ProtonMail, Israel, and Radware relationship

ProtonMail is one of the only email providers which provides comprehensive DDoS protection. In order to provide this protection, we have partnered with Radware, one of the leaders in DDoS protection. Recently, malicious rumors have surfaced that our partnership with Radware means Israel has compromised ProtonMail email privacy (since Radware’s international headquarters is in Israel). These rumors have mostly been spread by conspiracy theorists who don’t at all understand ProtonMail’s technology.

These rumors are categorically false and stem from a fundamental misunderstanding of how ProtonMail’s DDoS protection works. ProtonMail protects against DDoS attacks by using BGP redirection and GRE tunnels. This means that Radware only handles incoming traffic, and all incoming traffic is encrypted. Both encryption layers (SSL and ProtonMail’s OpenPGPjs) are intact in this solution. That’s why we picked BGP redirection instead of more inexpensive DNS based DDoS protection systems like Cloudflare. In other words, Radware only sees encrypted packets and nothing else. Furthermore, we only send traffic to Radware when ProtonMail is under DDoS attack, during normal conditions, traffic is routed normally through Zurich and Radware doesn’t even see encrypted ProtonMail network traffic.

The statement that ProtonMail traffic is proxied through Israel is also false. When traffic is redirected during a DDoS attack, ProtonMail traffic goes through DE-CIX in Frankfurt, Germany. This can be seen by doing an IP lookup of the last hop of the traceroute. The IP address is at DE-CIX, so traffic passes through Frankfurt (subject to German data privacy laws) and NOT Israel. However, as discussed above, even IF the traffic did pass through Israel, the DDoS protection technology we have selected means there would be no compromise to ProtonMail email privacy.

 ProtonMail traffic is proxied through DE-CIX in Frankfurt, Germany when DDoS protection is active.
ProtonMail traffic is proxied through DE-CIX in Frankfurt, Germany when DDoS protection is active.

We take privacy seriously at ProtonMail which is why we carefully designed and implemented a DDoS protection scheme that would not lead to ANY weakening of privacy. The solution we have implemented protects privacy on a technical level, so that no DDoS protection company, regardless of where they are based, can compromise our email privacy. Thus, ProtonMail offers the best of both worlds, comprehensive DDoS protection without sacrificing privacy.

On a related note, we have also had people ask us about ProtonMail’s official position regarding the ongoing Palestinian-Israeli conflict and whether working with an Israeli company means we are taking sides in this conflict. The answer is NO. ProtonMail is a beneficiary of financial support from the Swiss government, and we also adhere to a policy of strict neutrality. The only position we take is that security and privacy are fundamental human rights which should be guaranteed for all.

When picking companies to partner with, we only consider two criteria:

  1. Does the proposed solution meet our technical requirements regarding security and privacy?
  2. Does the proposed solution meet our budget constraints, given that ProtonMail is largely supported by donations?

When viewed entirely objectively, Radware satisfies both conditions which is why we entered a partnership with them. While many conspiracy theorists have criticized our partnership with an Israeli company, many of these same people miss the fact that we also partner with Cyberkov, a company from Kuwait that is very active with helping Palestinian dissidents (https://cyberkov.com/partners-references/). This is in fact a long running partnership dating back to June 2014 which well pre-dates partnering with Radware.

In fact, it is due to this partnership that ProtonMail was wrongly attacked by the US media as being used by ISIS. Thus, the inference that we don’t support Palestinian activists is not only entirely false, it ignores the large risks we continue to take to support that community with Cyberkov. We believe that selectively boycotting companies solely based on nationality and government policies that companies cannot control, is not only incorrect, but counter to the principles which ProtonMail is based upon. For this reasons, we remain fully committed to maintaining our neutrality and protecting privacy rights for all groups.

Rate This Article

(4 out of 4 people found this article helpful)

10 Comments

  1. Anonymous

    Why did this article disappear yesterday 2015-11-18 (giving only 404) and re-appear today? Has it been changed?

  2. Anonymous

    Sorry I meant yesterday 2015-11-17. BTW: I love ProtonMail and appreciate your efforts on privacy and transparency.

  3. George Nistor

    Why the “Helpful” button is not active? (but the “Not Helpful” it is). I want to rate the article as I really find it… helpful.

  4. I just want to thank you for NOT using Cloudflare, a known long-time associate of US DHS, whose most recent piece of spookery is hosting the SecureTheNet cyber-privacy letter signing site, and who have also recent;y hosted ‘dearputin’, a site that is intended to send a message to Vladimir Putin that westerners are sorry for all the bad things their governments say about him. One can almost hear the echo of the long-disbanded US House Un-American Activities Committee and Joe McCarthy dunning someone for signing a letter that apologizes to Putin.

  5. Anonymous

    Please explain: “ProtonMail is a beneficiary of financial support from the Swiss government…”

    For what reason does the Swiss government provide financial support to Protonmail?
    What agreements exist between Protonmail and the Swiss government?

  6. ProtonMail Support

    To support job creation in Switzerland and to help Switzerland strengthen its economy with regards to data security.

  7. David

    Hey ProtonMail-Support,

    dont let yourself get trolled by idiots on the internet :). Seriously, experience has shown that you cannot discuss rationally with conspiracy mongers – especially the ones who are obsessed with Israel.
    You are providing a great service for a privat – as in privacy – mail account. As soon as you add gpg send support i will probably get a paid account and dump my other privat clearnet mail addresses in favor of proton mail. You are doing most everything right so far and i am looking forward to all the new features!

  8. Golam Mohammed

    I have just joined with Protonmail. Want to see how it goes. I hope to donate within next
    few weeks if I find it is workable for me. Many thanks to the ProtonMail team.

  9. ProtonMail Support

    Hi Golam,
    Thank you for your support!

  10. Mark Lammas

    I have been with Protonmail from somewhere near its beginning, and it has, so far, been fine. How secure can an email address be? Well, I have four email addresses. My Hotmail is my main one, since I first went on the Web. I used that one from the start to sign up to Web pages and services, and is the one I always quote on the Web. It consequently attracts HUGE amounts of spam. Fortunately, Hotmail’s anti spam filters are evolutionarily excellent, and very little of it hits my inbox due to their auto filtering and my diligent use of email rules. Of my other email addresses, only my ProtonMail is COMPLETELY free of spam. Even GMail, which is pretty good, has some. My PM never has been, and never will be, used for Web signups or guestbooks, or for commercial or government messages. It will remain my primary private email communication channel. Any dubious message coming through into my PM inbox will stick out like a sore thumb, and will be dealt with appropriately. PM’s superb encryption should deal with all other issues. Long live ProtonMail!

Leave A Comment?