Previous Entry Share Next Entry
While digging through today's IndieGogo trawl (I let them send me regular emails about interesting projects -- it's rather fun window-shopping), I came across the fund-raising campaign for ProtonMail; some folks here might be interested in it.

Their claim is, "NSA-proof encrypted email". From what I can see, that's half-true -- they're saying the right things to suggests that it is quite secure (both technically and legally), but there's a deep tension between "secure" and "email". Basically, it's an email-linked service, accessed via the web, which appears to have serious encryption at all the right layers. They say exactly the things I want to hear -- in particular, they make the point that, if you lose your email password, you are SOL, which suggests that they're telling the truth that *they* can't access the messages. (Indeed, you apparently have *two* passwords, one for the service and one for your email, and they make no bones about the fact that yes, this is a bit inconvenient, but necessary for this level of security.) The service is based in Switzerland, both physically and legally, and it's kind of fascinating to think about the "branding" implications of that: Switzerland has done an impressive job of establishing a national brand that implies confidentiality.

The only major downside I see is that I *think* you have to use their front ends to access it securely, so it's only as good as their developers. I see nothing to suggest there are any open standards involved here; indeed, it sounds like emails typically never leave their servers. The implication is that, to use this system in a fully-encrypted manner, everyone involved probably needs to be on it. (It sounds like they do interoperate with external email providers, but I would bet that you lose the security benefits by doing so.)

That also implies that they are probably a single point of failure -- even though it is probably true that your email can't be compromised, it *can* be lost if something happens to the company. And they don't appear to be open-source, which doesn't freak me out but does concern me slightly: I am a serious believer that infrastructure code is usually healthier for being open source. (Which is the main reason why Querki, despite being *very* much a commercial venture, is nonetheless open source -- I'd like folks to be able to audit my code and point out problems.)

All that said, it seems like a good project, and probably worth supporting -- I'll likely toss them a few dollars even if I don't get an account myself, simply on principle. They've built confidentiality as their central guiding principle, and for people who need that (and there are many use cases where it truly matters), it seems like a fine option. Check it out, and consider contributing -- while they've passed their $100k minimum to get the project past beta, they have a long ways to go for the million dollars they are seeking to put it on a solid footing...

  • 1
I heard about them because of their issues with PayPal locking their funding (since reversed), but any company that promises self-deleting emails and the claim that this makes email ephemeral makes me question their grasp of security and the myriad ways around such a thing. But the rest of the tech looks solid and workable.

Well, I have little doubt that if any of the participants of an email have ill intent or aren't on their system, it's very easy to defeat. But for their target market -- groups where everyone is trying to keep something confidential, and they're all on it -- there's no reason why it would be hard to achieve if done properly...

  • 1

Log in

No account? Create an account