| The analysis by Kobeissi is correct, and the claims by ProtonMail are a stretch, and sometimes they don't mean anything. For example, from their security details page [1]: "This means we don't have the technical ability to decrypt your messages, and as a result, we are unable to hand your data over to third parties." This is not true for the web client, as shown by the paper and because of the inherent nature of web applications and the (incomplete) verification mechanisms we have today. In the same page, they claim: "As ProtonMail is outside of US and EU jurisdiction, only a court order from the Cantonal Court of Geneva or the Swiss Federal Supreme Court can compel us to release the extremely limited user information we have." I'm not a lawyer and I don't care about the details. But they are saying that there is a way for a court to get their information. If that court cannot be used as a proxy for the US or other country I don't know, and normal users can't easily verify that claim. Only a lawyer could. But I admit, it sounds great! The hardware security section is complete nonsense: "Our primary datacenter is located under 1000 meters of granite rock in a heavily guarded bunker which can survive a nuclear attack. This provides an extra layer of protection by ensuring your encrypted emails are not easily accessible to any third parties. On a system level, our servers utilize fully encrypted hard disks with multiple password layers so data security is preserved even if our hardware is seized." The nuclear bunker thing is really awesome, sounds like a lot of fun. But how does this offer extra guarantees to privacy? Does it have any windows? how secure are the doors? Also, the "multiple password layers" is nonsense, what does that even mean? Are you encrypting the same thing multiple times? The main problem with ProtonMail and services similar to it is that they keep the concept of e-mail as we know it alive, when it should be disappearing. ProtonMail's native mobile apps can be somewhat secure yes, but at that point, conceptually, they are the same as any other secure messaging app. But instead they are using an inferior protocol than the one being used by Signal, Wire or WhatsApp. The claim that WhatsApp and Wire both have webapps I think is valid, every messaging service should do a better work warning users about the dangers of desktop/web-based applications. But if this is their only defense, then I think they should really need to worry about their own service and stop diverting attention. --- [1] https://protonmail.com/security-details |