Proton Encrypted Mail Desktop App Now Available for Mac

[MacRumors]

Swiss-based privacy startup Proton today announced the availability of its end-to-end encrypted desktop mail app for macOS and Windows, with a Linux version in beta.

According to the company, the Proton Mail desktop app has been optimized to integrate with Macs, which means it can sync themes with the desktop's light or dark mode, display notifications natively, and offer instant switching between mail and calendar.

The new Proton Mail desktop app inherits from a decade of security enhancements we built for our web application. That means Proton Mail for Windows and macOS maintains our commitment to security and privacy with several key features: zero-access encryption and end-to-end encryption, protection against trackers and phishing attempts, and our high-security account protection program, Proton Sentinel.

Proton says the ability to use a separate app from a browser for accessing email and calendar also offers additional security benefits, such as protecting emails or events from rogue browser extensions and allowing automatic updates without relying on a browser.

The app also includes an Easy Switch tool that enables users to import messages from Outlook or Gmail, forward new messages from Gmail, and more.

Besides these additions, the desktop app should be familiar to Proton users. "Anyone who has used our web app before will instantly feel at home," says the company.

Paying Proton account holders can download the Proton Mail app from the Proton website, and the company is offering a 14-day trial for anyone on a free Proton plan.

Article Link: Proton Encrypted Mail Desktop App Now Available for Mac

 

[madmin]

Prontonmail is getting better but I honestly think Fastmail is still the best and most powerful email system.

 

[privacy_advocate]

Sadly, it's just a bloated Electron wrapper around their website.

 

[tomovo]

Sadly, it's just a bloated Electron wrapper around their website.

What else did you expect from "Proton"...

 

[AlmightyKang]

Another crappy email service with dubious security benefits running the entire stack of crap over HTTP instead of standard protocols. Just what we need to advance the status quo of email. This is just vendor lock in at a new level. You can see how bad it is when you look at their proxy product which allows interoperation with "standard clients" which are incidentally absolutely fine from a security perspective (IMAP / SMTP over TLS is no worse than some turd with HTTP over TLS)

Really these companies need to stop trying to reinvent email and just provide a service which isn't crappy for a decent price. Apple surprisingly don't do a bad job in that space. At least they have real clients, standard protocols and you can host your domain with them now.

 

[EmotionalSnow]

Sadly, it's just a bloated Electron wrapper around their website.

In some cases I am very vocal against using Electron but in this case I don't mind at all. The reality is that we wouldn't have gotten this app if they had to use native technology. It simply makes no sense to write three different desktop apps (macOS, Windows, Linux) when you already have a web app.

At least they are not writing a native app and then years later backtracking when they realise it's not worth it.

 

[tomovo]

Another crappy email service with dubious security benefits running the entire stack of crap over HTTP instead of standard protocols. Just what we need to advance the status quo of email.

This is just vendor lock in at a new level.

Really these companies need to stop trying to reinvent email and just provide a service which isn't crappy for a decent price. Apple surprisingly don't do a bad job in that space. At least they have real clients, standard protocols and you can host your domain with them now.

It might take a few more years but there are a few good self hosted email solutions coming that could catch on. The key is all-in-one single binaries that are easy to install and actually implement everything from scratch, instead of gluing together the existing old solutions. I remain cautiously optimistic.

 

[AlmightyKang]

In some cases I am very vocal against using Electron but in this case I don't mind at all. The reality is that we wouldn't have gotten this app if they had to use native technology. It simply makes no sense to write three different desktop apps (macOS, Windows, Linux) when you already have a web app.

At least they are not writing a native app and then years later backtracking when they realise it's not worth it.

Electron just makes it different, terrible and bloated on all three platforms. It only benefits the app vendor.

Give me a real platform specific client.

 

[Stenik]

Another crappy email service with dubious security benefits running the entire stack of crap over HTTP instead of standard protocols. Just what we need to advance the status quo of email. This is just vendor lock in at a new level. You can see how bad it is when you look at their proxy product which allows interoperation with "standard clients" which are incidentally absolutely fine from a security perspective (IMAP / SMTP over TLS is no worse than some turd with HTTP over TLS)

Really these companies need to stop trying to reinvent email and just provide a service which isn't crappy for a decent price. Apple surprisingly don't do a bad job in that space. At least they have real clients, standard protocols and you can host your domain with them now.

Which are the standard and real protocols?

 

[AlmightyKang]

It might take a few more years but there are a few good self hosted email solutions coming that could catch on. The key is all-in-one single binaries that are easy to install and actually implement everything from scratch, instead of gluing together the existing old solutions. I remain cautiously optimistic.

Unlikely unless you can afford an IP address with a decent reputation.

 

[AlmightyKang]

Which are the standard and real protocols?

IMAP / SMTP / CalDAV / CardDAV etc.

 

[EmotionalSnow]

Another crappy email service with dubious security benefits running the entire stack of crap over HTTP instead of standard protocols. Just what we need to advance the status quo of email. This is just vendor lock in at a new level. You can see how bad it is when you look at their proxy product which allows interoperation with "standard clients" which are incidentally absolutely fine from a security perspective (IMAP / SMTP over TLS is no worse than some turd with HTTP over TLS)

Really these companies need to stop trying to reinvent email and just provide a service which isn't crappy for a decent price. Apple surprisingly don't do a bad job in that space. At least they have real clients, standard protocols and you can host your domain with them now.

"dubious security benefits" says who? Encryption is dubious now? Give the NSA your encryption keys then.

"instead of standard protocols" which standard protocols are there that allow end-to-end encryption? Exactly. None. IMAP wasn't made for this.

"This is just vendor lock in at a new level." Hardly. You can always export your emails and switch somewhere else.

 

[madmin]

IMAP / SMTP / CalDAV / CardDAV etc.

JMAP is the funky new protocol: RFC8620

RFC 8620: The JSON Meta Application Protocol (JMAP)

 

[AlmightyKang]

"dubious security benefits" says who? Encryption is dubious now? Give the NSA your encryption keys then.

"instead of standard protocols" which standard protocols are there that allow end-to-end encryption? Exactly. None. IMAP wasn't made for this.

"This is just vendor lock in at a new level." Hardly. You can always export your emails and switch somewhere else.

Note this is my domain of expertise.

Firstly, there is no end to end encryption at any of these companies. You have literally the client to server over TLS. The keys are not generated and stored securely on the client so there is no way you can even consider that they cannot read your messages.

Secondly, it's email, which has no security guarantees built in by default and no end to end encryption guarantee so you're screwed everywhere.

Thirdly, their security boundary is some loosely defined legal jurisdiction bullcrap.

As for vendor lock in, that's exactly what it is. They just want you to have one of their provided domains so it makes it difficult for you to leave. Same way ISPs (two large ones of which I've worked for in an architecture capacity) offer their own domains. It makes it very hard to leave.

 

[AlmightyKang]

JMAP is the funky new protocol

Yeah go read the JMAP RFC. Particularly the calendaring part. I am dying inside. It was written by people (Fastmail) who know very little about the problem domain, merely leveraging off the shelf stuff. The recurrence system is broken completely. Adoption will be little to none.

 

[coffeemilktea]

All these fancy new "secure" email providers, and here I am still using my who-knows-how-many-years-old iCloud Mail account like a chump.

Joking aside, I know people like to criticize Gmail and Outlook, but what practical features would a paid Proton Mail account have that you won't get from a regular iCloud Mail account for free? 🤔

 

[AlmightyKang]

All these fancy new "secure" email providers, and here I am still using my who-knows-how-many-years-old iCloud Mail account like a chump.

Joking aside, I know people like to criticize Gmail and Outlook, but what practical features would a paid Proton Mail account have that you won't get from a regular iCloud Mail account for free? 🤔

Gmail / outlook / proton / fastmail are within the same boundary: web based email providers with value-added lock in.

Microsoft even regressed their offline support recently with "new outlook" which has failed to deliver offline support that works on their new Edge/Electron/WTF client.

 

[vegetassj4]

Sadly, it's just a bloated Electron wrapper around their website.

What else did you expect from "Proton"...

I don’t know, it seems like strange behavior. Rather quarky IMO

 

[madmin]

Note this is my domain of expertise.

Firstly, there is no end to end encryption at any of these companies. You have literally the client to server over TLS. The keys are not generated and stored securely on the client so there is no way you can even consider that they cannot read your messages.

Secondly, it's email, which has no security guarantees built in by default and no end to end encryption guarantee so you're screwed everywhere.

Thirdly, their security boundary is some loosely defined legal jurisdiction bullcrap.

As for vendor lock in, that's exactly what it is. They just want you to have one of their provided domains so it makes it difficult for you to leave. Same way ISPs (two large ones of which I've worked for in an architecture capacity) offer their own domains. It makes it very hard to leave.

I could pick holes in what you've said all day but I can see you've made your mind up already.
One thing I will say is that Fastmail makes using your own domains easy, makes it easy to quit and has been reliable for me and lots of people I know for many years now.

 

[Populus]

What else did you expect from "Proton"...

I didn’t see that coming. You made my day sir.

 

[MacLawyer]

Anyone using Swissmail? Comments? I know it's not free.

 

[GrumpyCoder]

I could pick holes in what you've said all day but I can see you've made you mind up already.

Why not pick holes in it for the sake of discussion? Others might benefit by reading it.

 

[MacLawyer]

What else did you expect from "Proton"...

A reply from someone at CERN.

 

[AlmightyKang]

I could pick holes in what you've said all day but I can see you've made your mind up already.
One thing I will say is that Fastmail makes using your own domains easy, makes it easy to quit and has been reliable for me and lots of people I know for many years now.

Null sentence.

As an ex Fastmail customer of 5 years and someone who architected country-scale mail infrastructure for ISPs, I can assure you that you're wrong on both counts.

I'll ask you why Fastmail haven't managed to produce a viable offline client yet and they literally just host a web app in their apps? Well it turns out that is because it's a really really hard problem to solve. And of course the solution to this is not solve it but to come up with a new post-application layer protocol with thousands more unknowns than the old one in the domain that they know about and can recruit for, which is basically JSON over HTTP.

I'm not even going to start on the downsides of JSON here like poor type encapsulation, lack of a rigorous schema definition, poor encoding support, type ambiguity, parsing cost etc...

 

[StarDal]

Swiss-based privacy startup Proton..

Proton isn't exactly a startup, they've been around for at least a decade.