A group of CERN scientists have developed an email system that provides end-to-end encryption of emails, which prevents anyone from being able to spy on the emails being exchanged.
The service plans on making revenue by charging for extra storage space, and yes, they do accept Bitcoin as a payment option. Right now they are looking for additional crowd sourced seed funding.
When the NSA surveillance news broke last year it sent shockwaves through CERN, the particle physics laboratory in Switzerland. Andy Yen, a PhD student, took to the Young at CERN Facebook group with a simple message: “I am very concerned about the privacy issue, and I was wondering what I could do about it.”
There was a massive response, and of the 40 or so active in the discussion, six started meeting at CERN’s Restaurant Number 1, pooling their deep knowledge of computing and physics to found ProtonMail, a gmail-like email system which uses end-to-end encryption, making it impossible for outside parties to monitor.
Encrypted emails have actually been around since the 1980s, but they are extremely difficult to use. When Edward Snowden asked a reporter to use an end-to-end encrypted email to share details of the NSA surveillance program the reporter couldn’t get the system to work, says Yen.
“We encrypt the data on the browser before it comes to the server,” he explains. “By the time the data comes to the server it’s already encrypted, so if someone comes to us and says we’d like to read the emails of this person, all we can say is we have the encrypted data but we’re sorry we don’t have the encryption key and we can’t give you the encryption key.”
“We’ve basically separated the message that’s encrypted apart from the key – all the encryption takes place on your computer instead of our servers, so there’s no way for us to see the original message.”
This is different from all other systems, says Yen. While Gmail has implemented some encryption, they still have the encrypted message and the key to decrypt the message.
One thing to keep in mind is that while the contents of the emails may be secure while passing through Proton Mail’s servers, messages sent outside of the system may not be. Further, the meta-data about who is emailing whom may also not be secure.