Found some info on ProtonMail - apparently is not that secure. And email in general isn't either, and neither is GPG/PGP (GPG is an open source implementation of PGP)
End to end encryption not really offered by ProtonMail (as of 2018), proven mathematically.
https://eprint.iacr.org/2018/1121.pdf
If the provider holds the keys, it is not secure. Hushmail, Canadian firm handed over all emails to US.
https://blog.malwarebytes.com/privacy-2/2021/09/protonmail-hands-users-ip-address-and-device-info-to-police-showing-the-limits-of-private-email/
https://www.techdirt.com/articles/20071108/093110.shtml
https://www.wired.com/2007/11/encrypted-e-mai/
Hacker news thread about ProtonMail's security/privacy
https://news.ycombinator.com/item?id=28057433
Metadata not secure for email:
https://www.schneier.com/blog/archives/2013/07/protecting_e-ma.html
https://www.theatlantic.com/technology/archive/2013/06/email-metadata-nsa/313842/
https://www.nbcnews.com/technolog/take-peek-your-email-metadata-feds-do-6C10569544
The metadata is the most valuable part for the NSA, to build networks of people and then catalog & categorize them as threats or not (threats get more surveillance/hacking).
Problems with E2E email encryption (W3 paper):
https://www.w3.org/2014/strint/papers/08.pdf
Problems with PGP:
https://latacora.singles/2019/07/16/the-pgp-problem.html
https://secushare.org/PGP
Different encryption technologies for email:
https://en.wikipedia.org/wiki/Email_encryption
https://en.wikipedia.org/wiki/Email_privacy
StartTLS
https://en.wikipedia.org/wiki/STARTTLS
Test for StartTLS support: https://ssl-tools.net/mailservers
GnuPG https://gnupg.org/
S/MIME https://en.wikipedia.org/wiki/S/MIME
DIME/Darkmail (founded by Silent Circle & Lavabit)
https://darkmail.info/downloads/dark-internet-mail-environment-december-2014.pdf
https://www.pcworld.com/article/2059840/silent-circle-lavabit-unite-for-dark-mail-encrypted-email-project.html
https://www.wired.com/2014/07/dark-mail-hides-metadata-from-nsa/
https://www.admin-magazine.com/Archive/2015/25/DIME-and-Dark-Mail-seek-to-change-the-world-of-digital-mail
Comparison of "secure" email providers:
https://gist.github.com/ciktion82/dd9a52f6d160686dcf4471e488399b62
Found some info on ProtonMail - apparently is not that secure. And email in general isn't either, and neither is GPG/PGP (GPG is an open source implementation of PGP)
End to end encryption not really offered by ProtonMail (as of 2018), proven mathematically. https://eprint.iacr.org/2018/1121.pdf
If the provider holds the keys, it is not secure. Hushmail, Canadian firm handed over all emails to US. https://blog.malwarebytes.com/privacy-2/2021/09/protonmail-hands-users-ip-address-and-device-info-to-police-showing-the-limits-of-private-email/ https://www.techdirt.com/articles/20071108/093110.shtml https://www.wired.com/2007/11/encrypted-e-mai/
Hacker news thread about ProtonMail's security/privacy https://news.ycombinator.com/item?id=28057433
Metadata not secure for email: https://www.schneier.com/blog/archives/2013/07/protecting_e-ma.html https://www.theatlantic.com/technology/archive/2013/06/email-metadata-nsa/313842/ https://www.nbcnews.com/technolog/take-peek-your-email-metadata-feds-do-6C10569544 The metadata is the most valuable part for the NSA, to build networks of people and then catalog & categorize them as threats or not (threats get more surveillance/hacking).
Problems with E2E email encryption (W3 paper): https://www.w3.org/2014/strint/papers/08.pdf
Problems with PGP: https://latacora.singles/2019/07/16/the-pgp-problem.html https://secushare.org/PGP
Different encryption technologies for email: https://en.wikipedia.org/wiki/Email_encryption https://en.wikipedia.org/wiki/Email_privacy StartTLS https://en.wikipedia.org/wiki/STARTTLS Test for StartTLS support: https://ssl-tools.net/mailservers GnuPG https://gnupg.org/ S/MIME https://en.wikipedia.org/wiki/S/MIME DIME/Darkmail (founded by Silent Circle & Lavabit) https://darkmail.info/downloads/dark-internet-mail-environment-december-2014.pdf https://www.pcworld.com/article/2059840/silent-circle-lavabit-unite-for-dark-mail-encrypted-email-project.html https://www.wired.com/2014/07/dark-mail-hides-metadata-from-nsa/ https://www.admin-magazine.com/Archive/2015/25/DIME-and-Dark-Mail-seek-to-change-the-world-of-digital-mail
Comparison of "secure" email providers: https://gist.github.com/ciktion82/dd9a52f6d160686dcf4471e488399b62