‘Why ProtonMail Is More Secure Than Gmail’

October 23rd, 2017

Disclosure: I have no relationship with ProtonMail, besides being a user of the service.

While I wouldn’t assume that ProtonMail is as secure as they claim it to be, what is very clear is that far less of your personal information is going to leak from ProtonMail than it would from Gmail, which essentially functions as a purpose built marketing, law enforcement and intelligence agency database.

I like the idea of end to end PGP that’s usable by “normal” people without them having to do anything besides using ProtonMail, but I would be extremely cautious in believing that the implementation is working effectively in terms of thwarting state sponsored attackers. Even if ProtonMail is 100% sincere in their effort to provide a secure email system, the simple fact is that the platforms on which it runs are compromised from the operating systems down to the silicon.

NSA admits that it’s their deep understanding of the hardware that ultimately gets them in a lot of the time.

All of that said, let’s consider some basic factors:

Does Gmail share your data for marketing purposes? Definitely yes.

Does Gmail protect you from routine mass surveillance? Definitely no.

Does ProtonMail share your data for marketing purposes? Definitely no.

Does ProtonMail protect you from routine mass surveillance? Probably yes.*

* Assuming ProtonMail’s servers and apps aren’t compromised, and that ProtonMail users are emailing other ProtonMail users, or using PGP for non ProtonMail addresses, it appears that unauthorized access of ProtonMail communications wouldn’t be easy. My guess is that, if you are specifically targeted by a state intelligence agency, you are going to have a very, very hard time defeating that. While I wouldn’t assume that your ProtonMail data is secure from intelligence agencies (it might be, but I seriously doubt it), it would be secure from Google, which is pretty good!

If you have A) the desire and B) time to spend looking deeper into this, I’d recommend the Hacker News comment thread on this story.

Via: ProtonMail:

In 2014, ProtonMail became the world’s first email service to protect data with end-to-end encryption, and today is the world’s most popular secure email service with millions of users worldwide. ProtonMail’s technology is often misunderstood by tech writers (and sometimes incorrectly represented in the press), so this article aims to provide a clear description of how ProtonMail’s technology is different from Gmail, and what makes ProtonMail more secure.

Only you can read your emails
ProtonMail’s encryption means that nobody but you can read the messages in your mailbox. In fact, not even ProtonMail has the ability to read your messages. We believe that your private communications should be exactly that: private. On the other hand, Gmail can and does read every single one of your emails. If you are not comfortable giving Google unlimited access to all of your intimate communications, then ProtonMail’s approach to data privacy provides more security.

Improved security in the event of a data breach
ProtonMail uses Zero Knowledge Encryption, which means it is technically impossible for us to decrypt user messages. Zero Knowledge Encryption applies to all messages in your mailbox, even messages which did not come from other ProtonMail users.

This provides stronger security compared to Gmail because even if ProtonMail were somehow breached, user messages remain secure because ProtonMail only stores encrypted messages. In other words, if an attacker steals emails from ProtonMail, the attacker would not have the ability to decrypt them, as even ProtonMail cannot decrypt them. The use of Zero Knowledge Encryption therefore adds a strong layer of resiliency against catastrophic data breaches.

No tracking and logging
Google records literally every action done by its users. This includes your IP address, every search that you do, which emails you open, which websites you visit, and much more. ProtonMail takes the opposite approach and by default, does not monitor or record user activity, not even IP addresses.

Encryption for messages in transit
In addition to the security of emails at rest, one also needs to consider the security of emails in transit. Both ProtonMail and Gmail provide extra protection by using TLS encryption whenever possible when communicating with external email providers. However, ProtonMail goes one step further by also supporting end-to-end encryption.

In simple terms, end-to-end encryption means that messages are encrypted on the sender’s device (before it even leaves their computer or mobile phone), and can only be decrypted by the recipient on their device. This means that no third party which transmits or intercepts the email between the sender and recipient (i.e. internet service providers, the NSA, or even ProtonMail as the mail server operator) can decrypt and view the message.

This powerful protection is possible because ProtonMail has PGP email encryption built-in. End-to-end encryption is done automatically without user interaction whenever messages are exchanged between ProtonMail users. For an enterprise using ProtonMail for their email hosting, this means all communications between employees are automatically protected with end-to-end encryption. ProtonMail can also support sending/receiving end-to-end encrypted messages with recipients who are not using ProtonMail. The use of end-to-end encryption makes ProtonMail a better choice for security conscious individuals and organizations.

Smaller attack surface
ProtonMail only provides email and VPN services, so your Proton account is not connected to hundreds of other services. Compared to Google, ProtonMail is a much smaller target, and there is less risk that a vulnerability in another service breaches your email account.

One might argue that Gmail is more secure because it is a gigantic company with more engineers. However, there is ample evidence that demonstrates that security is not correlated to company size. In fact, large companies often are the most vulnerable due to larger attack surfaces, Yahoo and Equifax being two recent examples. There is no such thing as 100% security and history has shown that any system can be breached. ProtonMail’s unique ability to protect user data even in the event of a breach is a valuable benefit.

Strong authentication
ProtonMail uses Secure Remote Password in order to protect user credentials. This makes it difficult to conduct a brute force attack to obtain user credentials, even if the attacker has control over the victim’s network. Both Gmail and ProtonMail support two factor authentication (2FA), which provides an additional layer of security by requiring that an unique code be entered on each login (the code is usually generated on a separate hardware device). However, ProtonMail goes a step further by only using strong 2FA methods, and disallowing weaker methods such as 2FA over SMS.

Protected by Swiss and European privacy laws
ProtonMail stores user data exclusively in European countries with strong privacy protections such as Switzerland. This means that unlike Gmail, ProtonMail does not fall under the jurisdiction of intrusive US laws (such as the Foreign Intelligence Surveillance Act), and cannot be coerced into working for the NSA. With ProtonMail, you can be certain that your data always remains in Europe, in full compliance with EU privacy regulations. ProtonMail’s approach makes us compliant with Article 25 of the EU General Data Protection Regulation (GDPR) which mandates that services adhere to the principle of Privacy by Design.

Zero knowledge encryption means that even if a complaint is brought in a Swiss court that meet the high requirements for data disclosure, only encrypted emails could be handed over. As a Swiss company, ProtonMail cannot be forced to hand over data in cases of US or EU civil litigation. Thus, even if you don’t care about privacy, ProtonMail is still the ideal choice for businesses, journalists, activists, and individuals who are worried about the overreach of US government agencies or courts.

No conflict of interest
In addition to the technological and legal differences, ProtonMail and Gmail also have very different business practices. Whereas Gmail was created to lock users into the world’s largest and most invasive advertising platform, ProtonMail was created with the goal of protecting privacy rights and democracy in the digital age.

Google makes money by providing Gmail and other services for free in order to acquire personal data, which it then sells to advertisers. On the other hand, ProtonMail first priority is always user privacy, because our only customers are our users – not advertisers. Thus, choosing between Gmail and ProtonMail is also a personal choice: Do you want to sacrifice your privacy or instead use a service that respects privacy?

Conclusion
Both Gmail and ProtonMail provide email accounts, but that’s where the similarities end. In terms of technology, legal protection, and position on privacy rights, the two services diverge widely. If you just want an email account, either service will meet your needs. If email security, and in particular privacy is important to you, then you should consider ProtonMail as a Gmail alternative.

Leave a Reply

You must be logged in to post a comment.