As the most popular encrypted email provider, ProtonMail has been criticized for false security promises and weak guarantees of its end-to-end encryption infrastructure. Can be ProtonMail's marketing of their Swiss-based email service justified? The results might SHOCK you!

These are encrypted email providers that I would recommend
Free and paid plans
https://www.protonmail.ch/
https://www.tutanota.com/
https://www.mailfence.com/
Only paid
https://www.mailbox.org/
https://www.posteo.de/


An Analysis of the ProtonMail Cryptographic Architecture by Nadim Kobeissi https://eprint.iacr.org/2018/1121
Liveoverflow End-to-End Encryption in the Browser Impossible? - ProtonMail    • End-to-End Encryption in the Browser ...  

The Reddit debate and Protonmail's response
  / ea3g0hm  
ProtonMail Threat Model https://protonmail.com/blog/protonmai...
Why is ProtonMail more secure than Gmail https://protonmail.com/blog/protonmai...

The problem with ProtonMail’s webmail service is that each time you go to sign in to their website, you have to completely trust ProtonMail that the javascript that your browser runs is correctly implementing PGP and is not trying to steal your private keys and read your messages. This problem is limited with smartphone apps, because each new version of an app has to be signed by the author and the platform – which in this case is ProtonMail and Google Play Store or Apple App Store. With these apps, users can verify whether they received the same binary for a particular version as everyone else.
Because of the differences in the levels of trust, webmail services are objectively less secure than desktop and smartphone apps. That is if you expect ProtonMail to try to execute a malicious javascript that would let them read your emails without being detected.
The fact that webmail is less secure than native apps is not new and ProtonMail has been saying that from day one. In their threat model article, ProtonMail explains this issue and even openly says that ProtonMail is for average people who want to protect themselves against mass surveillance, but it’s not for a next Edward Snowden. ProtonMail successfully accomplishes this mission because their servers can’t be tapped by the NSA to read plain-text emails as is the case with Gmail, Yahoo, Apple, or Microsoft.
Where ProtonMail and Nadim differ, is that Nadim thinks that end-to-end encryption is not possible in webmail and ProtonMail should not be calling it that.


Bitcoin:
1C7UkndgpQqjTrUkk8pY1rRpmddwHaEEuf


Follow me:
  / the_hatedone_  
https://www.bitchute.com/TheHatedOne/
  / the_hatedone  
https://www.minds.com/The_HatedOne

The footage and images featured in the video were for critical analysis, commentary and parody, which are protected under the Fair Use laws of the United States Copyright act of 1976.