This is a silly thing to take issue with. I use a password manager. When I need a new password I allow the manager to generate one for me. Is the password inherently insecure or bad because it was generated by “a company” and not myself? Proton generates your key for you, just like a password manager does, and they’ve integrated that functionality into their service for ease of use, and probably ease of administration as well. There is no way someone can screw it up and not be able to read their emails if Proton handles it.
Encrypting email is extremely niche in the first place, the fact that Proton can enable it quickly and seamlessly for users with no prior knowledge on how this all works is a good thing imo. Everyone with just enough knowledge to think they know better seems to get annoyed by this type of thing and starts spreading ridiculous FUD even while Proton is enabling encrypted email for millions of people who otherwise would be using Google Mail. Don’t get so caught up in the details that you miss the big picture of what Proton is actually providing.
Right, but what the author is trying to implement is what is generally considered best practice for secure email.
You’re right that what Proton are doing is a compromise that’s reasonable for most people, but the author here is annoyed that there’s no way to turn it off so he can implement best practice E2EE himself.
Ironically he could probably do that with the vast majority of providers that aren’t Proton, so to me it seems like a totally reasonable ask that a self described privacy focused email provider has some way to allow you to implement best practice email security.
I guess they were probably so caught up in making it easy to use they forgot about the best practice use case.
I agree with you - I don’t think it would take much to adapt their system to support both, even if it’s a manual “I know what I’m doing” power user option hidden away somewhere.
I’m on the fence about this since how would proton verify that “best practices” were followed? They are a privacy focused product and a feature like that could be used to decrease their services privacy. This author would likely implement best practices and many other likely would too, but say a competitor wanted to prove that their product was more secure, a feature like that could enable a competitor to showcase a security “flaw”. And since headlines are all people read these days it would be damaging.
The feature the author described would be great but ProtonMail would need to make it fool-proof and temper-proof which requires a lot of Dev time and effort. I’m still waiting on proton bridge to work with calendar and contacts. Or contacts birthdays to show up in my calendar.
Like I said, its a good feature, but its likely a large ask for a niche group of customers.
Eh, I don’t think it’s be a big deal. Slap a giant warning on it, all good. Super common on all sorts of platforms. Anyone trying to claim their encryption doesn’t work because they have a (scarily labelled) option to disable it can be easily demonstrated to be disingenuous.
And worst case if someone does disable it but doesn’t implement their own then their email I just falls back to… the same as any other platform.
They might not want to take the time to build it, but I think what this dude is asking for is a totally reasonable thing.
I buy them from the company which makes the lock. If I need an extra key, I make it myself with the machine at my makerspace. People who give their keys away to keymakers and give them their addresses obviously have bad opsec.
This is a silly thing to take issue with. I use a password manager. When I need a new password I allow the manager to generate one for me. Is the password inherently insecure or bad because it was generated by “a company” and not myself? Proton generates your key for you, just like a password manager does, and they’ve integrated that functionality into their service for ease of use, and probably ease of administration as well. There is no way someone can screw it up and not be able to read their emails if Proton handles it.
Encrypting email is extremely niche in the first place, the fact that Proton can enable it quickly and seamlessly for users with no prior knowledge on how this all works is a good thing imo. Everyone with just enough knowledge to think they know better seems to get annoyed by this type of thing and starts spreading ridiculous FUD even while Proton is enabling encrypted email for millions of people who otherwise would be using Google Mail. Don’t get so caught up in the details that you miss the big picture of what Proton is actually providing.
Right, but what the author is trying to implement is what is generally considered best practice for secure email.
You’re right that what Proton are doing is a compromise that’s reasonable for most people, but the author here is annoyed that there’s no way to turn it off so he can implement best practice E2EE himself.
Ironically he could probably do that with the vast majority of providers that aren’t Proton, so to me it seems like a totally reasonable ask that a self described privacy focused email provider has some way to allow you to implement best practice email security.
Exactly this. Why in the world would they not allow that? I don’t believe it’s that hard.
I guess they were probably so caught up in making it easy to use they forgot about the best practice use case.
I agree with you - I don’t think it would take much to adapt their system to support both, even if it’s a manual “I know what I’m doing” power user option hidden away somewhere.
I’m on the fence about this since how would proton verify that “best practices” were followed? They are a privacy focused product and a feature like that could be used to decrease their services privacy. This author would likely implement best practices and many other likely would too, but say a competitor wanted to prove that their product was more secure, a feature like that could enable a competitor to showcase a security “flaw”. And since headlines are all people read these days it would be damaging.
The feature the author described would be great but ProtonMail would need to make it fool-proof and temper-proof which requires a lot of Dev time and effort. I’m still waiting on proton bridge to work with calendar and contacts. Or contacts birthdays to show up in my calendar.
Like I said, its a good feature, but its likely a large ask for a niche group of customers.
Eh, I don’t think it’s be a big deal. Slap a giant warning on it, all good. Super common on all sorts of platforms. Anyone trying to claim their encryption doesn’t work because they have a (scarily labelled) option to disable it can be easily demonstrated to be disingenuous.
And worst case if someone does disable it but doesn’t implement their own then their email I just falls back to… the same as any other platform.
They might not want to take the time to build it, but I think what this dude is asking for is a totally reasonable thing.
If someone else makes the key to your house, they can make themselves a copy of the key to your house without you noticing.
Do you make your own house keys?
I buy them from the company which makes the lock. If I need an extra key, I make it myself with the machine at my makerspace. People who give their keys away to keymakers and give them their addresses obviously have bad opsec.
I have in the past yes.
No… It’s generated on your end, and even if it wasn’t you can replace the private key with your own.