I think you are misreading my comment: they are the threat actor themselves, tricking users in believing they are better off via Proton.
SMTP does not encrypt messages and they arrive at Proton's inbound relays unencrypted, are scanned in plaintext for spam etc. At this point they can Bcc anything to another relay/account and keep a copy of all inbound messages BEFORE anything gets encrypted.
Access to historical messages? One line of code for logging, and let's not forget GPG does not encrypt the metadata which is readily available. How about FTS indexes, are they also decrypted on the fly in the browser?
Email is complex and not many have the patience to understand the monster behind, but lying about it, as Proton does - I find it just insulting to our profession.
Also "Swiss neutral", this is even more offending. Swiss execute US orders regularly.
SMTP does not encrypt messages and they arrive at Proton's inbound relays unencrypted, are scanned in plaintext for spam etc. At this point they can Bcc anything to another relay/account and keep a copy of all inbound messages BEFORE anything gets encrypted.
Access to historical messages? One line of code for logging, and let's not forget GPG does not encrypt the metadata which is readily available. How about FTS indexes, are they also decrypted on the fly in the browser?
Email is complex and not many have the patience to understand the monster behind, but lying about it, as Proton does - I find it just insulting to our profession.
Also "Swiss neutral", this is even more offending. Swiss execute US orders regularly.
Translated: https://daslamm-ch.translate.goog/ueberwachungsoase-statt-da...
Original: https://daslamm.ch/ueberwachungsoase-statt-datenschutzparadi...
What we really need instead of such shams is a new mail system that does not depend on trusting providers and especially not a SINGLE provider.