Oddbean new post about | logout
 Thanks for your time in writing in for an educational opportunity.

First, Proton is NOT end-to-end encrypted.  As per own their blog:

https://proton.me/support/proton-mail-encryption-explained
(Please note, I only changed the CAPS)

Quote:
"The email is encrypted in transit using TLS. It is THEN UNENCRYPTED and re-encrypted (by us) for storage on our servers using zero-access encryption. Once zero-access encryption has been applied, no-one except you can access emails stored on our servers (including us). It is NOT end-to-end encrypted, however, and might be accessible to the sender’s email service"
</end quote>

Second, they do scan it for spam and phising.
They repeat this with:

Source: https://proton.me/blog/encrypted-email-spam-filtering

"Emails that come from third party email providers obviously CANNOT be delivered with end-to-end encryption, but upon reaching our mail servers, we will encrypt them with the recipient’s public key before saving the messages(new window). All this is done in memory so that by the time anything is permanently stored to disk, the email is already un-readable to us. This gives us a very limited window to perform spam filtering on incoming messages."

Then they further elaborate,

"Secondly, the message is passed through our customized Bayesian filters which marks suspicious messages as spam.
Next, we generate checksums of incoming messages and check them against a database of known spam messages. If there is a match, we mark the message as spam. The checksums are done in such a way that it is also effective against mutating spam emails."
</end quote>

So they claim to have it unencrypted, then have a "limited time" to stop spam, but then also claim to encrypt it, and then after compare the hash to spam hash.  If their own claims were true, then why do they only have a limited time?

Third, they hand over huge amounts of data.  If it's encrypted, then what do they have to hand over?

From their own transparency report:
https://proton.me/legal/transparency


"2023
    Number of legal orders: 6,378
    Contested orders: 407
    Orders complied with: 5,971
2022
    Number of legal orders: 6,995
    Contested orders: 1,038
    Orders complied with: 5,957"
</end quote>

Fourth, you imply that I am not trustworthy but proton with a World Economic Forum board member is.  It's not logical to trust a government regulated and registered entity to resist government, over a pure crypto provider.   We've registered our PGP key with XMRBazaar so no customer funds are risked when all customers are given a receipt.

What you're really saying is you wish to attempt to haze and oppress alternatives that aren't registered with the government.
If so, why do you have bitcoin glowies on your eyes? As there is no purpose in bitcoin if you still only trust government money. 
 lol… my tinfoil hat is just smaller than yours. And I am not hazing, I am just stating I trust proton more is all, for now at least. At I can very much be for bitcoin and limited government. I never said I was an anarchist. But again, I think I just have a smaller tinfoil hat in general. I really have very little of a threat model and support proton mainly for what they represent . Also, having an x member of the wef doesn’t mean you are complicit in the wef. Though I would like that person to state where they stand these days. 
 I hear you on the tinfoil hat.  Part of this is not per say they are getting your data, but also about control.  One of the members of our chat group was talking about being banned from proton for sending business emails in small bulk.  He was saying how it was fairly small amount, but he lost the account.

So it's about privacy yes, but also control over your digital home. 
 I can get that, but it sure is a lot of effort to manage a self hosted email. 
 Understood, that's why we're trying to help people to make it fast and easy.  Now does that have trust in us? Yes.

But the goal is to get people in a place where they are more self-sovereign 
 I can get behind that, cheers!