ProtonMail review: Is secure email really secure?


▪ Based in: Switzerland ▪ Storage: 20 GB ▪ Price: $4.00/mo ▪ Free tier: Up to 500 MB

If you want to protect your email from prying eyes, but don’t need the kind of protection that keeps spies and whistleblowers alive, ProtonMail could be the secure email service for you. It utilizes PGP encryption standards, is based in Switzerland, and has a solid reputation in the privacy community.

Editor’s Note:
Guest author Sven Taylor is the editor behind Restore Privacy, a blog dedicated to inform about best online privacy practices, secure your electronic devices, unblock restricted content and defeat censorship.

While ProtonMail remains a leader in the secure email space, it has also attracted some controversy lately, which we’ll examine in detail below. Additionally, we’ll post our hands-on test results and take a deep dive for this ProtonMail review.

Because ProtonMail positions its service as one of the most secure email options available, above and beyond other secure email providers, we’re really going to put it under the microscope. At the end of the day, only you can decide which email service is the best for your unique needs and threat model. Now let’s get started.

+ Pros

  • Emails are encrypted at rest and stored on Swiss servers
  • Strips IP address from emails
  • Can import contacts and emails through bridge feature
  • Officially under Switzerland jurisdiction
  • Apps for mobile devices
  • Can be used with email clients through the ProtonMail Bridge feature

– Cons

  • ProtonMail does not encrypt email subject lines
  • Ties to US research institutions; funded by US investors
  • Utilizes phone number verification
  • Mobile apps, IMAP bridge, and backend are closed source

ProtonMail features overview

ProtonMail utilizes strong end-to-end encryption standards for email and stores all messages and attachments encrypted at rest (but not email subject lines). Aside from the end-to-end encryption, ProtonMail has several interesting features, including:

  • The ability to send “self-destructing messages,” messages which are automatically deleted at the time the sender specifies.
  • Address Verification, a way to ensure that a Public Key received from another user hasn’t been tampered with since you first verified it.
  • Full PGP support.
  • Premium accounts with a range of additional benefits, including a brandable Business account.
  • The ability to send encrypted emails to non-ProtonMail users.
  • Android and iOS mobile apps.
  • ProtonMail Bridge, which allows ProtonMail to integrate with other email services that support the IMAP and SMTP protocols. This also allows you to import emails into your ProtonMail account from other services.

Overall, this is a good lineup of features.

Note: At the time of this review, the beta version of ProtonMail 4.0 was scheduled to go live. The ProtonMail 2019 roadmap states that their goals for 4.0 include:

  • Encrypted Search
  • Conversation View
  • Multi-user support on mobile devices
  • Encrypted Calendar
  • A more modern look

ProtonMail company history, investors, and funding sources

The ProtonMail family of products is run by Proton Technologies AG, a company based in Geneva, Switzerland. The founders met while scientists at CERN and came up with the idea for ProtonMail in the CERN cafeteria, as the story goes. The company was originally funded through an Indiegogo crowdfunding campaign which brought in over half a million dollars, greatly exceeding their own goals. As they claimed in the campaign,

We firmly believe that ProtonMail can only succeed in its mission if it remains independent. By raising money through crowd funding, we can ensure that our first and only priority is protecting the privacy of our users.

Ironically, less than a year later, however, ProtonMail accepted a $2 million “investment” from a US-based firm called Charles River Ventures (CRV). Today the company is funded through venture capital firms, government bodies, various investors, and users who upgrade from the free service plan to one of three paid plans.

Another interesting investment came from the European Union. In March, 2019, ProtonMail accepted €2 million from the EU to “develop a suite of encrypted services.” Back in 2016, when responding to accusations related to their involvement with Radware, ProtonMail explained that the company also receives financial support from the Swiss government:

ProtonMail is a beneficiary of financial support from the Swiss government, and we also adhere to a policy of strict neutrality.

ProtonMail does not encrypt email subject lines

One concern I have is that ProtonMail does not encrypt the subject lines of messages:

All ProtonMail data at rest and in transit is encrypted. However, subject lines in ProtonMail are not end-to-end encrypted, which means if served with a valid Swiss court order, we do have the ability to turn over the subjects of your messages. Your message content and attachments are end to end encrypted.

Addressing-related metadata must remain unencrypted to allow a message to reach its destination.

The ProtonMail approach makes them compliant with the PGP specification, but leaves this important private data exposed to third parties. We will return to this important subject below.

ProtonMail servers and data security

All ProtonMail servers are physically located in Switzerland in secure facilities. This means user data is protected by Swiss law, which generally provides for better privacy than USA or EU law. However, ProtonMail makes it clear that they will turn over whatever information they have on you to the Swiss authorities if ProtonMail believes you might be violating Swiss laws. This is where the lack of encryption for the Subject line of messages can become a problem.

While the bodies of your messages and any attachments should remain safely encrypted, addressing information and the Subject lines of your messages are stored in the clear and would be provided to the authorities. This information is enough to give anyone possessing it a good idea of who you communicate with and the subjects you discuss with them.

Some people also question how free of USA and EU influence Proton Technologies really is. They have two international support centers, one in San Francisco, California (USA), and one in Skopje, Macedonia (Macedonia is a candidate for EU membership).

All that said, the ProtonMail threat model document specifically states that, “we cannot guarantee your safety against a powerful adversary.” The spy agencies serving the USA and EU definitely qualify as “powerful adversaries.” So if you decide to take on one of the Five Eyes, violate Swiss laws, or something equally crazy, using ProtonMail is unlikely to save you.

ProtonMail technical specifications

ProtonMail uses a variety of encryption algorithms to protect your messages. All messages are end-to-end encrypted and also remain encrypted in your mailbox until actively being read. The algorithms they use are open source versions of AES and RSA along with OpenPGPjs algorithms:

  • AES-128
  • TLS 1.0
  • SHA 3

QuoVadis Trustlink Schweiz AG signs SSL certificates for ProtonMail. Security features of the certificates include:

ProtonMail hands-on testing

If you’ve used email services like Microsoft Outlook or Gmail, you will find ProtonMail to be easy to work with. For this review, we’ll be looking at the free, browser-based client, which is the version you are most likely to use.

Creating an account with ProtonMail is pretty self-explanatory. You can get a free account in a matter of minutes by creating a username and password, and then going through the verification steps.

Next you will need to go through a verification process, but you do have different verification options you can select (Captcha, email, SMS, etc). I’ve seen complaints about ProtonMail forcing people to go through phone (SMS) verification when signing up through VPNs or over the Tor network. Although I don’t like how ProtonMail is utilizing SMS verification, it is important to protect the service from spammers and bots.

Signing in to ProtonMail is easy and straightforward. Simply go to the homepage and enter your login credentials. When using ProtonMail, you have the option to create a recovery email inbox, which can be used if you lose your password.

The look and feel of ProtonMail

ProtonMail has a pretty standard interface, with a 3-pane “Column View” layout, as well as the “Row View” option here:

Below is the default Column view layout again. You can customize the layout of your ProtonMail inbox in Appearance > Layout > and then select the layout and composition style.

With Column View, you get all the usual folders in the left-most pane, with the ability to add any custom ones you wish. In the center is the message list, with the body of the selected message displayed in the right-most pane. You’ll notice that like other privacy-oriented mail services, ProtonMail blocks remote content like images by default, giving you the option to load them right at the top of the window.

Selecting the Folders/Labels link in the left-hand pane gives you a large range of settings and other options, including filters, rules, whitelists, and blacklists.

Users of the free version can create one filter, while paid users get unlimited filters.

Composing messages

You compose ProtonMail messages in a pop-up window with a good set of HTML formatting options, including inline images. Once you get used to the layout, the composition window makes including things like Attachments, an Expiration time, a Read Receipt Request, Encryption fast and easy.

There are a few keyboard shortcuts that help with composing messages. But you won’t find more advanced editing features such as macros and automatic suggestions.

Sending messages to non-ProtonMail users

Like some other secure email services, such as Tutanota and Mailfence, ProtonMail gives you the option to send encrypted messages to people who don’t use ProtonMail. The recipient will need to know the shared password you are using, so that will need to be arranged outside the system. These encrypted messages automatically expire in 28 days (but you can set a shorter date if you wish).

The recipient will see something like the following in their Inbox. If they enter the correct password and click the View Secure Message button, they will be able to see the message you sent them.

This seems to work well.

Searching for messages in ProtonMail

ProtonMail has a limited ability to search your messages. Because messages are encrypted except while you are actually viewing them, the client can’t search message bodies. This, of course, can be frustrating and really limit your ability to find the message you are looking for.

Updated search functionality: Version 4 of ProtonMail is supposed to have improved search capability, so if you need the ability to search within message bodies, they should be taking care of you soon.

The ProtonMail client works smoothly although there can be a delay when opening a message, given that the message must be decrypted before you can read it. Since the client is browser-based, instead of a stand-alone app, you might find that it slows down as the number of messages in your folders increase, but I wasn’t able to test this.

Comparison to Tutanota search: In comparison, Tutanota (another fully-encrypted email provider) has been offering full-text search capabilities since 2017. To do this, Tutanota creates an encrypted search index which can then be searched locally on the users’ device.

The ProtonMail Mobile Apps

ProtonMail has apps for both iOS and Android. I’ve been working with the Android app and it looks good and functions smoothly. At the time of this review, the Android app had over 19,000 reviews with a solid rating of 4.6 out of 5 stars.

At the time of this review, ProtonMail’s Android app is not open source and is not available on F-Droid.

Is ProtonMail really secure?

There is a lot of debate out there about how secure ProtonMail really is.

Aside from the concerns about connections to the USA and EU that we discussed earlier, there have been some criticisms of the service on other grounds as well.

  • The browser client uses JavaScript encryption libraries. These are considered to be less secure than the libraries used in the ProtonMail mobile apps.
  • Leaving the Subject field in the clear (for PGP compatibility) means more data exposed to anyone spying on the message traffic.
  • A paper published at the end of 2018 criticized ProtonMail’s cryptographic architecture on a number of grounds. However, these same criticisms could be applied to any browser-based email client (not just ProtonMail). Here is the response from ProtonMail.
  • 4. In May of 2019, a post at Steiger Legal (archived) claimed that ProtonMail voluntarily offers assistance to the Swiss government for real-time surveillance of users, above and beyond any cooperation required by law.

We’re going to explore the last issue in a bit more detail.

Does ProtonMail voluntarily cooperate with real-time surveillance?

As Martin Steiger originally claimed on his website (archived),

Email service provider ProtonMail, based in Switzerland, offers assistance for real-time surveillance: Voluntarily!

This insight goes back to public prosecutor Stephan Walder, who heads the Cybercrime Competence Center in the Canton of Zurich in Switzerland:

On 10 May 2019, Mr. Walder gave a presentation on the possibilities and limits of criminal prosecution at a continuing education event on the digitization of criminal law and criminal procedure. Mr. Walder incidentally mentioned as a positive example that ProtonMail voluntarily offers assistance for real-time surveillance. Public prosecutor Walder had expected that he would have to obtain a federal court decision.

On Twitter, ProtonMail repeatedly avoided to address the question why real-time surveillance was carried out voluntarily. Instead, ProtonMail stressed that the contents of the communication could not be monitored due to end-to-end encryption.

After posting this information, the public prosecutor claimed he had been misquoted, while ProtonMail offered an official rebuttal to these accusations. Steiger has since removed the post.

For the sake of clarity, we will simply examine ProtonMail’s transparency report.

Real-time surveillance of ProtonMail users?

Upon receiving a judicial order, ProtonMail is obliged to provide any user information readily available that would help identify a user that is subject to a criminal investigation that has been validated by Swiss authorities. In addition to the items listed in our privacy policy, in extreme criminal cases, ProtonMail may also be obligated to monitor the IP addresses which are being used to access the ProtonMail accounts which are engaged in criminal activities.

And also:

In April 2019, upon the order of the Swiss judiciary in a case of clear criminal conduct, we enabled IP logging against a specific user account which is engaged in illegal activities which contravene Swiss law. Pursuant to Swiss law, the user in question will also be notified and afforded the opportunity to defend against this in court before the data can be used in criminal proceedings.

Verdict: Any email service could be forced to do this by a valid court order. This is not limited to ProtonMail. However, if you are using a good VPN service that hide your IP address and location, you’ll still be protected against IP logging/monitoring.

Voluntary assistance to authorities?

In the second quarter of 2016, we received an order from Swiss authorities on behalf of German authorities requesting information in a case where a minor was at risk. We complied with the order which was subsequently delivered to our office by registered post. It is ProtonMail’s policy to always assist authorities in cases involving pedophilia or terrorism.

Verdict: Due to confusion with the old transparency report, ProtonMail has edited the text to clarify that they DO require a court order, but they DO NOT require it to be received before they take action.

All email services (and businesses) must abide by the law in the jurisdiction where they are located, including lawful court orders. Similar to ProtonMail, other secure email providers also post transparency reports detailing these cases for their users. See for example with Mailfence, Tutanota, and Posteo.

ProtonMail business features

ProtonMail also offers a service for businesses that provides “end-to-end encryption to secure your business communications.” This service includes migration tools and dedicated support to transition your business from its current hosting to the ProtonMail infrastructure. It incorporates a user hierarchy allowing your Email Administrators to manage user accounts appropriately.

ProtonMail cost and pricing plans

Since they don’t display ads in their clients, or sell access to your messages to advertisers, ProtonMail charges for their services. As you can see here, ProtonMail has four pricing plans, including a free tier.

The Free plan, with 500 MB of storage, 150 messages per day, and 3 folders / labels could be enough for you. If not, one of the paid plans will likely meet your needs. Note that the Free, Plus, and Professional plans all offer ProtonVPN as an option, while the Visionary plan has the VPN built in.

ProtonMail alternatives

While there are several secure email services on the market, Tutanota is the first alternative I would suggest. Rather than using PGP and S/MIME, Tutanota has rolled out their own encryption standard incorporating AES and RSA, which encrypts the subject line, supports forward secrecy, and can be updated/strengthened over time. Tutanota has rolled out a fully-encrypted Calendar feature and is much better than ProtonMail about open-sourcing their clients.

My verdict: Tutanota is the best alternative to ProtonMail in the high-security category. There are other alternatives to ProtonMail that offer a lesser degree of encryption and security, but with more features. Mailfence and Posteo, for example, are two other good options.

Bottom Line

ProtonMail is a polished and popular end-to-end encrypted email service that will meet the needs of many regular users. As the most popular secure email service on the market, with a free basic account, it is a great option for regular encrypted communications with friends, business partners, and others who want protection from routine snooping and hacking. For those who want maximum security, with full encryption of subject lines and strong data security, Tutanota might be a better fit.

Is ProtonMail the best secure email service for you? I can’t tell you that since everyone’s needs are different. There are many factors to consider when selecting a secure email provider and the choice all comes down to your own preferences.

If you’re open to alternatives, you can see my guide highlighting the best secure email services.


Source link

Many patients with iNPH develop Alzheimer’s disease, too — ScienceDaily

Rafael Nadal beats Stefanos Tsitsipas to keep his ATP Finals hopes alive