I have used ProtonMail for some time now, just about when they announced they were officially open for business. My friend up in Toronto told me about them and how he’d switched over. Based on his positive recommendation I opened an account (free at first, but now a paid account) and started to use it exclusively to communicate with him. I really have nothing to hide, but that’s no excuse to allow blanket surveillance to occur against my various email accounts. I still have those open accounts (one trash account on Yahoo, two regular accounts on Google) but when I want to talk to another human being without fear of being caught up in some paranoid’s dragnet, I use ProtonMail.
Unfortunately, using an encrypted email service has its issues. It’s not bad enough I feel I need to encrypt personal communications to start with, but there are any number of groups and individuals who feel I shouldn’t have that right to privacy, let alone private communications. And so they employ (now) standard techniques of network disruption against ProtonMail, in order to try and make it difficult, if not impossible, for anyone to use the ProtonMail service. Such as documented in the email I received from ProtonMail quoted below. I hadn’t noticed anything unusual in my usage during that time period, which speaks to the skills of the ProtonMail engineering team and their network service provider engineering teams. I am sufficiently, officially impressed. And quite pleased. And I highly recommend ProtonMail myself.
Dear ProtonMail Community,
We want to give everyone an update regarding the connectivity issues some of you may have experienced recently. Over the past couple of days ProtonMail has been under extremely heavy DDoS (Distributed-Denial-of-Service) attack.
During these incidents, some users may have experienced intermittent connectivity problems or delays sending/receiving emails. We are working closely with engineers at Radware, our DDoS protection provider, to resolve these issues. At this time, the attacks are still continuing.
Despite the intermittent connection problems, no emails were lost, no data was lost, and no data was breached. In any case, we utilize zero-access encryption which keeps your emails secure even in the event of a breach.
While ProtonMail defends against DDoS and other cyber attacks on a daily basis, the attacks we faced this week posed a particularly difficult challenge because it is a new type of DDoS from a previous unknown network of compromised devices. To assist in the attack mitigation effort, we have partnered with F5 Networks to help deal with this new threat.
Our infrastructure team and the Radware and F5 Network engineering teams have put in a huge effort while working around the clock to manage this new threat. As a result of their hard work, most of the attacks in the past 24 hours have been well mitigated with minimal user impact.
We understand how important it is for ProtonMail to be not only secure and encrypted, but also always available. It is essential for the millions around the world who depend on us, and essential for our mission of making privacy and security accessible to all.
This mission is challenging. There will be setbacks from time to time, and there are also those who wish us harm. However, we have your support, and a team of experts, which will allow us to overcome these challenges.
We would like to thank you for your continued support and understanding. We will not stop fighting for you, and for your right to privacy and security.
The ProtonMail Team