I'm not saying it is, just asking questions. When something is so popular and accepted as fact, it's time to ask questions.

If you lock your door and give your keys to a stranger, is your door still locked?

Google results are too good.

Every single review of email and encrypted email not only includes Protonmail, but recommends it, this is when stuff starts to sound too good to be true. When a bunch of articles say Protonmail is better than the NSA, when Protonmail doesn't even say that, something's not right and with keys at 2048, in browser crypto with js, I doubt it. It the NSA can break half the VPN's, they can probably break 2048.

There are so many good reviews of Protonmail on Google, it's almost like the system is gamed toward Protonmail. If you look on other search engines, there are other reviews and people questioning about the security of protonmail. There are some honest critiques of Protonmail security that don't show up on Google even when you look for Protonmail critics, exploits, security issues.

Could be coincedence, but it seems most of the results for Protonmail over shadow on purpose any doubts anyone has about Protonmail. Is that delibrate or just how Google works?

Look on any other search enging like Duckduckgo, results of people asking questions or doubting their security or encryption also show between the results calling Protonmail the greatest.

Unable to Control Your Private Keys

Protonmail started bringing out PGP but is only half completed. Protonmail has complete control over your private keys. You change the passphrase by changing your mailbox passphrase. You can't export your key to use in a client like Thunderbird and Enigmail and no IMAP support anyway. Intentional?

If I was a journalist or someone that really, really needed encryption to protect my life a service that controlled the private keys wouldn't be my choice of ways to communicate.

Unfortunately, it’s an open legal question whether a government could force ProtonMail to falsify keys or serve malicious Javascript to users. --Wired

Private keys are 2048 and not 4096

Why have the main account keys in 2048? There is some debate that 2048 bit length is still good till 2020. That's according to some professors, but I'd bet the NSA bumped that up a few years, (like now). Why go with something weaker on purpose, unless there's a purpose?

MITM

There were reports of PM is susceptible to MITM attacks. From the Protonmail Threat model page:

The attacker would have to actually send the user’s browser a modified version of the ProtonMail website which may secretly pass the mailbox password back to the attacker. This is a far more difficult attack that can typically only be executed by a strong adversary (like a government) and is generally a targeted attack. It cannot easily be used on a large scale to perform mass surveillance. From the Protonmail Threat Model Page

Anything between the browser and server is susceptible to MITM that's why there are some that are not thrilled with in-browser encryption of any kind.

It's true, if you're a target, you are going to have more resources pointed toward you where anything is possible including breaking SSL, MITM or other resource intensive attacks. When the normal person trying to avoid scanning or fall under the blanket of mass surveillance is probably not concerned with those types of attacks.

Part of their code is proprietary

Protonmail says the core of their code is OPENPGPjs which is open source and they have a community of people reviewing the code. Convienent when openPGPjs is now your code. There are so many arguments against having crypto done by the browser with known exploits of javascript like the Pwning of Mega.nz service

Has there been an independent Security Review?

I can't find it. Too many reviews of how great they are.

The Huge DDOS attack and ransomware

The attack could have been exactly what they said it was or a false flag to crowd source more money and to appear like a state sponsored enemy doesn't like their "encryption for everyone" idea, especially since they are so well loved by everyone. A huge DDOS would be easy for a government and it would make it look like Protonmail was being bullied for doing the 'right thing'.

If Not Edward Snowden, then What Good is it?

If their own document says if you're the next Edward Snowden, don't use Protonmail, Protonmail is only good enough for people that are tired of seeing ads?

You should read the Threat Model page for their "RECOMMENDED" and "NOT RECOMMENDED" uses, it's actually kind of funny. If it's life or death situation that requires privacy, don't use them.

Coolness Factor

Coolness is better than security. A cool Ted Talk, a good looking webmail interface and mobile apps that look great, why should I still be concerned about a few security loopholes? No ads, cool name, looks cool, looks and sounds secure and every reviewer loves them and recommends them, what's not to love?

No IMAP

Want to avoid the Javascript crypto in a browser issues? Use IMAP with a client like Thunderbird and Enigmail, except Protonmail doesn't have IMAP yet. Maybe someday when their VPN is completed or anything else happens to avoid finishing Protonmail. Why would they not want to finish and plug the biggest security holes? Unless they don't want to for obvious reasons (like they need an open back door).

What if?

What if there is a trusted service everyone loves and thinks is secure? Journalists could freely email their sources, dissidents are able to email each other and speak freely, missionaries deep in Muslim territory could email their family and headquarters and not be concerned about having their head chopped off.

What about the next Edward Snowden (Protonmail says don't use them) or an event or a person important enough to a government agency that happens to intimatiely know the "encrypted" email service has a backdoor that only needs to be unlocked with the right private key, a target wouldn't know what happened. Couldn't be the super-duper encrypted email service that the "NSA can't break" that protonmail says don't use if you're the next Snowden, must be someone on the team that leaked.

Or a situation like Hushmail. Encrypted but keys were handed to the government. It was back in 2007 and Switzerland is better than Canada according to Protonmail. But Switzerland recently changed their privacy laws.

Voters in Switzerland have endorsed new laws extending the authority of the country's spy agencies to monitor internet traffic, tap phones, deploy spy drones and hack foreign computer systems to combat militant attacks. --Privacy or security? Swiss voters back new mass surveillance laws

Sounds safe and secure from the government, nothing to worry about.

Conclusion

I've had an account on Protonmail since they were invite only and also a premium account and I've donated. I've been patient while they have dealt with their DDOS attacks, growing pains and whatever else happens to a startup. But they really should finish the guts of the email like PGP and IMAP instead of focusing on lipstick on folders and filters and now the new VPN service. I want Protonmail to not only succeed but to truly be what they say they want to be. Right now, too many doubts, too many dots sitting around waiting to be connected.

Why say they're not for the next Snowden if they're truly encrypted? They are not a finished product right now, especially their PGP which is the gold standard for encryption and they still keep the keys.

Bottom line is they are good if you only want privacy from the routine scanning of the big free email services, if you need secure email between friends or coworkers and are not concerned about pgp, keys or real security. Saying they are better than the NSA (or even close) is irresponsible journalism and pushing a lie to the uneducated public that could be fatal to people that really need to have encrypted communications. The Protonmail team does nothing to correct this misleading information and is just as bad.

https://www.wired.com/2015/10/mr-robot-uses-protonmail-still-isnt-fully-secure
https://protonmail.com/blog/protonmail-threat-model/
https://defuse.ca/web-browser-javascript-cryptography.htm
https://www.forbes.com/sites/hollieslade/2014/05/19/the-only-email-system-the-nsa-cant-access/
http://www.pgp.net/pgpnet/pgp-faq/pgp-faq-keys.html
https://www.ted.com/talks/andy_yen_think_your_email_s_private_think_again
https://tonyarcieri.com/whats-wrong-with-webcrypto
https://www.rt.com/news/360581-switzerland-voters-back-surveillance-laws/

Next Post Previous Post