Hacker News new | ask | show | jobs
by thecoffman 4391 days ago
> https://protonmail.ch/blog/protonmail-threat-model/

I'm always skeptical of browser/JS based crypto, but it is nice to see that they're at least upfront with the risks involved in doing such a thing.

They probably downplay the risk of a MITM attack a little much, but otherwise I'm glad to see they're realistic about possible weaknesses of the platform.
2 comments
x1798DE 4391 days ago
Yes, but they are clearly playing a bit fast-and-loose with things here. The whole point of end-to-end encryption is that it's a "trust no third parties" model (other than whoever provided your crypto software, which you can verify anyway). This is slightly better than Lavabit, but you're still trusting ProtonMail, who are providing the crypto implementation to your browser every time you use it. Depending on how it's implemented, they could potentially unilaterally revoke all your past secrecy by changing the Javascript code to capture your private keys.

Plus, they're offering self-destructing e-mails, which is impossible to provide, so already there's a bit of snake oil there. If they said, "It's not possible to provide real self-destructing e-mails, but you can set it up so that (assuming you trust us), we'll delete the messages from our servers after a certain amount of time, which is the best anyone can do." Instead they say that they are "more ephemeral than SnapChat."

link
duaneb 4391 days ago
Do you trust OpenSSL?
link
Xylakant 4391 days ago
> Do you trust OpenSSL?

Good question, but one with no influence on whether I trust protonmail. The threat model is different: Openssl is so widely deployed that all is lost for me if it's broken. I'd assume protonmail uses it for it's SSL connections (the webserver pretends to be an apache). If there's an exploit, the attacker can at any time MITM my connection to protonmail and at his discretion inject javascript that captures my decryption password or message.

link
thecoffman 4391 days ago
All very fair points!
link
brute 4391 days ago
Read the comments here[1] and have a guess how 'upfront' they were of the risks involved three weeks ago. Pay attention to the dates.

[1] https://news.ycombinator.com/item?id=7757420

link