Oddbean new post about | logout
ee8c3051 | 11 months ago (raw) | root | parent | reply | flag +1 
 https://proton.me/legal/transparency
Jac | 11 months ago (raw) | root | parent | reply | flag +1 
 https://proton.me/legal/privacy

I think for most use cases their security is pretty good. The transparency seems to show a fairly proportional increase in accommodation of requests as the user base has expanded. Almost anything is better than running unencrypted traffic through your ISP directly.
ee8c3051 | 11 months ago (raw) | root | parent | reply | flag +1 
 😃
ee8c3051 | 11 months ago (raw) | root | parent | reply | flag +2 
 Protonmail has your private keys😃

And...

Due to limitations of the SMTP protocol, we have access to the following email metadata: sender and recipient email addresses, the IP address incoming messages originated from, attachment name, message subject, and message sent and received times. We do NOT have access to encrypted message content, but unencrypted messages sent from external providers to your Account, or from Proton Mail to external unencrypted email services, are scanned for spam and viruses to pursue the legitimate interest of protecting the integrity of our Services and users. Such inbound messages are scanned for spam in memory, and then encrypted and written to disk.
Jac | 11 months ago (raw) | root | parent | reply | flag +1 
 Not perfect. In the case of the disclosure of information about the French activist, Proton stated that if he had used the Proton VPN in conjunction with the email service there would have been no viable information to disclose. Improper use of the technology isn’t the fault of the provider necessarily, but having the necessary technology to attain the privacy claims of the system integrated together would be a logical, but rarely utilized approach to product development.