Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Proton Drive Encrypted Cloud Storage App Now Available for Mac
- Thread starter MacRumors
- Start date
- Sort by reaction score
What about speed? With servers only in Switzerland, how is the speed getting stuff downloaded to the US, for example?
If the data is stored offshore, the U.S. government can’t get it without either intercepting it or cooperative compliance from foreign courts, law enforcement, or the entity holding the data. Therefore, it could very well be far more difficult to obtain than if it were stored in the U.S., where a simple court order would be required.
With that said, I suspect in most cases by the time a court order is involved, U.S. law enforcement would already possess your devices and/or those of a recipient, where accessing the data would be much easier. FaceID/TouchID are a huge weak point with device security, and I suspect most passcodes are fairly weak for easy memorization, making the defeat of E2EE fairly easy via an endpoint device. Even rather benign civil cases can compel the surrender and unlock of devices as part of discovery. As others have mentioned, any end-user recipient of your data is also a weak point.
This isn’t to say that security and privacy are an illusion, but they are more of an illusion than many people realize. You’re on camera almost everywhere you go. Your privacy isn’t being invaded by the kid flying a drone over your house, as countless pictures of your property exist in public databases all over the Internet. Your job, your age, your relatives, your street address, your license plate, all are publicly accessible. In addition, there is a long chain of custody for your financial information and even protected health information, and the risk of inadvertent data leaks is high. And that’s just the information which you don’t unwittingly volunteer.
There is value in attempting to limit the data you volunteer, even if it is otherwise publicly accessible. I suspect that’s what companies like Proton and Apple are offering. Using E2EE and offshore encrypted data storage may make third-party observation more difficult, but the data is never as secure or private as if you never surrendered it in the first place.
Proton can be brute forced too.
If it’s encrypted, the encryption can be brute forced.
Yes, some encryption takes longer to break but, again, all they’re doing is encrypting your mailbox file with PGP. It’s not rocket science.
Still, if I was trying to breach someone’s messages, I would try one of the multiple other ways that involve humans since humans are the weakest link.
Like, why not subpoena the person my target has been exchanging emails with and get the emails from their Gmail account?
Much easier than brute force.
This is why I often giggle at the people in some of these privacy groups.
They go and spend a bunch of money on stuff like Proton but their phone password is 1234 and they have no 2FA on their Proton account so law enforcement only needs to break their 1234 passcode and they have access to the Proton email.
For that, they’re paying anywhere from double to quadruple what a different email provider in Germany or Australia might charge.
I think 90% of the people that join these groups quit all of these paid services within 2 years once they figure out that true privacy is both costly and immensely inconvenient.
Proton's "plus" plan is less than $4 when you use the annual plan. It's quite competitive with providers like Mailbox.org or Fastmail. If you want cheap, iCloud email with an iCloud+ subscription (for custom domain and aliases) is a better deal than either of them.
That is kind of a big deal though. I don't feel comfortable knowing that any admin at those smaller unencrypted email providers can easily access my entire mailbox, or that it would potentially be exposed if they have a breach.
But Proton Drive isn't really all that interesting to iCloud users since iCloud Drive with ADP is already end-to-end encrypted ...
That's nonsense. The cryptographic community isn't standing still. For example, there is currently a lot of work going on to develop and peer-review post-quantum asymmetric ciphers, and Proton is also actively involved with this in the PGP community:
Proton is building quantum-safe PGP encryption for everyone | Proton
Quantum computers may someday break current encryption. Proton is leading the standardization of quantum-resistant encryption in OpenPGP for all to use.
proton.me
Proton makes Apple's iCloud offerings look like bargains. 🤣
1GB free vs 5GB free (Apple)
200GB storage @ $4/mo vs 200GB storage @ $2.99/mo (Apple)
First and foremost, never ever use a downloaded app if you care about security. Why put untrusted code in your OS that has root privilege? Just use the web client.
Only warrants signed off by a Swiss judge. So, the standard is quite a bit higher than what the US govt would like it to be.
Apple is not the primary threat (altho I don't trust them much more than Google). The U.S. government is the threat.
You imply that there is no way to preempt or back-door encryption schemes. U.S.-based storage is not only susceptible to after-the-fact warrants, but preemptive FISA orders that could require active surveillance measures. The Swiss are immune to FISA orders (or any other external state entity).
Apple is not the threat - it's the U.S. government.
NO, Proton does not have to comply with U.S. warrants or any other U.S. requests - they're in Switzerland. Do you understand how national sovereignty works?
Yes, laws can also keep a company in check as much as it can hinder good intentions.
Well sure but keep in mind Apple will be very quick to tell you that your data is at your own risk even inside their ecosystem. Don’t trust Apple or anyone with the only copy of important data.
I'm not sure you're doing Proton any favors.
Proton Plus limits you to 10 aliases and one custom domain.
Mailbox.org limits you to 25 aliases on their domain, 50 aliases on each custom domain, and unlimited custom domains
And Mailbox.org is still cheaper.
This was a sticking point for a lot of users who wanted to follow best privacy practices and not disclose their proton email address and only give out their custom domain email address.
The only way to add more custom domains was to upgrade plans.
Ironically, Proton setting these silly limits gave rise to services like SimpleLogin and AnonAddy and Proton ended up having to buy SimpleLogin.
That's sort of my beef with Proton's pricing. They place a lot of artificial limits on the accounts that cost the company nothing. It's all designed to make people upgrade.
For instance, what does it cost for them to offer you more custom domains. Literally nothing. Why put an arbitrary limit on the number of custom domains?
Or, why is the Proton Bridge only available to paid plans? Once you've developed the app, there's no reason it costs more to let more people use it. If it's support, just say that you only provide support to paid customers.
And again, I have a major issue with the way they handled that rebranding.
They FOMO'd people into buying 2 or 3 year plans to lock in a lower rate and then when the new pricing came out many people realized that they didn't need all of the new stuff bundled into their plan and wanted to downgrade.
Of course, Proton refunded them, right? LOL, no. They downgraded them and kept the money and said they would apply the difference to their contract length. Total cash grab.
That's also a bit of a potentially confusing statement.
There are different levels of encryption. There's zero encryption where everything is plaintext. There's encrypted at rest which means that anytime the drives are stopped they need be decrypted before they can be used again. And then there's Proton which encrypts every mailbox with PGP so even if the police seized the hard drive while the computer was still running they couldn't access the mailbox.
Many of Proton's competitors encrypt when the drive is powered down. So someone would have to access the drive while it was still running to get the data.
It's not like there's no encryption. It's just a different level of encryption.
Likewise it's also confusing that you mixed mailbox encryption and data encrypted on cloud storage. I'm quite happy using Cryptomator to encrypt all of my files and then putting them on any cloud service provider.
If someone wants to brute force my 35 charachter password, good luck on that.
Personally, I prefer to recognize that email is an inherently insecure messaging platform and if I have information that I really don't want compromised, I don' t use email.
This is another pet peeve of mine. Why can't we just acknowledge that nothing secure should be sent via email rather than putting all of this effort and inconvenience into trying to make something that isn't designed to be secure into being somewhat secure?
The vast, vast, vast, vast majority of security and privacy breaches don't come from some dude cracking your email encryption, they come from stuff like weak passwords, being tricked into giving up credentials, etc.
I mean, what is the point of encrypting the email on server hard drive and then allowing users to download the data to their own hard drive via Proton Bridge where it's unencrypted? If I was a law enforcement agent you just saved me a trip to Switzerland because all I need to do is gain access to your laptop while you're logged in.
While I'm not saying that Proton is useless, I am saying that the use cases where Proton makes sense for someone to use as their primary email are fairly limited if someone simply uses basic security/privacy best practices (ie like not sending sensitive data via email).
Privacy and security aren't things you can install or services you can buy. Those things are just tools. But if you don't understand the fundamental concepts behind the tools, the tools are essentially a false sense of security. And unfortunately, most of the people buying Proton products/services have no idea about the basics of privacy or security.
Personally, I don't care if my mailbox is PGP encrypted or not. Nowadays 99% of my emails are regarding accounts I hold on sites like this or my bank. That data could be easily retrieved without going to Proton via a warrant to any company I have an account with where I've used my email as my login credential.
I also cycle through accounts and email providers every few years so I never accumulate too much history on anyone's servers.
And in case you're wondering, I have worked in grey market industries where people take this stuff seriously.
The one thing I learned early on was that you should always understand your threat profile. What information am I protecting? How valuable is that information? What is the worst case scenario if someone else obtains this information? Who might try to get this information? What resources do they have at their disposal (ie are they a nation-state, some dude with a vendetta but only $47 in his bank account, a Russian hacker trying to extort me for a big payday, etc)?
That's why I say, most of it is overkill. Most people haven't even figured out what they're protecting or from who.
If all you want is for Google not to read your email, use Apple iCloud Mail. If you have reason to believe someone is actually targeting you, maybe choose an overseas email provider. If you are being targeted by a well funded adversary like law enforcement or a nation-state actor, whether or not Proton encrypts your mailbox is really the least of your worries.
The craziest thing about Proton to me is you have to pay them a subscription to run an email server on your own computer, if you want to have Proton on an app that isn’t theirs. Dropped it over this, their app sucks and I’m not paying them to inconvenience myself…
Quite expensive and nothing new - WUALA offered it, then Tresorit and there are a lot more options.
Funny thing: If it is end-to-end encrypted with a key on the users device - it doesn't matter, that they
are in Switzerland, they could be anyplace (even North-Korea for that matter).
What matters is the source code - without it anybody can claim, that the key stays at the users device.
Funny thing: If it is end-to-end encrypted with a key on the users device - it doesn't matter, that they
are in Switzerland, they could be anyplace (even North-Korea for that matter).
What matters is the source code - without it anybody can claim, that the key stays at the users device.
ok, poor choice of words. But the chances of the Swiss helping the US with something like this are extremely high.
Different priorities. For example, Mailbox.org doesn't support hardware keys for 2FA, generally has a very weird and less secure 2FA scheme, has a much less capable filtering system (Proton even lets you write your own Sieve filters), and has a pretty crappy web interface. OTOH, I have no use for "unlimited custom domains"; I just need one.
I don't entirely disagree with you here. It actually used to be possible to add more custom domains for a small fee, rather than upgrading to the twice as expensive "unlimited" plan. Their new pricing scheme is obviously designed to increase the ARPU by selling you things that you don't necessarily need, such as their VPN service. Nonetheless, I find their "plus" plan not really more expensive than other ad-free providers.
The IMAP Bridge actually causes increased load on their API due to the constant syncing.
I think it is quite generous of them to offer a free plan at all, given that those accounts cost money to maintain and create zero revenue. Essentially they are subsidized by paying users. Mailbox.org or Fastmail don't offer free accounts at all.
The proper way to describe it is that Proton has zero-knowledge encryption, i.e. once encrypted nobody, including e.g. company insiders, can access your email content.
Your mailbox is literally stored in in the cloud.
What's your alternative? Email is still indispensable due to it's ubiquitous availability and asynchronous nature. Banks and other online services won't let you sign up via ephemeral chat anytime soon.
Insider threats and breaches, for example. It also makes it impossible for the provider to monetize your data.
I don't use a secure email provider to hide from law enforcement. I'm far more concerned about data breaches and surveillance capitalism. But I also think that for less fortunate people living under authoritarian governments a service like Proton can be crucial.
Last edited:
how are the speeds on Sync.com? I hear those cloud storage services have attractive prices but they limit speeds
Nope, you have to run some kind of system where it forwards the emails to a program on your computer and then that program sends the emails to your desired email app.
Proton Mail Bridge Apple Mail setup guide | Proton
How to configure Apple Mail for macOS to use Proton Mail Bridge
proton.me
What's the problem? The bridge runs in the background. Once installed you don't even notice it's there. It's essentially a protocol translator between a standard email client and Proton's server API. It is necessary because IMAP and SMTP aren't really designed for end-to-end encrypted email and key management. Other encrypted providers such as Tutanota or Skiff have no option at all to use a client.Nope, you have to run some kind of system where it forwards the emails to a program on your computer and then that program sends the emails to your desired email app.
Proton Mail Bridge Apple Mail setup guide | Proton
How to configure Apple Mail for macOS to use Proton Mail Bridge