So I’ve been looking up VPN stuff, and in the process, I’ve stumbled on ProtonVPN, from the same people as ProtonMail. They’re now offering private cloud storage, and I’m wondering how private is it. e2e means I have to manage the keys on my device right? I don’t know how else it could realistically work, if they manage keys, they can access my keys etc?
I’ve been a long-time Proton Mail customer, though I only briefly tried to use it as a primary email service. Using Proton Mail as my primary email provider just wasn’t practical for me: the privacy benefits weren’t worth the convenience tradeoffs of poor search and limited IMAP client support through its local proxy software.
Anyway, I would put a fair amount of trust in them. They were founded by earnest people (scientists, not necessarily cryptographers) but they’ve had their work audited by full-time cryptographers.
You do not need to manage your own keys with Proton’s products. They actually keep the keys server-side, but that’s okay, because your password (make it a good one) decrypts the keys on the client-side, making it impossible for them to decrypt your data without it. Credentialed experts have given a nod of approval to what they’re doing.
Now of course that does mean that if you lose your password and account recovery data, you lose your data forever. That’s always the tradeoff with end-to-end encryption.
Thanks. As it happens I got an email this morning that gandi, my current personal mail provider, is dropping their free mail with domain, and it looks like proton supports custom domains, so I’m considering it further.
I agree with everything you said about proton mail. It is really good but I decided I don’t care enough about privacy not to use something easy. Also, if you forget your password a reset wipes your data. (If I recall correctly)
You might be able to download other recovery tokens that get you access, but yeah, with any truly end-to-end encrypted product, once you lose the ability to decrypt your data, it’s gone forever.
For me the biggest issue really is search, especially on mobile. All you can do is search the metadata.
Yeah passwords are a tricky one, which is why I’ve adopted, attack vectors come from the internet moreso these days than in person, so write them down somewhere lol. I do use bitwarden for password management still.
I’ve been using Strongbox. I used to use BitWarden but I decided I wanted something a little less cloudy.
There are a few end to end file storage options out there (including iCloud Drive if you enable “advanced data protection”, though that’s only useful for Apple users).
You might also check out https://cryptomator.org/ — it lets you use any storage provider but encrypt your files before uploading. Plus it’s open source.
I’m not sure about the specific service you’re talking about, but yes they’d provide you a client that manages keys and tokens on your devices. It’s possible that the client they gave you is malicious and broadcasts these keys or something, but if that client happens to be open source, you could read and vet the code.
If we were to really scrutinize it, technicall you need to do more than that and actually compile the code and run the code yourself. Suppose that you install an android app from their app store, they could actually just give you whatever package, not necessarily what is on their open source repository.
Coincidentally that’s why Signal does deterministic builds. You can validate the build process to make sure there’s not a compile-time injection.
Such attacks are not unheard of. Eventually it’s turtles all the way down.
While I was in college, I would debate with a classmate about whether or not to trust certain software (as a friendly exercise, we just it anyways) and I had brought up this particular hypothetical! At the time it was a joke, but now I have evidence that someone tried!
Not just someone, either. Ken Thompson.
That’s just one we know about because Ken is a friendly hacker. He never tried to spread it out into the world.
But what if he had? Or what if it leaked from the one host he tried it on?
Also, a lot of chips are now made in China. Have you physically inspected all the components in your computer?
Really depends on your use case. Do I trust Proton over say Google Drive / etc?..Yes Would I trust my very sensitive data with any of those providers without encrypting it myself?..likely not.
I might be the worst example though as a couple years back I went full tin foil hat and yanked a lot of my cloud data to roll my own. Typically backup most my data to borgbase and pay for some S3 storage via storj.io.
That said I dont know too much on the Proton drive offering. I am a consumer of their mail premium service which I believe includes that just never used it. I do however fully trust Proton based on their values, services and core operating models.
