back to article ProtonMail shoves its iOS app's source code on GitHub for world+dog to rummage around in

Encrypted email biz ProtonMail has open-sourced the code for its iOS app, having paid for a code audit that says there's nothing wrong with it. Having touted itself for years as the choice of political activists, journalists, dissidents and all the other types of people who make the world a better place, ProtonMail is throwing …

  1. Tigra 07 Silver badge

    "alleging it was being used by "terrorists" whose main aim was to send each other disparaging messages about a Russian university sports competition"

    Since when did saying you fucked someone's mum make you a "terrorist"?

    1. Warm Braw Silver badge

      Since when did saying you fucked someone's mum make you a "terrorist"?

      I can imagine if you'd said it of, say, King Edward VI, you might have got into a bit of trouble. And the parentage of certain Russian heads of state you wouldn't want to mess with is not without controversy.

    2. Danny 2 Silver badge

      Since when did saying you mucked someone's mum make you a "terrorist"?

      A younger posh peace protester invited me to an upper class dinner party, and then mocked me by saying the obvious in front of her young posh pals, that I was old enough to be her father.

      "That is very true. Where exactly was your mother living in 1986?"

      I honestly said that in cadence, she threw a punch at me but I was expecting it and she missed.

      She had punched me earlier after she'd boasted her mum was in Wickerman. She said her mum was one of the nude young girls dancing, and I admitted I'd wanked over her mother on TV when I was a teen. That was a solid punch to my jaw that I should have anticipated in retrospect, but I quickly learned my lesson.

      Posh girls. Can't live with them, never really wanted to live with them.

  2. Artem S Tashkinov

    The client app source code can barely prove anything. It's the server code and infrastructure which could really mean something and I bet those things will remain closed for the foreseeable future.

    1. DougS Silver badge

      It proves nothing

      Unless you compile it from that source yourself and run that on your phone.


        its a service...

        they publish a lot of source

        it's a service so in the end you have to trust them to do the right thing...

        I was impressed that they actually updated to include DANE records not so long ago so at least you can tell when they are MITM

  3. slartybartfast

    I use Protonmail. I switched so I could ditch Gmail and finally go Google-less. Of course Protonmail's security falls flat the moment you send an email without end-to-end encryption, which is pretty much most, if not all of the time. I'm not convinced any web based email service is foolproof and we're in danger of getting into tin foil hat territory. Using your phone/tablet/computer's default mail app/program is merely convenience rather than offering any security.

    1. Danny 2 Silver badge

      Alternative way of thinking about it is the more we promote and recommend encrypted email then the more secure our email becomes.

      Don't rule out a tin foil hat, tin foil does.

  4. Anonymous Coward
    Anonymous Coward

    Why rely on SOMEONE ELSE'S encryption?


    Quote: "...Protonmail's security falls flat the moment you send an email without end-to-end encryption..."


    So.....not true is you do some encryption yourself BEFORE your email enters the channel. Why rely on someone else...when you can do it yourself?


    Example below is an example using an (unpublished) process using linux.words as the basis of a book cipher, plus a little randomisation.









POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019