Announcement: ProtonMail has launched worldwide!

protonmail launch

As of 12:30PM Geneva time, ProtonMail iOS and Android apps are available worldwide. ProtonMail is officially out of beta now and we are allowing open signups.

 

You can directly sign up for ProtonMail by visiting https://protonmail.com/signup

The moment that many in our community have been waiting for has finally arrived. We have decided today to open ProtonMail to the public and go from invite only to public registrations. Both iOS and Android mobile apps are also available.

android ios release

It has been a long journey to get here over the past two years, and not without some difficulty. However, thanks to your support, from our initial crowdfunding campaign, to the continued donations over the past two years, we have been able to overcome many challenges to get to this moment. With your support, we anticipate that ProtonMail will continue to grow and get even better in the coming years.

There were several motivations behind our decision to open up ProtonMail. We have seen in the past couple years, an increasing trend towards more and more surveillance around the world. Whether it is CISA in the US, the Investigatory Powers Bill in the UK, or even the recent FBI case against Apple, the forces working to undermine online privacy are growing. We understand that governments have concerns when it comes to terrorism and encryption, but undermining our collective security by weakening cryptography is the wrong approach. Whether we admit it or not, we are now in the middle of a second crypto war.

It is clear that if people around the world don’t stand up for privacy now, this right will be stripped from us. However, this fight is winnable if we stand together as we saw in Switzerland this winter. Today, even Apple, the world’s largest tech company has moved towards the side of greater privacy protections. This is why opening up ProtonMail to the world is more important now than ever. The best way to defend our right to privacy is to get the necessary tools out to the general public as quickly as possible, and put the decision into the hands of the people and not governments.

This is why we are committed to keeping ProtonMail free for the community. In order to do this, your support is absolutely essential. With the launch today and the millions of new users who will be joining our community, ProtonMail’s operational expenses will also greatly increase. This means we will absolutely need more users to upgrade to paid accounts (or donating) so we have the financial resources to support our growing community.

Unlike companies like Google and Facebook who abuse user privacy to sell advertisements, ProtonMail is entirely dependent on users upgrading to paid accounts to cover expenses. Without this support, the project would not be able to operate. We hope enough of you will support us in this mission so we can continue to protect online privacy.

Thank you again for your support over the years. We look forward to making ProtonMail bigger, but also better.

Best Regards,
The ProtonMail Team

To upgrade to a ProtonMail Paid Plan, you can click the upgrade link in the top toolbar in your inbox.

upgrade to paid

To learn more about ProtonMail Paid Plans, click here.

You can donate to ProtonMail here: https://protonmail.com/donate

Download Android

Download iOS

Our Press Release about our Launch can be found here: https://protonmail.com/blog/launch/

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

127 comments on “Announcement: ProtonMail has launched worldwide!

  • Thanks a lot for your amazing work!

    However i dont’t think that a system with proprietary and closed source software (Google Play Services, …) can be realistically called secure.

    Why don’t you publish your software also on open markets (say f-droid) in order to avoid such security problems?

    Reply
      • Absolutely. Our team was planning to switch to (paid) protonmail accounts but this is a no-go issue. Our security policies require us to run only free software on the devices.

        Reply
        • She software is free and so are the email.

          However using free software compared to using ProtonMail without paying is a huge difference, especially in the data mining department and selling it for ads.

          Reply
          • We want to pay for the premium accounts.

            The problem is that it requires running closed source software (from the 1st data-mining company in the world!) on our devices in order to work.

            I talked to other people about this issue and they all agree with me. I think that a lot of potentially (paid) users are blocked by this quite big problem.

    • ProtonMail stated previously that the app will continue to be available through Crashlytics for those who don’t want the Google Play Store, but nothing can be done about Play Services for now because the notification system depends on that. It might work when notification is disabled, though.

      Reply
    • As they have mentioned it in the past, Protonmail needs more users to upgrade their accounts or donate to be able to hire more people, in that way they can start looking into releasing the app to F-Droid. I think as of now only Android and IOS are the priority. Hopefully with Protonmail out of beta and the mobile apps released, more new users decide to upgrade, in that way they can make this possible.

      Reply
      • So start a crowdfunding campaign or something like that. I’m very thankful to them for the great job they’ve done so far but we are not speaking of an extra exotic feature. Security is the main (only?) reason to use such a service. But a service that requires you to install a proprietary software with administration powers on your device (like Google Play Service) cannot be considered secure in any way and the whole thing becomes pointless.

        Reply
    • Yes, this cannot be stressed enough! I paid to beta-test the app but I stopped using it because only being available on GooglePlay (Android) and relying on their services is a no-go. I’ll give my support again when it becomes available on open markets – especially F-Droid.

      Reply
      • Me too! I think also that not relying on Google Services can increase the incomes for ProtonMail. Indeed users with such security/professional needs are the ones more likely to purchase the premium account.

        Just my 2 cents, keep being awesome and thanks for all! =D

        Reply
        • Yes,I certainly am not one to use that “Playstore”. Android can be rooted and rid of their built in spyware. Just as the code for doing this is available to download and dissect(if you know Android),I for one would love to see Protonmail put their stuff on Github including the APK. A lot of VPN’s including one in Switzerland have a Github page with the various OS downloads including the Android APK. I’m not in a position to upgrade, but would certainly throw some BTC in the jar to kick it off and maintain it. Top work everywhere else guys!!
          I jus don’t want to open my phone back up to G00gl3.

          Reply
  • Congratulations on a fantastic job, ProtonMail Team! And thank you for all the hard work and being a strong voice for our rights to privacy. I’m really excited to see the features and upgrades to come over the course of this year.

    Reply
    • Dude, if your thinking is limited only to that, then you’re hopeless.
      How about the others? Or maybe you are the “I have nothing to hide” type?

      Reply
    • No, you’re right. We should have every one of our private conversations constantly monitored. Actually, let’s go beyond this, let’s have every single thought we have monitored, all in the name of this unattainable perfect world you describe.

      Reply
    • Just because there are always good tools people can use to commit evil does not mean we should treat all tools and all people as evil… As usual, the problem isn’t the tool, the problem is the evil.

      Reply
  • Thank you guys, you’ve done an amazing job !

    I noticed that when you leave the Android app by using the Home button, or by switching onto another app, I’m still logged in the Protonmail App. Then I don’t need to give my 2 passwords if I come back later.

    Can you tell me if there is an expiration time for the token ?
    Or as long as I don’t log out manually into the app, I will be logged in ?

    Reply
  • A few days ago you pushed beta version 1.2.4 of the android app to my phone via crashlytics. The version in the google play store is 1.2.4. I assume they are the same. Am I correct, are they truly the same?

    According to the google play store I should update my app.

    If they are the same, I would prefer to continue to get upgrades through crashlytics as it might be a little more secure than google play store (though I sure entirely sure that is true). How long do you plan to continue to offer the app through crashlytics? Will the versions offered through crashlytics continue to be the latest version even though the app is not longer in beta?

    Please consider offering the through f-droid.

    Thanks for all your hard work. I for one really appreciate it.

    Reply
    • Stay on the beta version, you’ll get new releases early in the future since we will keep the beta program running.

      Reply
  • The market clearly needs the anti-surveillance email option you describe, but until you answer the central question ‘How are you paying for your ‘free’ service?’ I’m not biting. It should have been the first Q you answered. And the 2nd item should have been to describe for users how you will protect their privacy, when the NSA comes pounding.
    People are not lining up to make the next Mark Zuckerberg, Jeff Bezos, Tim Cook wealthy off of everyone’s lost privacy.

    Reply
    • The blog post explains that we rely on users upgrading to paid accounts to cover the costs of the service. It certainly is not ‘free’ to operate. The NSA is an American organization, and in Switzerland, Swiss law applies.

      Reply
  • I’m posting the SHA256 checksum hashes of the iOS app files so other people can compare them to mine to verify that third parties like Apple, NSA, GCHQ, or FBI haven’t backdoored the app. It would be great if someone could confirm these hashes, especially someone from ProtonMail.

    It isn’t as straightforward as hashing a single app file, the app contains hundreds of internal files that can only be hashed separately. Also, this is only for version 1.2.2 of the iOS app. If you use Android, go to https://androidobservatory.org/ instead to upload or verify your app.

    My hashes: https://gist.github.com/anonymous/bc295eb152e5482fe8ea

    (The SHA256 for this Gist text file is 538474bee70446d445c3a682d64ed85d10a25407df714ba5fb4e58c86d67649f)

    Procedure for Verifying the iOS App on Mac Computers:
    1. Download the text file above from Github Gist and save it to the desktop. It contains a list of file hashes from my copy of the app.
    2. Download the ProtonMail app in iTunes and locate it in My Apps.
    3. Right-click the app and choose Show in Finder.
    4. Right-click the .ipa file, choose Open With > Archive Utility.
    5. In Terminal, cd into the unarchived “ProtonMail 1.2.2” directory:
    cd ~/Music/iTunes/iTunes\ Media/Mobile\ Applications/ProtonMail\ 1.2.2
    6. Run this command to generate your own list of hashes for the app’s files, saved to the desktop:
    find . -type f -exec openssl dgst -sha256 {} + > ~/Desktop/ProtonMail1.2.2.sha256sums.txt
    7. Run this command to compare your hashes against mine, showing any files that have non-matching hashes.
    diff ~/Desktop/ProtonMail1.2.2.sha256sums.txt ~/Desktop/ProtonMail1.2.2.sha256sums.github.txt
    8. If the previous step reveals any files with non-matching hashes, share them here or on gist.github.com so we can all understand what’s going on.
    9. If you’re comfortable with the results, install the app onto your iOS device. Connect the device to your computer with a cable and manually install the app to the device using iTunes.

    Note that iOS apps from the App Store are NOT fully reproducible: your app will contain some files that are different from mine due to Apple’s DRM, so don’t expect all your files to have the same hashes as mine. I don’t know which files will be different, but most should be the same.

    Reply
    • Original commenter here again.

      After some testing, it looks like the only app files that won’t have matching hashes are these two:
      iTunesMetadata.plist
      Payload/ProtonMail.app/SC_Info/ProtonMail.sinf

      It’s okay if the hashes for those 2 files don’t match the ones I’ve posted at https://gist.github.com/anonymous/bc295eb152e5482fe8ea. They will contain unique DRM data. But if you find any other non-matching files, then that could be a red flag and you should post about it here. The main file of concern is the binary at Payload/ProtonMail.app/ProtonMail.

      If people can reply to confirm their hashes match, that would be useful. Thanks!

      Reply
  • This has been my favorite email service. I’ve been reading all your blogs and following your development and this is exciting news! I’m (slowly) convincing my whole family to begin using your service for secure messaging.

    Thank you for your work! And your product is amazing!

    Reply
  • There is goo job what are you doing. However, is there a way you may downgrade the iOS version needed to download and use your application?
    It requires iOS 8 while most iPhone 4 user are just using iOS 7. in my case iOS 7.1.2 and I’m not being able to upgrade it to iOS 8.0

    Best regards, and thank you in advance.

    Reply
    • That would be great. I also use an iPhone 4, and because I only use it to make phone calls and check email, it would be unreasonable to get another phone just to install an app. I installed it on my iPad, anyway. I hope the iOS 7 get some attention in future updates.

      And thanks a lot ProtonMail! It has been a pleasant experience!

      Reply
  • What are Labels?

    The messages per day does that mean both incoming and outgoing?
    Or is that just incoming, or just outgoing messages?
    Then storage, you have 500mb, 5GB, and 20GB.

    If one reaches that max capacity, how does one save the emails that they want to keep when they have to clear other stuff out?

    Once capacity is met, or any incoming messages deleted?

    Once you’ve hit your max messages a day, do you also get an error message saying that you have reached your limit for the day, and cannot send until the next day?

    Are they, the messages, emails downloadable to another device to archive?

    Is there an archive Feature?

    Could you add maybe some incremental plans instead of going from $5 dollars and maybe work your way up to $30 if needed?

    I could easily see plans that go up in 5 dollar increments. Going from $5 to $30 is a bit steep to do on a monthly basis.

    I’m a student, and I save a lot of documents from classes, such as rough drafts, essays, projects with slides and such and I’m almost certain I would easily reach those amounts in a very short time.
    Can this be used on a PC or MAC?

    I’m sure I’ll have more questions, but these are the ones that come to mind first.

    Anyhow, those are my questions…Thank you for your time!

    Reply
    • +1. I disabled this in the web version due to privacy and security concerns. Websites can use this to track you and spammers can use it to see whether the address is being used. This should be optional.

      Reply
  • The new app for Android is great. (Almost?) Instantly getting a notification when I receive a new email and the interface is really comfortable!

    But what’s up with being unable to turn off “Enable Mobile Signature”? If I click it I get the message: “ProtonMail Plus is required to edit the mobile signature”.
    I’m planning to upgrade my account to support you guys, but please don’t start to implement these annoying things to get users to upgrade. I want to upgrade because I support your goals and 2ndly to gain some extra advantages, but not to remove annoying things introduced just to make people pay. It looks really crap to have “Sent from ProtonMail mobile” under an email messages. That this is enabled by default or that you let paying users have the option to set a custom Signature for mobile is fine, but please give normal users the ability to turn this off.

    TL;DR: Let normal users disable the Mobile signature “Sent from ProtonMail mobile”

    Reply
    • Happily iOS mobile app permits you to disable the signature and hope this “bug” will not be “fixed”.

      Would be glad if there were an option to support Protonmail for less than 48 Euro yearly; something like 12 Euro per year. More like other European “zero knowledge on the server side” secure email providers’ pricing. Will happily subscribe then, even though I don’t need more features for now.

      Reply
      • We cannot really reduce the pricing because ProtonMail isn’t run on a shoestring budget. When it comes to security and reliability, we do not cut corners. To get a better idea of what the paid account revenue is used for, you can check out our pricing page: https://protonmail.com/pricing

        Reply
        • It wasn’t about reducing the pricing for the current options, but about introducing one more option with less features than Plus. I know that people’s work, power, hardware, premises bandwidth, DDOS protection etc all cost and just thought that one more option to pay less for some symbolic improvements will give you more money on the regular basis rather than occasional donations. If you do it, I’m in – the same way I’m paying another open-source secure email provider without having much need for their premium features.

          Anyway, thank you for the good job and hope to see better attachments handling and bidirectional sharing options in the future versions of the iOS app. Current ability to attach photo/video only is definitely not enough and beyond the expected capabilities of a mail app.

          Reply
          • We appreciate the support and will give some thought into introducing more variety of plans.

        • So why does your app rely on Google Cloud Messaging? Isn’t it “cutting corners” by trading security for convenience?

          Reply
          • Mainly because it requires you to run closed source software with administrator privileges on your device, so you cannot really know what happens with your data. Moreover in this way Google can still collect some amount of metadata about your mails (the precise amount depends on the details of how the push is implemented though).
            All these problems can be avoided using a non google-dependent way to push the emails, like, for example, k-9 mail does.

  • Please make the Android app avaliable as a direct download from your website. I do not have (and do not want a Google account) .

    Reply
  • Contratulations, guys! Amazing work.

    I’d be very glad to pay for an account and make protonmail my main email provider, but there are 2 features missing right now that are very important to me (I travel abroad a lot, sometimes I don’t have any internet access):
    -Offline access in android app;
    -Some way to download the emails in my machine (thunderbird, plugin…)

    Any plan to implement those features, and when?

    Reply
    • Offline access in Android should already be working.

      We are also working on an export tool, but we don’t have a firm ETA for that.

      Reply
      • Offline access is indeed working, but only for the email body, not for email attachments: when I try to open (download) an email attachment, it shows the message “No connectivity detected”.

        At least in my case, be able to access mail attachments are just as important as the email body itself.

        Reply
        • To save bandwidth, we don’t automatically download attachments. However, if you have previously downloaded/saved them, they will be available on your phone.

          Reply
  • There is still need for some things to be done. 1 support PIN lock 2- Check md5 both the application as individual files found within the app packaging, (you can see the file structure like .zip) 3- download the application directly or through webmail, such as f-droid. The principle is this, I have seen some slowdowns in the interface / application usage, but is not using as main app, I hope to better use it before an opinion, but his release was WHAT I lacked to think of me change gmail, since today virtually only use my phone for email and not hard work. As for the price for those who live in the USA the price is not high, but for those who are from another country where the dollar could be 4x the local currency, the service becomes expensive to the currency difference not be so high, will continue to use the free account. Thank you for making this service available to everyone. Review Submitted by phone.

    Reply
  • It’s a little embarrassing; since the last Firefox update there is one more storage option to check, which I didn’t realize – meaning: ProtonMail is working again. Sorry for my previous comment, that was premature. Just ignore it.

    Reply
  • Hi guys,

    I uploaded the apk (downloaded directly from Google Play Store) to the Android Observatory:

    https://androidobservatory.org/app/0AAAFE69C01404117A6B33FF48145F2591FCFE76

    Package Name ch.protonmail.android

    Universal App. ID 8CBF36D800B9A2CAF4FEE68141DA26B8160BDC9B
    Universal App ID. Provides a unique ID for an application across app sources/versions. Computed using the package name as well as each of the certificates used to sign the app: SHA1(PKG_NAME + ” ” + certFP1 + ” ” + … + certFPn-1 + ” ” + certFPn)

    Shared User ID String None

    Version 1.2.4

    Version Code: 118

    APK Source User

    Added On 2016-03-20 04:55:50.243423

    APK FD2D59728E8649FA123261F3E7B29A1D6C4A1C4E
    SHA1 Hash of the application binary. Computed as SHA1(APP_APK_FILE).

    classes.dex 231BEFD1E996F7E63FC3567A5E7D23FF662BE3D9
    SHA1 Hash of the application dex extracted from the APK. Computed as SHA1(APP_DEX_FILE).

    resources.arsc B44A9B682BD0644165FB4D82C85ACC2878A9A4D8
    SHA1 Hash of the application resource file extracted from the APK. Computed as SHA1(APP_RES_FILE).

    AndroidManifest.xml E36AE90B16403D1E99885D8D71BF97D046A82BE1
    SHA1 Hash of the application manifest file extracted from the APK. Computed as SHA1(APP_MANIFEST_FILE).

    Signed by:

    Fingerprint: D8:E1:EE:3F:F3:A7:F6:EC:46:88:3C:89:80:32:FE:03:C2:3E:EC:20
    Subject: C=CH, ST=Geneva, L=Geneva, O=Proton Technologies AG, OU=Proton Technologies AG, CN=Proton Technologies AG
    Issuer: C=CH, ST=Geneva, L=Geneva, O=Proton Technologies AG, OU=Proton Technologies AG, CN=Proton Technologies AG

    Other sources:
    None
    Permissions Requested
    android.permission.ACCESS_NETWORK_STATE
    android.permission.BROADCAST_STICKY
    android.permission.GET_ACCOUNTS
    android.permission.GET_TASKS
    android.permission.INTERNET
    android.permission.READ_CONTACTS
    android.permission.READ_EXTERNAL_STORAGE
    android.permission.RECEIVE_BOOT_COMPLETED
    android.permission.VIBRATE
    android.permission.WAKE_LOCK
    android.permission.WRITE_EXTERNAL_STORAGE
    ch.protonmail.android.permission.C2D_MESSAGE
    com.google.android.c2dm.permission.RECEIVE

    Reply
  • Hey, nice job. I’m in for the Plus account now. I have set up a custom domain and all is working very well.
    As soon as we can doa proper migration from gmail I’ll be moving my gmail domain to Proton.
    My main interest is reducing the chance of ‘bad guys’ getting personal info out of my emails, nearly everything we do now is via email so ID theft etc is a big concern.
    Apart from not being able to move emails enmasse yet, another feature I’d like is a way fro Proton to ‘remember’ labels, I have added my vote to the feature request for this.
    Thanks for the great product.

    Reply
  • ‘To those who say they don’t believe in privacy because they have nothing to hide – it’s the same as saying they don’t believe in freedom of speech because they have nothing to say’ (Edward Snowden, not exactly verbatim)

    Now. ProtonMail. I want lots of stuff. So, fix it:
    Can you make the app activate my sleep logging software so I can know whether the encryption in my mail affects my REM cycles. I also want heaps of other cool shit too, like a voice function so the app and I can converse, and it can learn from me as I teach it.
    And, a self destruct button by voice, from a distance. And the ability to discretely activate the phone microphone of another proton mail user just by speaking to my protonmail app. And, umm instant real time video chat with the developers if I have an idea, and umm look just make it happen okay, now?

    Reply
    • urgent requests:

      1. please make the app water proof so I can use it when I’m diving as I’m concerned about gmail data being vulnerable at such times

      2. concerns surrounding temperature. Switzerland is very cold, yes? Will my app downloaded in Florida or Los Angeles North America, overheat, as it has Swiss coding not designed to tolerate a hot climate. Please immediately include an acclimatisation feature with visual variable thermometer, and publish on git hub and f-droid and on your site

      Reply
    • urgent requests:

      1. please make the app water proof so I can use it when I’m diving as I’m concerned about gmail data being vulnerable at such times

      2. concerns surrounding temperature. Switzerland is very cold, yes? Will my app downloaded in Florida or Los Angeles North America, overheat, as it has Swiss coding not designed to tolerate a hot climate. Please immediately include an acclimatisation feature with visual variable thermometer, and publish on git hub and f-droid and on your site

      Reply
  • some warming , encouraging thoughts for Proton Mail supporters, to keep you going and inspire you to spread PM far and wide:

    Upon this public launch, we have just no idea just how PISSED OFF the NSA and related departments are, right now!!

    On that note PM are you likely to keep us informed if you suffer another attempt at a large scale DDOS and the facts of your excellent upgraded system withstanding it?
    as per your transparency, already so wonderfully illustrated when you explained the various implementations last time it happened

    Reply
    • We have been under repeated DDoS attack since the morning of our launch, but we are not going to give the attackers the satisfaction seeing us acknowledge them on social media. Our infrastructure is absorbing the attacks without problems.

      Reply
  • I look forward to the day when PROTONMAIL stops receiving the plethera of whiney little requests for something they personally want to make their OWN life a little easier to navigate, especially when they probably haven’t even contributed anything in $ or real time donation. Please give these guys a break and quit with these something for nothing requests.
    My deepest gratitude for the vision and work by the entire PROTONMAIL team.
    RESPECT!
    p.q.

    Reply
    • fair enough, I believe a couple of previous posts echoed your sentiments and said the same thing, by belittling all the “I want I want I want” requests using a very exaggerated, satirical and sarcastic style instead. (make my app water proof, give me direct video calls with the Devs etc) Such subtlety is not picked up by everyone
      You came right out and said it plainly. Thank you!

      Reply
  • olá, o serviço de vocês precisa de mais detalhes sobre com quanto tempo a conta é definitivamente apagada precisa ter a opção de recuperar conta recem apagada coisas que ainda faltam ficar expostas de melhor forma na página da proton!!

    Reply
  • Hi Proton friends
    One suggestion that is not a priority but falls more in the ”PR’ and Marketing” department
    a counter on the main screen – or on every screen eg in the top corner, that indicates how many user accounts there are. This is mostly a ‘morale’ thing. For you and for us. How high can the number grow? How many people can we get into PM and notice the number increase? How close is PM to challenge more conservative mainstream email account user numbers?
    You can set goals like x million by the end of a given year.
    This part might seem a bit crass – but what about offering incentives for people to get people signed up?
    I don’t like the idea in theory of offering incentives but, some focus in this area of increasing user base via marketing is really essential. basically the more paid users you have and the more PM users there are – the better for everyone. It’s actually really important this grows and grows on every level. user baser not least
    Maybe something like ‘get 4 paid users and the 5th one is free’ . Does that kind of marketing even work?
    There are people that will have useful feedback
    Anyway, the main idea was a counter of the number of user accounts in a little corner of every page on this website as a way of boosting enthusiasm

    And, secondly, you publishing a goal of ”x number of users by x date’ as a focus to work towards and updating it each time that date is reached
    love to you all

    Reply
      • To contribute further to this suggestion about marketing. I hypothesis the following angles from the perspective of Protonmail.
        Whats the overarching objective?
        : To have everyone using encrypted email.
        Whats the primary practical objective / way to achieve the overarching objective? : To have as many paying PM users as possible

        as you will know, because of your areas of expertise, achieving specific objectives requires quantifying, measuring, recording, and goal setting. incidentally, it actually doesn’t really matter what you are recording its the very FACT of recording data that makes a massive difference in achieving something. But this is one massive reason why having a public screen counter of user accounts is so valuable and rewarding.

        I suggest you have two goals 1. being a serious rival or contender for gmail worldwide, in eg , 5 years. It’s good to dream big, be perhaps slightly un realistic but within the realms of possiblity
        2. Acheiving X amount of users by X date.
        This goal will continue to change, or you may have a long term one (annually) and a monthly one.
        However some type of marketing drive will need to accompany the monthly goal for it to be worthwhile.

        from a S.W.O.C (Strengths, Weakness, Opportunities, Challenges) you can further break down the two objectives above (which is really just one objective – get more paid PM users)

        A challenge is ‘people are lazy / technologically challenged’ So assess the places in PM that need refining to be even easier to use
        An Opportunity is putting out a genuine request for people to make an effort to spread the word, or to sign up their colleagues or family. Or one person a week. Or whatever. Ask people if everyone can do ONE thing to promote proton mail – on a notice board, social media, facebook etc.
        A challenge is peoples perception (created by the media) about encryption
        Two myths: 1. Encryption allows terrorists to do bad things they wouldn’t otherwise be able
        2. global dragnet surveillance helps fight terrorism and has successfully prevented it in the past
        (lets put aside the myth that these terrorists are real, and not manufactured, in the first place…;-) 😉
        So, Edward Snowden disproved both of those myths with evidence. you can link to this.
        RE the ‘challenge’ of public perception, You can have a FAQ addressing points like this.
        You can have further references or reading material eg Glenn Greenwalds book No Place To Hide (must read for all PM users!) which addresses these issues, the entire saga of Edward Snowden, the authors own experience with the revealed material, the implications on society and exactly WHY the subject is so important
        Opportunities : get people like Tor Project, Electronic Frontier Foundation, The Guardian Project, The Intercept, etc to support you or reference you in a small or large, unofficial or official manner

        As for the long term goal of being a household name, to rival gmail. It sounds unrealistic. But on one hand it’s an encouragement to focus the vision and get everyone working together to achieve something big. On the other hand, you are not trying to for example be the most popular shoe manufacturer in the world. The interesting thing about the internets is that popular usage can achieve very quickly. After Edward Snowdens material was made public, usage of Tor Browser went through the roof worldwide almost overnight – I can’t recall exactly but it was a ratio a bit like 50,000 people a day before the leaks, then increasing to 3 million a day afterward. So, if you get all the ingredients in the recipe right (PR and Marketing, largely) , there’s no reason why you can’t suddenly have tens of millions more people using PM in an extremely short period of time.
        And, having a screen counter of these users on this website will only serve to exponentially encourage more and more people to join! If somethings popular, people want to be in on it!!

        By the way, an interesting marketing idea is a competition with an attractive prize – needs to be a good prize though! (Someone can sponsor you in exchange for a bit of free advertising) . Who can publicise PM to the most number of people? This is a sheer game of numbers, demonstrable via social media, although it compromises anonymity so not everyone might be in on it.
        The other method is publicising PM ‘in the world’ – whoever comes up with the most innovative or wide reaching advertisment, as voted by your staff, wins the prize. If it gets a bit whacky (people start trying to pin a PM banner on the twin towers in new york or something) the media will then cover it and advertise you further!
        With love .

        Reply
      • 1 – as they have mentioned before, it depends on what domains are available, and pmail.ch has already been snapped up.

        2 – also, even if it were available, that particular suggestion would probably be confusing for those who associate pmail with Pegasus Mail.

        http://www.pmail.com

        Just sayin’ 😉

        – is 5 extra characters Really that difficult to type in?
        – and besides, type it once, add to Contacts, and from that point forward, no more typing it out, just click on the Contact

        Reply
  • Hi PM Team,

    Wondering if you could comment on the following.

    I came across this interesting post on the Mailpile site (their FAQ page) in the “Encryption and Security” section … any comments re/ this claim from them?

    =====

    (Their FAQ question)
    How does Mailpile compare with something like Hushmail? Protonmail? Whiteout?

    (Their Answer)
    – Usually, these solutions store your e-mail data on their servers.

    – Usually, they also provide a web interface to read and write mail, possibly using Javascript-based cryptography to support claims that they cannot read your mail since all the encryption and decryption takes place in your browser, on your computer.

    – This may be better than nothing, but it can also provide a false sense of security: if the same entity is responsible for storing the e-mail and providing you with encryption software, then all they need to do to read your mail is modify the code so it goes behind your back and sends them a copy of the keys. This is not a theretical problem, it has already happened (http://www.wired.com/2007/11/encrypted-e-mai/) and if your adversary is a government you would do well to steer clear of these solutions.

    =====

    Could you please verify, clarify or dispute what they claim?
    Thanks

    Reply
    • Self hosted solutions like Mailpile can be secure, if you are technically able to maintain your own mail server and have it working reliably and also secure the box. But most people cannot do that, so ProtonMail is really the best secure email solution.

      ProtonMail is open source, so we can’t just simply modify the code, and our mobile apps are installed on your device and we cannot tamper with those installed apps.

      Reply
  • I would be willing to pay for a secure desktop client…..Web browsers are inherently insecure and I would think in order to be truly secure a desktop client is needed.

    Reply
  • First of all: CLAP CLAP CLAP CLAP CLAP for your work. Really appreciate what you are doing for us, users and the online community in general. Please keep pushing boundaries.

    Some suggestions:
    – Please make it possible to add phone numbers to our contacts.

    – Think about a protonmail basic paid plan with some extra features like 3 alias, 1GB storage, 50 labels. I believe that there is a lot of people that doesn’t want to pay 48€ a year but they would gladly pay something in between 15€ to 20€.

    – And for me, the most important of all: F-Droid. Please publish your app on the F-Droid repository, or at least let your users download the .apk file directly from your website.
    If you don’t have the financial resources to address this issue, feel free to create a donation/subscription campaign for this purpose. I am sure that in less than a week you will raise the necessary money. Try to make a pool, ask your users about it if you are not sure 🙂

    *unfortunately there are only 148 votes for this feature :/ https://protonmail.uservoice.com/forums/284483-feedback/suggestions/11359776-publish-android-app-to-f-droid-and-remove-reliance

    Reply
  • Dear Protonmail mobile developement team:

    Please consider go completly Google free – no Google services Please!!! Haver a look here: http://www.rabbitmq.com/ ;and Please Please Please make de .apk file for your mobile app directly available in your website.

    Reply
  • Hi PM enjoyers
    there was discussion here questioning the use of a PM application for a device, thinking that this could be exploited before or after download, and that surely logging into the website was a safer option. I tended to agree with this
    Just wanted to share I read an article about PM in Wired, a little old now, but it explained that logging into PM from a random computer was more dangerous because the website one was given could contain malicious code. An application for phone or tablet etc was therefore safer because the program could only contain malicious code if EVERYONE received it. Whereas its easier to delivery a malicious copy of a website to an individual or small group.
    (putting aside the fact that smart phones are inherently not very secure. )
    Another option mentioned in the article is to use an add-on for proton mail in the browser instead of just logging into directly to the website I can’t imagine this is a priority for PM at this early stage

    SO. I wanted to reach out to you all with some supportive ideas. Here you are using encrypted email because finally it is easier. Many of you have varying degrees of tech literacy.
    With all the help PM offers nonetheless you are only as safe as your password
    Use a LONG password – 10 characters. no less
    Make it RANDOM and ideally use a freely available password generator (there are mathematical reasons why it needs to be randomly generated, for security)

    Secondly EDUCATE yourself. Learn about security, privacy and encryption. It’s not rocket science
    Lifehacker website has heaps of very easy to read and helpful advice including the readers comments below an article about these topics.
    learn about using Tor, about how passwords are stolen, and how to harden your computer, learn about Tails on a USB, how to protect against physical access to your hard drive.
    read everything Edward Snowden has discussed in interviews (he gives some excellent advice)
    you can go as deep as you want into the subject and
    it will be life affirming, help you in the future, help you to help others, and most importantly further secure your enjoyment of the Proton Mail experience forever

    Key Pass is a great free tool for storing all your passwords under one single master password, stored safely on your own computer (not on someone elses server)
    it also happens to have a random password generator
    (i have no relationship with it i just know its highly acclaimed and loved)

    Reply
  • hola proton mail. a supportive idea;
    a TAB alongside the other TABS (About Security Blog Careers Support etc)
    That is called something like COMMUNITY or PARTICIPATE

    you could have a link to the redditt forums there
    because maybe not many people know about that

    and a message from you that says
    “If you believe the world needs encyrpted email that everyone can use and want to support us support the world, email us with MARKETING in the subject line if you have practical ideas with which we can further our aims.
    Bearing in mind we are only partially commercial (we offer a free and low cost options) thus feedback ideally will cater to this vision.
    We have only limited resources to devote to this subject at this time but nonetheless will read and appreciate your all concise, genuine feedback in this area. Thanks for your support!!! “

    Reply
  • Regarding the question of the mobile ProtonMail application being available outside of google play
    I was looking to see if Signal application (by Open Whisper Systems, created by respected cryptographer Moxie Marlinspike and software relied upon by Edward Snowden, amongst others) was available outside of Google Play store.
    I found the following couple of comments by Moxie Marlinspike as to why he thinks APK’s are a BAD idea and why Play Store offers a number of benefits INCLUDING certificate validation and security.
    I found it insightful and this certainly supports and validates Protonmails perspective to date. So, hopefully if its okay with you Moderators here’s the link.
    The Moxie comments are number 2 and 5 from the top – number 2 is the most salient

    https://github.com/WhisperSystems/Signal-Android/issues/127#issuecomment-13335689

    Reply
    • Moxie Marlinspike is wrong and he knows it :/
      No regular user is going to search .apk files outside of google play if they have google play installed. This is common sense.
      But for people like me (no gapps at all and high level of privacy/security in my android device – I think…), .apk files (or availability on f-droid) are essential.

      This is not difficult to provide to users.
      ProtonMail could (should) easily provide the .apk file on their website or email it to users that subscribe that option.

      The main reason companies don’t provide .apk files outside of GooglePlay, it’s because they are threaten by google of expulsion from the PlayStore… Nothing else (and I’ve heard developers complaining about this).

      Unfortunately this is true, and although I admit google is a major contributor to development of technology, I also condemn their dictatorship, impositions over manufacturers to include all those google apps that we don’t use (bloatware) and that are impossible to uninstall, etc, etc, etc…

      Reply
  • Why don’t you just provide the .apk in our website? Just make a subscription system that automatically informs subscribed members that there is a new update available. How costly and difficult can this be?

    Reply