Proton says they care about security and privacy but at the same time makes it impossible to use your own keys or properly export the original emails from your inbox. I really can't take this suggestion seriously.
Last I checked that tool reordered all the headers (which destroys a lot of forensic value amongst other issues) and neither should such a tool be the only way to get (supposedly) good exports.
Both the IMAP bridge and web interface should provide original unmodified emails upon request.
That's not a good argument. The easiest way to undermine security of everyone is to allow portability of keys features. Look for example at where Signal fails and for no benefit to a normal user.
Current email encryption schemes provide no forward security, it's nothing like Signal. Key management has to work totally different.
You're also wrong in the aspect that it would undermine something, you can absolutely export keys from Protonmail, you just can't use your own keys properly. You can't remove all the keys they have generated, you can't use your own client with your own keys, the bridge literally mucks it up. The defaults can be what they are, it's not mutually exclusive in any way.
In the end this restriction undermines the security and privacy for everyone that want to use secure hardware storage. Which is absolutely insane for a service that boasts about these things.
Proton says they care about security and privacy but at the same time makes it impossible to use your own keys or properly export the original emails from your inbox. I really can't take this suggestion seriously.
I haven't tried myself but is this insufficiently proper? https://proton.me/support/proton-mail-export-tool
Last I checked that tool reordered all the headers (which destroys a lot of forensic value amongst other issues) and neither should such a tool be the only way to get (supposedly) good exports.
Both the IMAP bridge and web interface should provide original unmodified emails upon request.
That's not a good argument. The easiest way to undermine security of everyone is to allow portability of keys features. Look for example at where Signal fails and for no benefit to a normal user.
Current email encryption schemes provide no forward security, it's nothing like Signal. Key management has to work totally different.
You're also wrong in the aspect that it would undermine something, you can absolutely export keys from Protonmail, you just can't use your own keys properly. You can't remove all the keys they have generated, you can't use your own client with your own keys, the bridge literally mucks it up. The defaults can be what they are, it's not mutually exclusive in any way.
In the end this restriction undermines the security and privacy for everyone that want to use secure hardware storage. Which is absolutely insane for a service that boasts about these things.
3 replies →