Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

From their blog post:

"Under no circumstances can our encryption be bypassed, meaning emails, attachments, calendars, files, etc. cannot be compromised by legal orders."

I hate this type of grandstanding. If the swiss authorities make a legal order demanding that protonmail include a rogue JS file when a specific IP address requests their inbox, they will have to do it. It reminds me of XKCD #538, All this advanced tech to make it so everyone trusts their email is encrypted no-matter-what and it all falls apart with one subpoena.

Oh, and apparently (According to this blog post) they 'wouldnt be able to fight or appeal' that type of order either. This is basically how PRISM was implemented back in the day, The NSA mandated various providers comply with code changes.



> If the swiss authorities make a legal order demanding that protonmail include a rogue JS file when a specific IP address requests their inbox, they will have to do it.

Didn't Apple successfully resist doing similar when the FBI asked Apple to crack into the San Bernadino terrorists' phones by pushing special code just to those phones? Hypothetically, would Swiss law have allowed Swiss-FBI to compel Swiss-Apple to comply with this demand?


This is not true however, as under Swiss law, Swiss authorities don't have the legal power to issue such an order. Swiss law is very clear on this point.


Same here. The fact that this is the #1 item on their blog post gives me concern as a paying customer.

They cannot and should not guarantee this. It is a losing strategy.

They must educate customers on the limits of Protonmail. Or at least, whoever takes their place will. Protonmail looks DOA at this point.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: