Dodging Gratuitous Email Spying - ProtonMail
ProtonMail is a freemium service for secure communications that targets novice and advance users. How is ProtonMail better than Gmail or other services? What are its limitations? How to set it up? The rest of this post answers these questions.
Gmail, iCloud, Yahoo, Outlook, Mail.ru, etc. Are Unsafe
The big end user service providers like Google and Yahoo tout "safety" as a feature. The reality is that they are super unsafe and expose users to unwanted scrutiny. All of these services suck because:
- They only provide connection security (transport level encryption) to/from their servers
- User-level security is built around passwords for accessing the service, but not for accessing the messages - once an attacker is in, all messages and metadata are visible
- Messages are not encrypted/obfuscated
- Metadata is not obfuscated or deleted, and the service provider may preserve it longer than the message itself
These issues make these services a poor choice for users conscious about secure communications, or preventing ISPs or others from snooping into their conversations. They are very easy to compromise, and the user's information is at the mercy of the service provider. The compromises may come from a hacking attacker, or the service provider may be coerced to provide the data and metadata (or be under a legal gag). The user may not even know that her data was compromised.
What About PGP?
Most of these service providers allow use of PGP from stand-alone clients on desktop, iPhone, or Android applications. PGP-secured messages still expose a mother lode of metadata that's enough for identifying the conversation's participants, services involved, etc. because only the message is encrypted. The main advantage of PGP is that message contents and attachments are protected and, in the case of government surveillance, force the attacker to contact the conversation participants to decrypt the messages. The end user at least gets a fighting chance to know that an attack is in progress and lawyer up to address the situation.
A Word About Metadata
Metadata is the data about the message. It shows all the software involved in the email conversation (was it sent from the web? From an iPhone? Mail.app, Outlook?). It shows from and to where the messages were sent. Of course, it also shows to whom they were sent, including the exact time. Surveillance agencies and shadowy characters (including presidential candidates, hackers, and US senators playing dumb) downplay its importance because of the amount of information it exposes about conversations and user behavior. A lot of information can be derived from the metadata.
How Does ProtonMail Help?
ProtonMail was designed for security from the ground up. While it still has some shortcomings when compared against a well-run secure email operation, its biggest advantage is that regular users can benefit from using it without assistance from hardcore security specialists to set everything up. It works as-is, out of the box. ProtonMail addresses other services shortcomings by:
- Encrypting messages at the transport level between senders and recipients
- Encrypting message contents and attachments using PGP, with a passphrase independent of the password for accessing the service itself
- Obfuscating and/or eliminating message metadata about the conversation at the source
- Basing the service in Switzerland, which has some of the strongest privacy laws in the world - especially against unfair invasive governments and other parties
- Wiped logs and other identifying data off the servers as soon as it's no longer necessary
On a security scale from 0 to 10, with Google/Yahoo/iCloud/etc. being at around 1, ProtonMail scores around 8.
What Are ProtonMail's Shortcomings?
These are the things that a security specialist would complain about. For the majority of users these are not show stoppers.
- The service is centralized -- in the right circumstances, the service may be compromised through exemptions to Swiss privacy laws
- Though the messages are encrypted using PGP, the public and private keys are held in the central location, and the end user has no control over how they are handled
- It's possible to send encrypted messages sent to non-ProtonMail users but that creates exposures that can be exploited by an attacker
- The browser interface and iOS interfaces could also be leveraged by an attacker
Signing Up to ProtonMail
Go to https://protonmail.com -- Click on the Sign Up button, and enter the relevant information:
That's it. The service doesn't require any invasive information like a secondary email (though one can be provided as an option), a phone number, or any form of ID. After CAPTCHA validation, the user is ready to start working.
The freemium model allows for various mechanisms for upgrading the account. ProtonMail accepts payments with Bitcoin (yey!) and credit cards. The on boarding process was as painless as any other freemium service, if not less.
Why Users Have A Mailbox Password
The Mailbox Password is the last lock before gaining access to email. It encrypts and decrypts the messages, and it's independent of the login password. Even if an attacker were to gain access to the email account, a password for reading the actual messages is needed.
Don't lose the Mailbox Password! In the spirit of good security, once this password is lost or forgotten, the messages become irretrievable. Don't write it down either, but do ensure that it's memorable and different from the login password.
The general workflow comprises 3 different modes of operation:
- Messaging between ProtonMail subscribers - highest security with minimal browser metadata leakage
- Encrypted messaging between ProtonMail and external users - exposes metadata and workflow
- Plain text messaging between ProtonMail and external users - full exposure
The service is designed to allow people to communicate in whichever way they feel is more productive for their needs or circumstances.
ProtonMail messages within the system are encrypted using a PGP private/public key pair. Messages sent between users signed up with the service are secured by both ends of the conversation. The user interface feels familiar and is easy to navigate.
Sending Messages To Users In Other Email Services
The UI provides two additional buttons: encryption and expiration. Users may send plain text or encrypted messages to users outside of the ProtonMail service. Encrypted messages are protected with a pre-agreed key and a hint meaningful to the recipient. Secured messages have a default 28-day expiration, or they can be set to expire (and purged from ProtonMail) with adjustable times measured in weeks, days, or hours.
The user outside the service receives a message notification and a link to view the message. The password hint is intended to avoid having to share a password first, and assumes that the recipient will infer. Users will weaken security if the need to send the password first through some other means that could be intercepted.
Among many other useful and cool features, non-ProtonMail subscribers can reply and continue the conversation with a subscriber over the web interface. Users may view and reply to messages, no longer exposing the traffic flow and conversation to the outside world (though some web browser connection metadata will still leak).
Need More Privacy? Use Tails/Tor
ProtonMail works fine through the Tor network and Tails. This is a huge advantage for users who need to protect themselves because it will further reduces the attack surface to the Tor exit node that communicates with ProtonMail. Also, the ProtonMail team has indicated that they will offer an .onion URL in the future, to further harden communications.
- After using ProtonMail for a few days, the only missing feature seems to be the ability to import public PGP keys for secure messaging between ProtonMail and external users.
- A dedicated Thunderbird plug-in, similar to Enigmail, would be a welcome capability. There are mobile clients already available, so thinking about dedicated email client extensions for Thunderbird or Outlook may be a good idea.
- A partnership or enablement of Keybase.io, a public encryption key hub, would be huge because, combined with the ability to import public keys, would simplify communications and extend ProtonMail's reach.
- In the subject of keys... ProtonMail should allow advanced users to upload their own private/public encryption keys, to further integrate with the outside world without forcing recipients to depend or use the ProtonMail services.
- Last, it'd be nice if ProtonMail alllowed exporting the public key so that non subscribing users with PGP/Enigmail capability could communicate with ease.
ProtonMail strikes a balance between security, privacy, and ease of use that almost no other service provides. Its shortcomings are what can be expected of a robust web- and mobile-based private messaging platform. The service's technology and jurisdictional implementation make it a very good choice for those who, for whatever reason, want to have peace of mind regarding their correspondence. Advanced users may opt for other secure messaging systems, but for the great majority of private and business users, ProtonMail is an excellent choice.