The privacy of the data that we put online has been a hot topic over
the last year. In order to protect against unwanted snooping, a group of
scientists has created a new secure email service. ProtonMail provides
end-to-end encryption, meaning that even the company itself can't even
see the content of your messages.
The service started being developed in 2013 by a group of CERN
scientists who wanted a more secure and private internet, in part as a
response to the Edward Snowden leaks. "We began thinking about this
problem long before the Snowden leaks,
but the leaks were what drove us to take action, as they truly
demonstrated how much online privacy had eroded," company co-founder
Andy Yen told Gizmag.
The company is advised by the MIT Venture Mentoring Service and is
developed, in part at MIT. Earlier this year, ProtonMail was a
semi-finalist in the 2014 MIT 100K Startup Launch competition. The
initial team, however, was formed via a CERN Facebook group made-up of
scientists from CERN that, in some way, wanted to help improve society.
The group held "hackathons" to work on the idea, and much time was
spent identifying the problems with existing means encrypting email and
trying to find solutions. "What we quickly found out was that existing
solutions were much too complicated to be used by the general public and
this led us on the path towards creating an easy-to-use solution,"
explained Yen.
One of the other difficulties the group encountered was getting web
browsers to manage the encryption process. The team found that its
approach to the encryption of data required a lot of processing power
and that web browsers tended not to be "high performance" enough to
carry it out. As such, a great deal of work was undertaken to ensure
that the encryption process could be made to work on all types of
devices, and on older browsers.
ProtonMail uses end-to-end encryption. "End-to-end encryption basically
means the user's data is encrypted before it leaves their computer and
can only be decrypted by the recipient," says Yen. "With this system,
the ProtonMail servers never have access to unencrypted user data and
cannot actually read any of our users' emails."
ProtonMail touts a number of other features that are used to improve
its security. The company is incorporated in Switzerland and has all of
its servers based there too, allowing its users to benefit from that
country's strict privacy laws. IP addresses are not logged and no
personal information is required in order to sign up for an account. For
paid accounts, users can pay with Bitcoin, and even cash.
The term "NSA proof" has been used widely elsewhere to describe
ProtonMail, but it's a term that Yen is not keen on. "We don't like the
term because our goal is not to guard against only the NSA,"
he points out. "There are many other organizations we also want to
protect against. People often ask us if ProtonMail is 100 percent
secure, and our answer is that it is impossible to have 100 percent
security. What ProtonMail does is makes mass surveillance by
organizations, such as the NSA, so difficult that it is no longer
practical."
Source: ProtonMail
0 comments:
Post a Comment