• 0 Posts
  • 2 Comments
Joined 7 months ago
cake
Cake day: May 14th, 2024

help-circle
  • This is good advice, because email is very difficult to make reliably private. However, it’s not the best you can get. Tutanota, for example, stores headers with E2EE, and still has a search function.

    The goal should be to make it as private as it can realistically be. Ideally, any cloud service you use should only store end-to-end encrypted data.

    I’m not trying to shit on Proton — it’s a huge step up from the popular mainstream email services, and the inclusion of cloud storage makes it a much easier transition than going piecemeal with 2-5 different services.


  • Not the encrypted mail, mind you, because they can’t do that

    Just want to point out for anyone new that ProtonMail does not use E2EE for email headers. That means they CAN access your subject lines, to/from fields, and other email headers. That means they CAN be forced to hand it over to the government.

    Source: https://proton.me/support/proton-mail-encryption-explained

    Subject lines and recipient/sender email addresses are encrypted but not end-to-end encrypted.

    Personally I am disappointed in a lot of Proton’s wording about this. They frequently promise they can’t access “your data” and “your messages” when they do, in fact, store potentially sensitive data in a format they CAN access.