David Menendez
My feedback
4 results found
-
49 votes
An error occurred while saving the comment An error occurred while saving the comment David Menendez
commented
I agree that the re-encryption could have some risks, but I had assumed that during the conversion we would be working in a copy and only once all steps are successfully done, the original data would be removed.
For me, these would be the key parts it should ensure:
- Integrity of the data: this means that we need to work in "a copy" to allow the rollback if something goes wrong without loosing data.
- Folder structure for messages and tags are kept as they are in the original encryption.I truly hope this gets implemented soon, otherwise we are using a service with a expire date depending on when you first logged in; of course, nowadays you can assume you lose data and can create new keys and forget about previous data, but this is currently a no-sense to me.
David Menendez
supported this idea
·
An error occurred while saving the comment David Menendez
commented
I contacted support and it seems this is not available, which is a security breach.
Old accounts have as per old standards GPG 2048 keys, which are not as secure as current ECC ones and also, the key can be compromised. We can create a new key but it only works for new emails, existing ones cannot be re-encrypted with the new key.
We have heard by Proton team multiple times, even in Andy Yen's interview that Proton products are designed to be covered even if a data breach happens, as all the data is encrypted. If old mails cannot be re-encrypted with newer and more secure keys, this is only partially true, as GPG keys 2048 long are not secure enough in long term and in the future, current ECC will be became outdated as well.
If this feature is implemented in a way that the existing emails are re-encrypted with new keys and all the folder estructure and details are kept, being transparent to the user, Proton mail will increase its security a lot in long term and ensures to all the Proton users that their data will be safe as per latest standards and if a private key is compromised, all the data can be still retained securely after re-encrypt everything with a new key.
-
27 votes
An error occurred while saving the comment David Menendez
commented
It would make a difference between just use the mail as we do now, and use it as an enterprise provider. This is a huge limitation in the web and also in the Desktop App.
David Menendez
supported this idea
·
-
17 votes
An error occurred while saving the comment David Menendez
commented
I am surprised that this is still a bug in Linux Desktop App, the dark mode is not usable at all because of this: everything in dark mode except the content makes your eyes cry.
David Menendez
supported this idea
·
-
196 votesDavid Menendez
supported this idea
·
After some time I confirm this is already working, but it is the lack of documentation what it makes it hard to do.
Here is what I did to re-encrypt my entire mailbox, moving from an old key 2048 length to a new ECC key:
1.- Perform a backup of the entire mailbox using Proton tool for it.
2.- Create a new key for the account and for the mailbox, marking them as PRIMARY.
3.- Mark the old key as obsolete, so it is not used to encrypt anything.
4.- Restore the backup done at step 1 using Proton tool. All the mails are stored in the same folders they were before with a tag, but you can remove the tag and they are exactly as they were earlier.
5.- Remove the old key. I had to contact Proton support for this, as it was being blocked because of the Proton Drive, even if no files were there. Support needs to remove your entire Drive and all your data, so ensure you have a copy of the data there before asking for it.