Proton Sheets Launches as Encrypted Alternative to Google Sheets

[Rigby]

The email encryption is basically a fat lie which everyone is falling for.

There's no guarantee anything is encrypted in transit on SMTP so it may have been intercepted already. And by nature of how it works it's symmetric encryption so to store your email inbound from SMTP it has to be plaintext at some point and they have to have access to your key to encrypt that plaintext to store it in your mailbox. If they delay encryption and do it on your client, then it's stored on their equipment in plaintext or encrypted with a key they control anyway before your client connects.

The CORRECT solution is end to end encryption on email using PGP where you control the keys and manage the key distribution via a side channel, usually physical.

Uhm, you are aware that Proton is based on PGP? Emails exchanged between Proton users or with other users that have set up PGP in their client *are* end-to-end encrypted, and Proton doesn't have access to your keys. And for mails that arrive unencrypted, you still benefit from the zero-knowledge encryption once the mails are stored in your inbox.

In any case Proton is open about all this in their documentation. While they sometimes tend to use marketing speak, they are not lying.

 

[cjsuk]

I’m more worried these days about all the data that US tech companies harvest and stores about every single one us. Its scary as f**k especially the current administration taken into consideration. Personally my trust in anything US based is lower that the trust I have in tech based in nearly any other country I can think of (almost)

And I’m not alone. There’s a massive shift away from US based tech all around the world.

US companies are doing the same to cut capital and data security risks. The thing is they aren't moving to is other providers. A lot of stuff is going in house suddenly. The cause of this is the incompatibility with the idea of the cloud and the current geopolitical instability.

I intend to make a lot of money out of this transition as I did the other way 🤣

 

[cjsuk]

Uhm, you are aware that Proton is based on PGP? Emails exchanged between Proton users or with other users that have set up PGP in their client *are* end-to-end encrypted, and Proton doesn't have access to your keys. And for mails that arrive unencrypted, you still benefit from the zero-knowledge encryption once the mails are stored in your inbox.

In any case Proton is open about all this in their documentation. While they sometimes tend to use marketing speak, they are not lying.

Proton is not based on PGP. Proton supports PGP optionally. It works between proton users, which is not something that might be discoverable up front and where you've added public keys to your contacts. Otherwise, 99% of the rest of the internet, it makes no difference. On top of that it uses OpenPGP.js which is written by absolute morons who managed to make a rather large spoofing cock up (CVE-2025-47934).

This doesn't actually touch my point about receive process flaws, timing or any other of the absolutely horrendous things that they can be compelled to do without telling you.

My point is really: don't bother with secure email. There are too many unknowns and foot guns lying around. You're just lying to yourself and paying someone else to lie to you. Use another channel for secure communications, not something 50 years odd old with layers of hacks over the top of it. Oh and a client built on a wobbly pile of **** (the web) with another wobbly pile of **** written by idiots (half the javascript ecosystem) smeared on the top.

Extreme complexity does not lead to security. It leads to thousands of possible failure modes from procedural to technical.

 

[Rigby]

Proton is not based on PGP. Proton supports PGP optionally.

This is wrong. Their entire encryption system is based on PGP. They are also active contributors to the OpenPGP standard.

It works between proton users, which is not something that might be discoverable up front and where you've added public keys to your contacts.

This is also wrong. Between Proton users E2EE is used automatically, and you can see it up front if you use the web interface or app to send your mail.

External PGP users can also discover your PGP public key automatically since Proton supports WKD.

 

[cjsuk]

This is wrong. Their entire encryption system is based on PGP. They are also active contributors to the OpenPGP standard.

You communicate with people who do not have encrypted storage. Do you only communicate with people who have PGP and people who are on Proton? No. There is no encryption support by default. It is literally upgrading to encryption where available. Draw a Venn diagram and think about it.

Consider a downgrade attack scenario:

1. Has PGP on day one
2. Changes provider.
3. ???

This is also wrong. Between Proton users E2EE is used automatically, and you can see it up front if you use the web interface or app to send your mail.

I did say that.

External PGP users can also discover your PGP public key automatically since Proton supports WKD.

WKD only verifies the domain is controlled by the keyholder, not that the recipient is the person intended. Also to get the WKD it triggers a lookup which leaks metadata.

This stuff is all wonky as ****. It creates as many problems as it solves.

 

[Rigby]

Including their infrastructure provisioning, key management, access control systems and office software?

I guess that means you don't trust Signal? Because they don't share this kind of information either. Practically no provider does.

You can still study the code of the apps and see if they share unencrypted data or your private keys with the provider at any point. But then of course the next claim is:

Edit: Also can you really verify what they have in their repositories is what ships to you and is what you are using?

Do you audit and build all apps that you use yourself? Of course you don't. That's not practically possible, not to mention that very few people have the expertise to properly audit cryptographic code.

Unless all these absolutes are true, and there are a lot of them in this model, then the system is critically flawed.

No, there is no "absolute guarantee". In the real world there is no secure communication system that doesn't require some amount of trust.

 

[Rigby]

You communicate with people who do not have encrypted storage. Do you only communicate with people who have PGP and people who are on Proton? No. There is no encryption support by default. It is literally upgrading to encryption where available. Draw a Venn diagram and think about it.

You just keep moving the goal posts. They do use PGP internally, both for E2EE emailing and to encrypt incoming unencrypted emails before storing them in your inbox. Obviously you don't get full E2EE if whoever you communicate with doesn't support it.

Consider a downgrade attack scenario:

1. Has PGP on day one
2. Changes provider.
3. ???

If you use a custom domain you can leave Proton and take your PGP keys with you. If someone you communicate with stops using PGP they will not be able to read encrypted mails you send them.

WKD only verifies the domain is controlled by the keyholder, not that the recipient is the person intended. Also to get the WKD it triggers a lookup which leaks metadata.

This stuff is all wonky as ****. It creates as many problems as it solves.

If you don't trust WKD, you can use whatever other key exchange method you would use with PGP. This isn't Proton specific.

 

[Runaway Train]

No, there is no "absolute guarantee". In the real world there is no secure communication system that doesn't require some amount of trust.

Yep.

Some of the commentary is like « don’t trust the locksmith who installed your door lock - you know he has access to the keys and he may create a copy and return to rob your house ». Seriously, this is about a matter of degrees.

Just conducted a (very non official, personal) security audit of maybe 75 or so sites. It is shocking the outright lazy and reckless approach to login / auth some of these sites have (finance, gov etc). Proton performs well here with flawless Yubikey login and very strong authentication (not OATH which can be fished). I will say that both Apple and also Microsoft seem to take it seriously if you decide you want those options. As for privacy?

Trusting anyone with your data?. Once it leaves your local machine you may as well consider no longer own it, more often it is companies whose raison d’être is to monetize your keystrokes. In any case, I am not so important that every single thief or governmental agency is out to get me. Don’t care about marketing claims, reality always falls short, is what it is. IMO, some companies treat it more seriously than others and inspire « greater » trust. That works for me.

 

[cjsuk]

I guess that means you don't trust Signal? Because they don't share this kind of information either. Practically no provider does.

Not particularly no.

My background is defence hardware and software engineering so communication is entirely airgapped because there is always a trust boundary somewhere.

You can still study the code of the apps and see if they share unencrypted data or your private keys with the provider at any point. But then of course the next claim is:

Correct.

Do you audit and build all apps that you use yourself? Of course you don't. That's not practically possible, not to mention that very few people have the expertise to properly audit cryptographic code.

Also correct.

No, there is no "absolute guarantee". In the real world there is no secure communication system that doesn't require some amount of trust.

This is exactly my point really and I'm certainly not arguing with that.

Simply the marketing claims are exaggerated. It is a better outcome that you know the limitations of the system you are working within and communicate within those limits rather than work on the naive assumption that the system is secure, which it is not. Complexity does not breed security because complexity multiplies the number of trust issues you have.

 

[cjsuk]

You just keep moving the goal posts. They do use PGP internally, both for E2EE emailing and to encrypt incoming unencrypted emails before storing them in your inbox. Obviously you don't get full E2EE if whoever you communicate with doesn't support it.

Not really. The point and the goal posts are simply: proton's security guarantees are overstated. When presented with a rebuttal to that argument I am merely following it with my (very formal) knowledge on the matter. Peel off a layer, there is another under it. Which builds my complexity argument perfectly.

Ok so I have to ask, how do they encrypt an email that goes into your inbox?

That particular bit of code is NOT in their public repository -or- it has the constraints I outlined earlier because that is the only mathematically possible outcome. And as you state in the other comment, you have to trust someone somewhere. The claim is that Proton can't read your email. But you have to trust them to encrypt it, which by deduction, reduces their claim to zero.

If you use a custom domain you can leave Proton and take your PGP keys with you. If someone you communicate with stops using PGP they will not be able to read encrypted mails you send them.

Also correct. Or you can, if you want, use a normal client (say Thunderbird or mutt with GnuPGP).

The middle-man is entirely irrelevant to PGP. Why would you throw everything into this if that was the case?

If you don't trust WKD, you can use whatever other key exchange method you would use with PGP. This isn't Proton specific.

Also correct. Which is my point earlier, if I remember correctly, that you should use a side channel for key sharing. That means that you physically validate that your friend Bob is actually Bob and not Mallory...

 

[dba415]

What org would use this. Microsoft exists for the majority of companies, they are not switching over. For the average consumer, google sheets is there, free, and most convenient. No one is going to use this.

 

[jkratz.36]

Uhm, you are aware that Proton is based on PGP? Emails exchanged between Proton users or with other users that have set up PGP in their client *are* end-to-end encrypted, and Proton doesn't have access to your keys. And for mails that arrive unencrypted, you still benefit from the zero-knowledge encryption once the mails are stored in your inbox.

In any case Proton is open about all this in their documentation. While they sometimes tend to use marketing speak, they are not lying.

How do I benefit? This is a serious question. In my mind I actually lose a lot of functionality for any tiny benefit I gain by having emails encrypted with ZKE. Most users are far better off with a provider like Fastmail (and FWIW I have used Fastmail for years as my email provider, not Google) if they want to leave Google than ProtonMail.

But lets talk about Gmail for a second. Part of what makes Gmail so good is being able to index email for stuff as "simple" as good search to the more complicated stuff they've added over the years via machine learning. People complain a lot about "Google is reading my email!". Well, no kidding, of course they are, but not in the sense people are implying when using that word. Google is scanning your email. They have to for something even as simple as search. It just so happens they've added a bunch of convenient functionality on top of that. Nobody at Google is sitting there sifting thru your emails "oh look John just got a $50 bill from Dildos R Us".

And to be frank, if I'm going to trust someone, I'm going to trust Google more than Proton. There are a lot of businesses running on Google Workspace. Google runs on Google Workspace. They've got a good security team and are very motivated to keep things secure given what I just mentioned. For those that don't want to "be the product" then pay for a Google Workspace account. It's not expensive at all.

 

[jkratz.36]

What org would use this. Microsoft exists for the majority of companies, they are not switching over. For the average consumer, google sheets is there, free, and most convenient. No one is going to use this.

Nobody. There is little reason if you're paying Microsoft or Google for a business-level account.

 

[titanium69]

I love Numbers. Forget that. Apple should invest more time on iWork (Pages, Number and Keynote) because they are fantastic apps and could be more, specially Pages.

Apply’s approach is minimal investment and let private companies handle it… just collect the subscription fees

 

[swm]

i don’t really understand this. we use more and more powerful computers, literally increasing the computational power by about 10-20% annually - and all this to use some stupidly inefficient web browser bloatware to do the same things somewhere else that we could do far better/faster/secure on our powerful computer

 

[grammatica]

Apple Numbers is local and encrypted too. I just wish it was more feature parity with Excel. Sigh

 

[jkratz.36]

i don’t really understand this. we use more and more powerful computers, literally increasing the computational power by about 10-20% annually - and all this to use some stupidly inefficient web browser bloatware to do the same things somewhere else that we could do far better/faster/secure on our powerful computer

It's a good question. The benefit of Google Docs/Sheets was multiple people being able to collab at the same time. But if you want the full power of a spreadsheet you're using Excel.

 

[davidthecalmgiant]

Why you all so upset? More competition is always better for us as consumers!

 

[q3anon]

Care to elaborate on that? 🤔
Proton is a well accepted, trustworthy, open source driven company. If you have anything to inspect, you can do it.

[edit] Try that at Apple... 🤣

I wouldn’t be so quick to trust the “Swiss privacy” marketing anymore. While everyone is debating their architecture, we’re ignoring the massive elephant in the room: the new EU “Chat Control” (CSAR) compromise that the Council just pushed through in late November.
Sure, they technically dropped the “mandatory” scanning clause to get it passed, but the new “voluntary” system is a total Trojan horse. It creates a legal framework where services are pressured to “voluntarily” implement client-side scanning (upload moderation) to avoid liability.
“But Proton is Swiss!” doesn’t really hold water. We already saw in 2021 that they will honor Europol requests efficiently. If the EU market standardizes “voluntary” scanning for CSAM, Proton has a massive business incentive to comply to avoid being blacklisted or blocked by ISPs across Europe.
The scariest part? Because Proton’s web client loads JavaScript every time you log in, they could technically deploy this “voluntary” scanning on a targeted basis without anyone knowing until it’s too late. If you’re serious about privacy, relying on a browser-based client in this political climate is just asking for trouble.

 

[jkratz.36]

Apple Numbers is local and encrypted too. I just wish it was more feature parity with Excel. Sigh

They're not even serving the same market. Excel is a business tool. Numbers is for Mom and Pop.

 

[q3anon]

Citation needed.

I wouldn’t be so quick to trust the “Swiss privacy” marketing anymore. While everyone is debating their architecture, we’re ignoring the massive elephant in the room: the new EU “Chat Control” (CSAR) compromise that the Council just pushed through in late November.
Sure, they technically dropped the “mandatory” scanning clause to get it passed, but the new “voluntary” system is a total Trojan horse. It creates a legal framework where services are pressured to “voluntarily” implement client-side scanning (upload moderation) to avoid liability.
“But Proton is Swiss!” doesn’t really hold water. We already saw in 2021 that they will honor Europol requests efficiently. If the EU market standardizes “voluntary” scanning for CSAM, Proton has a massive business incentive to comply to avoid being blacklisted or blocked by ISPs across Europe.
The scariest part? Because Proton’s web client loads JavaScript every time you log in, they could technically deploy this “voluntary” scanning on a targeted basis without anyone knowing until it’s too late. If you’re serious about privacy, relying on a browser-based client in this political climate is just asking for trouble.

 

[UliBaer]

Oh well, i won't argue any more with morons, cause they only pull me down on their level and will finally beat me with experience!
So i simply send a "high, very welcome!" to Proton and will leave this fruitless discussion... 🤦‍♂️

 

[UliBaer]

I wouldn’t be so quick to trust the “Swiss privacy” marketing anymore. While everyone is debating their architecture, we’re ignoring the massive elephant in the room: the new EU “Chat Control” (CSAR) compromise that the Council just pushed through in late November.
Sure, they technically dropped the “mandatory” scanning clause to get it passed, but the new “voluntary” system is a total Trojan horse. It creates a legal framework where services are pressured to “voluntarily” implement client-side scanning (upload moderation) to avoid liability.
“But Proton is Swiss!” doesn’t really hold water. We already saw in 2021 that they will honor Europol requests efficiently. If the EU market standardizes “voluntary” scanning for CSAM, Proton has a massive business incentive to comply to avoid being blacklisted or blocked by ISPs across Europe.
The scariest part? Because Proton’s web client loads JavaScript every time you log in, they could technically deploy this “voluntary” scanning on a targeted basis without anyone knowing until it’s too late. If you’re serious about privacy, relying on a browser-based client in this political climate is just asking for trouble.

Your complete dumb EU babble aside, you realize, Switzerland is NOT a member of the EU? 🤦‍♂️
I don't know, why I still try to argue with absolutely incompetent people, but here we are...

 

[cjsuk]

Your complete dumb EU babble aside, you realize, Switzerland is NOT a member of the EU? 🤦‍♂️
I don't know, why I still try to argue with absolutely incompetent people, but here we are...

I suggest you read further into this. Proton is moving out of Switzerland after they decided to change data protection laws. They moved some of their product and operations into EU already.

Now you have two sets of legislation to consolidate into your product.

All the privacy marketing guarantees are killed by upcoming or active legislation. You should not contract out your privacy to another company because they are defenceless against it. As are you. But if you control it then you can have your day in court should you need to.

I suggest you get your head around the legal implications and the technical implications before shouting incompetence at others.

 

[svish]

Can be a good alternative. But with free tier offering very little storage, don't think I will be using it much. Don't want to pay for another subscription.