ProtonMail doesn’t encrypt all emails “by design”
HTML-код
- Опубликовано: 7 авг 2024
- In this episode, we explore why ProtonMail doesn’t encrypt all emails “by design”.
==============================
SUGGESTED
==============================
How to encrypt, sign and decrypt messages using GnuPG on macOS 👉 • How to encrypt, sign a...
==============================
LINKS
==============================
Password policy series 👉 • Password policy series
How to generate and air gap PGP private keys using GnuPG, Tails and YubiKey 👉 github.com/sunknudsen/privacy...
==============================
SUPPORT
==============================
Support this channel 👉 sunknudsen.com/donate
I am one of those people who had no idea that my emails were not encrypted using Proton. Now I know why and how to change it. Thanks for all the work you put into these videos and the privacy guides
Protonmail works like Signal, to send an end-to-end encrypted message, the recipient must also use Protonmail, the little padlock at the bottom left to encrypt is reserved for recipients who do not have addresses on Protonmail, the problem arises when it comes to sharing the password, same thing for PGP keys, when you understand how messengers that use encryption work, it's obvious and it's always the same principle, but it's true that their slightly misleading advertisements could make you think that everything is encrypted by design, when it depends on how you use it. Thanks for this video Sun.
IRCs like signal store messages on their servers and get deleted once that message is delivered to the receiver. Proton mail on the other hand stores messages on their servers until you deleted your proton mail account. In addition accounts on signal is end to end encrypted, your account proton mail is partially encrypted because your email address and the subject is on plaintext and can be read by proton servers.
It‘s so interesting, that so many people dont understand „end-to-end encryption“ and how asymetric cryptography works. However, it works wonderful from proton to proton and with PGP. Well done sun, to explain this again.
I think privacy advocates have had a good time beating on Protonmail and services like it for some reason. I look forward to a future in which every privacy critique starts with, "The internet as a whole, and by extension, e-mail, was never designed with privacy as a goal. The internet is a giant copy machine and it wants to move data around from computer to computer, and e-mail is a quintessential part of this. If you are going to use e-mail, this is how you can make it less horrible when it comes to privacy, but less horrible is all you're going to get."
You see similar attacks on VPNs. The assumptions people make about why I use a VPN and what I expect from it always irritate me.
This is a good video. It is something everyone should understand before using Protonmail.
Opened my eyes Just what I needed to know. Thank you
Thanks for this video. This really clarified how email encryption works.
Great video 👍
Could you do an episode on other proton products? Like calendar for instance?
End to end encryption only works when the recipient is using the same service as you.
Protonmail doesn't encrypt its mail between non protonmail users by default but it does encrypt mail between 2 protonmail users by default(Idk if it works when mailing multiple protonmail users though). Afaik this is mostly coz proton has access to the all of its members public keys but does not have for mail ids not under their domain, this behavior can be duplicated with non protonmail users as well by the few steps you mentioned but which are unknown to majority of users. So thanks Sun for making this knowledge mainstream, your few hours of efforts will definitely make several users communicating over email much more private.
Very important subject - thank you
Thanx for this video!
Do you have some info about Utopia Ecosystem ?
but does the other person how to do this encryption setting on their end too for it to work? or is it enough if only 1 person does this?
I imagine that it's difficult of one person is not that tech savvy
You may have less subs for now, but boy you have great content! May your tribe increase with each passing day 🙏🏻🙏🏻😊
What’s best one to use for files that need to be secured?
Great video as always, is next meetup on jitsi in plans?
Great question… been a little overwhelmed with work. Will follow up on meetups shortly!
Bro, have you tried Tutanota?
Thanks, I was ignorant about this and believed what they display in website . OMG, what a terrible mistake.
How do I remove encryption on my email. It did it and I can't read my emails
I noticed an anon comment below stating "End to end encryption only works when the recipient is using the same service as you." I would think that this statement is NOT true as PGP encryption protects anyone that is able to encrypt the mail using their public key and decrypt a message using their private key while others that do not have a private key would never be unable to read it in plain English. End-to-End encryption, to me means PGP encrypted but to others it may mean encryption during transport but not encrypted at the end-points when stored.
Also, how does non-PGP encryption tie into this conversation? For example in Proton mail says:
<
Message Storage
* All messages in your ProtonMail mailbox are stored with zero-access encryption. This means we cannot read any of your messages or hand them over to third parties. This includes messages sent to you by non-ProtonMail users, although keep in mind if an email is sent to you from Gmail, Gmail likely retains a copy of that message as well.
* Messages sent “Encrypted for Outside” are also stored end-to-end encrypted.
* Subject lines and recipient/sender email addresses are encrypted, but not end-to-end encrypted.
>
So the encryption conversation can be at a sender-to-recipient level (PGP), transport (TLS), and storage (ZeroAccess).
My apologies if I am incorrect in my understanding of what "by design" is referring to or the technologies involved.
I appreciate you and your channel.
-Ajay
sun can make a video about floc and wire app?
I left two comments a few days ago and I just noticed that they were never published here. Were they automatically removed by RUclips? Am I not allowed to mention brands in the comments? I'm confused... In my second comment I just asked if you haven't dropped the proprietary password manager yet as I noticed the little icon in the menu bar.
For those who only want to receive mail at protonmail what are the risks?
It depends… ProtonMail is better than most email providers. That said, most emails are not encrypted. Once one is aware of this, using ProtonMail is fine.
Interesting, but why hasnt important tools such as SMS and email been improved so that they aren’t a security risk? Maybe i’m missing something
Better manual PGP to make
Mark the date this is the first video I have watched and didn’t learn something new. Almost disappointed. Hopefully it means I’m getting closer to where I actually want to be in terms of privacy/security.
Hey Sean, kudos! Perhaps you can skip L1 (level 1 or getting started) episodes. These are very helpful to many, but I agree, for more experienced users, they are not as insightful.
@@sunknudsen absolutely it’s all baby steps and just climbing it. I know where I want to be but I know my knowledge isn’t there yet to comfortably go to that level.
Done the easy stuff Ie delete social media, use password manager or passphraseme etc. Every step gets me closer and you’ve helped me a lot along that journey so thank you very much.
Not gonna lie....''This world sucks by design''.
Feel you
they should change that
Better hand write messages in a secret language that's encrypted by your own pgp keys while pidgeons pass the messages back and forth LOL
Or use Signal… and, for extra sensitive use cases, encrypt message using secret language first.
it's useless they can decrypt all of your emails, because they generate the PGP key on their servers
he just uploaded the key himself though
When using ProtonMail, in theory, PGP keys are generated and encrypted on the client. That said, one can imagine ProtonMail being forced to serve a backdoored version of the JavaScript to a given user. That is why I prefer handling PGP using command line.
@@sunknudsen It seems that my comment was not published, so let's try again:
This is non-sense: ProtonMail has not interest serving a backdoored JS to a user.
The code is open source, and there are integrity checksums in the code (SRI attributes), so it's pure FUD.
Algorithm.
very long video to say a very short message: Protonmail mails are encrypted if and only if they stay on the Protonmail server. This means Protonmail to Protonmail. Like Signal.
I thought I was reasonably intelligent until I watched this...
Yeah I'm getting rid of protonmail
I guess ppl cant read. Its proton to proton encrypted. Very simple.
Hi Sun, Thanks for the video and info but please please can you stop clapping during your speech. Many thanks.
NO NO NO, not another one, comeon, thought proton guys were cool, anyways its upto the people who decides how to use a product.
so 2022 is the year of clickbait videos (bless up for hidden dislikes)
Do you consider this episode clickbait? That said, arguably, without a little clickbait, it is very hard to get quality content out there.
Algorithm.