These allegations are false. Hidden at the bottom of the article, is this: "Public prosecutor Walder of the Competence Center Cybercrime contacted me, saying he had been misquoted". In other words, the alleged source (a public prosecutor) has also supported our denial of these false allegations.
ProtonMail does not voluntarily offer assistance. We only do so when ordered by a Swiss court or prosecutor, as we are obligated to follow the law in criminal cases.
Furthermore, end-to-end encryption means we cannot be forced by a court to provide message contents.
You 'forgot' to copy the full addendum. It reads as follows:
'Public prosecutor Walder of the Competence Center Cybercrime contacted me, saying he had been misquoted. He claims that had not divulged at the above-mentioned event that ProtonMail voluntarily releases real-time data. He had merely described ProtonMail as a potential provider of derived communication services (PDCS).
I was live-tweeting the event, including the interesting presentation by public prosecutor Walder. The remark that ProtonMail was a (potential) PDCS would have been too trivial to be live-tweeted. The insight on the other hand that ProtonMail voluntarily offers assistance for real-time surveillance, was spectacular and I therefore live-tweeted the statement. In its transparency report, ProtonMail – as mentioned above – itself refers to at least one case of real-time surveillance.'
> ProtonMail even mentions a current case of real-time surveillance:
„In April 2019, at the request of the Swiss judiciary in a case of clear criminal conduct, we enabled IP logging against a specific user account which is engaged in illegal activities which contravene Swiss law. Pursuant to Swiss law, the user in question will also be notified and afforded the opportunity to defend against this in court before the data can be used in criminal proceedings.“
By writing of a „case of clear criminal conduct“ and of „illegal activities which contravene Swiss law“, ProtonMail violates the presumption of innocence against the monitored suspects. Such suspects are of course not informed by ProtonMail about ongoing real-time surveillance measures.
I'm not denying that they complied with the order to enable IP logging.
What I'm saying is that the author claims they voluntarily offer real-time logging without the need for judical intervention - per the prosecutor.
The author of the article at hand later added an addendum saying the prosecutor was mis-quoted in their article [[ and that Protonmail does not voluntarily offer real-time logging.]] (Note: The part inbetween [[]] is misleading - the prosectuor does not say that. I wrote it out rather than quoted it directly, and made an error. I am leaving it in for posterity)
The authors defense regarding the misquote is saying "I live tweeted it, so it happened".
Whether they do or not - I'm just pointing out the weakness of the argument that "I tweeted it, so it happened"
>The author of the article at hand later added an addendum saying the prosecutor was mis-quoted in their article and that Protonmail does not voluntarily offer real-time logging.
That is completely false. The author said that the prosecutor claimed to have been misquoted, not that he was misquoted. The author clearly stands by his quote, and it is therefore untrue that he says that Protonmail does not voluntarily offer real-time logging.
You are correct, my rewording ended up being misleading. My apologies.
I don't think it detracts from the substance of my argument, however. This is a he-said-she-said battle where one says "I tweeted it so it happened" and the other says "no, it doesnt".
> I'm not denying that they complied with the order to enable IP logging.
What 'order'? All their report says is 'request'. If they had meant order, they would have said court order: in all the other cases in the transparency report, they specify if there was a court order.
I think it's a strong argument. It's not 'someone much later with fuzzy memories decided to interpret what they thought they heard', it's 'someone right there and then was so struck by what the revelation they just heard that they broadcast it to the world (and you can check that they did by looking at the Twitter timestamp)'.
Which do you trust more, a witness statement taken a minute after the crime, or made a year later?
That someone said something very revealing and immediately backtracked with an excuse "I didn't say what I said" is, on the other hand, deeply unconvincing.
I think we should not think of "request" in the same way as a court order. This seems the essential difference to me.
By the way: The author of the post is an attorney at law and member of the Chaos Computer Club (CCC), which makes me believe that he wouldn't falsely accuse ProtonMail.
The addendum does not categorically say that ProtonMail does not voluntarily offer real-time logging. The prosecutor correction says he didn’t disclose that at that event. He could have disclosed it anywhere else, he might know it happens but hasn’t disclosed yet. The quoted correction is worded in a way the prosecutor could have certain knowledge they do do that and is not refuting it.
// EDIT (moved word categorically) per comment below.
Fair reading of the addendum, I put my own words to it and it was misleading.
I don't think it detracts from "I tweeted it, so he said it" per:
>The remark that ProtonMail was a (potential) PDCS would have been too trivial to be live-tweeted. The insight on the other hand that ProtonMail voluntarily offers assistance for real-time surveillance, was spectacular and I therefore live-tweeted the statement.
From what I am seeing in the linked material, the author saw something that made his mind generate the sensational 'news'. Without bothering to check whether it's true or false he posted the generated conjecture as a fact and now is trying to defend the indefensible by attacking ProtonMail instead of posting the clarifications and apologizing.
In other words, pretty much the definition of fake news.
From above, there is a Swiss public prosecutor, who is on the public record as saying that he "had not divulged at the above-mentioned event that ProtonMail voluntarily releases real-time data."
That is a pretty conclusive statement that the reporting here is false.
> ProtonMail does not voluntarily offer assistance. We only do so when ordered by a Swiss court or prosecutor, as we are obligated to follow the law in criminal cases.
Yes, if ordered by a court - but not voluntarily, which is the claim of the article, italicized, with exclamation points, repeated several times, etc.
My own definition does not matter. Swiss law matters:
'The order may require real-time surveillance to be carried out and the handover of the retained secondary data of telecommunications from past communications (retroactive surveillance).'
The question is not whether ProtonMail has access to user data. (They have, you are absolutely right.) They question is if they perform real-time surveillance, i.e., lawful surveillance (whether voluntarily or not).
No matter what they actually do, they'd be idiots to reply to this, which is why we won't see a reply from them. Doesn't really say anything meaningful.
+In April 2019, at the request of the Swiss judiciary in a case of clear criminal conduct, we enabled IP logging against a specific user account which is engaged in illegal activities which contravene Swiss law. Pursuant to Swiss law, the user in question will also be notified and afforded the opportunity to defend against this in court before the data can be used in criminal proceedings.
Diff from 2019/04/25 to today: ...
-Updated on 13.03.2019
+Updated on 24.04.2019
-ProtonMail is not required to store communications metadata or IP information, as we are exempted from the Swiss Federal Act on the Surveillance of Post and Telecommunications (BÜPF) and its accompanying ordinance. Therefore, ProtonMail can apply a policy of collecting as little user information as possible to protect user privacy. To know exactly what kind of metadata your use of ProtoMail creates, please refer to our Privacy Policy. Upon receiving a judicial order, ProtonMail is obliged to provide any user information readily available that would help identify a user that is subject to a criminal investigation that has been validated by Swiss authorities.
+ProtonMail is not required to store communications metadata or IP information, as we are exempted from the Swiss Federal Act on the Surveillance of Post and Telecommunications (BÜPF) and its accompanying ordinance. Therefore, ProtonMail can apply a policy of collecting as little user information as possible to protect user privacy. To know exactly what kind of metadata your use of ProtoMail creates, please refer to our Privacy Policy. Upon receiving a judicial order, ProtonMail is obliged to provide any user information readily available that would help identify a user that is subject to a criminal investigation that has been validated by Swiss authorities. In addition to the items listed in our privacy policy, in extreme criminal cases, ProtonMail may also be obligated to monitor the IP addresses which are being used to access the ProtonMail accounts which are engaged in criminal activities. Under no circumstances will ProtonMail be able to provide the contents of end-to-end encrypted messages sent on ProtonMail.
1. a law permits compelling a company to produce real-time data (or anything else),
2. a company has that technical capability, and
3. the company in #2 is in a jurisdiction with a law like #1,
you should assume real-time surveillance data will be provided in cases where it is so ordered. You don't need to wait for them to tell you that it is. It can go without saying.
How could it be otherwise? If the guys with the guns show up to demand that data, what else are they gonna do? The Lavabits of the world are incredibly rare, for the exact same reason that Lavabit doesn't exist any more.
They answered your question, please read more carefully:
> ProtonMail does not voluntarily offer assistance. We only do so when ordered by a Swiss court or prosecutor, as we are obligated to follow the law in criminal cases.
These types of allegations keep on appearing. I know we all generally trust CERN scientists (after all, they must be smart people who care), but to keep everyone’s trust I suspect nothing less than full transparency will do.
Where is ProtonMail’s data stored? Where are its web servers? Who has physical access? Who has login keys/credentials to storage and server machines? Who does security audits, how are they done, when we’re they done last, what were the results, and what steps are you taking to improve your system’s security? And most importantly, what exactly does ProtonMail do when dealing with authorities and other entities that want access to user data?
Security is a process, not a destination - that’s a mantra everyone in the security world learns early on. But trust is also a process, not a destination. As an example of a company that treats both as a process, consider AgileBits, the developer of 1Password. Their white papers are case studies in transparency.
Ideally, what you say makes sense, but at some point you're just going to have to place your trust in someone, or something. Realistically, a vendor won't be able to satisfy every single curiosity. Someone else might ask how do we know the data is actually stored where they claim its stored. How do we know if such and such employee even works there. How do we know the OS that their developers use isn't updated and/or compromised, What if they get a new employee who is incompetent and doesn't follow the established protocols, etc, etc. You can only go down one level of abstraction here. Otherwise you'll probably be writing a treatise on belief, knowledge and justified true-beliefs.
We have a transparency report, a privacy policy, terms and conditions, and a threat model document, which clearly covers many of these points.
Much of our code is also open source, and has been audited by third parties, with published audit reports available online.
Some items, like precisely who has access to what, we obviously cannot publish for security reasons, as individual employees may be targeted if this is disclosed too clearly.
Sorry, I'm a user, and I largely trust you all, but this doesn't exactly lay to rest the issue you were given. Security and trust are a chain, and if you don't know every link in that chain than the whole thing is largely useless.
As another pointed out, at some point you just have to trust something and I agree with this. But I wanted to point out that your answer is not sufficient for what you were trying to answer.
Problem ist once these allegations are out there is literally no way to dispelled them. Keep up the good works. My assumption is that you could be compelled by Swiss law to give access (a la Lavabit), but that the same would be true for literally any non-shady email provider. You get either someone trustworthy or someone who can avoid the rules, but there's no middle ground. Any of the providers sitting in Dutch bunkers or island tax havens can really be geld accountable or their trustability be verified. And any proper honest provider like posted or mailbox or Lavabit will necessarily have to comply with local laws. Swiss laws or German laws will certainly offer better legal security than American or Australian legal contexts - but everything has a limit.
So please don't be disheartened by the undeserved hate here.
This "article" is absolutely ridiculous. There is clear repudiation by the "source" and instead of modifying or deleting the article, the author put it in an addendum at the bottom. Lowest of the low behaviours, aiming to cause shock, alarm and attract gullible internet readers.
"Doesn't that mean the courts could compel you to just alter the JS payload to capture keystrokes for these folks? If not, how do you prove that to us?"
Swiss law is very clear in stating that this is not permissible, and this can be verified by checking the law itself.
This ignores half the problem and it's telling you tried to slide past it. You certainly can and probably will deliver message content sent from a protonmail account to a non-protonmail account.
I'm not an expert in Swiss law, so I have no idea. I'll wait for a 3rd party I trust to vet your claim.
What's the allegation here? The mail stored on proton's servers is encrypted. If you send that mail elsewhere, it's subject to the security of the receiving server and any intermediary servers.
They are not denying that, they clearly stated it:
> ProtonMail does not voluntarily offer assistance. We only do so when ordered by a Swiss court or prosecutor, as we are obligated to follow the law in criminal cases.
I too am interested in the source. Mostly out of curiosity, here in the US our laws definitely don't exclude things like building in backdoors, adding js payloads, etc (Although a few political lines have been drawn, such as Apple refusing to unlock iPhones, but these aren't written in law, they've been decided in courts and are very wishy-washy).
No, that's the whole point of having an auditor, so that you can have some grounds for placing trust in a system without having to trust the provider or having to audit the product yourself.
There is more than one kind of security audit. The kind you do looks at the code and determines if it contains bugs. The kind I'm talking about looks at what is being served by a server and determines if it conforms to published invariants. (I hire security auditors for a living ;-)
[UPDATE] Now that I think about it some more, I guess that kind of auditor is analogous to a financial auditor, as you said. I didn't really make that connection before because the nature of the work is very different, but it's a fair analogy.
[UPDATE2] Looking back at your previous comment I see that the word "regulation" is in there. I'm not sure if you edited your comment or if I just missed it before, but my recollection of reading that comment is that it said "financial audit". Either way, I apologize for the misunderstanding and subsequent confusion.
You also have to trace the actual live code, to see if its actually running the code you think it should run. And not just with N=1, maybe with N=100 or a sufficiently high number.
> These allegations are false. Hidden at the bottom of the article, is this: "Public prosecutor Walder of the Competence Center Cybercrime contacted me, saying he had been misquoted". In other words, the alleged source (a public prosecutor) has also supported our denial of these false allegations.
Ah, what a brave new world of clickbait and amateur "journalism" we live in... The "source" was probably asked for a quote five minutes before the article went live and the "publisher" has no incentive to correct it because all they care about is that people visit the site and load the ads so they get a few cents per 1000 views.
Good luck ProtonMail or any other entity caught in these "reporters" and "journalists" antics.
> I was live-tweeting the event, including the interesting presentation by public prosecutor Walder. The remark that ProtonMail was a (potential) PDCS would have been too trivial to be live-tweeted. The insight on the other hand that ProtonMail voluntarily offers assistance for real-time surveillance, was spectacular and I therefore live-tweeted the statement. In its transparency report, ProtonMail – as mentioned above – itself refers to at least one case of real-time surveillance.
The prosecutor in question has come on the record and said he was misrepresented. ProtonMail is also on the record as saying the "voluntary assistance" claim is false and untrue.
Unless there is some massive conspiracy/cover-up involving a Swiss public prosecutor, the most likely explanation (the article is wrong) is probably the correct one.
Isn't it more likely that the state prosecutor spilled the beans?
The statement even matches your own transparency report where you describe a case of IP logging, a typical real-time surveillance measure:
'In April 2019, at the request of the Swiss judiciary in a case of clear criminal conduct, we enabled IP logging against a specific user account which is engaged in illegal activities which contravene Swiss law. Pursuant to Swiss law, the user in question will also be notified and afforded the opportunity to defend against this in court before the data can be used in criminal proceedings.'
(You mention April 2019, the statement by the state prosecutor was made at the beginning of May, i.e., he was probably really happy about your cooperation.)
So you’re saying that it’s more likely that there is a secret conspiracy, and a prosecutor in a public televised event for which they almost certainly had pre prepared their remarks, accidentally spilled the beans, than someone who is live tweeting an event mishearing, misinterpreting, or misunderstanding those remarks?
There is no need for a conspiracy. The Swiss surveillance state is a fact. It is also a fact that the relevant laws were recently updated with a focus on services like ProtonMail.
We are not talking about a public televised event. We are talking about a statement during a presentation. It happens all time time: People talk, sometimes they talk too much.
> Okay now explain why I can't make a protonmail account without:
> - disabling javascript
ProtonMail encrypts/decrypts messages in the JavaScript client, which is how messages are encrypted without the server ever having access to the plaintext. If you must disable JavaScript, then ProtonMail isn't the mail service for you(unless you use their mobile app).
Another commenter put it aptly when he said something to this effect: "It is [2019]. If you lobotomize your browser, you might find that a lot of the web doesn't work for you."
While ProtonMail’s marketing has always stood out as over the top self-congratulatory, the reaction of people saying “oh no, I need to find an alternative now” represents a fairly naive understanding of the very nature of communication platforms on the internet, especially email.
There is no alternative here. There is no company that will ever solve the problem, within the existing email protocol, where one unencrypted sender (say, marketing emails) can send to a so-called “encrypted receiver” and not have an intermediary able to temporarily read the emails. This is inherent in the design of the system. ProtonMail is not end-to-end encrypted in this case, and no email provider can be on the traditional web.
There are no alternatives. There is no hard, scientific, mathematical solution to this. The best you’ll get is “soft encryption”—the equivalent of encryption where the third party offering the service chooses the encryption key.
Of course there is an alternative, it's called encrypting your E-mail, and has been around for decades (for example in the form of PGP/GnuPG/GPG/whatever).
That said, having observed its history for the last 26 years, I do not think it is an accident that PGP/GnuPG is so difficult to use, poorly developed, generally marginalized, and has not been adopted by any of the big E-mail software authors.
Think of it another way: if Apple decided to really be pro-privacy today and built support for GPG into its Mac and iOS apps, the problem would be largely solved. But for some reason they do not, nor does any other major software maker.
The reason is not 'some reason', as you seem to be somewhat conspiratorially suggesting. The reason is it would not solve the problem of securing email.
Both Thunderbird and Outlook have plugins for PGP and S/MIME. You can use them to read/send mail from Gmail and Yahoo domains as well.
Edit:
If you're using them for an organization that uses Exchange/O365, the admin would need to make sure IMAP/POP protocols are enabled over TLS/STARTTLS, as opposed to using EAS. However, if you're dealing with mail in an organization, you're probably not using your own encryption keys to being with.
What are the marginal benefits (and costs) of running a Helm over ProtonMail service? I can see none.
The justified concerns the security community has with ProtonMail is: Crypto in the browser is bad (mitigable with Qubes), and How do I know PM isn't serving me a backdoored JS.
IIRC, Helm has auto updated binaries so backdoor-free code isn't a delta. The best I can come up with is: server+CPU observation/isolation is stronger on local hardware relative to PM at the cost of network observation. Hypothetical: "Ok a Spectre-style attack is out, spam emails and let's do some timing-correlation traffic analysis"
I think it is worth reiterating that regardless of (insert application) provider used, one should assume lawful intercept and low friction compliance, not to mention eventual data leakage from hacks, bugs and competence issues.
If PGP is difficult, people can use a simpler route of 7-zip encrypting text files with a pre-shared passphrase. Share your passphrase out-of-band when feasible. i.e. physical notes, sftp, voice chat, private chat server (mumble / murmur super easy to set up), etc... Use different passphrases for different circles of friends. Example: [1]
One problem with ProtonMail that is also relevant here is that ProtonMail does not allow to pay anonymously for the service (so that investigators are able to follow the money trail).
On the other hand (this is not supposed to be an advertisement or testimonial; I just state the fact), the German email provider Posteo that has some popularity among people who are concerned about privacy also allows anonymous payments via banknotes (cash) that is sent via mail (just put the letter into a postbox in a completely different city).
And yet, Germany currently isn't even allowed to issue European Arrest Warrents, because our public prosecutors are not sufficiently independent from government influence.
I'm not sure, but I guess a relatively developed country without a big nosy state would do (or one that doesn't care about the Internet/speech censorship/spying on people). Other obvious places where you don't want to have your servers: Australia, USA, UK, Russia(duh), Turkey.
Case study: Vincent Canfield, of the half-joke email provider cock.li, moved his servers to Romania after them getting seized by German prosecutors.
I have not tested ProtonMail, but not likely. Most internet sites these days do not accept gift (prepaid) cards. I have found a couple VPS providers that do (or did) but the number of sites accepting gift cards is dwindling fast.
And would it be breaking any laws for a third party to pay for your ProtonMail account? Might be worth it to some people to pay 2x or even 10x the annual fee in cash to a third party to not have their financial fingerprints on the account.
Pardon my cynicism here, but: panopticon proponents seem to have all the power. There's little you can do to protest it. There's no anti-panopticon party to vote for, and organizing any kind of counter-action will just get you labeled a terrorist if at any point you become effective, I'd guess.
I love to support products that respect my privacy, but it sort of feels like wasting money for lip service.
There's a lot of paranoia in this thread. The whole point of end to end encryption is that it protects against court-mandated searches. (among other things) It doesn't prevent the search, it renders the search less useful.
End to end encryption in email is somewhat silly, because the vast majority of the time you will be sending email to a private company, or to a gmail address, or generally just to another party that will not respect your privacy at all.
The real benefit to something like ProtonMail is that they're not Gmail. They're not scanning every message you send you send and using it to build an advertising profile on you. If you're really worried about government warrants, email is not the tool for you.
Exactly - I am getting a pretty big “baby out with the bath water” vibe here. I use the service precisely because it has a decent UI and most importantly isn’t google. I use telegram for the same reason. I believe some determined state level actor could get what they needed against me, but I can easily say that the information I give to ProtonMail or Telegram at least isn’t going to be vacuumed up by the next dystopian company without some level of effort.
End-to-end encryption protects against the service provider (employees) from easily reading your data. This is the biggest benefit.
Of course the service provider can be compelled by law enforcement to hand over encrypted data. Law enforcement may then either attempt to brute force the encryption key password, or compel the user to provide the encryption key password (typically the account password with end-to-end encrypted services):
https://en.wikipedia.org/wiki/Key_disclosure_law
Does ordering you to hand over your password entail a form of self-incrimination or a violation of the right to silence? Would granting police the power to compel passwords cross a line centuries old against forcing a person to speak to build the case against them?
https://globalnews.ca/news/5310901/canada-privacy-passwords-...
End-to-end using server provided javascript code means that the code can be changed on the fly per user to enable lawful intercept. Plausible deniability only works if the client is encrypting the payload entirely independent of the provider. That would require the end user to be compelled directly and javascript would not be required.
So you're running a local encryption library or app (not relying on server side JS code).
Do you disable auto-update, and risk running a broken version of the encryption library or software, or do you enable auto-update and risk a remote backdoor injection via the auto update?
I disable auto-update and get my software from a computer not associated with me. I compare checksums to copies that friends have and checksums on virustotal.
For linux software, I validate GPG checks of individual packages and of the rpm repo. Both packages and metadata are signed. I get the public key from a non mirror site and compare to keys listed by others.
This does not preclude back-doors, but it means that everyone has the same backdoor as me. I then mitigate dial-home of said programs with firewall rules and selinux. If there is a hard-coded key, it will also affect all the companies and governments using the same software.
Are there cases where company employees are reading your email for some reason other than marketing? Serious question --- I'm not too aware of how and where this is documented.
Your point about being compelled to hand over your key password (email password) is valid and interesting, but I'm inclined to restate my original point: email is not the tool for you if you believe you're apt to be arrested and your communications subpoenaed.
A bunch of folks have been warning that ProtonMail is essentially well-polished marketing, smoke and mirrors. It isn't just their position on law enforcement or data collection; they've made a series of very awkward cryptographic mistakes that sort of give the game away. For example, using problematic crypto libraries, omitting salient facts from their marketing copy, and repeatedly failing to deliver on promises to correct the above issues.
I'm not saying you're wrong at all, but I'd love to see some source material for these claims - specifically the "repeatedly failing to deliver on promises to correct the above issues" in regards to their crypto.
A lot of people have also been launching large scale sophisticated ddos attacks against protonmail.
Combine that with baseless over-exagerrated claims easily refuted every 3 months and what does that tell you?
In your world, is there no room for mistakes? Do you expect your service providers to not make mistakes? Do you think that acknowledging mistakes and agreeing to fix them is a desirable outcome?
I expect some mistakes. But I don't expect every interaction I have with protonmail to be dominated by them. As a customer I ran into tons of issues as well.
And some mistakes, like their incorrect directions for ProtonVPN that gave them power in perpetuity to SSL man in the middle every single Mac user? I find those to be unacceptable failures of basic competency. Especially since they have NOT to my knowledge emailed every ProtonVPN Mac user warning them to downgrade the trust of that installed cert. I used ProtonVPN on a Mac and certainly never got such an email.
How many times does a company handling your sensitive information or material get to say, "Whoops, how clumsy of us" before your trust is damaged? How many bad customer experiences do you have? How many far-fetched and misleading claims do they have to make before you worry their marketing and custrel folks are out of touch with the tech?
If you want to communicate securely, don't use email. Every email provider in the world is subject to some government authority, and there is not a government on the planet that will allow a service to operate without some provision for surveillance (nor should it!).
But before you move everything to the secret decoder ring, think about what you are actually trying to achieve. Don't want your email to be read by the FBI? Move it to a server in Switzerland and it will be read by the NSA.
I like ProtonMail and I hope they succeed. I find their marketing (explicit or implied) that suggest it protects you against targeted government surveillance annoying and disingenuous.
I mean, they specifically use the word 'request'. Request by the definition, as opposed to an order, is voluntary.
I will add that I find it funny, whenever such topics come up, that people who love authority and agree with surveillance will literally change the wording to fit their desired narrative. I see a lot of people in this thread talking about 'orders' when that word was never used originally and would remove the ambiguity that allows the argument that proton does real time voluntary surveillance.
Hmm I was just the other day contemplating moving my domain and email off of Google/Gsuite nd ProtonMail was one alternative I was considering. Now I'm hesitant - what other options are there?
If you are concerned about privacy, you shouldn't be on Google at all. Move to almost any other provider and you are already a step ahead in terms of privacy.
You aren't going to get absolute privacy in a single step, if ever. You do the best you can, iterate, and do better. Moving away from Google is step 1. Step 2 is to continue research, and potentially move again if it fits your threat model.
Migration is non trivial - i.e. it is a lot of work. You're right, I'm not looking for perfection, but to just jump to something because it's marginally better than Google isn't worth it. I want the difference to be great enough for my time investment. So I think it's quite sensible to carefully consider where to move. Getting off of Google is indeed important, but if I'm in only a slightly better situation, that's hasty and a waste. I don't expect absolute privacy anywhere, but I am looking for "pretty damn good". Maybe if DDG offered email it'd fit that.
I take slight issue with "marginally better than Google". Any of the services mentioned here (Posteo, Fastmail, etc.) including Protonmail are _much_ more than "marginally" better when it comes to privacy.
The issue that you have with Protonmail seems to be that they enabled IP logging in response to a lawful government request. Google logs IP by default, scans your messages, etc. It baffles me that there is less outrage at that than this single case.
I agree, it's non-trivial and perhaps my comment came across in a negative light. But, I think people are overstating the implication of the issue at hand - especially when you compare Protonmail (and others) to the big providers such as Google and Microsoft.
>The issue that you have with Protonmail seems to be that they enabled IP logging in response to a lawful government request. Google logs IP by default, scans your messages, etc. It baffles me that there is less outrage at that than this single case.
So in case the government is out to get you, both options will lead to the same outcome: your IP address is revealed.
Migrating from Gmail to Fastmail is trivial. You literally log into your Gmail account from within the Fastmail interface, and it downloads/transfers all your mail. The only change that is unavoidable is a different e-mail address (unless you already use your own domain at Google).
You could literally change to Fastmail and cancel your Gmail account before tomorrow.
There are hundreds of excuses for not switching from Google or for staying on Facebook etc. But only one outcome: action.
I migrated from Gmail to Outlook.com a few years ago after I encountered a bug that I thought was serious but Google didn't. It wasn't that hard, but it did take some work over a period of time.
To start with, I forwarded all my Gmail to Outlook.com. As email came in and I read it, I would log into the site that sent it and change my email in there. As time went on, things slowly migrated out of Gmail. I told friends and family I was switching my email address but fortunately for me basically no human ever emails me. The few that do, I can receive the email at Gmail and send a response from Outlook so they get the update.
Now I'm about 99% migrated over, and the few stragglers that still send to Gmail make it to my new inbox anyway so I'm never missing anything.
I tried a few: runbox, protonmail, and fastmail, and ended up staying with fastmail. The web interface isn't pretty but is functional and the service has been great so far. Very easy to set up with my own domain.
I've been on fastmail for a while too an I'm quite satisfied. Yes, web interface is ugly, but I use a mail client on my computer most of the time (mutt!) so it doesn't matter that much for me.
Fastmail is great, I use that for family members to stay off Google. It may be worth noting they are based out of Australia. AU have been pushing really hard for anti-encryption laws and lower friction lawful intercept. I can't speak for the other providers.
I have been self-hosting for over 20 years using self-signed certificates, now widely described by current browsers as "unsafe and suspicious." My clients receive my emails without issue, whether they have Microsoft-hosted, Google-hosted, email servers, etc. or their own private self-hosted servers. As do any other service I interact with via email.
I'm guessing those horror stories are from people who've misconfigured their mailserver. I've been running my own mailserver for over 20 years now, and have never encountered this problem.
I run my own mail servers on linode and vultr as long as they have existed. Prior to that I had dedicated servers. For a while, I relayed my forum emails through my mail server and it was very rare to be flagged as spam and I never received a bounce or back-scatter.
YMMV depending on who had your IP address previously. If you get a bad (previously blacklisted) IP, then you can always spin up a new VM.
Some of the really low-end VPS providers are so relaxed they get their AS number blacklisted in uceprotect.
Started self-hosting around a year ago. Followed online guides with some tweaks to integrate with my home's Active Directory. Other than that, only had outgoing mail bounce once from mimecast, and after a while they started accepting mail (presumably because of change of my server's ips). Configure rspamd properly and spam isn't an issue.
Maintaining your own email infrastructure is a security nightmare on its own right, you are probably better off using Gmail and just GPG encrypting everything unless you really know what you are doing and have a surplus of free time.
We self-host email for some clients. It is not worth the hassle whatsoever and I highly recommend against doing it. Just getting a clean IP can be a nightmare; We switched hosts for this server and we had to go through nearly 20 IPs. Each one we were assigned had a reputation so poor that it wasn't even feasible for us to get it to a respectable level.
Long time user of Linode. I assume like any other provider, they would be obligated to make a best effort to obtain forensic data. i.e. logs from your ext4 filesystem. If you use a raw disk and encrypt it, then I assume they would live-snapshot your VM (they can live migrate them) and dump memory contents. Some of the lower-end VPS providers do not have live migrate capabilities (or at least, don't have an easy way to use them in their tooling).
It is your call how long you save/enable logs and if you save them to tmpfs and encrypt your swap. You can also encourage your users to 7-zip encrypt sensitive contents. You can also add specific MX routes in transport maps to use VPN connections to make connection logging less useful. Tinc (open source VPN) is great for this, as traffic routes in user-space through your mesh and therefor traffic can end up at its destination without a direct connection.
Don't they? They certainly have access to the VPS file system.
But even beyond that, can they be compelled by a court order to install software on the VPS (and securing against someone with unlimited access to the VM host is… about as practical as securing against someone with physical access)? I'd assume so?
The main benefit to me for runnign my own email is owning my own data/domain, and not having to allow third parties (aka google) full access to all my emails.
I'm tempted to do that, but how much effort does it take to have something rock solid with no downtime?
Or in general, what are the `uptime` over `time investment` and `security` over `time investment` curves like?
I haven't tried mailinabox.email, but I've run a mailcow-dockerized instance for about 4 months.
It took about 1 day to set it all up, where most of the time was spent waiting for DNS changes and for Microsoft to de-list my IP from their blacklist (I probably got a bad IP from DigitalOcean).
After that I have logged in to the instance every two weeks to update the machine, haven't had any problems as of yet.
No downtime is "unicorn feathers" territory. Extremely low downtime requires redundant systems and a dedicated support team actively trying to head off potential problems. And Gmail still has downtime.
But you're asking the wrong questions. Email itself has retries built in, it doesn't need perfect uptime. What you should be asking is how badly Gmail deciding you might be a spammer and not caring about fixing that for one person is going to torpedo your deliverability rate.
Mailbox is a german email service with calendar sync, online office suite and stuff like that. Also it allows completely anonymous payment if you're into that. Posteo is similar as far as I know.
I'm a happy Protonmail user and I think this (even if it were true) is only an issue if you are being unrealistic. All companies can be legally compelled to take action regardless of their jurisdiction. If you have some gratuitously paranoid threat model, you should be using Tor anyway.
I like their service much more than GMail and I feel much more comfortable with regard to data privacy when using it.
While the messages themselves might not be able to be read due to end-to-end encryption, the metadata -- IP addresses, time of access, to/from whom messages are being routed, possibly more from a mobile app -- would provide a LOT of information. And unless I'm mistaken, Swiss banks are a members of the SWIFT agreement... possible connection?
The reason I use Protonmail is that Swizerland can't be easily bullied by the US or similar countries into abusing their court system to illegally spy on people (unlike my own country).
If a Swiss judge decides that a specific individual should be surveilled, I am more inclined to trust that it is for good and legal reasons.
The NSA can spy on ProtonMail without any need for bullying or diplomacy. Hosting email abroad makes it is a wide open target for US intelligence services proscribed from operating domestically.
Today, mobile phones are super powerful, always-on and almost always connected. We should be able to run mail completely on the mobile device? There could be blind relay mailboxes in between to help store/forward the mails until they are retrieved by mobile phone app.. and of course there's end to end encryption with no metadata leakage in the relay.
This is how email was intended to work, but anti spam measures now prevent "any normal user's device" from originating a message. To deliver a message you would need to find a trusted relay to add legitimacy flags to the message, or you need a trusting recipient with a friendly network path between you so a plain message would not be blocked.
I know how email works. Have run very large deployments. I'm asking if such a 1-person completely decentralized convenient deployment solution exists? If not, why not?
I recall e-mailing ProtonMail years ago and asking why they chose GoDaddy as a registrar considering their entire existence is based on enhancing security/best practices.
The response I received back was very disappointing and even concerning. I don't think they understand the concept of threat modeling.
> Unlike competing services, we do not save any tracking information. By default, we do not record metadata such as the IP addresses used to log into accounts.
Notice the sneaky "by default" :)
Reality [2]:
> In April 2019, at the request of the Swiss judiciary in a case of clear criminal conduct, we enabled IP logging against a specific user account which is engaged in illegal activities which contravene Swiss law.
Can the Swiss judiciary ask ProtonMail to serve a different version of the website to a specific user account, which sends the cleartext to a remote server?
Yes, refuse and take it to higher court. The laws protecting privacy and these survalance laws contradict each other. The large providers in Switzerland are staying quiet but eventually will need to deal with this fact and laws will need to be changed.
That sounds great in theory, but in practice, you really start to question how far you'll go for your client when there are clear indications that something illegal is happening.
Presumably to not hang advertising on the back of a feature they can't really provide is the other side of that coin.
I wonder if they could do something like the canaries we see in other legal respects (not a lawyer); log in and get an account-specific banner in your inbox telling you they've never enabled IP logging for your account.
I might be very wrong here but I thought canaries were legal because they were generalized. A specific person couldn't be alerted that they were a target, they'd just know someone using the service was a target.
> I thought canaries were legal because they were generalized.
The theoretical legal basis is typically that the government can't compel you to speak against your wishes, or at least can't compel you to lie.
That said, this is untested and controversial, and many lawyers believe that the discontinuation of a warrant canary could be interpreted as a violation of the gag order. Courts often frown upon technical workarounds, and interpret around them.
>Pursuant to Swiss law, the user in question will also be notified and afforded the opportunity to defend against this in court before the data can be used in criminal proceedings.[1]
lavabit had access, they were shut down when they refused to share the encryption keys with law enforcement. the only legal way around this in the US is to host your own email and encrypt everything at rest. as an individual you aren't obligated to reveal passwords the same way a business would be in this case.
it might be an interesting idea to build a system that decrypts a small email server per user using their login credentials they interact with that system only and forward mail to the provider MTA for sending. there are still leaks here, and the provider could be compelled to reveal the user key to law enforcement, but the data would only be visible until after the user is authenticated.
I admittedly assumed that, as the grandparent comment spoke of a judicial order. However, there linked page indicates that in some cases, they have indeed complied with mere requests by authorities as well.
When you sell such a sensitive product, which could be used for example by swiss account tax evasion whistle blowers, maybe you should disclose on the front page that you can be compelled to log IP addresses and advice users to plan around that.
> In addition to the items listed in our privacy policy, in extreme criminal cases, ProtonMail may also be obligated to monitor the IP addresses which are being used to access the ProtonMail accounts which are engaged in criminal activities. Under no circumstances will ProtonMail be able to provide the contents of end-to-end encrypted messages sent on ProtonMail.
To be fair, I don't know if this provision was added after they had reported the instance in their transparency report.
However, I think at some point the customer should use a bit of common sense. Anyone who believes that a government may compel a company to start IP-logging their mail should be considering that in their threat model when they are looking for an e-mail provider. I don't think it needs to be plastered on the front page - especially not with advice on how to circumvent government authorities lawful requests.
"Can the Swiss judiciary ask ProtonMail to serve a different version of the website to a specific user account, which sends the cleartext to a remote server?"
'By default' is of course legalese. If a user can turn on the IP logging feature, you can too. And you did in at least one case according to your own transparency report:
'In April 2019, at the request of the Swiss judiciary in a case of clear criminal conduct, we enabled IP logging against a specific user account which is engaged in illegal activities which contravene Swiss law. Pursuant to Swiss law, the user in question will also be notified and afforded the opportunity to defend against this in court before the data can be used in criminal proceedings.'
Your latter example seems legitimate. I think there is a clear difference between complying with a judicial request/order about a specific user and enabling logging by default. If one wants more than that, then one better own the bare metal of a mail server. In any case, I expect legitimate companies to comply with the law.
My own definition does not matter. Swiss law matters:
'The order may require real-time surveillance to be carried out and the handover of the retained secondary data of telecommunications from past communications (retroactive surveillance).'
indeed. however, a naive physicist facing a reality (in the form of evidence that contradict their public stance) will adjust the stance, issue an apology, correct the message, etc.
The privacy debate is not black and white, especially concerning the obligation of service-providers to go to bat for every customer that a lawfully designated entity has the legal authority to investigate.
In the black and white world you're living in, there is no privacy, as no one can live up to your standards.
These allegations are false. Hidden at the bottom of the article, is this: "Public prosecutor Walder of the Competence Center Cybercrime contacted me, saying he had been misquoted". In other words, the alleged source (a public prosecutor) has also supported our denial of these false allegations.
ProtonMail does not voluntarily offer assistance. We only do so when ordered by a Swiss court or prosecutor, as we are obligated to follow the law in criminal cases.
Furthermore, end-to-end encryption means we cannot be forced by a court to provide message contents.