#Protonmail seems cool, particularly how they store your data encrypted such that they can't access it. Their web site is super hand wavy about exactly what the security properties are and how they achieve them though (i guess trying not to scare off non-experts?). Best write-up I could find is the Wikipedia article, which just cites the source code. #xp
E.g. an important point that's easy to miss is that that if you actually care about #protonmail (or governments or hackers that get into #protonmail) not being able to access your data, you need a password strong enough to resist offline brute force attacks.
Hopefully they mitigate this to some degree by using an appropriate key derivation function with non trivial cost, but again: no real documentation or guidance. #xp
Would also like to know what mitigation #protonmail provides (or expects you to use) against them just serving you js that sends your key back to them. #xp
@mkb
I think ssl/TLS should prevent that. But yeah in general they could really use a technical write-up with threat analysis. Their web site is a lot of "your data is secure because ENCRYPTION"
@sporksmith Yeah, I’d be very interested to read that too. Perhaps if enough people nudge them they’ll publish something.
Ssl/tls protect against MITM in theory but commercial inspection hardware and dodgy CAs make it doable (but still challenging) with corporate or state budgets.
@mkb
Toying with the idea of writing something up myself based on digging through the code etc.
Fair enough re ssl. My thinking is that it's mostly a "solved" problem orthogonal to what they're doing, but otoh worth mentioning they don't automatically protect you from attackers with those capabilities, and that it can be mitigated eg with cert pinning.
RT @BartCButler
If that is part of your threat model we suggest using the mobile apps, the ProtonMail Bridge, or running the web client yourself locally after verifying the code to your satisfaction. https://twitter.com/BartCButler/status/980574898094419970?s=09
@sporksmith Or for that matter, a malicious third party with MITM capability doing the same.