"From time to time, Proton may be legally compelled to disclose certain user information to Swiss authorities, as detailed in our Privacy Policy. This can happen if Swiss law is broken. As stated in our Privacy Policy, all emails, files and invites are encrypted and we have no means to decrypt them. "
If they (proton) have the keys, doesn’t matter if they encrypted your data. They must have the keys because I can log into mail from different clients and read all emails without having to insert my key.
Proton stores your encrypted private key . An encrypted private key does not allow them to read your email or files.
When you log into a new device:
Proton sends the encrypted private key to your device.
You type your password.
** Your device** (not Proton’s server) uses the password to decrypt the private key locally in your browser or app memory.
That decrypted key is then used to decrypt your emails on your device. Proton mail sends you just the encrypted text.
There is one potential security issue:
Since Proton serves the website code (HTML/JavaScript) that performs the encryption, you have to trust that they serve you honest code. Proton could theoretically alter their website code to capture your password the next time you log in, which theoretically a government can force them to do.
However, this is a different threat than “they have the keys.” Currently, they possess the keys only in a form they mathematically cannot unlock.
If the key is the same password you use to login, then they already have the key. They may not store it unhashed, but you transmit it to them every time you login. If law enforcement forces Proton, or if Proton turns evil (or gets infiltrated by a three letter agency), they can use it from the auth to decrypt your key and your data.
Plus, a bad actor having access to the encrypted key is free to brute force it. It may be hard but not guaranteed to stay hard forever.
You don’t send them the password. The password never leaves your device. The password is the decryption key to decrypt your encrypted private key, which is what they send to your device. This is why, for Proton Mail, and others that use this technique, it is imperative to have a strong password to protect your private key.
How do they authenticate* you? They just send the encrypted key and if you can decrypt it then it’s you?
If so I can request any account encrypted key and try to brute force it offline
If you “by default” don’t log, then when receiving a court order, there is nothing to hand over which is the entire point. If,magically, logs from the past 5 years when they said there were “no logs” show up, that means they were lying about no logs.
Just like they now advertise that your data is fully end to end encrypted and even they can’t see it.
If, with a court order, they are able to decrypt and hand over your data, then they were lying in the first place that they couldn’t read your data and it isn’t end to end encrypted
Court orders aren’t some magical thing that go back in time and redo history. The entire point of these heavily advertised precautions is exactly against court orders by corrupt, tyrannical governments using the law as a political or fascist blunt weapon against citizens.
"From time to time, Proton may be legally compelled to disclose certain user information to Swiss authorities, as detailed in our Privacy Policy. This can happen if Swiss law is broken. As stated in our Privacy Policy, all emails, files and invites are encrypted and we have no means to decrypt them. "
If they (proton) have the keys, doesn’t matter if they encrypted your data. They must have the keys because I can log into mail from different clients and read all emails without having to insert my key.
Proton stores your encrypted private key . An encrypted private key does not allow them to read your email or files.
When you log into a new device:
Proton sends the encrypted private key to your device.
You type your password.
** Your device** (not Proton’s server) uses the password to decrypt the private key locally in your browser or app memory.
That decrypted key is then used to decrypt your emails on your device. Proton mail sends you just the encrypted text.
There is one potential security issue:
Since Proton serves the website code (HTML/JavaScript) that performs the encryption, you have to trust that they serve you honest code. Proton could theoretically alter their website code to capture your password the next time you log in, which theoretically a government can force them to do.
However, this is a different threat than “they have the keys.” Currently, they possess the keys only in a form they mathematically cannot unlock.
If the key is the same password you use to login, then they already have the key. They may not store it unhashed, but you transmit it to them every time you login. If law enforcement forces Proton, or if Proton turns evil (or gets infiltrated by a three letter agency), they can use it from the auth to decrypt your key and your data.
Plus, a bad actor having access to the encrypted key is free to brute force it. It may be hard but not guaranteed to stay hard forever.
You don’t send them the password. The password never leaves your device. The password is the decryption key to decrypt your encrypted private key, which is what they send to your device. This is why, for Proton Mail, and others that use this technique, it is imperative to have a strong password to protect your private key.
How do they authenticate* you? They just send the encrypted key and if you can decrypt it then it’s you?
If so I can request any account encrypted key and try to brute force it offline
Yeah, that’s a bit of a weird thing to claim by them.
Before 2021, it was claimed that there were no logs, no IP addresses, etc. So can you trust them they not able decrypt your mails…? Use pgp…
…by default. They never claimed that they would defy court orders.
That doesn’t mean anything.
If you “by default” don’t log, then when receiving a court order, there is nothing to hand over which is the entire point. If,magically, logs from the past 5 years when they said there were “no logs” show up, that means they were lying about no logs.
Just like they now advertise that your data is fully end to end encrypted and even they can’t see it.
If, with a court order, they are able to decrypt and hand over your data, then they were lying in the first place that they couldn’t read your data and it isn’t end to end encrypted
Court orders aren’t some magical thing that go back in time and redo history. The entire point of these heavily advertised precautions is exactly against court orders by corrupt, tyrannical governments using the law as a political or fascist blunt weapon against citizens.
“Allegedly” no means.