Encryption of all metadata
If Protonmail is to be serious about privacy, I don't understand why all metadata isn't kept solely in encrypted form. I just signed up for Scryptmail and any data is kept in encrypted form, unreadable for any third party.
I don't see why it would be necessary to keep for instance the senders or subject titles in encrypted form when Protonmail doesn't support POP3 or IMAP.
The problem is that otherwise e-mail is inherently insecure, because if for instance a governmental entity wants to see your account, while they won't have access to the content of your e-mails, they can see what you're talking about (through the subjects), and most of all who you are talking to. So they can just go to the providers of the people you're talking to, and obtain all your info via proxy.
I think if Protonmail doesn't become a true zero knowledge service then it provides more or less a false sense of security.
We have given this quite a bit of thought, but at the present moment, it is not clear the advantages would outweigh the disadvantages.
The biggest problem is search. Encrypting all metadata would break metadata search entirely on the web client as there is still no efficient way to handle search of encrypted data within a browser.
Secondly, metadata encryption’s value from a privacy standpoint is also somewhat dubious. Because we ultimately must deliver the message to the recipient, we must know who the recipient is. At the current time, there still isn’t any proven and viable way to work around this.
Metadata encryption is an area of continued research for us, and when the opportunity arises and the technology for doing this matures, we will definitely implement it in ProtonMail.
-
TA commented
+1 (out of votes)
+1 for DIME supportI would be very happy if ProtonMail published more details on their security in a user-friendly format... I just don't have the time to read source.
SECURE! SWISS! SECURE! SWISS! ... is just too much marketing and not enough serious security! Thank you!
-
amilopowers commented
You could use the same technology as Posteo. They encrypt content, email header, sender, recipient, time, subject, attachement etc. https://posteo.de/en/site/encryption#kryptomailspeicher
The whole Thing is OSS. https://github.com/posteo
-
LauMol commented
I agree with this. I hope they start to look into it soon.
-
Anonymous commented
I totally agree with this, i wonder why they don't do it
-
protonuser commented
If Proton Mail adopted Dark Mail DIME protocol soon, like other services such as Lavaboom of Germany, this issue would be resolved as DIME encrypts all data and the only snoopable information would only be the e-mail size. There's another feedback here:
https://protonmail.uservoice.com/forums/284483-feedback/suggestions/7442149-darkmail-dime-support