[GeneralQuestions]ProtonMail Safe for DNM's?

This email service https://protonmail.ch/ is picking up a ton of press for user Security and End to End encryption. They recently were featured on a TED talk about email security...http://www.ted.com/talks/andy_yen_think_your_email_s_private_think_again#t-652409 ...They said that an Onion site is in the works..Some people say they have the same issue lavabit had.... So basically my question is would Protonmail be a viable option for the DNM's?


Comments


[2 Points] MLP_is_my_OPSEC:

They're fine according to their ToS and Privacy Policy. No logs that could be tied to your real name (unless you used first.last@protonmail.ch). The only thing I don't like is they take forever to create your account. I waited 8 months for my first, another 2 for my second.

Do a quick read over the privacy policy and decide for yourself;

Data Collection

Our overriding policy is to collect as little user information as possible to ensure a private and anonymous user experience. ProtonMail's user data collection is limited to the following:

  1. Account creation: We do not require ANY personal information to create an account. Should you choose to provide it, we do associate another email address with your account (for password recovery, or notifications only).

  2. Account activity: Due to limitations of the SMTP protocol, we have access to the following email metadata: sender and recipient email addresses, the ip address incoming messages originated from, message subject, and message sent and received times. This is necessary in order to deliver and receive messages. We do NOT have access to encrypted message content.

  3. We also have access to the following records of account activity: number of messages sent per month, the amount of storage space used, and total number of messages.

  4. IP addresses of website visitors are temporarily logged. However, we have no ability to match an IP to a specific user account. We have no IP logs which persist beyond 30 days.

  5. Communicating with ProtonMail: Your communications with ProtonMail, such as sales and support requests, bug reports, or feature requests may be saved by our staff. Bug reports are handled through Zendesk and as a result Zendesk also has access to submitted bug reports.


[1 Points] None:

[deleted]


[1 Points] roionsteroids:

As long as you use PGP it doesn't matter at all whether you use gmail or fancy mail.


[1 Points] None:

You're really taking a gamble if you entrust your security to a third party. PGP is designed so that you have full control over where and how your messages are being encrypted. Certainly things like metadata (who you've emailed, how often, when) have the potential to incriminate, so there is some advantage there to a service like protonmail which might be less likely to hand that information over to a federal authority. But using webmail is just generally a bad idea, unless you're just pasting in PGP encrypted messages into your browser, in which case you're getting a very minimal bump in security from just using thunderbird with enigmail and any old throwaway email account...