A friend recently recommended I look into the ProtonMail Secure Email Service as an alternative to Gmail, Hotmail, or one of the other free email services. So I decided to give it a try and requested an invite through their website.
While no networked computer or communications system can be completely secure this one seems to have the right mix of security + usability. They have an interesting list of security features and are upfront about their services threat model.
This article from ExtremeTech is too early for ProtonMail but contains interesting information on secure email in general as well as some other services.
The main problem I’ve found with encryption is not that it is difficult for a techie or determined person to use. It is that it is difficult for people in general to use, thus preventing it from becoming ubiquitous.
From ProtonMail’s website it seems that they have been to strike a balance between usability and security. I have to wait a few days before my account is setup but I’m hoping they are right!
There is also an excellent paper writing by Daniel J. Solove on Misunderstandings of Privacy and their implications. And I feel that while most people don’t have something to hide they also don’t necessarily want people to know their medical history or conditions, certain private family matters, and confidential business matters. I strongly agree with Daniel that the discussion should not be about “having anything to hide,” and more of “why do you need to know?”
Once I’m able to get an account on Protonmail will post a follow up on ease of use and setup.
One last note on email security and computer security in general, any system is only as secure as it’s weakest link.