ProtonMail

from Wikipedia, the free encyclopedia
Globe icon of the infobox
ProtonMail
Website logo
Encrypted email, made simple
E-mail service
languages u. a. English, German, Spanish, French, Italian, Japanese, Dutch, Polish, Portuguese / Brazilian, Slovenian, Romanian, Turkish, Ukrainian
operator Proton Technologies AG,
Plan-les-Ouates , Switzerland
user 20 million (January 2020)
On-line (currently online)
https://www.protonmail.com/de

Protonmail is a free e-mail - Service ( free mail -Anbieter), which encrypts the messages of users. This was founded by Jason Stockman, Andy Yen and Wei Sun, employees at the CERN research facility, in 2013 and is available in 25 languages, including a. German, English and French, available. ProtonMail is an end-to-end encrypted service that protects the mails before they are sent to the ProtonMail server. ProtonMail is operated by Proton Technologies AG, which is based in Plan-les-Ouates ( Canton of Geneva ). Your servers are located in two locations in Switzerland , outside of EU and US jurisdiction.

ProtonMail had around 250,000 users in August 2014; In June 2015, the number of users doubled to 500,000. At the end of 2015, the number of users was around one million. In spring 2020, over 25 million users were named.

Functions

The encryption and decryption takes place in the web browser. Since the ProtonMail servers do not encrypt the users' data, password recovery is also not possible, and the user data cannot be decrypted even in the event of government coercion against the service provider.

With ProtonMail it is also possible to give the mails an expiry date. A link to the actual message is sent as an email. The message can also be protected with a password - this is required for external recipients (no ProtonMail mailbox). When the expiration date is reached, the message is automatically deleted from the server and the link in the recipient's mailbox is therefore invalid.

safety

The server locations in Switzerland

ProtonMail uses a combination of an asymmetric cryptosystem and a symmetric cryptosystem to ensure end-to-end encryption . When a user creates an account , the browser generates a public and a personal RSA key. The public key is used for the encryption of the mails and the data. The personal key, which is responsible for the decryption of the data, is symmetrically encrypted with AES -256. The mailbox password serves as the key (symmetrical encryption). In this way it is possible to store the private (actually secret) key in encrypted form with ProtonMail, so that it is available on every client when logging in.

Messages sent from one ProtonMail user account to another ProtonMail user account are encrypted with the recipient's public key. Messages that are sent from a ProtonMail user account to a non-ProtonMail user account are sent encrypted or unencrypted. The non-ProtonMail member receives a link that takes him to the ProtonMail page. The browser then decrypts the email with a previously agreed key.

The source code and encryption are open source and can therefore be checked, which is intended to increase security and confidence in the service.

The servers

The structure of a ProtonMail data center

ProtonMail has its own server hardware and networks so that it does not have to entrust its administration to third parties. Since the servers were overloaded in 2014, the founders began to expand the server setup.

Transport Layer Security (TLS) is used to protect the exchange between the users and the servers . The source code has been disclosed.

history

ProtonMail was founded in 2013 to reveal the Snowden Affair and was inspired by Gmail (ease of use) and Snapchat (message self-destruct).

financing

On June 17, 2014, ProtonMail started a crowdfunding campaign on Indiegogo with the aim of raising 100,000 US dollars . On June 30, 2014, ProtonMail's PayPal account was blocked, preventing the withdrawal of USD 251,721. A representative from PayPal said the reason was that there were doubts about the legality of the encryption. However, the allegations were incomprehensible and the lock was lifted the next day. The campaign ended on July 31, 2014. By then, 10,576 donors had donated a total of USD 550,377.

On March 18, 2015, ProtonMail received $ 2 million from Charles River Ventures and the Fondation Genevoise pour l'Innovation Technologique. With this sum, the number of employees is increased and the offer expanded.

DDoS attack 2015

In November 2015, ProtonMail was the target of a massive DDoS attack and was extorted into payment for a sum of money. Since the establishment of protective measures after this attack, ProtonMail's Internet traffic has been routed via Frankfurt am Main in the event of attacks on the website , otherwise via Zurich .

Open source

The software has been open source since ProtonMail 2-0 . The source code and the encryption can therefore be checked completely.

ProtonMail 3.1

With ProtonMail 3.1 Android and iOS apps as well as support for own domains were introduced. In addition, paid accounts have been introduced that offer more functions than the free version.

Google affair 2016

In 2015 and 2016, ProtonMail was suppressed in search results by Google, which resulted in ProtonMail gaining fewer paying new users than planned.

ProtonMail Bridge

The ProtonMail Bridge is a paid application that is installed on the local computer, runs in the background and seamlessly encrypts and decrypts emails. It enables the ProtonMail account to be fully integrated with any program that supports IMAP and SMTP, such as B. Microsoft Outlook , Mozilla Thunderbird and Apple Mail .

pm.me short domain

The short domain pm.me was introduced with ProtonMail 3.13. This can optionally be activated in the account. A pm.me address can be passed on more easily than the longer protonmail.com address - for example verbally. Users of the free service can currently only receive with the pm.me address (and reply with the protonmail.com address), paying users can also send with the pm.me address.

Free software

Since April 2020, the source code of all programs with which you can access your Proton mails (Android, iOS, Bridge and the network program) is freely available on Github , under GPL 3.0 and MIT licenses.

Account types

ProtonMail offers e-mail services with various technical functions. The bookable users, storage space, addresses and domains were taken from the dashboard (access only for registered users).

Web links

Individual evidence

  1. What can you use instead of Google and Facebook? bbc.com, accessed January 24, 2020 .
  2. ^ Tor Hidden Service. In: protonmail.com. Retrieved August 26, 2017 .
  3. ^ John Biggs: ProtonMail Is A Swiss Secure Mail Provider That Won't Give You Up To The NSA. In: techcrunch.com. June 23, 2014, accessed August 29, 2015 .
  4. William Suberg: ProtonMail collects over US $ 10,000 in BTC donations in 6 weeks. In: cointelegraph.com. June 30, 2014, accessed August 29, 2015 .
  5. Why Switzerland? In: protonmail.ch. May 19, 2014. Retrieved August 29, 2015 .
  6. Join Us. In: protonmail.ch. Retrieved on August 29, 2015 (access only possible via login).
  7. Encrypted email service with MIT ties opens to general public
  8. Encrypted emails: Protonmail open to everyone at the end of January. In: Neue Zürcher Zeitung . December 16, 2015, accessed November 14, 2019 .
  9. The founder of Protonmail warns that the crypto revelations will damage the Swiss location. In: Neue Zürcher Zeitung . April 18, 2020, accessed July 18, 2020 .
  10. ProtonMail: faq5. In: protonmail.ch. ProtonMail, March 18, 2015, accessed August 29, 2015 .
  11. Swati Khandelwal: ProtonMail: 'NSA-Proof' End-to-End Encrypted Email Service. In: thehackernews.com. May 26, 2014, accessed August 29, 2015 .
  12. How are ProtonMail keys distributed? In: stackexchange.com. security.stackexchange.com, 2014, accessed August 29, 2015 .
  13. a b ProtonMail is Open Source! - ProtonMail Blog. August 13, 2015. Retrieved August 2, 2016 (American English).
  14. About-Secure ProtonMail Beta Maxes Out Servers in Just 60 Hours. In: infosecurity-magazine.com. Retrieved August 29, 2015 .
  15. Patrick Howell O'Neill: PayPal freezes account of email encryption startup ProtonMail [Update]. In: dailydot.com. July 1, 2014, accessed August 29, 2015 .
  16. ^ Paypal Freezes ProtonMail Campaign Funds. In: protonmail.ch. June 30, 2014, accessed August 29, 2015 .
  17. IndieGoGo: ProtonMail. In: indiegogo.com. Indiegogo, accessed August 29, 2015 .
  18. ProtonMail has raised $ 2M USD to protect online privacy. In: protonmail.ch. Retrieved August 29, 2015 .
  19. Protonmail pays blackmailers 5800 francs
  20. De puissantes attaques informatiques mettent à genoux la société genevoise ProtonMail
  21. ^ ProtonMail, Israel, and Radware relationship
  22. We have launched support for custom domains and paid accounts! - ProtonMail Blog. February 26, 2016. Retrieved August 2, 2016 (American English).
  23. ^ Search risk - How Google almost killed ProtonMail
  24. Introducing ProtonMail Bridge, email encryption for Outlook, Thunderbird, and Apple Mail In: protonmail.com, December 6, 2017, accessed December 7, 2017.
  25. ProtonMail v3.13 Release Notes In: protonmail.com, March 29, 2018, accessed May 24, 2018.
  26. https://protonmail.com/blog/android-open-source/
  27. ^ ProtonMail Pricing. In: ProtonMail. Retrieved January 17, 2018 .
  28. ProtonMail Dashboard. In: ProtonMail. Retrieved May 24, 2018 .