• /home/pineapplelover
    link
    fedilink
    11
    edit-2
    9 months ago

    Doesn’t proton open source everything they do? Iirc, proton mail, calendar, vpn, drive, and simplelogin are open source under GPL v3 on github.

    • @[email protected]
      link
      fedilink
      139 months ago

      Yes the clients are open source but the server part is closed and it’s a big missing part

      Now, better to be 50% oss than 0%, but it’s not a community effort. Most commits are done behind the scenes and then published when app is released. This causes most pull releases to be rejected as the problem was already fixed internally months before. It’s more like “source available”

    • @TCB13
      link
      4
      edit-2
      9 months ago

      There’s no vendor lock in until you realize your emails are essentially hostage of their apps and a bridge that may be shutdown at any point. If you can’t simply setup a regular email client then there’s vendor lock in, not even Microsoft does that.

      • @[email protected]
        link
        fedilink
        79 months ago

        Huh? This is not true. Proton have an app that exports all your emails for reimport into the platform of your choice.

        • @TCB13
          link
          69 months ago

          The issue not that you can’t export in bulk, you’re locked into their apps daily. Every other email provider out there uses standard protocols that allow for any client to be used.

          Besides, the export feature is all fun until you actually have to use it. There’s a bunch of metadata that gets lost, contacts, calendars and notes are exported in JSON with propriety structures that other systems can’t deal with. Note that there’s also CardDAV/CalDAV as open and interoperable solutions for those issues and they device not to use them.

      • @[email protected]
        link
        fedilink
        69 months ago

        They say the reason for needing their bridge is the encryption at rest, but I feel like the better way to handle wanting to push email privacy forward would be to publish (or better yet coordinate with other groups on drafting) a public standard that both clients and competing email servers could adopt for an email syncing protocol for that sort of zero-access encryption that requires users give their client a key file. A bridge would be easier to swallow as a fallback option until there’s wider client support rather than as the only way.

        A similar standard for server-to-server communication, like for automatic pgp key negotiation, would be nice too.

        Still, Proton has a easy to access data export that doesn’t require a bridge client or subscription or anything. I think that’s required by GDPR. It’s manual enough to not be an effective way to keep up-to-date backups in case you ever abruptly lose access but it’s good enough to handle wanting to migrate to another provider.

        • @TCB13
          link
          English
          29 months ago

          I agree 100% with your ideia. The best path for this would’ve been for them to actually design that system you describe and THEN implement it on Dovecot and Postfix in their own fork or a Dovecot extension / Postfix add-on so others would start using them. Eventually after some times and other providers also optionally supporting the thing an RFC could be written. This is the usual course we see with protocols/extensions and is what should’ve happened here.

          I want to share another thing, before Snowden there was Lavabit, they also did “encryption at rest” and the user password involved for some parts of the information and it was proven to be effective. It wasn’t a perfect model but it was certainly better than the havoc Proton did to e-mail by opening the precedent that is okay not to run on standard protocols.

          What Proton is doing to e-mail is about the same that WhatsApp, Messenger and others did to messaging - instead of just using an open protocol like XMPP they opted for their closed thing in order to lock people into their apps. People in this community seem to be okay with this just because they sell the “privacy” cool-aid.

          server-to-server communication, like for automatic pgp key negotiation, would be nice too.

          I’m not sure if this is required. Any decent e-mail server uses TLS to communicate these days, so everything in transit is already encrypted.

          Still, Proton has a easy to access data export that doesn’t require a bridge client or subscription or anything. I think that’s required by GDPR.

          Yes, they have it because GDPR does require it. It works, but it’s not a real time sync alternative to anything and it is some kind of vendor lock-in.

          As I said in other comments, not using standard protocols only makes thing worse. I used iOS as an example, for Android you can get a bridge but that’s just going to be one more thing going for your battery.

          Now, consider this, there’s a TON of situation where having a standard SMTP-capable provider is interesting. Maybe you’re running in iOS, maybe you want to have an ESP32 to send a few emails, or some custom software in your computer. All those use cases are impossible or require more coding and more non-standard solutions just because Proton decided to be the first provider ever not to use standard protocols.

          • @[email protected]
            link
            fedilink
            29 months ago

            Do you have a privacy oriented email provider alternative to proton?

            I have my domain name, but I don’t want to manage an email server on my server.

          • lastweakness
            link
            19 months ago

            What Proton is doing to e-mail is about the same that WhatsApp, Messenger and others did to messaging - instead of just using an open protocol like XMPP they opted for their closed thing in order to lock people into their apps.

            PGP is not closed. What proton has done is make a really cool JS library for PGP as part of their Web UI (openpgpjs.org) which other projects, even those unrelated to Proton have used, like Mailvelope. They’re also pushing the PGP standard itself to support stuff like post-quantum encryption. So this is really odd to hear as Proton is, without a doubt, the most open and interoperable of all the properly encrypted providers.

            Lavabit

            With Lavabit, you were simply trusting them mostly blindly on their claims. Yeah it worked out that one time but could have gone very wrong.

            Yes, they have it because GDPR does require it.

            They’ve had it since far before GDPR took affect. They’ve also had bridge which has always allowed external backups and is in fact real time. They now also support forwarding mails, which should also suffice for your use case.

            Open sourcing the server software is desired ofc, but would it really mean a lot for security? Not really. All the relevant bits are already open source. And none of it is really non-standard. But i do still wish for that for the sake of transparency. And yeah i wish they would move away from this almost source-available model.

            Regarding SMTP, yeah i agree. But they do provide that through bridge and also for business users based on a per-request basis.

            There are definitely a few artificial limitations and stuff that really pisses me off, like the limit on aliases in custom domains and SMTP for normal paid users, but a lot of the talk I’m hearing on lemmy about proton is just FUD.

            • @TCB13
              link
              English
              19 months ago

              PGP is not closed. What proton has done is make a really cool JS library for PGP as part of their Web UI (openpgpjs.org) which other projects, even those unrelated to Proton have used, like Mailvelope.

              I never said PGP was closed, what I was saying is that their implementation of the access to their service is closed (not using standard IMAP/SMTP) and subsequently “their” PGP might be questionable / opaque.

              If they actually do everything with open standards and PGP by the book as they say, why can’t they provide IMAP/SMTP access to everyone who wants it BUT add the disclaimer that you’ve to use a PGP compatible e-mail client and configure it to deal with the encryption… they could even configure their submission to refuse any email that isn’t PGP encrypted to improve things further. The fact that they don’t do this leads me to believe that they either a) aren’t actually doing everything as “by the book PGP” and there might be security issues or b) they’re “privacy” as a catch all excuse in order to push a bit of vendor lock-in.

              Their market niche is privacy conscientious people and those same people tend be to computer savvy and I bet half of them would mind setting up PGP on Thunderbird and use Proton without a bridge. Everyone else could still use their apps, web or the bridge.

              • lastweakness
                link
                19 months ago

                They can’t do traditional IMAP/SMTP simply because they always do client-side auth rather than tradition server-side auth, which inherently makes them more trustworthy than every other provider that does offer IMAP/SMTP-based provider to whom you always send your passwords in plaintext. This has the added benefit of having at least your own mailbox always be zero access encrypted.

                • @TCB13
                  link
                  English
                  19 months ago

                  they always do client-side auth rather than tradition server-side auth

                  They must have some server-side auth as well, otherwise I could just emulate requests from the bridge an pull all your PGP encrypted email from their servers. Even though it would be mostly useless it would still be a big vulnerability issue.

                  IMAP/SMTP-based provider to whom you always send your passwords in plaintext

                  Why do you say that? What led you to believe it?

                  Most providers are running IMAPS (IMAP over SSL) or IMAP with StartTLS (upgrade to TLS) and the same for submission to make sure there are no passwords in plain-text. Furthermore mail clients and servers also support password hashing and some, like Google, even go further and push people into IMAP/SMTP authentication with XOAUTH2 (OAuth token unique for each e-mail client).

                  Non-plaintext mechanisms have been designed to be safe to use even without SSL encryption. Because of how they have been designed, they require access to (…) their own special hashed version of it. https://doc.dovecot.org/configuration_manual/authentication/authentication_mechanisms/#non-plaintext-authentication

                  Going back to Proton, if they do use PGP in a generic way it means all your e-mail are encrypted and whenever you want to open the website or use the bridge they’ve to decrypt them. As you described before, they do this client side and that’s okay.

                  Now the next question is: how do they decrypt your mailbox? Their servers hold your private PGP key encrypted with your login password, once a client wants to decrypt your mailbox it has to pull that private key from the server and then use your password to locally decrypt it. Said now plain text key can then be used to decrypt the e-mails. This is a common security practice to make PGP and other asymmetric encryption schemes work securely without forcing the user to store and mange its own private key - that’s okay as well.

                  For e-mail coming from external providers (and people who don’t use PGP) Proton receives the unencrypted message (over TLS) and then encrypts it with your public PGP key. After this point you are the only person who can decrypt the message because while they also hold your private key it is encrypted thus they can’t use it to decrypt the message. This is reasonable and okay.

                  Now the thing is, all this can be accomplished via IMAP/SMTP, with the same level of security, if you employ a few rules:

                  1. Tell customers who want to use IMAP/SMTP that they’re required to configure PGP manually on their clients otherwise their mailbox will be encrypted / useless and they won’t be able to send e-mail;
                  2. Submission (sending e-mail via SMPT) servers configured to refuse any e-mail that isn’t PGP encrypted;
                  3. Only provide IMAP/SMTP authentication with SSL/TLS;
                  4. Restrict the IMAP/SMTP authentication to a non-plaintext mechanism;
                  5. If they don’t go for XOAUTH2, then force people into creating a specific app password for each e-mail client - like Google also allows for legacy stuff that doesn’t support XOAUTH2.

                  Note that their current apps/bridge also needs to authenticate itself with some hashed version of your password, otherwise I could just emulate requests from the bridge an pull all your PGP encrypted messages from their servers. Actually using XOAUTH2 tokens or unique app passwords would be even be safer than what they’re doing.

                  Considering their PGP implementation is standard then doing those tweaks isn’t impossible and they would provide the same level of security their apps provide but also be flexible enough for more advanced users.

                  • lastweakness
                    link
                    19 months ago

                    The bridge does the decryption using credentials you give it locally. Sorry for mentioning “auth”. I should have mentioned encryption instead.

                    Regarding the rest, it comes down to the zero access mailbox encryption’s implementation details. In all described scenarios, you’re not really using your master password as the “key” for your mailbox. But in proton’s and similar services’ case like Tuta, this is true. Any “zero access” service provider offering IMAP access without a bridge is simply lying to you as IMAP (the protocol itself) requires server-side decryption of the content, even if SMTP doesn’t. (Btw, SMTP is really an artificial limitation. Just not IMAP. If they give you smtp access, it wouldn’t send encrypted mails unless specifically configured to do so but would otherwise be the same.)

                    What you described is encryption at rest, but not zero access encryption (which is what Purelymail does btw).

                    Whether all this is needed and all depends on your threat model. I think most tech-savvy folks would be happy with something like Purelymail or Migadu tbh…

          • @[email protected]
            link
            fedilink
            English
            19 months ago

            I’m not sure if this is required. Any decent e-mail server uses TLS to communicate these days, so everything in transit is already encrypted.

            In transit, yes, but not end-to-end.

            One feature that Proton advertises: when you send an email from one Proton mail account to another Proton address, the message is automatically encrypted such that (assuming you trust their client-side code for webmail/bridge) Proton’s servers never have access to the message contents for even a moment. When incoming mail hits Proton’s SMTP server, Proton technically could (but claims not to) log the unencrypted message contents before encrypting it with the recipient’s public key and storing it. That undermines Proton’s promise of Proton not having access to your emails. If both parties involved in an email conversation agree to use PGP encryption then they could avoid that risk, and no mail server on either end would have access to anything more than metadata and the initial exchange of public keys, but most humans won’t bother doing that key exchange and almost no automated mailers would.

            Some standard way of automatically asking a mail server “Does user@proton.me have a PGP public key?” would help on this front as long as the server doesn’t reject senders who ignore this feature and send SMTP/TLS as normal without PGP. This still requires trusting that the server doesn’t give an incorrect public key but any suspicious behavior on this front would be very noticeable in a way that server-side logging would not be. Users who deem that unacceptable can still use a separate set of PGP keys.

            • @TCB13
              link
              English
              39 months ago

              Here’s what I think: if they actually do everything with open standards and PGP by the book, why can’t they provide IMAP/SMTP access to everyone who wants it BUT add the disclaimer that you’ve to use a PGP compatible e-mail client and configure it to deal with the encryption… they could even configure their submission to refuse any email that isn’t PGP encrypted to improve things further. The fact that they don’t do this leads me to believe that they either a) aren’t actually doing everything as “by the book PGP” and there might be security issues or b) they’re “privacy” as a catch all excuse in order to push a bit of vendor lock-in.

              Their market niche is privacy conscientious people and those same people tend be to computer savvy and I bet half of them would mind setting up PGP on Thunderbird and use Proton without a bridge. Everyone else could still use their apps, web or the bridge.

                • @TCB13
                  link
                  English
                  19 months ago

                  Great find, even worse than what I was thinking. Like you I was also under the assumption they applied some kind of encryption to all metadata as well.

        • @TCB13
          link
          19 months ago

          And, and what will happen when they decide to discontinue the bridge? What happens when you’re running on iOS and you can’t have the bridge? You’ll be forced into their apps, that’s pretty locked. Besides does the bridge even provide contacts and calendars to Thunderbird? Last time o checked it didn’t. What about notes?

          • /home/pineapplelover
            link
            fedilink
            1
            edit-2
            9 months ago

            Iirc, all the emails are stored locally so I guess if proton goes down, you can still access the emails on your phone. Same with cakendar, contacts in proton, and hopefully notes

            Edit: nevermind, the emails are only stored if you accessed them before.

            • @TCB13
              link
              29 months ago

              You actually pose an interesting question, what happens if they go down. How much time will their apps / cache work? We don’t know.