Forbes reports on an email system created by a group of young scientists at CERN that offers end-to-end encryption, securing communications from prying eyes. In an article titled
The Only Email System The NSA Can’t Access
Hollie Slade reports on a group of young computer scientists from MIT and CERN who decided that surveillance by the NSA and other government agencies should not be an inevitable fact of life.
“We encrypt the data on the browser before it comes to the server,” he explains. “By the time the data comes to the server it’s already encrypted, so if someone comes to us and says we’d like to read the emails of this person, all we can say is we have the encrypted data but we’re sorry we don’t have the encryption key and we can’t give you the encryption key.”
“We’ve basically separated the message that’s encrypted apart from the key – all the encryption takes place on your computer instead of our servers, so there’s no way for us to see the original message.”
This is different from all other systems, says Yen. While Gmail has implemented some encryption, they still have the encrypted message and the key to decrypt the message.
“One of our motivations was human rights,” says Yen. “Having privacy is very important from a freedom of speech standpoint.”
The paid accounts will be $5/month and will provide 1GB of storage. Yen says they will accept bitcoin or even cash payments to allow users to remain anonymous.
ProtonMail just launched globally out of a private beta and is currently working on an Android or iPhone app expected to be ready by the end of the summer. Yen says demand is far higher than expected.
“We’re close to 20,000 users now and have had to close the signups temporarily while we add more servers. We were not expecting 10,000 users per day even in our most optimistic projections so we’re scrambling now to support more,” he says.
The servers are located in Switzerland. To ask for your account, go here:
First, Hushmail has been doing this for years.
Second, if it’s webmail, they can and will compromise your mails when served with the appropriate documents. If you want to be safe, you have to encrypt yourself. Get PGP and/or S/MIME and convince all your friends to use it, too.
Thanks for your comment Tom,
First, actually, from what I understand, this doesn’t work quite the same way as hushmail does.
Second, according to their website they cannot compromise your mail because they don’t have the encryption keys. Also, being based in Switzerland (where they have strong privacy laws) means there isn’t really many appropriate documents that can be served.
Still, this isn’t open source, so I’m personally more interested in http://mailpile.is
if it is web based, “someone” can patch the javascript code, and extract the keys during processing. please understand, we are yet far from a statement like “The Only Email System The NSA Can’t Access”. there is a lot of work still to be done.