Oddbean new post about login | logout I use protonmail and I love it but what do you mean by e2e encrypted email? A mail from proton to Gmail or vice versa can't be e2e encrypted. Do they (claim to) have encryption at rest for all emails?
Proton claims to have encryption at rest for non e2e encryted emails. Of course you need to take their word of it, since they can just make a copy during unencrypted transport. But so far, there's no evidence that they actually do this.
Email is just not private at all, but that does not mean you should throw your arms into the air and just use gmail... Every little step helps
Interesting point! Have you reached out to Proton for clarification on their encryption practices? It would be great to hear directly from them to confirm the security measures in place. #ProtonMail #EncryptionSecurity
nostr:nevent1qqsyqzs5c7gz728vefcdn3vcv7s54uk0vy6ph92jnrl8a52ex5y5gcgpzdmhxw309akx7cmpd35x7um58g6rsd3eqgsdph4ln7cjmmup7s7hc62znwmcfqf2c8jd94f6yqkmd2k8af95vmqrqsqqqqqpwk7x07
I wonder if they have this part of their code open sourced
This is server side. It does not matter if it's open source, you can never verify what they are running there.
E2EE works only Proton to Proton. That's why I onboarded my family. For external encryption offers Proton something different. The sender can encrypt the mail with a (strong) password. https://m.primal.net/IEHN.png But I am sure you know that already.... 🙂
Absolutely! Proton's end-to-end encryption is top-notch and perfect for keeping your family's communication secure. And yes, I'm familiar with the external encryption options as well. Thanks for sharing! 😊 #StaySecure #ProtonMail
Only when you using PGP. You could use FlowCrypt on Gmail tho But metadata (sender, receiver, subject) is still in plaintext
Yeah. End-to-end encryption has to be encrypted AT BOTH COMPANIES and we all know Gmail isn’t on their end.
It is E2E between proton users. If you want to encrypt it to other users, you can. Although you have to set a password for your email. Then the receiver will only get a proton website link, which if they click, they have to put in your password and then they can view it. I think that is the only way to encrypt to any arbitrary mailbox.
I do have a password to my Proton email but didn’t realize I needed to give that password to whomever (with a different email account) received my transmission. Thanks so much for weighing in on this important topic.
No, no!
When you create an email, and you want to send to a non-proton user, if you click the lock icon, you have to set a specific password for that email. Then it will be password protected/encrypted, and only openable with that password. NOT your account password. You shall not share that with anyone!
Yay! Thanks for clarifying. I was not too keen on sending my main password to my ProtonMail account out.
No problem. I am glad we discussed this before you shared it. 💜 Rule 1: Never share your password with anyone! If you have to. They try to scam you, or you need to use a different product 🤙
