ProtonMail - Encrypted Email

https://protonmail.ch/

Hosted in Switzerland
More flexible than Mail1Click - you can send/receive email easily with non-ProtonMail users.
Optionally password encrypt email to non-ProtonMail users
Email expirations
Two passwords: one to authenticate with the service and another to decrypt mailbox client-side. The mailbox password is not shared with ProtonMail. Therefore, zero knowledge.

 

Hmm: https://www.ssllabs.com/ssltest/analyze.html?d=protonmail.ch
I guess it doesn't matter much with end-to-end encryption, but for a service focused on security&privacy I find it lacking.
EDIT:

A bit late IMO.

 

The SSL Labs score of B is not bad at all, especially for a beta. What is the service lacking exactly?

How is increasing the RSA key length in a beta service late?

 

No TLS 1.2, Forward Secrecy not preferred and only 1024 bits, supports weak ciphers, no OCSP stapling, no HSTS. Not all are counted in the score.

Still using 1024 bit RSA keys in April 2014 is late.

I know it's still a beta, so I guess it's a bit nitpicking. However, for me to use such a service and especially pay for it, I would like a service whose developers have expertise in the matter, and this doesn't give me confidence about that.

 

Appreciate more details. I'm not sure exactly how "OCSP stapling" and "HSTS" would benefit me as a user. But with regards to the service they provide and the nature of it being "strong encryption", you make some good points. Not all those points I fully understand, therefore, with further lack of details or knowledge about them, I can't comment.

 

Hi everybody, this is Andy, one of the ProtonMail devs. I just noticed this thread and wanted to provide some quick answers.

TLS 1.2
We're are running a hardened version of CentOS which doesn't support TLS 1.2 yet. When support becomes available through RedHat, we will update accordingly.

Forward Secrecy
The decision to not use forward secrecy was so that the user experience would be abstracted from the complexity of typical PGP applications. In other words, for convenience and a better user experience. If forward secrecy is a deal-breaker then you're probably the type of power user who is comfortable using PGP and doesn't have a need for "easy-to-use" encrypted email. Basically, it is not technically possible to implement this while at the same time making encyption completely invisible to the end user. Our philosophy is to try to make encrypted email easy to use so it can gain greater adoption and this is something we had to sacrifice for that goal.

1024 bits
We used 1024 during private development but now use 2048, this should have been switched to 2048 before we went to beta, but we forgot to change this until a couple days afterwards. We're currently working on supporting 4096, but our testing thus far (since this happens client-side on your browser) has shown this process can take 15 minutes and freezes your browser in the mean-time, which isn't feasible yet.

Weak Ciphers
This we have corrected, it was on our to do list, but not the most urgent thing so it took some time to get around to doing it.

OCSP Stapling
Unfortunately, this is also not very well supported yet. Once mult-level OCSP stapling is in Apache, and RedHat supports this, we will update. In general, we follow the Red Hat approach to software security.

No HSTS
All links are forced to be HTTPS in our code. HSTS however has now been implemented as well, it was always on the to do list, but we needed to roll out some bug fixes first.

We appreciate all the feedback, anything that helps us improve our security is appreciated even if it comes in the form of criticism ;-)

 

Thanks for your reply

 

Thanks for the quick response. I am trying out your beta and have to say that for ease of use it is excellent.

As I my work involves people who are not necessarily "techies" but who need a degree of anonymity I have high hopes that we will be able to utilise your service.

Dogs.

 

Nice,I applied yesterday today mail came.

Will there be free plan or/and (only) paid ?

 

Our plan is to always keep a free version of ProtonMail available. So if you request a beta account today, you won't get hit with a "pay us now or we lock your account" later on. To pay the bills, we'll have premium plans that offer extras like additional space.

 

Do they have diffi keys as well as rsa?

 

Thank you,nice to hear that.

 

http://www.forbes.com/sites/hollieslade/2014/05/19/the-only-email-system-the-nsa-cant-access/

 

What a great article! It's awesome to see a small group of folks team up and deliver something like ProtonMail. It's especially awesome they put their names and faces in public instead of hiding behind an anonymous corporate veil of online presence. It's also encouraging these guys are resisting venture capital investments and selling out.

Kudos to Jason, Wei and Andy! Keep it pure, guys!

 

This does sound really cool! I'll have to give it a try, thanks!

 

I have the beta access and I must say I like it so far. I like the encryption/decryption being so simple and easy to use, plus the fact that the email can be told to kill itself after a time period. I dont mind paying for this kind of service.

 

How is PFS not user friendly? Gmail is using it. It's transparent to the user. It's a Browser/Server interaction only. What am I missing?

 

Wilders is using it on this very forum.

 

I like the "idea". I don't like that it's wordpress. Might signup later. It seems like a interesting project.

 

PayPal freezes out NSA-proof, encrypted ProtonMail.

https://protonmail.ch/blog/paypal-freezes-protonmail-campaign-funds/

 

Should a privacy service use Google analytics? Is there a risk of browser fingerprinting, and the possibility that users could be tracked and then targeted for further investigation?

 

Good point. Big no.

 

This is just sickening.

 

Maybe PayPal got a clue?

 

Yes, it does, the encryption is forbidden in USA by NSA.