Proton, the Swiss privacy-focused software maker, says it has received a notice of a "possible block" of Proton Mail in India after the service was used Proton, the maker of privacy-focused email service Proton Mail, has received a notice of "possible block" in India and condemned the action.
Yes, there's no other implementation I know of for provider-to-provider encrypted email. O365 is very similar. Recipients can then reply back too and the Proton user receives it directly.
Ah yes, forgot about PGP. Haven't used it in a long time myself, but Proton automatically creates a PGP signature for you. You can just attach your public key that's already on your account and it'll encrypt your mail. It natively supports PGP/MIME.
Whatever your favorite (and probably shitty) proprietary or open source messaging service - not everybody uses it. But hey, everyone has email, so let's kill that.
BTW since you said encryption is important to you: your walled-garden messaging service has a much easier time profiling you and your friends than they would in a heterogenous environment like email. They don't need the content anyway, just metadata.
They don't need the content anyway, just metadata.
ProtonMail uses PGP encryption to encrypt emails, which means your meta data, including subject line is vulnerable to data collection. Also there is no forward secrecy with current PGP standard. See quotes from below:
We have built Proton Mail with PGP fully integrated, ... All messages between Proton Mail users are automatically end-to-end encrypted.
PGP (especially for email) exposes much more info to outside party than any good communication protocol, like the signal protocol or OMEMO used by XMPP.
No, they can't since I don't have a Google mail address. Even if I had, they'd have a harder time building a social graph when I communicate with others outside of Gmail.
Okay, but unless all of your communication is e2e encrypted, your provider can read all of your messages. They can even show you ads based on the contents. Oh, you bought vitamins on Amazon? How about some minerals?
If I send messages with matrix, the matrix server admin cannot read them. If I cared about them seeing who I'm talking to, I would run my own server
IDK, I think that's kind of flawed logic. E.g. "we should stop using gasoline for cars and switch to electric" - would you say "what a stupid thing to say. everyone uses gas so we shouldn't try to stop"?
And are you not aware of Signal? It's open source, and the default server is not, but it doesn't matter since it is E2E encrypted, just like Proton. The difference is that ProtonMail allows you to communicate unencrypted with non-ProtonMail accounts.
I think all they're saying is that, similar to gas users, there are many people who will not stop using it or just don't care unless we sunset gas cars / email for them.
I do agree with that, and in both cases it isn't something which can happen overnight, but it is a serious long term problem which IMO we should be pushing to solve.
That's what s/mime does. If it were as easy to get personal certs as it is to get server certs through letsencrypt, everyone could easily sign and encrypt mail.
I can certainly do it anyway, but you'd have to trust my self signed cert.
That said, it's pretty rare to find relays these days that are not using tls for transport, so there's that.