CKA Forums
Login 
canadian forums
bottom
 
 
Canadian Forums

Author Topic Options
Offline
CKA Super Elite
CKA Super Elite
 Vancouver Canucks
User avatar
Profile
Posts: 9445
PostPosted: Thu Nov 03, 2016 7:52 pm
 


Quote:
We're building an internet that protects privacy, starting with email.

We are scientists, engineers, and developers drawn together by a shared vision of protecting civil liberties online. This is why we created ProtonMail, an easy to use secure email service with built-in end-to-end encryption and state of the art security features. Our goal is to build an internet that respects privacy and is secure against cyberattacks.

We are committed to developing and widely distributing the tools necessary to protect your data online. Our team combines deep mathematical and technical knowledge from the world's top research institutions with expertise in building easy to use user interfaces. Together, we are building the encrypted communication technologies of the future.

End-to-End Encryption

Messages are encrypted at all times

Messages are stored on ProtonMail servers in encrypted format. They are also transmitted in encrypted format between our servers and user devices. Messages between ProtonMail users are also transmitted in encrypted form within our secure server network. Because data is encrypted at all steps, the risk of message interception is largely eliminated.

Zero Access to User Data

Your encrypted data is not accessible to us

ProtonMail’s segregated authentication and decryption system means logging into a ProtonMail private email account requires two passwords. The first password is used to verify the identity of the user. After that, encrypted data can be retrieved. The second password is a decryption password which is never sent to us. It is used to decrypt data on your device so we do not have access to the decrypted data, or the decryption password. This means we cannot hand over your data to third parties. For this reason, we are also unable to do decryption password recovery. If you forget your decryption password, we cannot recover your data.

https://protonmail.com/
_______________________________

Is anyone using this email service? Apparently Google almost killed it which could be a good thing.


Offline
CKA Super Elite
CKA Super Elite


GROUP_AVATAR
User avatar
Profile
Posts: 9046
PostPosted: Thu Nov 03, 2016 8:07 pm
 


Quote:
Your encrypted data is not accessible to us


Bullshit.
Unless "us" means the minimum wage goofs with their scripts who answer the phones.


Offline
CKA Moderator
CKA Moderator
User avatar
Profile
Posts: 33963
PostPosted: Fri Nov 04, 2016 5:29 am
 


I used to use a service called "Hushmail". They made all the same claims. Based in Canada too. Until they gave their encryption keys to the US Government the first time they were asked.

So long as a company holds those, your information is never truly safe. If you want safe email, get your own domain and set up your own server with your own encryption keys. If you want absolutely safe email, well, there is no such thing. Deal with it. ;)


Online
CKA Moderator
CKA Moderator
 Vancouver Canucks


GROUP_AVATAR
User avatar
Profile
Posts: 63925
PostPosted: Fri Nov 04, 2016 8:00 am
 


herbie wrote:
Quote:
Your encrypted data is not accessible to us


Bullshit.
Unless "us" means the minimum wage goofs with their scripts who answer the phones.


No, this is entirely possible. If it's a salted hash that unlocks your mail and the only part of the hash they hold is the salt then yes, they won't be able to recover your data even if they're ordered to do so.


Offline
CKA Super Elite
CKA Super Elite


GROUP_AVATAR
User avatar
Profile
Posts: 9046
PostPosted: Fri Nov 04, 2016 10:07 am
 


Entirely possible re seeing the mails themselves, except they're claiming they can't even get to your encrypted mail. It's still there on their server's /var/mail/user and someone has root.
I've just used my own email servers for over a decade, gmail, ISP mail and hotmail for piddling about with. Guess I'll never run for President.


Online
CKA Moderator
CKA Moderator
 Vancouver Canucks


GROUP_AVATAR
User avatar
Profile
Posts: 63925
PostPosted: Fri Nov 04, 2016 11:29 am
 


herbie wrote:
Entirely possible re seeing the mails themselves, except they're claiming they can't even get to your encrypted mail. It's still there on their server's /var/mail/user and someone has root.
I've just used my own email servers for over a decade, gmail, ISP mail and hotmail for piddling about with. Guess I'll never run for President.


You can administrate encrypted files on a server but without the hash key you can't open them even if you have /root access.

And what I'd already posted is what these folks do:

Quote:
ProtonMail’s segregated authentication and decryption system means logging into a ProtonMail private email account requires two passwords. The first password is used to verify the identity of the user. After that, encrypted data can be retrieved. The second password is a decryption password which is never sent to us. It is used to decrypt data on your device so we do not have access to the decrypted data, or the decryption password. This means we cannot hand over your data to third parties. For this reason, we are also unable to do decryption password recovery. If you forget your decryption password, we cannot recover your data.


The second password gets hashed and that is what decrypts the email. The email is then encrypted at rest.

It's pretty secure. Secure enough that the only way to get at it is to view it when you're reading it.


Offline
CKA Moderator
CKA Moderator
User avatar
Profile
Posts: 33963
PostPosted: Fri Nov 04, 2016 11:37 am
 


BartSimpson wrote:
It's pretty secure. Secure enough that the only way to get at it is to view it when you're reading it.


Pretty secure, but it also depends on the algorithm they are using. There are a few that notoriously were sabotaged by the NSA because their implementation provided a number of unintended and unwanted 'collisions' that allowed an easier brute force attack on the encryption.


Online
CKA Moderator
CKA Moderator
 Vancouver Canucks


GROUP_AVATAR
User avatar
Profile
Posts: 63925
PostPosted: Fri Nov 04, 2016 11:46 am
 


DrCaleb wrote:
BartSimpson wrote:
It's pretty secure. Secure enough that the only way to get at it is to view it when you're reading it.


Pretty secure, but it also depends on the algorithm they are using. There are a few that notoriously were sabotaged by the NSA because their implementation provided a number of unintended and unwanted 'collisions' that allowed an easier brute force attack on the encryption.


Two-part, salted hashes are unbreakable at the current time because you can't extrapolate the missing parts of the hash from the salt.


Offline
CKA Moderator
CKA Moderator
User avatar
Profile
Posts: 33963
PostPosted: Fri Nov 04, 2016 11:54 am
 


BartSimpson wrote:
DrCaleb wrote:
BartSimpson wrote:
It's pretty secure. Secure enough that the only way to get at it is to view it when you're reading it.


Pretty secure, but it also depends on the algorithm they are using. There are a few that notoriously were sabotaged by the NSA because their implementation provided a number of unintended and unwanted 'collisions' that allowed an easier brute force attack on the encryption.


Two-part, salted hashes are unbreakable at the current time because you can't extrapolate the missing parts of the hash from the salt.


True, I forgot they used salted hashes. [B-o]


Post new topic  Reply to topic  [ 9 posts ] 



Who is online

Users browsing this forum: No registered users and 1 guest




 
     
All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest © Canadaka.net. Powered by © phpBB.