Mirek
My feedback
2 results found
-
1,879 votes
We have given this quite a bit of thought, but at the present moment, it is not clear the advantages would outweigh the disadvantages.
The biggest problem is search. Encrypting all metadata would break metadata search entirely on the web client as there is still no efficient way to handle search of encrypted data within a browser.
Secondly, metadata encryption’s value from a privacy standpoint is also somewhat dubious. Because we ultimately must deliver the message to the recipient, we must know who the recipient is. At the current time, there still isn’t any proven and viable way to work around this.
Metadata encryption is an area of continued research for us, and when the opportunity arises and the technology for doing this matures, we will definitely implement it in ProtonMail.
An error occurred while saving the comment Mirek supported this idea · -
1,585 votes
Proton and Standard Notes are joining forces: https://proton.me/blog/proton-standard-notes-join-forces
Mirek supported this idea ·
E-mails could be indexed locally and search limited to local search. That's the way Tutanota does it.
In fact, Tutanota encrypts all metadata except email addresses and timestamps. From their blog (https://tutanota.com/blog/posts/differences-email-encryption/):
"Tutanota does not rely on PGP to ensure that your data is kept secure. This way Tutanota can also encrypt much more data: body, attachments, subject lines, and sender names. The only remaining data in Tutanota that is not yet encrypted are email addresses and times of emails."
Most importantly, Tutanota also encrypts a user's whole address book, including e-mail addresses and names — the most important info in a contact list. In comparison, Protonmail's contact encryption is rather feeble, given that it doesn't encrypt these two key components.