> Do you have evidence that Proton does not actually encrypt their emails?

Their encryption is based on PGP and therefore only message contents are "E2E" encrypted. Subject, From, To, etc. are not. These fields contain most of the information already. For example, Amazon puts the name of the ordered item in the subject line, so they can still see what you ordered.

And I'm putting "E2E" in quotes because if the sender does not send encrypted emails, then they can read the full content at delivery time, obviously. They immediately encrypt them with your public key and they claim that they discard the unencrypted version after that but there is no way we can verify that.

Long story short: you still have to trust your email provider after all. If I'd want to switch away from Google, I'd probably switch to some "normal" email provider (Fastmail, Apple, etc.). The benefits of "E2E" encryption for email are questionable and the drawbacks huge (for example search is very limited). But competition is good and I'm glad they are advancing.

>Subject, From, To, etc. are not.

I never claimed they were.

>These fields contain most of the information already

Except, you know, the body of the email.

>Amazon puts the name of the ordered item in the subject line, so they can still see what you ordered.

Yes, Proton is not a panacea. Again, never claimed it was. You can't just abandon all opsec because you use Proton, I agree.

>Long story short: you still have to trust your email provider after all. If I'd want to switch away from Google, I'd probably switch to some "normal" email provider (Fastmail, Apple, etc.). The benefits of "E2E" encryption for email are questionable and the drawbacks huge (for example search is very limited).

I agree with the point about trust. You have to trust your hardware wasn't backdoored on the way out of the factory, too. Security and privacy are about trade-offs and weighing risks. I've weighed my risks and made my choices.

> Do you have evidence that Proton does not actually encrypt their emails?

It doesn't matter. Proton supplies the client software, so if they want (or are forced to by law enforcement), they can easily push an update that exfiltrates decrypted data back to their server.

It seems rather harsh to brand them as pure snake oil based on a hypothetical situation that applies to basically every single piece of software and hardware ever invented, but fair enough.

I like to see it as an unsolved problem. Similar to when Diffie and Hellman revolutionized cryptography with the concept of public/private keys, I like to think that one day, a revolutionary proof will drop that demonstrates a true trustless privacy model where backdooring isn't even a remote possibility.

I suppose you always have to trust someone. (I'm not the one who branded them as snake oil, BTW)

What does "encrypting" an email mean to you? If a Gmail user contacts me on Protonmail and Protonmail "encrypts" the message to me after receipt - what problem have we solved?

I wonder why you used quotes around encryption? They encrypt the email. That very obviously does not mean Proton somehow encrypted the sent email in the senders Gmail account.

However, lacking the other data point (e.g. knowing who has sent me an email from a service that does not encrypt their emails, and being able to access that email from that account), my emails are not readable without my secret.

I never claimed that Proton can encrypt someone else's emails.

I think the point of contention is exactly how obvious this is to most Protonmail users. I worry too many read "it's encrypted" and make dangerous assumptions about what can actually be guaranteed rather than investigating first-hand; this is the real risk of such services, in my opinion.

I put "encryption" in quotes to indicate nuance in the characterization. A locksmith installs an amazing door and lock at my home, but keeps a copy of the key at the shop - I think a fitting analogy for what Protonmail is essentially doing here. This isn't a value judgement - such a setup is perfectly reasonable for most people's threat model - rather an honest apprehension of actual trust boundaries.

I absolutely agree that the marketing and branding around almost every service that either does (or claims to) promote privacy and security leaves a lot to be desired.

It's a hard problem, and a problem applicable to many domains. How do you communicate nuance that requires multiple years of education to people who don't have multiple years of education? I don't know.