Jump to content
Not connected, Your IP:
Artful Dodger

Funding suggestion

Recommended Posts

There are some interesting things about ProtonMail in the past.

  • Thomas Ross once discovered a XSS vulnerability in their web code. He said it was a greenhorn mistake. More frightening thing is how this got fixed.
    He sent a mail to the developers informing them about this but he didn't get a reply. Ten days later he sent another mail asking if they did something about it, they said they fixed all known vulnerabilities. He then tried to use this vulnerability again - and it still worked! Only a few days later he saw that it got fixed - silently, without any information by the developers. This is not how a "secure" mail provider should act.
  • Swiss security researcher Nicolas Mayencourt too doesn't like them.
    ProtonMail uses one password for login and one for encryption - similar to Lavabit. When a user logs in successfully, the browser establishes an encrypted connection through which the encryption password is being sent. Theoretically, ProtonMail is able to read the encryption password.
  • Though they claim full anonymity, it is not guaranteed because of Büpf (Gesetzesvorlage betreffend die Überwachung des Post- und Fernmeldeverkehrs, bill regarding surveillance of postal and telecommunicational traffic) which compels ProtonMail to cooperate whenever investigators need user data.

Good suggestion, anyway. Maybe they can hire some more developers like OpenSSL did.


LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post

Link to post


I see you are not a fan Gigan The 3rd.


You got me completely wrong.. really. And it's giganerd, not "gigan the third". What's a gigan, anyway?

I'm not a fan, yes, but I'm not a hater, either. I'm just telling everyone what I recently read about ProtonMail.

It's not my intention to prevet people from voting for it, as I clearly wrote: Maybe they can hire some more developers like OpenSSL did.

Indirectly I compared ProtonMail with more promising providers like Posteo.de.


LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post

Link to post

Gigan3rd, this post really made me chuckle, because I've been reading "Gigan 3rd" instead of Giganerd too. Good to have the clarification! The latter is way better!

On the issue of ProtonMail, I was looking forward to some replies to this post. I am the diammetrical opposite of a nerd, so I can't make intelligent comments on a technical level. On a non technical level, when I checked out ProtonMail, I did find myself wondering about them. They come across like a bunch of establishment preppies, with their super simple, super accessible, polished product and their MIT credentials. I couldn't help but picture a pack of NSA snoops shadowing their every move (or are they pulling their every string?) And before you even think it, Gigan3rd....yes, I know, too paranoid. Still, how do the nerds and geeks in the AirVPN community feel about ProtonMail compared with StartMail (the mail project of the folks at StartPage/Ixquick, now in beta) and DarkMail, being developed by Phil Zimmerman, Leveson, (and the other dude whose name I can never remember)? These guys have serious, established, credentials in privacy protection, but haven't managed to launch a final, "secure email" product onto the market yet. I'd be keen to know how all these projects compare.

Share this post

Link to post

"What's a gigan, anyway?"





Are you kidding me?


Gigan3rd, this post really made me chuckle, because I've been reading "Gigan 3rd" instead of Giganerd too. Good to have the clarification! The latter is way better!


I'm going to change my name immediately.


I cannot say anything about StartMail and DarkMail because up to now I didn't know these projects exist.


LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post

Link to post

Oh no, don't do that.


Done already. I don't want to be associated with a Bandai monster figure.


LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post

Link to post

 There has been no email service that can really be considered secure since Lavasoft that I know of, although upcoming LavaboomDark Mail, and so I thought Protonmail all look promising. Never knew about the Startmail one.


Sorry for the wrong name giganerd and thanks for the info.

Share this post

Link to post

Lol, for a long time I thought it was gigan 3rd as well, until one day I realised "Ohhhhh!"


@ocelot I think the whole simplicity and ease of use thing about ProtonMail is what makes it really good. Because the complicatedness of OpenPGP prevents it from widely adopted, services like ProtonMail become more of a threat to mass surveillance because they have a much broader appeal. Having said that, I'm not a nerd or geek in the technical sense either - just a hobbyist.

Share this post

Link to post

Lol, for a long time I thought it was gigan 3rd as well, until one day I realised "Ohhhhh!"


And this day - is yesterday.


LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post

Link to post

@Artful Dodger, thanks for the post. I had never heard of Lavaboom, and it does sound interesting. Although I do use StartPage and Ixquick, StartMail somehow doesn't quite sound convincing to me, and I am leaving Dark Mail to the Giga Nerds of the world. Definitely not me. Now it remains to see whether ProtonMail is a sound option, or whether it has the NSA's fist up its ass and is backdoored to within an inch of its life. All these references to their cosy relationship with MIT already raises my eyebrows. And is it just my imagination, or is it much easier to get a sense of what Lavaboom does in a technical sense and how it does it, compared with ProtonMail? @dwright, I agree with you, I find the simplicity of ProtonMail very attractive...and yet, there's just something about this.....

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Security Check
    Play CAPTCHA Audio
    Refresh Image

  • Create New...