The Only Email System The NSA Can't Access

Discussion in 'Security, Privacy & Anonymity' started by DTdr2, May 20, 2014.

  1. DTdr2

    DTdr2 Member

    When the NSA surveillance news broke last year it sent shock waves through CERN, the particle physics laboratory in Switzerland. Andy Yen a PhD student took to the Young at CERN Facebook group with a simple message: “I am very concerned about the privacy issue, and I was wondering what I could do about it.”

    There was a massive response, and of the 40 or so active in the discussion, six started meeting at CERN’s Restaurant Number 1, pooling their deep knowledge of computing and physics to found ProtonMail, a gmail-like email system which uses end-to-end encryption, making it impossible for outside parties to monitor.

    Encrypted emails have actually been around since the 1980s, but they are extremely difficult to use. When Edward Snowden asked a reporter to use an end-to-end encrypted email to share details of the NSA surveillance program the reporter couldn’t get the system to work, says Yen.

    “We encrypt the data on the browser before it comes to the server,” he explains. “By the time the data comes to the server it’s already encrypted, so if someone comes to us and says we’d like to read the emails of this person, all we can say is we have the encrypted data but we’re sorry we don’t have the encryption key and we can’t give you the encryption key.”

    “We’ve basically separated the message that’s encrypted apart from the key – all the encryption takes place on your computer instead of our servers, so there’s no way for us to see the original message.”

    This is different from all other systems, says Yen. While Gmail has implemented some encryption, they still have the encrypted message and the key to decrypt the message.

    While half the team is now at MIT, some are still in Switzerland where the ProtonMail’s servers are housed for extra protection. “One of the key things we want to do is control our servers and make sure all the servers are in Switzerland which will increase privacy because Switzerland doesn’t do things like seize servers or tape conversations,” says Yen. This will help avoid a situation where the U.S government could forcibly shut them down, says Yen, similar to what happened to Lavabit last year.

    Yen has turned down venture capital firms looking to invest in ProtonMail. “The reason we have to be bootstrapped is because if we take our money from something like Google Ventures, there goes our credibility. By being in this market we have to fund ourselves,” he says, adding that they’re considering a crowd funding round next month.

    ProtonMail’s revenue model is similar to something like Dropbox – charging only for extra storage.

    “One of our motivations was human rights,” says Yen. “Having privacy is very important from a freedom of speech standpoint.”

    The paid accounts will be $5/month and will provide 1GB of storage. Yen says they will accept bitcoin or even cash payments to allow users to remain anonymous.

    They recently ran an update so they could support Chinese. Yen says they didn’t advertise this but through Twitter a blogger who has been involved in the freedom of speech movement heard about the service.

    “All of a sudden we had an influx of hundreds of Chinese users – these are dissidents that don’t want the government to be tracking them,” says Yen. “It’s because we want to support users like this that we want to keep a certain level of the service free.”

    Yen expects they’ll see the most traction in countries like China, Syria, Russia and Iran, where “you have these massive populations who cannot send an email without fear that they’re going to get arrested.”

    It’s also an alternative to the ad-based revenue model of free services like Gmail which actively scan your emails to deliver relevant ads to you online.

    “You’re forced to trust Google,” says Yen. “What this really shows is that Google is not really trustworthy. Google makes money by scanning your emails and feeding you ads off of what you’re writing about; part of their core structure is to allow Gmail to read your emails and use your data.”

    Most of ProtonMail’s team spends half their time working on the project. “We’re all CERN or MIT scientists, so we’re doing research on computing, mathematics, physics that’s actually closely related to what we do on the secure email. Encryption is very mathematical so we have four PhD physicists working on this,” says Yen.

    ProtonMail just launched globally out of a private beta and is currently working on an Android or iPhone app expected to be ready by the end of the summer. Yen says demand is far higher than expected.

    “We’re close to 20,000 users now and have had to close the signups temporarily while we add more servers. We were not expecting 10,000 users per day even in our most optimistic projections so we’re scrambling now to support more,” he says.

    The Only Email System The NSA Can't Access - Forbes

    Oregonstrong and Millard Baker like this.
  2. BBC3

    BBC3 Member

    When I see catch-phrase like that, I am thinking that this is the single FIRST and MOST monitored..;)

    When you consider that NSA most likely has a CLONE of Microsoft running in the background - It has nothing to do with email. Consider you are compromised on the most fundamental of levels. So I would be saying that the platforms you are contriving the email on are compromised and the actions are logged PRIOR to even forming a piece of mail. Still, even if you were thought you were safe using a virtual keyboard, the construct of the screen is already known and translated. Even if you thought you might "voice-to-text" a msg, the sound would be recorded. Thinkers have ALREADY Thought. We are working within THEIR CONSTRUCT... Consider that the ONLY reason a payphone can still be found today is that it is SUREFIRE that ANY CALL made from it is HOT... WHY would anyone need secure email like that regardless... Uncle Sam Dont give a shit about your PERSONAL Juice purchases. I would still challenge anyone to show me PROOF of just ONE steroid bust orchastrated on an individual making purchases for SELF. The real problem is that we don't always know a bad apple till we take a bite, and cracks are made for 'FELLs". These guys are on another level which is not discernible to most eyes.

    Its about WHO we are, not WHAT we do..:)
  3. Big_paul

    Big_paul Member Supporter

    Germany thought enigma couldn't be broken also.
  4. Big_paul

    Big_paul Member Supporter

    I'm waiting to open an account, but they have to add more servers.
  5. magilla

    magilla Member

    This is very very interesting!!!! I've been looking for a new email provider, but for those of us that are computer challenged the pgp incryption is almost like greek to me sometimes lol now that's pretty sad.
  6. Oregonstrong

    Oregonstrong Member

    Any info on when they anticipate to add additional servers?
  7. MuskleSimpson

    MuskleSimpson Member

    I don't really care if the government looks at all my emails.. all reality your drug deals and other minor ass shit isn't gonna cause concern for flagging with NSA surveillance...maybe we want that surveillance...I think the fact that its there to protect the general American people outweighs any personal freedom you "think" is being taken advantage of..its more of just a mindset on how you feel...
    ..just like the article said..its for communist and 3rd world tyrant ran regimes..who don't have the freedom we have here..
  8. amplejunkbin

    amplejunkbin Member

    Use PGP locally. Encrypt and decrypt on a secure machine. Problem solved. Am I wrong?
    Millard Baker likes this.