In addition protonmail do not protect your metadata (from memory), it’s not encrypted in transit.
Protonmail also keep your public and private keys on their servers, it’s PGP however they don’t want the end users to have to manage their own keys. That to me isn’t ideal.
Receiving from another provider you’ll get TLS encryption until it hits protonmail servers but protonmail will then decrypt your email and again encrypt your email using your PGP stored on their servers.
Sending an email from proton to another provider will be encrypted on protonmail servers but that’s where it ends. TLS will take care of the in-transit and again may not be stored securely on the receiving end.
Tuta (in my eyes) is a step in the right direction, using a client like thunderbird or enigmail and managing PGP yourself would be more secure as the message is decrypted by the recipient and not a company owned server.
Protonmail isn’t great, their deliberately misleading about the encryption. Many consider protonmail to be a honeypot.
Do you have anymore background on that?
https://www.wired.com/story/protonmail-amends-policy-after-giving-up-activists-data/
https://cldc.org/does-protonmail-snitch/
In addition protonmail do not protect your metadata (from memory), it’s not encrypted in transit.
Protonmail also keep your public and private keys on their servers, it’s PGP however they don’t want the end users to have to manage their own keys. That to me isn’t ideal.
Receiving from another provider you’ll get TLS encryption until it hits protonmail servers but protonmail will then decrypt your email and again encrypt your email using your PGP stored on their servers.
Sending an email from proton to another provider will be encrypted on protonmail servers but that’s where it ends. TLS will take care of the in-transit and again may not be stored securely on the receiving end.
Well god damn it! Did you have any links to articles about it? Also what would you view to be better then proton.me?
Tuta (in my eyes) is a step in the right direction, using a client like thunderbird or enigmail and managing PGP yourself would be more secure as the message is decrypted by the recipient and not a company owned server.
Yeah except I forgot how to login and now I’m burned