You should assume that US and Israeli intelligence services can read everything in your Protonmail.

Other encrypted webmail providers should also be regarded with suspicion for similar reasons

  • Tov
    link
    fedilink
    45
    edit-2
    5 years ago

    Protonmail even has an SSL cert for that onion address even though it’s completely unnecessary.

    The reason they have an EV TLS certificate is because it still authentifies the remote server as genuine. If their Tor private key were to be leaked, users would be able to see that an impersonating service is not serving the right certificate. This also allows for cert pinning and HSTS.

    When a user makes a new account with Protonmail on TOR they are re-directed from Protonmail’s “.onion” to “.com” address. This breaks your secure encrypted connection to their onion address, enabling your identification. […] the only other websites that operate like this are suspected NSA/CIA Honeypots.

    Redirecting to the clearweb from a Tor address does not break “your secure encrypted connection”. Accessing an onion-routed service is only marginally more “secure” than accessing a TLS-enabled clearweb service over Tor.

    Professor Nadim Kobeissi mathematically proved that Protonmail does not provide End to End Encryption. Meaning, Protonmail has the ability to decrypt their own user’s data.

    This issue is hardly mathematical, and the argument is simple: if they want to serve you a JS file that sends them the decrypted contents of your mailbox, they can. It can be helped by hosting their webclient yourself. Supply-chain attacks are hardly a reason not to use software since every single one of them is affected.

    I also doubt anyone here has read the entirety of the source code of the software they use, so why would you use Linux, of which entire components were originally written by the NSA, or Tor, which has its roots in US Navy research labs and DoD funds? How about the websites that use NIST-approved elliptic curves designed by the NSA? Surely, you agree that SELinux and Tor can be reasonably trusted. You probably visited hundreds of websites that use NSA Suite B ECs. In fact, privacy-watchdog.io uses the NSA-designed P-256 EC. It seems to me there is no reason to have particular distrust for the ProtonMail webclient.

    That is not to say ProtonMail is secure, all third-party hosted webmail services are vulnerable to the attack Kobeissi outlines in his paper. You may not trust any of them, but I also do not trust myself to correctly configure everything correctly, and I much less trust hosting services to keep my data secret. Overall, the e-mail ecosystem being as broken as it is, you’d rather not use it for secure communications.

    The other, non-technical points I can’t be bothered to investigate (as IMO they hardly matter). Point 6, EML files are standard. Point 10, am I supposed to care? Point 11 assumes “independence” is an attribute worth pursuing (“but small business owners!”), or that it even is possible to pursue at scale.

    • @styx
      link
      101 year ago

      Yea, the whole article seems to wrap few valid possible vectors to a bunch of “scary facts” that does not mean what they sound.