Interview Secure email service ProtonMail has come out of beta and re-opened free registration to all for the first time in almost two years.
Applications to join the invite-only service had been backed up almost since the day it launched, as the free encrypted mail service quickly reached its upper capacity of users and struggled to grow to meet demand.
ProtonMail was launched back in May 2014 by scientists who had met at CERN and MIT, with a $550,000 crowd funding campaign. It also received $2m from Charles River Ventures and a Geneva-based startup accelerator, the Fondation Genevoise pour l’Innovation Technologique.
In response to Snowden-inspired panic, netizens flocked to ProtonMail on the back of its claims to offer a government-resistent end-to-end encrypted email service. CEO Andy Yen told The Register that the company had been “swamped” within three days of opening, which meant it was “forced to institute a waiting list for new accounts after signups exceeded 10,000 per day.”
Such a waiting list may come back should this happen again, suggested Yen, who said ProtonMail would keep things open for as long as they could sustain it. “The issue is the conversion rate of free to paid customers,” he added, as “unlike Gmail we can't make money from advertising, only from donations or people paying for the service.
Geneva-based ProtonMail claimed it now “has over one million users participating in its closed beta, including businesses, journalists, activists, and private individuals” who support its open client-side code with reviews and also donate to the project.
In 2014 the company's oft-touted security was pwned by a “trivial vulnerability”, illustrated in a video by German security expert Thomas Roth. He only released the video after notifying ProtonMail and giving them time to fix the vuln.
During the past six months ProtonMail has been living off of those donations, Yen told The Register, which seemed like enough to cover its operations and growth until it was hit by two DDoS attacks late last year which, for a brief while, crippled the service. At the time, the smaller of the attackers, known as the Armada Collective, managed to wrangle a ransom from the business.
The larger attacker – which ProtonMail suspects was backed by a nation state aggrieved by the service's work to facilitate users' privacy – made no attempt to contact the business, however. Yen confirmed to The Register that the DDoS attacks do continue but are now mitigated.
The first release of ProtonMail 3.0 was held off by the DDoS incident, after which the service realised it had to switch its model, increasing its backend by tripling the server capacity. Following community demand, it also introduced a paid service in which supporters can purchase additional service – including an option for enterprises by adding support for custom domains.
Alongside the move, ProtonMail is also launching its free iOS and Android mobile applications which are available in the Appe App store and Google Play store.
Security with Android software is a consistent issue, Yen acknowledged: however Android was the more popular operating system among the service's userbase, and the ProtonMail community was attentive and interested in verifying the security of the applications it uses.
Yen stated that “the best way to ensure that encryption and privacy rights are not encroached upon is to get the tools into the hands of the public as soon as possible and widely distributing them.”
How does it work?
ProtonMail segregates the authentication and decryption requirements, so users of the service are required to remember two passwords. The first password is sent to ProtonMail's servers to authenticate a user's identity, and retrieve the messages are which stored on ProtonMail's servers in an encrypted format.
Using only “secure implementations of AES, RSA, along with OpenPGP” the Swiss email provider explained that users' messages remain in an encrypted format when they are transmitted between the service's servers and the end-user's device.
Decryption of that data happens on the end-user's device, using the second password. ProtonMail states that this means “we cannot hand over your data to third parties. For this reason, we are also unable to do decryption password recovery. If you forget your decryption password, we cannot recover your data.”
The menace of government
This ability has been tested, Yen told The Register: “We had one request from the UK that came in about a month ago. Under Swiss law, ProtonMail can only turn over user data if we receive a request from a Swiss court that is approved by the judge. ProtonMail can only hand over encrypted messages as we do not have the ability to decrypt user messages.”
While the UK request came in “through all of the proper channels,” according to Yen, all that the service was able to provide was the material in encrypted format. He added that ProtonMail does not feel challenged by the UK's new Investigatory Powers Bill, citing Switzerland's much stricter privacy provisions in law, and that “from a ProtonMail standpoint, our cryptography is based on mathematics, and unlike new legislation those laws are pretty much constant.”
Yen suggested some of the talk regarding cryptography from the UK and US, especially in the light of the Apple v FBI debacle was “put forward by people who don't really understand the technical issues.”
He also warned against the retention of data by communications service providers: “You've seen how good TalkTalk was at storing data” and adding that “these laws, when they come into place, will simply make cyberterrorism easier. It doesn't make terrorism less of a problem, it just moves it to a new venue.” ®