The article reports on suggestions that ProtonMail is collaborating with authorities to provide IP address logging. So, what’s the current kerfuffle over ProtonMail? It *is* bad, but it’s nothing we didn’t already know. If you feel strongly that protecting people’s identities is important, please reach out. We’re happy to show you the ropes, but this can be a lot to take on. If you want any guarantees around protecting metadata, you’ll need to get into the weeds and use less user-friendly apps in combination with Tor. We’ll get into this in more detail in a future article, but the only easy-to-use encrypted communications apps that can protect your metadata are Signal (the best) or (next-best) Wire and Keybase. Watch for updates to in the coming weeks, where we may thaw our original frosty take on ProtonMail somewhat.īefore we dissect recent media reports, let’s be clear: email is no longer the best choice for secure communications.įirst of all, unless *every* member of your group is using the same, trustworthy email provider, no matter how strong the message encryption is, your metadata (information-rich stats about your data: who you are emailing, exactly when, and how often, plus the unencrypted subject line) is always widely visible to capable adversaries on the Internet. But if your group doesn’t have the time, capacity, or willingness for each member to spend ~90 minutes with the CLDC doing an email encryption training and providing ongoing support, ProtonMail might be the best choice for you. As a service that manages your encryption keys for you, ProtonMail can’t offer as strongly guaranteed security as classic PGP/GPG encrypted email. Despite the worrisome recent news, ProtonMail is nevertheless a reasonable choice for encrypted email. The CLDC has expressed reservations that ProtonMail may not be the best choice for activists. Since this Register article was recently published, some activists are concerned about whether or not ProtonMail can be trusted.
0 Comments
Leave a Reply. |