However, it would seem that if ProtonMail ‘your data is encrypted in a way that makes it inaccessible to us’,Īnd ‘data is encrypted on the client side using an encryption key that On in-browser crypto to implement ‘zero-access’ systems), in theĬontext of the ‘Browser Crypto Chicken-and-Egg Problem’. Have come up recently about ProtonMail (and other services that rely I am a moderator at, and several questions
Managed to make end-to-end encrypted email as simple to use as I've not received a response from Protonmail as of yet, but if/when I do, I will update here.įirst off, I’d like to thank you for building ProtonMail. I sent the following email to on, inviting Protonmail to weigh-in on this subject. If you can't trust the server with your secrets, then how can you trust the server to deliver secure code? See for some good reading on this subject. This is why javascript cryptography is a 'chicken-and-egg' problem. Then, they would have everything necessary to decrypt your private key, and then decrypt your messages. If protonmail were to be compromised, or if protonmail were to 'go rogue', they could easily serve javascript that captures your password after you enter it, and sends the password back to their servers. However, the SRP is implemented in javascript, which is served by protonmail's server. Therefore (under normal circumstances) your password is never sent to protonmail's server. All rights reserved.Xavier59's answer is correct, in that protonmail uses SRP. Other trademarks are property of their respective owners. EquityZen and logo are trademarks of EquityZen Inc. By accessing this site and any pages thereof, you agree to be bound by our Terms of Use. Check the background of this firm on FINRA’s BrokerCheck.Į is a website operated by EquityZen Inc.
EquityZen Securities is a broker/dealer registered with the Securities Exchange Commission and is a FINRA/ SIPC member firm.Įquity securities are offered through EquityZen Securities. See our Risk Factors for a more detailed explanation of the risks involved by investing through EquityZen’s platform.ĮquityZen Securities LLC (“EquityZen Securities”) is a subsidiary of EquityZen Inc. Investors must be able to afford the loss of their entire investment. Investing in private companies may be considered highly speculative and involves a high degree of risk, including the risk of substantial loss of investment. Investment opportunities posted on this website are "private placements" of securities that are not publicly traded, are subject to holding period requirements, and are intended for investors who do not need a liquid investment.
0 kommentar(er)
