This page is an archive of past discussions. Do not edit the contents of this page. If you wish to start a new discussion or revive an old one, please do so on the current talk page. |
Shouldn't [[File:Protonmail_system_architecture_2014.png|thumb|375px|Architecture of a ProtonMail datacenter.]]
be smaller?
71.34.137.244 (
talk)
09:31, 27 April 2015 (UTC)
Is protonmail really using a zero-knowledge protocol ? It is being said in the introduction, but nowhere else is anything specified (?) 95.91.240.213 ( talk) 20:05, 4 November 2015 (UTC)
Should the links at the bottom be retained? While they do link to nice summaries of email options, the Wikipedia pages they linked to does not include ProtonMail. I would suggest adding rows in the various tables which describe ProtonMail, or removing the links to the comparison pages. — Preceding unsigned comment added by 75.73.1.89 ( talk) 00:26, 26 February 2016 (UTC)
I am moving mention of the following historical vulnerability from the article to the Talk page. It does not seem notable at all, considering especially that it did not affect the then current version. -- Hyperforin ( talk) 01:26, 25 September 2016 (UTC)
Vulnerabilities
A video demonstrating a cross-site scripting attack was shown in July 2014. [1] The ProtonMail developers reviewed the video and confirmed that the issue affected an early development version of ProtonMail that was released in May 2014. The attack did not affect the then-current version. [2]
References
According to this source: https://protonmail.com/blog/protonmail-tor-censorship/ there are only "over 2 million" users. While technically 5 Million is "over 2 million", I think they would have wrote 5 million if it would be that much more than 2 million. Andylee Sato ( talk) 08:46, 19 January 2017 (UTC)
I just updated the user number based on a news post reflecting on 2018 on the protonmail.com website. -- Andylee Sato ( talk) 23:41, 25 January 2019 (UTC)
The section on encryption provides a moderately detailed description of how the crypto works, but it only sites a stack exchange article. The article has a brief description by someone claiming to be one of the developers, but even that doesn't support a number of the claims. I recommend replacing this section with something that indicates that ProtonMail has not provided an official explanation of how end-to-end encryption works. — Preceding unsigned comment added by SyntaxPolice ( talk • contribs) 19:40, 1 March 2017 (UTC)
https://protonvpn.com/about it is a thing too 88.159.71.224 ( talk) 00:24, 6 September 2017 (UTC)
The last section is not appropriate to an encyclopaedia - and is already out of date. I have not edited it as I suggest it is properly replaced. For example the section could say something like "As well as paid-for accounts Proton also offers a limited free account, stating that this is because... " Armuluk ( talk) 21:43, 13 January 2018 (UTC)
As said on the protonmail website, in the security-part Israel is involved. It takes a lot of explaining to clients, with some bitter words used, but to me its the end of the line. Not realy what i consider as secure 77.174.114.47 ( talk) 12:48, 3 October 2018 (UTC)
It is important. A quote, please? ( Zezen ( talk) 12:15, 18 June 2019 (UTC)).
Hi there Davey2010, I'm happy to work out the merits and demerits of the four edits under "dispute" here. But you'll need to address them each individually instead of via unexplained mass revert(s) of all four. It's not like there are 20 of them making it tricky. There are only four. Each is distinct and easily addressable. Each is even revertible individually without too much difficulty if you want to go that way (as long as you give explanations -- real ones). 98.216.246.87 ( talk) 00:41, 6 October 2019 (UTC)
There's a TON of fluffy talk ( WP:PUFFERY) here straight from ProtonMail's mouth. Reliance on PM as major source (and a primary one at that) has led to loads of unnotable inclusions of what amount to mere press releases. Secondary sources are what establish notability and those are sorely lacking here.
One of the pufferies is all this about "end-to-end" which is dubious and easily breakable. For one thing, which should be obvious, "end-to-end" cannot be said about emails that come in from outside or go out from inside PM's system. Nor, for emails within PM's system that aren't encrypted (as far as I can tell). Complex encryption systems leave lots of holes, especially when companies have "ease of use" as a requirement. For "end-to-end", encryption would have to be done by JS in the browser, but a simple change in the JS can easily break it and that can be easily accomplished by a court order, a botched update, or even a deliberate decision by the company (tough times, a gun to someone's head, etc.). Same goes for any PM-supplied client "app" that's subject to automatic updates. So, all that blather about "end-to-end" must be taken with a big grain of salt, and it should be addressed. 98.216.246.87 ( talk) 01:45, 6 October 2019 (UTC)
The current version of this article uses the term "beta" four times, but fails to explain what "beta" means in this context, or even provides a Wikilink pointing to an article that might explain the usage of "beta" that is meant in this article's context. Please correct this situation. 173.88.246.138 ( talk) 05:40, 6 June 2021 (UTC)
In contrary to what they say on their blog: "ProtonMail is Open Source” [1] ProtonMail seems to only release small parts of it's code as open source, and they release it slowly after using it in production, this kind of delay could speculatively be caused by the external audits — they speak of "Security Contributors" on their blog [2]</ref>. They have no intention of releasing their back end which — considering the audits — could be seen as some form of security through minority.
The security risks of open sourcing the back-end code is too high. It would let an attacker know how our infrastructure is set up or let spammers get insight into how to circumvent our anti-spam measures.
— ProtonMail Blog Admin, https://protonmail.com/blog/protonmail-open-source/#comment-8926
As of 22 february the only thing released as open source is the previous version (2.0) of the webmail front-end [3] which can still be accessed through v2.protonmail.com. Their server, iOS and Android code are closed. Though founder Andy Yen promised to the backers of the crowdfunding campaign to open source the native apps:
Hi Eric, this is why we are trying to hit our reach goal of $500,000 so we can also build native applications for ProtonMail which will be installed/loaded once, and also be open source.
— Andy Yen, www.indiegogo.com/projects/protonmail/#/comments
So I would simplify the introduction by saying
And in the infobox, the license could be:
-- Duvrai ( talk) 12:24, 22 February 2016 (UTC)
The "Location and security" section states that Switzerland was selected in part to avoid Fourteen Eyes. Switzerland is part of Club de Berne, which is an intelligence sharing organization involving some of the same nations comprising Fourteen Eyes. Any ideas how a protonmail user should interpret Club de Berne? Does any of this matter for normal law abiding users who just want to not feel like scammers, spammers and marketers are monitoring every detail of their private lives? For example, are these intelligence sharing activities ultimately a source of personal data for scammers, spammers and marketers? Does Club de Berne represent risk for criminal hacking of accounts?
Be very sceptical when companies advertise end-to-end encryption. They allow either content to leak online or to be shared amongst a group of people. Protonmail is not an exception. 2A02:587:C82E:15AA:E9C4:763:C9C:489 ( talk) 07:42, 9 March 2022 (UTC)
The result of the move request was: not moved. Too soon to tell if reliable sources have made the switch yet. ( non-admin closure) — Ceso femmuin mbolgaig mbung, mello hi! ( 投稿) 05:22, 21 June 2022 (UTC)
ProtonMail → Proton Mail – They rebranded and added a space. Evrifaessa ( talk) 14:16, 27 May 2022 (UTC) — Relisting. — Ceso femmuin mbolgaig mbung, mello hi! ( 投稿) 23:56, 6 June 2022 (UTC) — Relisting. >>> Extorc. talk 16:43, 13 June 2022 (UTC)
GeoffreyT2000 ( talk) 14:44, 27 May 2022 (UTC)
The actual name of the product is Proton Mail, with a space, this page should be moved. All the new product names can be found in the official blog: https://proton.me/blog/updated-proton Supertonyred ( talk) 10:39, 22 August 2022 (UTC)
Hi, all. I'm adding back Kobeissi's paper. Perhaps I didn't do a particularly good job of explaining why I thought it justified at the time to cite this paper with the view he is a subject matter expert, so I have explained in the edit summary and I though I would provide a longer explanation here.
Firstly, academic papers analysing encrypted applications are in direly short supply. This appears to be one of two papers which focus on ProtonMail. As a natural result of this, the article is heavily reliant on ProtonMail's own publications for details of its internal workings, 35 of the article's 65 sources (i.e. a little over half) are direct citations to ProtonMail as a WP:SELFSOURCE.
Secondly, I would regard Nadim Kobeissi as a Subject Matter Expert. He has previously written the much lauded CryptoCat messenger, but in more relevance to him being an SME, he was a professor of cybersecurity at the time[1], had previously written peer reviewed publications (e.g. [2]) and a number of much cited conference papers (e.g. [3]).
Thirdly, I would regard this paper itself this paper is itself seems fairly reliable, and the claims at least to me make sense. More resoundingly it is cited itself by a peer reviewed paper. [4]
Finally, I think that the wording of my contribution does not place to much weight on Kobeissi. He receives WP:INTEXT attribution and he is described as arguing the position, no statement is made on the actual integrity of the cryptography, just what Kobeissi's paper says.
I think that Kobeissi more than meets the conditions for being a Wikipedia SME, indeed that he is one of the best SMEs that this article could hope to have. Furthermore, if editors are to take the position that an independent researcher who is a professor and coder in the relevant field with publications and whose words are cited by a peer reviewed paper should not be used as a source because he is self published, then why should the article rely so heavily on the company itself, which may create bias or lead to inaccuracies.
[1]
https://computerscience.paris/security/
[2]
https://www.cairn.info/revue-archives-de-philosophie-du-droit-2015-1-page-297.htm
[3]
https://dl.acm.org/doi/10.1145/2993600.2993611
[4]
https://aip.vse.cz/pdfs/aip/2021/03/09.pdf
Best wishes all, ~ El D. ( talk to me) 20:49, 17 November 2022 (UTC)
It's been Proton Mail, with a space, for a while now. FunLater ( talk) 15:51, 7 February 2023 (UTC)
Protonmail is not following international SOS standards. They are facilitating certain corruption on the platform in favor of those who do not do well in life and hold titles they do not deserve by talent exploited from others more capable. 91.66.104.223 ( talk) 11:40, 21 March 2023 (UTC)
Today, april 20th 2023, Proton Pass was announced, it is a password manager made by Proton AG.
The service is currently only available to Lifetime users, and sooner this week Visionnary users should get beta access. It is unknown when the rest of the people will get access to the service.
Announcement blog post: https://proton.me/blog/proton-pass-beta
Security model blog post: https://proton.me/blog/proton-pass-security-model Adaoh ( talk) 01:12, 21 April 2023 (UTC)
The user below has a request that a significant addition or re-write be made to this article for which that user has an actual or apparent conflict of interest. The requested edits backlog is high. Please be very patient. There are currently 171 requests waiting for review. Please read the instructions for the parameters used by this template for accepting and declining them, and review the request below and make the edit if it is well sourced, neutral, and follows other Wikipedia guidelines and policies. |
Add a "features" section:
This edit request by an editor with a conflict of interest has now been answered. |
The Wikimedia Foundation's Terms of Use require that editors disclose their "employer, client, and affiliation" with respect to any paid contribution; see WP:PAID. For advice about reviewing paid contributions, see WP:COIRESPONSE. |
What I think should be changed (include citations): The existing page reads more like a company page than a product page. I suggest the following fixes to make it a product page and prevent cannibalization of the Proton AG company page:
Why it should be changed: At the moment, the Proton Mail page repeats a lot of information from the Proton AG page. This is confusing for users as it is not clear which page is the company entry and which is the Proton Mail product entry. Proton Mail should retain its own page because it is a well known service with a lot of press mentions, but the page should talk solely about Proton Mail. Currently, the Proton Mail page has a section called “Products”, where it lists all the other Proton products such as Proton VPN and Proton Drive.
References supporting the possible change: ProtonMail rebrands and unifies its products into three subscription tiers, Tech Spot [1]
Octazooka ( talk) 19:14, 9 May 2023 (UTC)
References
This edit request by an editor with a conflict of interest has now been answered. |
Edit request
|
---|
StorageProton’s default free account comes with 500 MB of storage that can be shared among Mail, Calendar, and Drive. From December 2021, users can upgrade their accounts to 1 GB of storage for free by performing four actions [1] [2]:
Proton’s premium plans Mail Plus and Proton Unlimited allow users to pay for additional storage up to 500 GB. [3] Storage capacity above 500 GB is only available to Proton users with a legacy Visionary plan (Proton’s highest-tier premium plan which was available until 25 May 2022) [4], or the winners of Proton’s annual Lifetime Account Charity Fundraiser. AddressesAll Proton Mail users have at least one free email address. Proton Mail email addresses can use one of the following domains:
Proton CalendarReleased for public beta on 30 December 2019, Proton Calendar is a fully encrypted calendar app. As of 14 April 2021, it is available to all users of Proton Mail. [5] [6] [7] ContactsOn November 21, 2017, Proton Mail introduced Proton Mail Contacts, a zero-access encryption contacts manager. Proton Mail Contacts also utilizes digital signatures to verify the integrity of contacts data. [8] Easy SwitchEasy Switch is a tool that securely imports emails and events from several popular email providers into a user’s Proton Mail inbox and calendar. Easy Switch works with Gmail, Outlook, and Yahoo, and can also be configured for IMAP access for other providers. [9] [10] [11] Proton Mail BridgeLaunched in 2017, Proton Mail Bridge is a desktop application that gives users the ability to use end-to-end encryption with their usual email client. [12] Proton Mail bridge links a user’s email account with popular email clients including Microsoft Outlook, Apple Mail, or Mozilla Thunderbird. Proton Mail Bridge is only available to users with a paid Proton Mail account. SimpleloginProton Mail acquired email alias service SimpleLogin in 2022. [13] SimpleLogin is an open source service that allows users to use email aliases to protect their privacy online and protect their main inbox from spam and phishing attacks. SimpleLogin functionality is integrated into Proton Mail, allowing the Proton community to hide their email addresses with SimpleLogin. SimpleLogin continues to function as a standalone service and the SimpleLogin team will continue to add new features and functionality. [14] SearchIn August 2021, Proton Mail launched encrypted search, allowing users to search the contents of the messages in their inbox. Previously, users had only been able to search for emails’ subject line, sender or recipient, date range, or other metadata. Proton’s encrypted search creates a local index of a user’s emails, preventing anyone from accessing the messages unless they have physical access to the user’s device. [15]
The above changes explain the various features of Proton Mail, which were previously missing from this entry. See Gmail and GMX Mail entries, which both have "Features" sections in them.
References
|
Octazooka ( talk) 12:19, 15 May 2023 (UTC)
Regards, Spintendo 20:08, 1 July 2023 (UTC)
It was proposed in this section that
ProtonMail be
renamed and moved to
Proton Mail.
result: Move logs:
source title ·
target title
This is template {{
subst:Requested move/end}} |
ProtonMail → Proton Mail – That's the new name. See how it is referred to on its Wikipedia article and on https://proton.me/mail; FunLater ( talk) 23:18, 24 July 2023 (UTC) This is a contested technical request ( permalink). FunLater ( talk) 17:21, 25 July 2023 (UTC)
References
{{
cite web}}
: |last=
has generic name (
help); External link in |last=
(
help)CS1 maint: numeric names: authors list (
link)