this post was submitted on 15 Dec 2023
827 points (98.8% liked)

Technology

59569 readers
3665 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] dai@lemmy.world -4 points 11 months ago (2 children)

Protonmail isn't great, their deliberately misleading about the encryption. Many consider protonmail to be a honeypot.

[–] bored_boar_onboard@lemmy.world 5 points 11 months ago (1 children)

Do you have anymore background on that?

[–] dai@lemmy.world 1 points 11 months ago

https://www.wired.com/story/protonmail-amends-policy-after-giving-up-activists-data/

https://cldc.org/does-protonmail-snitch/

In addition protonmail do not protect your metadata (from memory), it's not encrypted in transit.

Protonmail also keep your public and private keys on their servers, it's PGP however they don't want the end users to have to manage their own keys. That to me isn't ideal.

Receiving from another provider you'll get TLS encryption until it hits protonmail servers but protonmail will then decrypt your email and again encrypt your email using your PGP stored on their servers.

Sending an email from proton to another provider will be encrypted on protonmail servers but that's where it ends. TLS will take care of the in-transit and again may not be stored securely on the receiving end.

[–] Geek_King@lemmy.world 1 points 11 months ago (1 children)

Well god damn it! Did you have any links to articles about it? Also what would you view to be better then proton.me?

[–] dai@lemmy.world 2 points 11 months ago (1 children)

Tuta (in my eyes) is a step in the right direction, using a client like thunderbird or enigmail and managing PGP yourself would be more secure as the message is decrypted by the recipient and not a company owned server.

[–] Reverendender@sh.itjust.works 0 points 11 months ago

Yeah except I forgot how to login and now I’m burned