But doesn't such an addon need to be updated sometimes (for example for new versions of Firefox)? So wouldn't this afford Protonmail a hypothetical opportunity to change the code in the addon and compromise the encryption? So at the end of the day you're still stuck having to trust the Protonmail devs and administrators.
I just don't think there's a model in which you get around having to trust the people who wrote the code, unless you are reviewing all the code yourself or writing it yourself.
But doesn't such an addon need to be updated sometimes (for example for new versions of Firefox)? So wouldn't this afford Protonmail a hypothetical opportunity to change the code in the addon and compromise the encryption? So at the end of the day you're still stuck having to trust the Protonmail devs and administrators.
I just don't think there's a model in which you get around having to trust the people who wrote the code, unless you are reviewing all the code yourself or writing it yourself.