• unexposedhazard@discuss.tchncs.de
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    5 months ago

    How can proton protect your unencrypted emails? Unless you are writing someone that also uses protonmail or pgp, the emails wont be encrypted. This is barely an advantage at all over the existing system. You are just telling people to depend on this single point of failure, which is proton.

    You cant expect everyone to use protonmail, that would be unwise from a decentralization standpoint. The real solution is only using email for people that are unwilling or unable to use something other than email. For everyone else you should simply switch to different communications protocols that were made with e2ee in mind.

    • oktux@beehaw.org
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      5 months ago

      I think we mostly agree, and I appreciate you advocating for secure alternatives and privacy in general!

      How can proton protect your unencrypted emails? Unless you are writing someone that also uses protonmail or pgp, the emails wont be encrypted.

      That’s true. Proton can only encrypt your inbox in that case.

      This is barely an advantage at all over the existing system.

      I disagree. Having my inbox encrypted and using an email provider that doesn’t mine my data is certainly worthwhile for me.

      You are just telling people to depend on this single point of failure, which is proton. You cant expect everyone to use protonmail, that would be unwise from a decentralization standpoint.

      I’m not advocating Proton over other, more secure and private communication methods. My point is that, if you’re choosing an email provider, Proton is a good choice. They’re a nonprofit whose mission is privacy, and they spend considerable technical effort to ensure it.

      I would hate to see someone switch from Proton to Gmail or some other provider that doesn’t offer any privacy because they mistakenly think all providers are the same.

      The real solution is only using email for people that are unwilling or unable to use something other than email. For everyone else you should simply switch to different communications protocols that were made with e2ee in mind.

      To the extent that’s practical, I strongly agree. As you correctly point out, email is a plaintext protocol, and there’s nothing Proton can do about that.

      But if you do use email and not all your contacts have exchanged PGP keys with you, which I’m sure is true for many people, then I think there’s a lot of value in using a provider that offers an encrypted inbox and doesn’t mine your data.