The ability to search the contents of emails, not just the Subject
It is a deal killer for business use to not be able to search the contents of emails Vs just subject titles. Combine that with the TERRIBLE conversation thread that will not open ALL messages at the same time and PM may be doing great engineering but poor client business development.
The upcoming ProtonMail Bridge will support this by allowing ProtonMail to work with any Desktop email client so full text search can be performed locally without compromising the end-to-end encryption.
It sounds like Bridge should be a reasonable solution for the desktop. You should also add full text search features to your mobile apps! Smartphones are getting big and fast enough that it is perfectly feasible to store an index of all e-mail locally.
It's probably not impossible to do full text search for webmail to around the same level of security that protonmail can currently provide for webmail. You don't need FHE or anything crazy like that.
You would have to provide a read/write store to the client, and then use that to update (and use) an encrypted search index from the client. You might be able to do *some* level of traffic analysis on the user's searches by looking at overlaps between the byte ranges they read, but you already have access to lots of traffic data more sensitive than that.
But frankly if you can get desktop and mobile apps with FTS, it's probably good enough for me.
So what about mobile clients? As far as I understand this bridge must be installed on a client machine. Such setup will not be possible on IOS at least. Why not using tried and tested PGP and stuff that works with every single client on this planet?
"The upcoming ProtonMail Bridge will support this by allowing ProtonMail to work with any Desktop email client so full text search can be performed locally without compromising the end-to-end encryption."
And for those that will continue to use ProtonMail solely via the web client?
You could have the client maintain a corpus over the entire sets of emails that gradually get added to and built. This corpus you could encrypt the same way as the emails and thereby provide search. I know this is not trivial to make good, and people being used to google levels of search, but I think this is at least worth a shot.
How can proton mail search in the subject, date, etc if the emails are encrypted? Is the subject, date and header in general not encrypted or is the search done in the client side? Can the client side hold and search let's say a million email headers if I have a million emails in my inbox?
The searching would have to be done client-side. PM doesn't have access to the content of your emails, so they can't do searches over the content.
Fully homomorphic encryption isn't anywhere near efficient enough for practical application yet, so there is no way PM could provide you this service on their end.
However, if you were willing to download and locally store all of your emails on your own machine, then the searching could be done on the client side.
This would be quite helpful.
Tim Underwood commented
Would be a great feature, but encryption > search every time.
Mike D commented
The longer I've been using protonmail the more the searching is upsetting.
I can't find anything, because searching is so limited.
Would like this and don't see any way it could work. I suppose a VM could be created behind a firewall, all my mail decrypted, the search completed, and everything but the matching mail identifiers purged? I like the encryption more than the search.
Further thought.... there are usually 3 of us that are logged into one gmail account through the day from 3 different machines. Not sure how that would work with downloading a local copy of email - maybe configuring one download file/folder and having access from multiple computers into that one account?? Lots to think about.
As the "tech guy" at a small law firm that is looking to move from gmail to something secure, I just noticed this thread and thought, "of course". Can't assume! Searching content is a necessity. from my perspective, the encryption on email should apply to everything outside of my computer. Once the email is in my computer, I am not so concerned with encryption. I'd be happy to download the mail (i.e. always downloaded and updated in real-time) - either all of it or a subset (perhaps date delimited) - and then have it searchable by the local client.
Searchable is key for me to use PM for work as my chains get get long and subjects don't always get updated. I understand the need to download or place into ram just to search but if PM offered an encryption key for you, the user and you did set a search criteria they could filter emails to your PM(drive) to search as cache. That gets purged after closing the search window or logging out.
The best way I can think of for doing this is to download the last x number of emails, decrypt them, and search through that. Then have a link to "keep searching" or something which would download another chunk and search them. Obviously make this work with the advanced search so people can limit it as much as they know to start with.
It's a miracle that you can search by subject given they should be encrypted. What does not make sense is to search by content... because they are encrypted!
You simply can't search what you can't read! Unless they cache your encripted emails in your browser to search on them. But it is not reasonable to download all your inbox to search on it whenever you want to search...
I find this feature not reasonable given this :\
And that is why the subjects are VERY important.
I hope I am wrong.
Andrew P commented
Love the idea of this feature.
My ancient gmail account uses 4GB of storage, with attachments. Even that I could easily fit into RAM for searching. The downside is that I'd have to download all of the mails every time I want to search.
So I guess the only feasible way would be to have the mails unencrypted in an offline client, which is a lot of work (note how no competitor has an offline desktop client).
I guess proper labeling gains in importance when you lose the comfort of search.
Would love to see this feature added.
Everybody wants this. Even if it's only the desktop option.
It's hard to search for emails right now.
Shelly Carpenter commented
lol @ the person who said this is "easy to do with encrypted indexes".