Andy Yen, the CEO of Proton (Mail, Drive, VPN, Pass…) answered a lot of the questions you, the community, asked, in an interview that covers basically everything!
He discusses security, privacy, the origins of Proton, how they operate, Linux support, future projects, products and features, quantum computing, passkeys, and more!
Proton Mail: https://proton.me/mail/TheLinuxEXP Proton VPN: https://protonvpn.com/TheLinuxEXP
👏 SUPPORT THE CHANNEL: Get access to a weekly podcast, vote on the next topics I cover, and get your name in the credits:
YouTube: https://www.youtube.com/@thelinuxexp/join Patreon: https://www.patreon.com/thelinuxexperiment Liberapay: https://liberapay.com/TheLinuxExperiment/
Or, you can donate whatever you want: https://paypal.me/thelinuxexp
👕 GET TLE MERCH Support the channel AND get cool new gear: https://the-linux-experiment.creator-spring.com/
🎙️ LINUX AND OPEN SOURCE NEWS PODCAST: Listen to the latest Linux and open source news, with more in depth coverage, and ad-free! https://podcast.thelinuxexp.com
🏆 FOLLOW ME ELSEWHERE: Website: https://thelinuxexp.com Mastodon: https://mastodon.social/web/@thelinuxEXP Pixelfed: https://pixelfed.social/TLENick PeerTube: https://tilvids.com/c/thelinuxexperiment_channel/videos Discord: https://discord.gg/mdnHftjkja
#vpn #privacy #proton #onlinesecurity #protonmail
Timecodes:
00:00 Intro 01:16 How did Proton start? 03:24 Why start with email? 06:03 What is Proton’s business model? 08:34 Why set up in Switzerland? 11:33 What data do you have on customers? 14:39 How is encryption important? 18:20 Do you always need to use a VPN? 20:47 Why focus on building an ecosystem? 24:55 Is an Office Suite planned? 26:29 What differentiates Proton from competitors? 30:26 Is Proton a viable alternative to big tech services? 33:31 Why expand to more products instead of finishing existing ones? 37:19 Does the general public care about privacy? 38:45 What’s next for Proton services? 40:08 What are the plans for native Linux clients? 46:03 Will ProtonVPN offer dedicated IPs to everyone? 47:46 What’s the environmental impact of Proton? 49:27 Proton on F-Droid, without Google Play notifications? 52:03 Why are code repos all separated and hard to find? 53:12 Why are addresses ending in “.me” ? 54:57 When will all apps reach feature parity? 56:24 Will SMTP relay be supported? 57:47 Will Proton focus more on businesses in the future? 59:50 Why put all your eggs in one basket with just Proton services? 01:01:00 Will Proton support passkeys? 01:03:21 Does E2E matter is the recipient isn’t using it? 01:04:49 Will Proton disable port forwarding in VPN? 01:06:41 Is encryption enough to make email private? 01:09:06 What protects users from a change in Proton’s code licensing? 01:11:14 How does Proton protect its infrastructure? 01:13:14 Impacts of Quantum Computing on privacy and security? 01:14:24 What’s the future of Proton Bridge? 01:16:25 When will Proton photos be a thing? 01:17:17 Plans for Proton Notes? 01:18:20 Will VPN support the Apple TV? 01:21:12 Support the channel
I will skip some parts because I think it’s not worth repeating.
This was clearly just an example. Any distributor is the single of point of failure. You can coerce or compromise it, and you will serve compromised software.
No there isn’t. There is nothing that prevents Github to serve you a different file when you query the same URL than what regular users will (for example by IP). It’s trivial to do this with any reverse proxy. And the same applies for a signature file, which means you can only notice if you manage to get the file and the signature from someone else and compare the signature/hashes for the same release. Which is basically the same as saying “I will compare my JS blob de-minified with the one in the OSS repo”, nobody does this either, I agree. This can totally happen every time you download something from any website, technically, provided that the server is coerced or compromised.
Not really. The spectrum is much narrower than how you present it. I bet 99% of users install software in one of these ways:
Almost all the package managers AFAIK work under the same model (package, signed with the distributor’s key, served via web), which is susceptible to coercion and compromise. All the webservers and platforms can be coerced/compromised to serve different files (installers) to different clients.
Am I missing something? Is there another way to serve software that I am missing?
There is one, so far. The provider being compromised. The rest is your speculation such as
Which is like saying, there are vulnerabilities. Yes, there will be vulnerabilities, but this applies to any software too. And if HTTPs is broken to allow MiTM then this is a risk for any software you download via web, starting from the linux ISO, so it’s far from a webmail-specific problem.
You list:
Nothing, absolutely nothing, tells you that it’s enough to compromise one Proton employee to gain access to production and replace the code. Also, you have absolutely no idea of the security practice of the couple of people who handle those keys, they are not accountable in any way, they don’t need to be compliant with any standard (for what is worth), etc. I would say it’s much more likely for any of the mirrors/repositories to get compromised compared to Proton.
In fact, you say:
I do this for a living. One way to do this is to close off production environments, assign temporary permissions that require multiple people to sign-in at the same time and spectate when production is accessed. Teleport allows to do this, for example, nothing I am conjuring out of thin air. Similarly, the CI can implement a million check to verify the provenance of the software and require multiple sign-off before things are actually deployed. Breakglass procedure exist (usually for a handful of individuals), but they generate alert and are audited post-factum, so that such attack would be detected.
True, but for me being attacked this changes very little. Attackers can just establish a C2, check if the target is right and do not do anything else on other devices. I grant you, this is a difference, but the control here is the fact that more people will possibly spot the issue and I will get to know it before getting compromised. It’s possible, but it’s a very weak control.
True, bigger attack surface, but each individual mirror can be compromised via the same vector (and of course the source can). Also Proton does not have a machine that serves everyone. Might have multiple regions, multiple clusters, separate by accounts, departments etc. In addition, you are talking about a highly targeted attack. Relying on the obscurity of which mirror someone uses is really not something I would consider applicable here.
The biggest difference is the automation with which JS code is “updated”. This is what makes the attack potentially slower via regular supply chain. Nothing I would consider massive for sophisticated attackers like the ones able to exploit this vector. So the massive difference in your opinion is that:
On the other hand:
If for you these are massive differences, OK. For me they are not.
Finally:
How it is relevant what both users are using the bridge? The bridge is literally doing the same that -say-
muttdoes. This has nothing with the bridge, what you are saying (I think) is that you wouldn’t send an email to someone if you don’t trust the software they use, but this is independent from you using the bridge. You can add other people (non-Proton users) keys to be used, so Bridge -> Mutt is exactly the same as Bridge -> Bridge or Mutt -> Mutt.In this case there is no tool that you can use that will “protect” you, if you don’t trust the other side.
Which is not a security consideration.
The security model of the bridge is the same as the security model of
mutt, or other CLI tools or anything you might use for PGP. It seems you have absolutely no security consideration why this would be worse.So, in short: