make it so hard
This is one reason I use proton bridge and thunderbird.
Which plugins do you use for thunderbird to snooze? The only one I found only worked on a prior, not up to date version of TB.
(comment deleted)
So the "Plus" plan no longer exists, and the only way to get more than 1 Vpn connection is now to get "Unlimited" which is even more expensive at €11.99

What was the price of "Plus" before this change, i think something like €8 or €10 ?

which plus ? the email plus still exists. and that 7$ vpn+email offer is still there, however its for 2years
Great, even more different products using same names. I understand the idea of uniting all different Proton services under the same name, but now Proton (Mail and other services) and Proton (SteamPlay, from Valve) will be hard to differentiate in short news headlines. Similarly as with Unity (Ubuntu desktop environment) and Unity (game engine).
And now that the login page https://account.protonmail.com/login redirects to https://account.proton.me/login, my Firefox pass manager do not autofill the login anymore, I believe that is a UX nightmare for non advanced users.

And to be honest, I don't know the best way to avoid UX problems when a service change domains.

I mean, besides that many users will lost access/do the reset pass process because of that, the experience to fix this as a user is: go to the pass manager, copy the credentials from the old domain, go to the new login page and paste it, save it as in the new domain, and delete the old domain saved credentials, because that will be saved there forever with no propose and confusing users with duplicated login information.

I guess more advanced password managers maybe notify about domain changes? But at least Firefox and I suppose Chrome, which is massive, don't have that.

1password browser adding needs you to add an extra url against the stored login. Not a problem imo, very rarely does a service change domain like this. This is the case for the safari addin, but Im sure Chrome and others will be the same

A more frequent problem is where a site will authenticate you against some other domain or URL, so its something Ive had to do before and I think someone using 1pass or similar should be able to do

Mobile app lets you search for an existing login when one isn't found for the new domain. After you give it permission to autofill, it will continue to do so

If the service gives a 301/308 response, it should in theory rewrite all bookmarks and things like this, but that also opens up security issues especially when it comes to password managers.
Proton is currently sending out a marketing email blast in multiple languages but without any unsubscribe button.
its available in the account settings
They treat Linux users like shit. Unlike their VPN apps on other platforms it still lacks WireGuard, split tunnelling, profiles, etc.
ProtonDrive excites me the most. The only other user friendly end to end encrypted cloud storage provider is Tresorit, who are overpriced for consumers. Please note I don’t consider Boxcryptor in the same category as they just serve as an encrypting proxy between you and cloud storage.

I wish ProtonDrive would explain more about their data resilience, whether they maintain custodian keys or any ability to access customer data, how access works when traveling across borders, etc. otherwise iCloud Drive and Boxcryptor are a stronger choice.

there is mega.nz, and they pretty good, and now they are working on encrypted object storage too!
Can you use your own PGP key on ProtonMail without uploading your private key to them yet?