They're all encrypted by themselves and if you use your own gpg key they will replace it.

They're all encrypted except when you pay more for dedicated smtp.

They're all encrypted except when they give up logs they promised they didn't have.

And so on.

This is pretty inaccurate. Proton's E2EE works by encrypting client side, and we can't just replace the GPG key because we have both key pinning and key transparency: https://proton.me/support/key-transparency

Proton does not claim no logs and has never claimed no logs. We do not retain logs by default, but our privacy policy has always been clear that we are legally obligated to follow Swiss court orders, which can ask for IP logging on specific accounts.

Listen, if you don’t trust their ProtonDrive - GPG encrypt before uploading. If you don’t trust their email, GPG your message and paste it in or include as an attachment. There are a lot of ways to be able to use proton without trusting them… and if you are an activist of any sort, like just stop oil or cnd, then I am sure they will be doing all of that.

I am not an activist so I don’t need to jump through such loopholes.

I don’t despise proton as much as I despise most of Silicon Vally though. I just hope they fight every single court order, because there will be lots of good people being targeted. However, I reckon that is wishful thinking.

Cryptomator is great for the ProtonDrive example: https://cryptomator.org/

Cool idea. But, if I personally wanted that functionality I would code my own solution with a shell script I think (because it is super easy to do).

Proton has the burden of proof, and has continually failed to ensure their systems are E2E. They have failed to develop better tech like signal, and continue to change their infrastructure to appease swiss orders that come from other countries.

They have every means to decrypt, they control both the client software, server, and data. You would never know if they logged your key, and they can be compelled to by flimsy order.

This is inaccurate. First, Swiss law does not allow the breaking of E2EE. All of Proton's client side code is open source. We cannot arbitrarily change keys in an undetected way due to Key Transparency: https://proton.me/support/key-transparency. We also have open source mobile and desktop apps, so you don't even need to rely on the web app if you don't want.

How do the emails get decrypted then? I imagine your password would decrypt the keys which would allow them to decrypt the emails?

It seems like the next time you log in they would be able to capture your password and decrypt your emails.

There is an FAQ. They sat the emails get decrypted in your browser, or in the "bridge" which runs locally.

Your decrypted key isn't sent off your local computer. So it's not a case of waiting for you to log in and swipe your key. They never get the key.

In the past you could have a separate login password and decryption password. You still can in the advanced settings if you want.

The key has to be on their servers though? If I log into a proton account on a new computer I could see all my emails decrypted. I don't have to store the key somewhere and move it to my new computer.

Second, I am not talking about swiping the key, but the password. When you log in, you send your password to their server. They presumably hash the password and compare the hashes then send you the decryption key if the hash is correct.

The problem with that is they could keep the password you entered (pre hash). If hashes are good then use the password you entered themselves with the key to decrypt your email.

It sounds like the separate decryption password may work around this, but is not the default meaning a large chunk of the users are vulnerable to proton logging passwords.

You never send your password to their servers, they use the "secure remote password protocol" : https://en.wikipedia.org/wiki/Secure_Remote_Password_protoco...

They explain what they do here : https://proton.me/blog/encrypted-email-authentication