ProtonMail BETA v1.09 Release Notes

We are happy to announce the release of ProtonMail v1.09. As usual, please completely clear your browser cache to make sure you load the latest version of ProtonMail. Among all the security researchers who helped us, we’d like to give special thanks this time to all participants in the first ProtonMail Hackathon for security tests for this Version 1.09 release.

New Features

  • Replied and Forwarded message is indicated.
  • Update encoding scheme to better support some foreign languages.
  • Reminder when leaving compose page without saving a draft.
  • Rearrange the message operation menu.
  • Attachments will be displayed if they are plain text of html text.
  • Add a new form field on sign up to allow user to add notification email to reset login password.
  • Add two extra security headers to enhance XSS protection.

Bug Fixes

  • Quotes in message title are now appropriately displayed.
  • The page will stay the same after enter Mailbox Password in the new opened page, instead of always redirecting to inbox.
  • Fixed the number of new messages in notification email.
  • Fixed a rare case which leads to ‘inside_not_exist’ error

Known Issues

  • Multiple attachments not properly supported.
  • Mobile and Tablet not yet fully supported.
  • Attachments are not encrypted.

Security Fixes

  • Session Cookies are set to HttpOnly. (credit to ElectronMail team in ProtonMail’s hackathon)
  • Security Headers updated for all pages to be more strict.
  • XSS attack on Contacts page (credit Prakhar Prasad @prakharprasad)
  • Enhanced brute-force attack protection.

About the Author

Jason Stockman

Jason is the Co-Founder of ProtonMail. He works on building ProtonMail's webmail interface and front-end encryption. Jason has 10+ years experience building websites and applications.

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

37 comments on “ProtonMail BETA v1.09 Release Notes

  • I have a suggestion: can’t you prevent downtime by applying virtualization on your servers? Downtime for an email service isn’t very positive.

    Reply
    • Our next generation infrastructure will allow us to avoid downtime, we are currently running tests on it and will transition the entire system over in a few weeks time.

      Reply
  • Hi,
    is there a public roadmap for the project ?
    For example, do you plan to implement alias ? (the possibility to use my own domain name emails instead of the existing one)

    Thanks for your project

    Reply
  • Can you please add a new feature: Reject email from non-ProtonMail users, so they get a reply: “Please send email from ProtonMail”.

    I want to basically force my users to use ProtonMail, to enforce encryption.

    Reply
  • Hi there! Would be possible in the future to enable some option to write e-mails just in plain text, not using any HTML? Thanks!

    Reply
  • Hi,

    I’m really looking forward to using Protonmail! Is there any ways to register for your Beta testing group?

    Kind regards,

    Simon

    Reply
  • I thought of another layer of security that would be great to have, Make your email address different from your account login, Lets say you send or receive email, Anyone who sees your mail address then knows what name to use if they want to try to crack your account password, If they are different they can’t attempt to login to your account as they don’t know the account name you use to login!

    Reply
    • You can access protonmail.ch/invite via any updated browser on a mobile phone. We expect to release iOS, Android, and IMAP support later this year, so you will be able to setup your email on other email clients.

      Reply
  • Hi,

    Is it possible to put this phrase in another language when correspodant get an email encrypted. ” Hello, You received an encrypted email from the ProtonMail user. The link to view the encrypted message is ”

    Will it be possible to create documents in the next beta?

    Thanks

    Bug detected : http://oi61.tinypic.com/ouxwm9.jpg
    The storage appears and disappears

    Reply
  • Very much appreciate your project and the option to get early access with the right perks. One thing I am missing though: is there a public roadmap available? I would very much like to know when you plan to leave the beta status as this would be the moment I am going to move all my mail traffic to protonmail.
    Cheers and Thanks

    Reply
    • We are now thinking of exiting beta near the end of this year. Given that Gmail was in beta for over 2 years, we don’t see a huge rush to get out of beta. We will continue to improve reliability and security throughout, and beyond the beta process.

      Reply
  • if your service had some sort of app for phones i would be able to completely move away from google and replace all google services on my phone with secure ones

    Reply
  • It may be a good idea to change the font of:

    -the size of each email
    -the storage count
    -the Msg/month count

    I believe it is currently set to Times New Roman? It certaintly doesnt match the rest of the text and imo this is something quite irritating.

    Besides, Times New Roman is ugly all by itself, you might aswell put Comic Sans.

    Reply
  • Please review the following suggestions to improve proton mail.
    When I send a protonmail encrypted email to a non-protonmail recipient, the recipient’s browser window that displays that email should provide the following basic capabilities:
    1. Ability for recipient to printout the email from the same browser window.
    2. The ability via the same browser window for the recipient to send an encrypted reply email to the sender using the same decryption password currently in use between recipient and sender.
    3. The validity period of the encrypted email as set by proton mail to have long time frame e.g. 1 year or 2 years or less as determined by the sender of the encrypted email and not the two week maximum default period.

    Reply
  • Hi-

    Great job so far! I love your work.

    When can we get email folders to file away our emails.

    Once we get email folders I will move 100% over to protonmail!

    Let me know when we can see folders.

    Thanks for the great work.

    Reply
    • Hi Bob, this is a high priority feature for us that we will be adding once we manage to support the rest of our waiting list. The ETA is probably 1 or 2 months from now for this feature.

      Reply
  • 1. While you’re looking into setting up folders, would it be possible for you to come up with an Archive folder (like Outlook.com)? For those of us who dump all our saved messages into ONE folder (which we then ‘search’ when looking for a particular email), it would be great to have that as part of the Protonmail system folders. And you could/should then have a corresponding “Archive” button on the nav bar (in both message list and message view) to make it an easy one-click function to move messages from the Inbox.

    For other users who prefer a bunch of folders, perhaps the Archive folder and button could be ‘hidden’ in Settings. ??

    2. Do I understand that you are planning on allowing users to send through other email accounts (either by using the other service’s own smtp servers or by sending with a different “from” address using protonmail’s servers)?

    Thanks!

    Reply
    • This works if they are in the same directory (you can hold shift or control when clicking on files). We are going to improve support for multiple attachments in a future release.

      Reply
  • Thank ProtonMail Team for giving me more security on the Internet. I hope that more Brazilians have the same opportunity as me. I have a suggestion: Why not add a layer of security, receiving a code via SMS, as is used in other providers email? In the near future, also it would be nice to add more free space, 1GB for example, and sell 2GB or more.

    Reply
    • We will be adding two factor authentication in the future. Once we have supported all waiting list users, we should also be able to increase the size of free accounts. Thank you for your support!

      Reply
  • Hello, good morning.

    It would be possible to create a personal folder to store any email on new versions?

    Thank you very much for all your work !!!

    jolucadol

    Reply
    • Hello Jolucadol,

      Thank you for your support. Folders are number 1 priority. They will be coming soon!

      Regards,

      ProtonMail Team

      Reply