Fast and steady Posted May 16, 2014 Posted May 16, 2014 You can read their summary here: https://protonmail.ch/pages/security_details.php This is actually something interesting to me because I've been working on writing an email client from scratch with both OpenPGP and S/MIME encryption in mind, but the one thing that that was always an unsolvable problem using the standard email encryption protocols was that header metadata cannot be encrypted. ProtonMail seems to solve that by being a web-based solution that doesn't really follow the standard email protocols. In order to interoperate with existing email clients, what they do is send the client a URL where they can read the encrypted message by decrypting it in their browser.
DannyB Posted May 19, 2014 Posted May 19, 2014 Thanks for the link mate. I have been looking for something that uses PGP when possible. IE some kind of client that stores my private-key but hides it all from view. Its too much hassle to manually encrypt / decrypt every message, especially when I dont really have anything to hide but just want to keep my privacy private.
Fast and steady Posted July 1, 2014 Author Posted July 1, 2014 Paypal Freezes ProtonMail Campaign Funds https://protonmail.ch/blog/paypal-freezes-protonmail-campaign-funds/ That said, I'm nearing "1.0" status on my own encrypted email library that I've been working on for about a year now in my free time. I mostly just need to write some sample apps using my libraries and perferably add more unit tests, then it should be ready for prime time. 118,000 lines of code so far and counting... I've implemented S/MIME v3.2 (and older) and OpenPGP support (which can re-use your GnuPG keys if you use GnuPG). None of the other open source libraries I could find properly negotiated the S/MIME encryption algorithm - most just hard-coded an encryption algorithm (typically Triple-DES). Once I've got my email libraries written, I could use some help writing a mail client to take advantage of them. It's a ton of work and I'm burning out - plus I really hate GUI programming.
Alan C. Posted July 1, 2014 Posted July 1, 2014 PayPal freezes over $275,000 in donations to email service, stating encryption use requires U.S. government approval ProtonMail was supposed to be an easy email encryption tool that would finally give us an answer to Internet surveillance around the world. Instead, PayPal has frozen over $275,000 in donations to the project because, a PayPal representative told the company, the American payment service is not sure if ProtonMail is legal.Of course, it is absolutely legal to encrypt email. The freeze remains in place. Most incredible of all, the PayPal representative was unsure if ProtonMail has the necessary government approval to encrypt emails, as though anyone who encrypts needs a license to do so.ProtonMail doesn’t need government approval, by the way, but it has it anyway. The encryption used by ProtonMail has been unquestionably legal since the 1990s. If that’s not enough, the Constitution’s First Amendment protects encryption code and its Fourth Amendment guarantees against unreasonable searches, exactly what encryption protects against.“At this time, it is not possible for ProtonMail to receive or send funds through PayPal,” ProtonMail cofounder Andy Yen announced this morning. “No attempt was made by PayPal to contact us before freezing our account, and no notice was given.”
Fast and steady Posted July 1, 2014 Author Posted July 1, 2014 Well, they kind of have a point... I mean, the Venezuelan Government requires that people get their approval to wipe their own arses, so it's not unreasonable for the US Government to require approval to encrypt emails, amirite or amirite? ;-)
Recommended Posts