For this not to be a PR shield (i.e. for Israel to really be able to read protonmail) the link would have to be an outright lie, or protonmail would have to have shared key data.
Heck, even if somehow radware (the BGP-based DDoS proxy they use) had access to protonmails private key or had minted their own SSL cert for protonmail, you'd still be protected by PGP.
For outgoing mail, they don't use radware so even if you were to send plaintext emails to a mailserver that doesn't support SSL encryption, radware still wouldn't be able to read that.
Unless the linked statement is just a lie, their DDoS protection service is not able to MitM them. Your proposed scheme seems a lot more convoluted than protonmail just giving access to the Israeli government. Similarly, it seems a lot more conspicuous.
If you don't want to use them because it indirectly supports an Israeli company, that makes sense, but their DDoS prevention scheme as outlined does not harm privacy in any way.
Is something still a PR shield against accusations if it is correct? I'd argue an actual rebuttal to the accusations is more than a PR shield. As described in my response, I consider the article to be a rebuttal of the accusations presuming they are not lying. Thus I conclude that it is not a PR shield. Notably, I'd say that outright lying about facts isn't a PR shield.
posteo implements multiple encryption schemes: encrypt incoming mails with GPG (making them inaccessible by any end device not having the corresponding secret key). Or encrypt via the login passphrase with transparent decryption on authorized access.
It is great data hygiene to use encryption at rest. However, it gives no security guarantees. You still need to trust posteo.
If posteo wants, they can read all incoming email. Their security scheme depends solely on their good intentions.
Still great that their data at rest is encrypted in a way even they cannot read.
The scheme does defend against third parties outside of posteo being able to access data, or coerce posteo to decrypt data. Posteo could probably still be coerced to push out a fraudulent client update that still breaks their encrpytion, but that is a very hard problem to deal with.
> Posteo could probably still be coerced to push out a fraudulent client update that still breaks their encrpytion, but that is a very hard problem to deal with.
They are based in Germany and would need to be coerced in accordance to german law. I don't think that there is something like National Security Letters in Germany, so doing such a thing without (eventual?) public disclosure seems unlikely.
Also posteo regularly releases as much information as they are allowed to regarding their interaction with law enforcement, e.g.:
There are other methods of coercion than courts, but I agree that the German courts are probably much safer than the American courts.
In any case, the fraudulent client update is a very hard hole to patch. The only solution for this I know of is local hosting. At the moment, defending against this in web-apps is simply not possible.
The only real antidote against unauthorized access is using end-to-end encryption between email's sender and recipient(s), via PGP/GPG or S/MIME. Unfortunately this requires the sender's cooperation. As long as the sender does not cooperate, there will always be some leg of the communication path that is vulnerable.
Indeed. But that problem has been to "Show clients how to install the relevant plugins, make their certs, and then appropriately use certs." That's been error-prone since the beginning with PGPMail and PGPphone.
That's why this was switched to doing it in a webapp, to streamline the process and remove user error out of the equation. There's one problem, and that the owner of the script can change it to a bad one that does X.
With an immutable data structure, like what IPFS uses, can provide that chain of custody with a script they make that simplifies PGP usage, while still maintaining "We didn't change anything" - and you can prove that.
And not only German intelligence services. This is why most websites nowadays protect against pervasive monitoring by using TLS and ephemeral keys (including Posteo). Also the mail transport layer of most mail servers uses TLS-encrypted SMTP which is safe against pervasive monitoring (but may be affected by MITM attacks).
Some mail servers are set up or can be configured to not trannsmit or receive mails unless TLS protocol can be negotiated (I think mailbox.org allows users to enforce SMTP via TLS by using the domain secure.mailbox.org, not sure about Posteo).
Not sure about Posteo but at least Mailbox.org allows you provide public key and all the email coming in will be encrypted with your public GPG/PGP key.
So you can only read them in your mail client with GPG support.
Yes, mailbox could create copy of your email before encryption. But assuming that they don't/didn't so far, in case they change their mind the historical emails will not be accessible.
The other solution where they keep private key (pass protected), well sure, that pretty much open for abuse but at some level you have to start trusting the law, otherwise everything false apart.
I've been very happy with migadu.com although I've only recently moved to it. But they make a pledge to privacy in a similar fashion to ProtonMail. I like their pricing and simplicity, they're worth a look.
Not sure what you are talking about. What does a Swiss email service has to do with Israeli military? I like conteos as much as the other guy but these allegations are a bit far fetched say the least.
Are you wanted by the Israeli military? And, do you actually have any evidence of "ties" beyond ridiculous conspiracy theories? Radware isn't the "Israeli Military" -- and even if they were, I'd trust them more than I'd trust, say France [1] or any EU country for that matter -- even Germany. [2]
