|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
I don’t know of any end to end encrypted email. For private conversation I like Signal, Briar, and Matrix.
Proton stores the private key(s) encrypted by your password. This means you can use mail with different clients / devices and attackers cannot steal the private key from your device.
To maximize security you need a strong password or even better, 2FA.
cheers, Paul
I have been using Proton Mail since 2018 to get away from the spying eyes of big tech. I use their Mail Plus paid plan (pay yearly for a discounted rate of $3.99 per month, instead of $4.99 if paying by month) which is required to use their bridge application to sync with a mail client. Initially I used Outlook (on Windows 8.1) then about ten months ago switched to Thunderbird (on Linux Mint). I also use the Android app. Otherwise I do not use/need any of the other included services, ex. Calendar, Drive, VPN and Pass. I have never had an issue with their mail service, it has always worked well for me.
Encryption like theirs where the private keys stay on their end is not secure. I would never use it. Just like hushmail and safemail and other honeypots.
Private keys for encryption are stored on the user’s device(s). Some snippets from Proton below:
Zero-access encryption is just what it sounds like: a type of encryption for data at rest that renders digital files inaccessible to the service provider. The files can only be decrypted using the user’s private encryption key. Because the server does not have access to the user’s private encryption key, once the files are encrypted with the user’s public encryption key they are no longer accessible to the server or the server’s owner. When the data owner wants to view their data, they request the encrypted files from the server and decrypt them locally on their device, not on the server.
Most companies do not implement zero-access encryption either because they sell your private information to advertisers (Google, Facebook, etc.) or because the technical challenges of implementing it are too great.
Instead, they might use regular encryption where they retain control over the encryption keys. This is like storing the key to the lock with the lock itself and creates many vulnerabilities. For example, if servers are ever hacked, your private conversations can be leaked (like in the Yahoo! breach of all 3 billion of its accounts).
Furthermore, this approach also leaves data open for misuse, either by rogue employees or unscrupulous third parties, such as in the Cambridge Analytica/Facebook scandal. This data can also be made accessible to government surveillance agencies or sold outright to advertisers.
We drastically reduce these security and privacy vulnerabilities by using zero-access encryption to ensure that we ourselves do not have access to your data. That way, even if somehow Proton Mail servers are breached, the contents of users’ private emails will still be encrypted.
Where is it stored encrypted
Private keys should be kept on the device.
@southieguy As stated, if you delete your account, you lose everything. Also: do note that once you become a ‘paid’ customer, you can NOT revert to a ‘free’ customer under the same email. Not sure where you are using Proton (ie ipad, webrowser, or on PC as app,) BUT do contact them via ‘Report A Problem’ (at bottom, left hand side, way under inbox etc just before’ sign out’. ) They get back to you in a few days. Usually asking for more details, so ensure you put as much detail in your initial report as possible.
Does anyone know if there is a way to delete my Proton mail account so that I could reinstall a clean version of Proton Mail Plus and start over?
You can delete your proton mail account, but once your account is deleted you cannot create another with the same user name.
“We do not recycle usernames, which means the same username will not be available in the future.”
Desktop Asus TUF X299 Mark 1, CPU: Intel Core i7-7820X Skylake-X 8-Core 3.6 GHz, RAM: 32GB, GPU: Nvidia GTX 1050 Ti 4GB. Display: Four 27" 1080p screens 2 over 2 quad.
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
