I just don't think ProtonMail is really worth it as an individual. 90% of my emails either go to or come from servers operated by Microsoft, Google and Amazon. So they're being seen in clear text anyway. And probably harvested for my data.
PGP is built in to proton to fix this but good luck getting someone else to use it. The added value in terms of privacy is only really there if you email with other proton users. And I don't know any.
I just kinda gave up on email instead. As have most companies. Who sends sensitive information by email anymore? It's become a glorified notification service "Come view your message at our portal". Personally I think email is broken beyond repair.
Who sends sensitive information by email? Are you joking? I can ruin your life and take away all things you hold dear if I take over your email. It is a nightmare. Just about every account or service , commercial, school or government use email as a way of recovering access to your account.
It is so bad one of these days I need to ask HN properly why all these tech companies screw this up royally badly. There doesn't go by a day where some app or tech company sends by email some aspect of what I have been up to by email.
Perhaps you mean strictly from the perspective of what proton can protect which makes more sense but in general you can't be more wrong on this. Brand new apps from fresh startups rely on email all the time.
As for proton's value, it is pretty simple, you are not the product you are the customer. I have helped technically illiterate people start using it and they love it. Few weeks ago one asked me how to recover their yahoo account, i told them if they exhausted all the automated recovery options they are out of luck and gmail is the same as well. With proton, I emailed their support from a separate account and was able to talk to a human within days and get it resolved (you will never talk to a human with gmail because you are never worth the support cost). They abandoned their yahoo as I did mine for the same exact reason many years ago.
Forget the encryption, that's just polishing turd. Given the criticality of personal email, I need a company that has clear business interest to look after not just my privacy and email security but me as a customer. The stories of entire businesses ruined because google took away their account access all of a sudden is too many the ones that get posted on HN and twitter are the minority that know the right people and can make enough social media noise. There are life long contacts that will never be able to reach me again unless I hire a PI to find them because of my lost yahoo lol. They suddenly think your IP and user agent are weird and you need another device you used in the past to allow the login despite a legit password? Whoops, security security you lost your account now lol.
As a techy individual, I found it cost prohibitive with 2 accounts over 2 custom domains for my self and my spouse. Switched to my own nextcloud and migadu and haven't looked back. At this point my strategy is just to desilo as much as I can away from Google, Microsoft, Apple etc.
This is why I have switched to Fastmail and have really enjoyed the benefits. Not having CalDAV/CardDAV with ProtonMail really sucked. And Fastmail's sync feature is helping me slowly wean off of my Gmail account.
I think that using ProtonMail Bridge defeats the purpose of using ProtonMail in the first place. At this point there is no real difference to other hosts, except that the emails themselves are encrypted on ProtonMail's servers.
Now you are using another email client that you have to take care of its security yourself, and besides, anyone who has access to your machine will have access to your email when you turn on Bridge and open your email client. A big part of Protonmail is that these emails are not "stored" (cached, whatever) on your machine.
i disagree. more of my data has been compromised due to attacks/leaks/etc on the host than has been compromised due to someone having access to my machine.
How much you trust the email provider for security (not get pwned or malicious insider), privacy and more than all that reliability and availability is the major difference. That aside they all do have features the others don't as well as different support and user experience.
the devs seem to blame go-imap (https://github.com/emersion/go-imap). at a quick glance the library itself doesn't seem to have an open issue describing the problem.
I genuinely don't understand the appeal of using ProtonMail if you're already using PGP. That's all ProtonMail is, convenient PGP. If they are already using PGP they can just use Fastmail and have the same privacy benefits.
[+] [-] GekkePrutser|3 years ago|reply
PGP is built in to proton to fix this but good luck getting someone else to use it. The added value in terms of privacy is only really there if you email with other proton users. And I don't know any.
I just kinda gave up on email instead. As have most companies. Who sends sensitive information by email anymore? It's become a glorified notification service "Come view your message at our portal". Personally I think email is broken beyond repair.
[+] [-] badrabbit|3 years ago|reply
It is so bad one of these days I need to ask HN properly why all these tech companies screw this up royally badly. There doesn't go by a day where some app or tech company sends by email some aspect of what I have been up to by email.
Perhaps you mean strictly from the perspective of what proton can protect which makes more sense but in general you can't be more wrong on this. Brand new apps from fresh startups rely on email all the time.
As for proton's value, it is pretty simple, you are not the product you are the customer. I have helped technically illiterate people start using it and they love it. Few weeks ago one asked me how to recover their yahoo account, i told them if they exhausted all the automated recovery options they are out of luck and gmail is the same as well. With proton, I emailed their support from a separate account and was able to talk to a human within days and get it resolved (you will never talk to a human with gmail because you are never worth the support cost). They abandoned their yahoo as I did mine for the same exact reason many years ago.
Forget the encryption, that's just polishing turd. Given the criticality of personal email, I need a company that has clear business interest to look after not just my privacy and email security but me as a customer. The stories of entire businesses ruined because google took away their account access all of a sudden is too many the ones that get posted on HN and twitter are the minority that know the right people and can make enough social media noise. There are life long contacts that will never be able to reach me again unless I hire a PI to find them because of my lost yahoo lol. They suddenly think your IP and user agent are weird and you need another device you used in the past to allow the login despite a legit password? Whoops, security security you lost your account now lol.
[+] [-] zeagle|3 years ago|reply
[+] [-] RockRobotRock|3 years ago|reply
[+] [-] adeleine|3 years ago|reply
Now you are using another email client that you have to take care of its security yourself, and besides, anyone who has access to your machine will have access to your email when you turn on Bridge and open your email client. A big part of Protonmail is that these emails are not "stored" (cached, whatever) on your machine.
[+] [-] dier|3 years ago|reply
[+] [-] badrabbit|3 years ago|reply
[+] [-] dier|3 years ago|reply
curious if that author's (deprecated) protonmail bridge hydroxide (https://github.com/emersion/hydroxide) has the same problem.
[+] [-] zippity-zappity|3 years ago|reply
[+] [-] stevekemp|3 years ago|reply
Though running a dig against their domain it seems the MX record points to gmail.
[+] [-] gray_charger|3 years ago|reply