Proton Mail is famous for its privacy and security. The cool trick they do is that not even Proton can decode your email. That’s because it never exists on their systems as plain text — it’s always…
Incoming Emails that aren’t from proton, or PGP encrypted (which are like 99% of emails), arrives at Proton Servers via TLS which they decrypt and then have the full plaintext. This is not some conspiracy, this is just how email works.
Now, Proton and various other “encrypted email” services then take that plaintext and encypt it with your public key, then store the ciphertext on their servers, and then they’re supposed to discard the plaintext, so that in case of a future court order, they wouldn’t have the plaintext anymore.
But you can’t be certain if they are lying, since they do necessarily have to have access to the plaintext for email to function. So “we can’t read your emails” comes with a huge asterisk, it onlu applies to those sent between Proton accounts or other PGP encrypted emails, your average bank statement and tax forms are all accessible by Proton (you’re only relying on their promise to not read it).
Ok yeah thats a far cry from Proton actually “Having your unencrypted emails on their servers” as if they’re not encrypted at rest.
There’s the standard layer of trust you need to have in a third party when you’re not self hosting. Proton has proven so far that they do in fact encrypt your emails and haven’t given any up to authorities when ordered to so I’m not sure where the issue is. I thought they were caught not encrypting them or something.
We need to call for an audit on Protons policy and see if they actually do what they say, that way we can know for almost certain that everything is good as they say
I mean we know from documented events that Proton doesn’t store you emails in plain text because there have been Swiss orders to turn over information which they have to comply with and they’ve never turned in emails, because they can’t.
Ok yeah thats a far cry from Proton actually “Having your unencrypted emails on their servers” as if they’re not encrypted at rest.
See my other reply. There is no way to retrieve your mail using IMAP on a regular client if they’re encrypted on the server. And Gmail can retrieve your mails from proton using IMAP. It’s even in their own (proton’s) documentation.
And Gmail can retrieve your mails from proton using IMAP. It’s even in their own (proton’s) documentation.
I don’t think it can. Where in the documentation did you find that?
An online search brought me here : https://www.getmailbird.com/setup/en/access-protonmail-com-via-imap-smtp which did looks like a documentation page about how to do exactly that. Obviously, it has nothing to do with them, and the actual details makes no sense the lower you get in the page. I’ve been had :)
They still can see most mails transit from their service in plaintext in both directions, though, which remain a privacy issue, but it has more to do with email protocols than anything.
You’re right that they can see the emails in transit if you’re not using encryption, but they never said they can’t. They are as secure as they can possibly be, and are honest about what’s secure and what’s not. I would leave Protonmail at the first sniff of trouble but I just haven’t seen anything that concerning.
Now, Proton and various other “encrypted email” services then take that plaintext and encypt it with your public key, then store the ciphertext on their servers, and then they’re supposed to discard the plaintext, so that in case of a future court order, they wouldn’t have the plaintext anymore.
You would not be able to retrieve your mails using IMAP from a regular mail client if they were doing that. You can even retrieve them from Gmail, which is unlikely to support any kind of “bring your own private key to decrypt mails from IMAP”.
Yes. They support IMAP. Which means, IMAP client can read your mails from the server. IMAP protocol does not support encryption, so any mail that does not add another layer of encryption (like GPG with encryption) implies that your mail is available in plaintext through IMAP, and as such, on the server.
If that’s not enough, when you send a mail to a third party that just use plain, old regular mail, it is sent from their (proton’s) SMTP server, in plaintext. Again, unless you add a layer of encryption (assuming the recipient understands it, too), it’s plaintext. On the servers.
Receiving is the same; if someone sends a mail to your proton address, is shows up in full plaintext on their SMTP server. Whatever they do after that (and we’ve established it’s not client-controlled encryption), they have access to it.
In the case of GPG with encryption (not only for signature), then the message is encrypted everywhere (assuming your “sent” folder is configured properly). But that requires both you and the other party to support that, which have nothing to do with proton; you could as well do that over gmail.
So, no, not a bold claim. The very basic of how emails standards works requires it.
Now, I’m not saying that Proton have nefarious plans or anything. It is very possible that they act in good faith when they say they “don’t snoop”, and maybe they even have some proper monitoring so that admin have a somewhat hard time to check in the data without leaving a trace, but it’s 100% in clear up there as long as you’re not adding your own layer of encryption on top of it, and as such, you, as the user, have to be aware of that. It might be fully encrypted at rest to prevent a third party from fetching a drive and getting data, logs might be excessively scrubbed to remove all trace of from/to addresses (something very common in logs, for maintenance purpose), they might have built-in encryption in their own clients that implement gpg or anything between their users, and they might even do it properly with full client-side controlled keypairs, but the mail content? Have to be available, or the service could not operate.
Protonmail does not support IMAP, what they have is a program called Proton Bridge that locally decrypts you email then you can set it up so that your IMAP client then reads from Proton Bridge, giving you a seamless experience with one email client having access to all your email accounts.
They support IMAP. Which means, IMAP client can read your mails from the server.
Proton mail does not support IMAP. Because your emails are encrypted on the server.
Again, unless you add a layer of encryption (assuming the recipient understands it, too), it’s plaintext. On the servers.
Protonmail doesn’t claim that non-protonmail email is end to end encrypted. Any emails sent to a regular email without third party encryption will be plain text through the SMTP server, but they don’t store it. So in this case they are still not storing your emails in plaintext. Your recipient will, but that’s out of Protonmail’s control.
shows up in full plaintext on their SMTP server. Whatever they do after that (and we’ve established it’s not client-controlled encryption), they have access to it.
You’ve not established that at all. Protonmail stores that message with client side encryption and they have no access to it. Nothing you’ve brought up here suggests that anything is stored in plaintext on Protonmail servers.
I’ll just repost the same message here, for completion sake.
Well, I’ve been had. There is no IMAP support indeed, during my quick lookup around it, I ended up on a website that does look a lot like a real documentation that claim it does. My bad.
The point about sending and receiving messages in cleartext stands, as SMTP works that way, but at rest it is possible they’re keeping them encrypted.
Well, I’ve been had. There is no IMAP support indeed, during my quick lookup around it, I ended up on a website that does look a lot like a real documentation that claim it does. My bad.
The point about sending and receiving messages in cleartext stands, as SMTP works that way, but at rest it is possible they’re keeping them encrypted.
I don’t think that’s obvious at all. On the contrary, that’s a pretty bold claim to make, do you have any evidence that they’re doing this?
Incoming Emails that aren’t from proton, or PGP encrypted (which are like 99% of emails), arrives at Proton Servers via TLS which they decrypt and then have the full plaintext. This is not some conspiracy, this is just how email works.
Now, Proton and various other “encrypted email” services then take that plaintext and encypt it with your public key, then store the ciphertext on their servers, and then they’re supposed to discard the plaintext, so that in case of a future court order, they wouldn’t have the plaintext anymore.
But you can’t be certain if they are lying, since they do necessarily have to have access to the plaintext for email to function. So “we can’t read your emails” comes with a huge asterisk, it onlu applies to those sent between Proton accounts or other PGP encrypted emails, your average bank statement and tax forms are all accessible by Proton (you’re only relying on their promise to not read it).
Ok yeah thats a far cry from Proton actually “Having your unencrypted emails on their servers” as if they’re not encrypted at rest.
There’s the standard layer of trust you need to have in a third party when you’re not self hosting. Proton has proven so far that they do in fact encrypt your emails and haven’t given any up to authorities when ordered to so I’m not sure where the issue is. I thought they were caught not encrypting them or something.
We need to call for an audit on Protons policy and see if they actually do what they say, that way we can know for almost certain that everything is good as they say
I mean we know from documented events that Proton doesn’t store you emails in plain text because there have been Swiss orders to turn over information which they have to comply with and they’ve never turned in emails, because they can’t.
Do you have a source for that? I know they handed over an IP address, but I haven’t heard about them handing over an email.
As far as I know they have not handed over any emails.
That’s what I thought, but you never know.
I hate it when people share this bullshit without proof, as far as I know Proton is still fighting for pro consumer and pro privacy laws and services.
See my other reply. There is no way to retrieve your mail using IMAP on a regular client if they’re encrypted on the server. And Gmail can retrieve your mails from proton using IMAP. It’s even in their own (proton’s) documentation.
That is probably why you can’t retrieve your emails using IMAP from a regular client.
I don’t think it can. Where in the documentation did you find that?
An online search brought me here : https://www.getmailbird.com/setup/en/access-protonmail-com-via-imap-smtp which did looks like a documentation page about how to do exactly that. Obviously, it has nothing to do with them, and the actual details makes no sense the lower you get in the page. I’ve been had :)
They still can see most mails transit from their service in plaintext in both directions, though, which remain a privacy issue, but it has more to do with email protocols than anything.
You’re right that they can see the emails in transit if you’re not using encryption, but they never said they can’t. They are as secure as they can possibly be, and are honest about what’s secure and what’s not. I would leave Protonmail at the first sniff of trouble but I just haven’t seen anything that concerning.
Agreed.
Really, if someone wants to use an LLM, the right place to run it is in a sandbox locally on your own computer
Anything else is just a stupid architecture. You don’t run your Second Brain on Someone Else’s Computer
You would not be able to retrieve your mails using IMAP from a regular mail client if they were doing that. You can even retrieve them from Gmail, which is unlikely to support any kind of “bring your own private key to decrypt mails from IMAP”.
Yes. They support IMAP. Which means, IMAP client can read your mails from the server. IMAP protocol does not support encryption, so any mail that does not add another layer of encryption (like GPG with encryption) implies that your mail is available in plaintext through IMAP, and as such, on the server.
If that’s not enough, when you send a mail to a third party that just use plain, old regular mail, it is sent from their (proton’s) SMTP server, in plaintext. Again, unless you add a layer of encryption (assuming the recipient understands it, too), it’s plaintext. On the servers.
Receiving is the same; if someone sends a mail to your proton address, is shows up in full plaintext on their SMTP server. Whatever they do after that (and we’ve established it’s not client-controlled encryption), they have access to it.
In the case of GPG with encryption (not only for signature), then the message is encrypted everywhere (assuming your “sent” folder is configured properly). But that requires both you and the other party to support that, which have nothing to do with proton; you could as well do that over gmail.
So, no, not a bold claim. The very basic of how emails standards works requires it.
Now, I’m not saying that Proton have nefarious plans or anything. It is very possible that they act in good faith when they say they “don’t snoop”, and maybe they even have some proper monitoring so that admin have a somewhat hard time to check in the data without leaving a trace, but it’s 100% in clear up there as long as you’re not adding your own layer of encryption on top of it, and as such, you, as the user, have to be aware of that. It might be fully encrypted at rest to prevent a third party from fetching a drive and getting data, logs might be excessively scrubbed to remove all trace of from/to addresses (something very common in logs, for maintenance purpose), they might have built-in encryption in their own clients that implement gpg or anything between their users, and they might even do it properly with full client-side controlled keypairs, but the mail content? Have to be available, or the service could not operate.
Protonmail does not support IMAP, what they have is a program called Proton Bridge that locally decrypts you email then you can set it up so that your IMAP client then reads from Proton Bridge, giving you a seamless experience with one email client having access to all your email accounts.
Proton mail does not support IMAP. Because your emails are encrypted on the server.
Protonmail doesn’t claim that non-protonmail email is end to end encrypted. Any emails sent to a regular email without third party encryption will be plain text through the SMTP server, but they don’t store it. So in this case they are still not storing your emails in plaintext. Your recipient will, but that’s out of Protonmail’s control.
You’ve not established that at all. Protonmail stores that message with client side encryption and they have no access to it. Nothing you’ve brought up here suggests that anything is stored in plaintext on Protonmail servers.
I’ll just repost the same message here, for completion sake.
Well, I’ve been had. There is no IMAP support indeed, during my quick lookup around it, I ended up on a website that does look a lot like a real documentation that claim it does. My bad.
The point about sending and receiving messages in cleartext stands, as SMTP works that way, but at rest it is possible they’re keeping them encrypted.