cfn a day ago

The contents of the emails are encrypted so you have a normal login plus a key to unencrypt your email locally. They save your encrypted email conyents and your login but not the key and they also don't log your access (I'm assuming here from reading the article).

Reply View 1 reply
  • orhmeh09 a day ago

    They might log access in some circumstances, according to their privacy policy (https://proton.me/legal/privacy)

    > 2.5 IP logging: By default, we do not keep permanent IP logs in relation with your Account. However, IP logs may be kept temporarily to combat abuse and fraud, and your IP address may be retained permanently if you are engaged in activities that breach our Terms of Service (e.g. spamming, DDoS attacks against our infrastructure, brute force attacks). The legal basis of this processing is our legitimate interest to protect our service against non-compliant or fraudulent activities. If you enable authentication logging for your Account or voluntarily participate in Proton's advanced security program, the record of your login IP addresses is kept for as long as the feature is enabled. This feature is off by default, and all the records are deleted upon deactivation of the feature. The legal basis of this processing is consent, and you are free to opt in or opt out of that processing at any time in the security panel of your Account. The authentication logs feature records login attempts to your Account and does not track product-specific activity, such as VPN activity.

    See also section 3, "Network traffic that may go through third-parties."

    Reply View 0 replies
LexiMax a day ago

To me the value prospect of Proton falls down even before that - how can e-mail ever be a secure medium of communication if only one side of the conversation is secure, given how ubiquitous Google and Outlook are in the space?

Reply View 5 replies
  • pkaeding a day ago

    This is a valid point, but emails between Proton users (or other users of PGP) will not be accessible. And, presumably, it will be harder to see your email if you use Proton, than if you used Google/Outlook if your adversary had to look through everyone else's email to find who corresponded with you.

    Reply View 0 replies
  • zadokshi a day ago

    proton account to proton account.

    > how can e-mail ever be a secure medium

    Email can be secure, it’s just that the big US players can’t or won’t agree to proton like privacy.

    I am curious to know what is behind these big US companies being so anti privacy.

    Reply View 3 replies
    • MYEUHD 11 hours ago

      > Email can be secure, it’s just that the big US players can’t or won’t agree to proton like privacy.

      Protonmail is not standards compilant. You can't login to your protonmail account from Thunderbird or k9 mail. Yes, they have an IMAP bridge, but it's proprietary / requires a paid account. Thus you're locked in to the official protonmail clients

      Reply View 1 reply
    • jeffparsons 19 hours ago

      > I am curious to know what is behind these big US companies being so anti privacy.

      Google has an email service so that it can ingest all your communication and use it to better target ads. If Google didn't have access to the content of your emails, there wouldn't be much point to Gmail.

      Microsoft mostly cares about enterprises, and enterprises generally don't want E2EE email; they have legal requirements to retain e-mail of employees, and have their own reasons to want to be able to access employee emails sometimes.

      Apple... I don't know where they stand on this.

      Reply View 0 replies