I use protonmail and I love it but what do you mean by e2e encrypted email? A mail from proton to Gmail or vice versa can't be e2e encrypted. Do they (claim to) have encryption at rest for all emails?
Before you start sharing clickbait headlines like "Proton is compromised", "privacy is dead", etc, just read the whole fucking news article first.
Proton always said they would provide whatever they have (metadata) to Law Enforcement if subpoenaed. That was never a secret or in question. They are an actual registered company...
They still don't nhave access to email body content. E2E encryption still works. What they can provide is IP addresses, recovery email, recovery phone, browser fingerprints and email metadata (timestamp, recipient, sender, subject, size).
If you are worried about this (you should), use a VPN (not proton VPN) or Tor, avoid disclosing sensitive information in the email subject.
Despite the FUD, people are still 99% safer and more private using ProtonMail relative to Gmail or similar.
https://restoreprivacy.com/protonmail-discloses-user-data-leading-to-arrest-in-spain/
Discussion
Proton claims to have encryption at rest for non e2e encryted emails. Of course you need to take their word of it, since they can just make a copy during unencrypted transport. But so far, there's no evidence that they actually do this.
Email is just not private at all, but that does not mean you should throw your arms into the air and just use gmail... Every little step helps
E2EE works only Proton to Proton. That's why I onboarded my family.
For external encryption offers Proton something different.
The sender can encrypt the mail with a (strong) password.
But I am sure you know that already.... π
Only when you using PGP. You could use FlowCrypt on Gmail tho
But metadata (sender, receiver, subject) is still in plaintext
Yeah. End-to-end encryption has to be encrypted AT BOTH COMPANIES and we all know Gmail isnβt on their end.
It is E2E between proton users.
If you want to encrypt it to other users, you can. Although you have to set a password for your email.
Then the receiver will only get a proton website link, which if they click, they have to put in your password and then they can view it.
I think that is the only way to encrypt to any arbitrary mailbox.
I do have a password to my Proton email but didnβt realize I needed to give that password to whomever (with a different email account) received my transmission. Thanks so much for weighing in on this important topic.
No, no!
When you create an email, and you want to send to a non-proton user, if you click the lock icon, you have to set a specific password for that email. Then it will be password protected/encrypted, and only openable with that password.
NOT your account password. You shall not share that with anyone!
Yay! Thanks for clarifying. I was not too keen on sending my main password to my ProtonMail account out.
No problem. I am glad we discussed this before you shared it. π
Rule 1: Never share your password with anyone!
If you have to. They try to scam you, or you need to use a different product π€