Messages are encrypted at all times
Messages are stored on ProtonMail servers in encrypted format. They are also transmitted in encrypted format between our servers and user devices. Messages between ProtonMail users are also transmitted in encrypted form within our secure server network. Because data is encrypted at all steps, the risk of message interception is largely eliminated.
Zero Access to User Data
Your encrypted data is not accessible to us
ProtonMail’s zero access architecture means that your data is encrypted in a way that makes it inaccessible to us. Data is encrypted on the client side using an encryption key that we do not have access to. This means we don’t have the technical ability to decrypt your messages, and as a result, we are unable to hand your data over to third parties. With ProtonMail, privacy isn’t just a promise, it is mathematically ensured. For this reason, we are also unable to do data recovery. If you forget your password, we cannot recover your data.
Open Source Cryptography
Time-tested and trusted encryption algorithms
We use only secure implementations of AES, RSA, along with OpenPGP. Furthermore, all of the cryptographic libraries we use are open source. By using open source libraries, we can guarantee that the encryption algorithms we are using do not have clandestinely built in back doors. ProtonMail’s open source software has been thoroughly vetted by security experts from around the world to ensure the highest levels of protection.
Incorporated in Switzerland
All user data is protected by the Swiss Federal Data Protection Act (DPA) and the Swiss Federal Data Protection Ordinance (DPO) which offers some of the strongest privacy protection in the world for both individuals and corporations. As ProtonMail is outside of US and EU jurisdiction, only a court order from the Cantonal Court of Geneva or the Swiss Federal Supreme Court can compel us to release the extremely limited user information we have.
Hardware Level Security
Full disk encryption and storage in secured datacenters
We have invested heavily in owning and controlling our own server hardware at several locations within Switzerland so your data never goes to the cloud. Our primary datacenter is located under 1000 meters of granite rock in a heavily guarded bunker which can survive a nuclear attack. This provides an extra layer of protection by ensuring your encrypted emails are not easily accessible to any third parties. On a system level, our servers utilize fully encrypted hard disks with multiple password layers so data security is preserved even if our hardware is seized.
No tracking or logging of personally identifiable information
Unlike competing services, we do not save any tracking information. By default, we do not record metadata such as the IP addresses used to log into accounts. As we have no way to read encrypted emails, we do not serve targeted advertisements. To protect user privacy, ProtonMail does not require any personally identifiable information to register.
Self Destructing Messages
With ProtonMail, emails are no longer permanent
You can set an optional expiration time on ProtonMail’s encrypted emails, so they will be automatically deleted from the recipient’s inbox once they have expired. This technology works for both emails sent to other ProtonMail users, and encrypted emails sent to non-ProtonMail email addresses. Similar to SnapChat, we’ve added a way for you to have ephemeral communication.
SSL Secured Connections
Swiss SSL to secure your connection
We use SSL to secure communication between our server and your computer. Message data between our server and your computer is already sent encrypted, but we use SSL to add another layer of protection and to ensure that the web page your browser loads is not tampered with by a third party intercepting your traffic in a MITM (Man in the Middle) attack.
Our SSL certificate authority (CA) is QuoVadis Trustlink Schweiz AG, a leading Swiss SSL certificate issuer. Using a Swiss based CA ensures that our CA’s SSL infrastructure is not under the control of US or EU government agencies. To allow extremely security conscious users to further verify that they are in fact connecting to our server, we have also released the SHA1 and SHA-256 hash for our SSL public key.
Securely communicate with other email providers
Even your communication with non-ProtonMail users can be secure
We support sending encrypted communication to non-ProtonMail users via symmetric encryption. When you send an encrypted message to a non-ProtonMail user, they receive a link which loads the encrypted message onto their browser, which they can decrypt using a passphrase that you have shared with them. You can also send unencrypted messages to Gmail, Yahoo, Outlook and others, just like regular email.
Easy to Use
Comprehensive Security for Everyone
We created ProtonMail because we found that none of the existing secure email services available today are sufficiently secure. However, a secure service like ProtonMail cannot improve the security landscape if it is so difficult to use, nobody can use it. From the start, we designed ProtonMail with a strong emphasis on usability. As a result, ProtonMail is very easy to use. There is nothing to install, and no encryption keys to manage, if you can use Gmail, Thunderbird, or Outlook, you can use ProtonMail.
Today, September 19th 2017, WikiLeaks starts publishing the series “Spy Files Russia” with documents from the Russian company Петер-Сервис (PETER-SERVICE). This release includes 209 documents (34 base documents in different versions) dated between 2007 and 2015.
PETER-SERVICE was founded 1992 in St. Petersburg as a provider for billing solutions and soon became the major supplier of software for the mobile telecommunications industry in Russia. Today it has more than 1000 employees in different locations in Russia, and offices in major cities in Russia and Ukraine. The technologies developed and deployed by PETER-SERVICE today go far beyond the classical billing process and extend into the realms of surveillance and control. Although compliance to the strict surveillance laws is mandatory in Russia, rather than being forced to comply PETER-SERVICE appears to be quite actively pursuing partnership and commercial opportunities with the state intelligence apparatus.
As a matter of fact PETER-SERVICE is uniquely placed as a surveillance partner due to the remarkable visibility their products provide into the data of Russian subscribers of mobile operators, which expose to PETER-SERVICE valuable metadata, including phone and message records, device identifiers (IMEI, MAC addresses), network identifiers (IP addresses), cell tower information and much more. This enriched and aggregated metadata is of course of interest to Russian authorities, whose access became a core component of the system architecture.
Selected components of PETER-SERVICE software
The base architecture of the software from PETER-SERVICE (SVC_BASE) includes components for data retention (DRS [en], [ru]), long-term storage in SORM (SSP, Service СП-ПУ), IP traffic analysis (Traffic Data Mart, TDM) and interfaces (adapters) for state agencies to access the archives.
Traffic Data Mart (TDM)
The Traffic Data Mart is a system that records and monitors IP traffic for all mobile devices registered with the operator. It maintains a list of categorized domain names which cover all areas of interest for the state. These categories include blacklisted sites, criminal sites, blogs, webmail, weapons, botnet, narcotics, betting, aggression, racism, terrorism and many more. Based on the collected information the system allows the creation of reports for subscriber devices (identified by IMEI/TAC, brand, model) for a specified time range: Top categories by volume, top sites by volume, top sites by time spent, protocol usage (browsing, mail, telephony, bittorrent) and traffic/time distribution.
Data Retention System (DRS)
The data retention system is a mandatory component for operators by law; it stores all communication (meta-)data locally for three years. State intelligence authorities use the Protocol 538 adapter built into the DRS to access stored information. According to PETER-SERVICE, their DRS solution can handle 500,000,000 connections per day in one cluster. The claimed average search time for subscriber related-records from a single day is ten seconds.
In SORM call monitoring functions are concentrated in control points (пунктах управления, ПУ) which are connected to network operators. The Service СП-ПУ is a data exchange interface based on HTTPS between components in SVC_BASE/DRS and SORM. The interface receives search requests from state intelligence authorities and delivers results back to the initiator. Search requests for lawful interceptions (based on a court order) are processed by the operator on the same system.
Deep Packet Inspection products
As a related document, this first release contains a publically available slide show presentation given by Валерий Сысик (Valery Syssik, Director of Development) from PETER-SERVICE at the Broadband Russia Forum in 2013. Titled “National stacks of DPI / BigData / DataMining technologies and solutions for collection and analysis of information, as well as means of predicting social and business trends – the key to digital and financial sovereignty of the state and business in the XXI century”, the presentation – which appears to already be publicly available on PETER-SERVICE’s website – is not targeted at the usual telecom provider, but at a closed group of people from the ФСБ (FSB, Russian Federal Security Service), МВД (Interior ministry of Russia) and the три ветви власти (“three pillars of Power” – legislature, executive and judiciary).
The presentation was written just a few months after Edward Snowden disclosed the NSA mass surveillance program and its cooperation with private U.S. IT-corporations such as Google and Facebook. Drawing specifically on the NSA Prism program, the presentation offers law enforcement, intelligence and other interested parties, to join an alliance in order to establish equivalent data-mining operations in Russia. PETER-SERVICE claims to already have access to a majority of all phone call records as well as Internet traffic in Russia, and in the description of the current experiences, it claims to have deployed technology for Deep Packet Inspection “with not just the headings of IP packets, but the contents of whole series”. PETER-SERVICE is presented as a natural ally for intelligence agencies in “the most lucrative business [of] manipulating minds”.
However, the core of the presentation is about a new product (2013) called DPI*GRID – a hardware solution for “Deep Packet Inspection” that comes literally as “black boxes” that are able to handle 10Gb/s traffic per unit. The national providers are aggregating Internet traffic in their infrastructure and are redirecting/duplicating the full stream to DPI*GRID units. The units inspect and analyse traffic (the presentation does not describe that process in much detail); the resulting metadata and extracted information are collected in a database for further investigation. A similar, yet smaller solution called MDH/DRS is available for regional providers who send aggregated IP traffic via a 10Gb/s connection to MDH for processing.
PETER-SERVICE advertises its experience in SORM technologies – especially DPI – and its ability to collect, manage and analyse “Big Data” for commercial and intelligence purposes. “From DPI solutions for SORM to contextual advertising, we have the experience and the solution. We are offering to coordinate a scalable national solution for control of the digital network. We strive for effective cooperation within a symbolic network alliance: operator – vendor – search engine – business – state organs.”
The above graphics shows the Internet backbone infrastructure in Russia and the nodes at various providers that run components of the proposed DPI*GRID system in different locations. The node TopGun most likely refers to a multi terabit DPI system developed by PETER-SERVICE.
SORM is the technical infrastructure for surveillance in Russia. It dates back to 1995 and has evolved from SORM-1 (capturing telephone and mobile phone communications) and SORM-2 (interception of Internet traffic, 1999) to the current SORM-3. SORM now collects information from all forms of communication, providing long-term storage of all information and data on subscribers, including actual recordings and locations. In 2014, the system was expanded to include social media platforms, and the Ministry of Communications ordered companies to install new equipment with Deep Packet Inspection (DPI) capability. In 2016, SORM-3 added additional classified regulations that apply to all Internet Service providers in Russia. The European Court for Human Rights deemed Russia’s SORM legislation in breach of the European Convention on Human Rights in 2015 (Zakharov v. Russia). [source: https://en.wikipedia.org]
Today, September 7th 2017, WikiLeaks publishes four secret documents from the Protego project of the CIA, along with 37 related documents (proprietary hardware/software manuals from Microchip Technology Inc.). The project was maintained between 2014 and 2015.
Protego is not the “usual” malware development project like all previous publications by WikiLeaks in the Vault7 series. Indeed there is no explicit indication why it is part of the project repositories of the CIA/EDG at all.
The Protego project is a PIC-based missile control system that was developed by Raytheon. The documents indicate that the system is installed on-board a Pratt & Whitney aircraft (PWA) equipped with missile launch systems (air-to-air and/or air-to-ground).
Protego consists of separate micro-controller units that exchange data and signals over encrypted and authenticated channels:
» On-board TWA are the ‘Master Processor’ (MP) and the ‘Deployment Box’. Both systems are layed-out with master/slave redundancy.
» The missle system has micro-controllers for the missle itself (‘Missle Smart Switch’, MSS), the tube (‘Tube Smart Switch’, TSS) and the collar (which holds the missile before and at launch time).
The MP unit receives three signals from a beacon: ‘In Border’ (PWA is within the defined area of an operation), ‘Valid GPS’ (GPS signal available) and ‘No End of Operational Period’ (current time is within the defined timeframe for an operation). Missiles can only be launched if all signals received by MP are set to ‘true’. Similary safeguards are in place to auto-destruct encryption and authentication keys for various scenarios (like ‘leaving a target area of operation’ or ‘missing missle’).
Today, August 24th 2017, WikiLeaks publishes secret documents from the ExpressLane project of the CIA. These documents show one of the cyber operations the CIA conducts against liaison services — which includes among many others the National Security Agency (NSA), the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI).
The OTS (Office of Technical Services), a branch within the CIA, has a biometric collection system that is provided to liaison services around the world — with the expectation for sharing of the biometric takes collected on the systems. But this ‘voluntary sharing’ obviously does not work or is considered insufficient by the CIA, because ExpressLane is a covert information collection tool that is used by the CIA to secretly exfiltrate data collections from such systems provided to liaison services.
ExpressLane is installed and run with the cover of upgrading the biometric software by OTS agents that visit the liaison sites. Liaison officers overseeing this procedure will remain unsuspicious, as the data exfiltration disguises behind a Windows installation splash screen.
The core components of the OTS system are based on products from Cross Match, a US company specializing in biometric software for law enforcement and the Intelligence Community. The company hit the headlines in 2011 when it was reported that the US military used a Cross Match product to identify Osama bin Laden during the assassination operation in Pakistan.