ProtonMail is Deploying a New System to Help Users to Keep their Personal Information Safe


Privacy-focused communications company Proton Technologies is implementing a new program to ensure that its email and VPN apps stay available even in cases where governments or ISPs are attempting to block them.

Focusing on helping consumers keep their details safe, the company’s encryption services— ProtonMail, ProtonVPN, ProtonCalendar (in beta) and ProtonDrive (in development)—have rendered it impossible to spy on customers. However, some countries have attempted to block them.

In the coming weeks, a new alternate routing feature will be enabled for both smartphone and desktop apps of ProtonMail and ProtonVPN, the company states.

The latest framework tries to stop other types of blocks by forwarding network links to Proton servers differently. Automated, the function only kicks on when it decides that the consumer is being blocked and only deals for the company’s software, but not with its websites.

“While we have largely been able to overcome censorship and attacks, it’s imperative that we remain one step ahead of those who would seek to spy on people and restrict the freedom of information. Alternative routing is an additional capability which helps us ensure users can access our services,” Proton says.

Alternative routing, the company explains, involves the use of third party infrastructure and networks, including those of companies such as Amazon, Cloudflare and Google. Data is secure and protected from snooping, but IP addresses and connections to Proton infrastructure can be available to individual third parties.

Once the functionality is usable in the coming weeks, the company’s apps can immediately identify links that could be subject to censorship and seek alternate ways to reach Proton servers.

The system is intended to easily circumvent such barriers, although it may not work at all times. Alternate routing can only be utilized in unusual instances (which arise without notice) and is voluntary, explains the business.

Just a small percentage of the customers of the business will require this feature, while the overwhelming majority would easily use its services. Nevertheless, without a new program, disabled users will not be able to reach their mailbox or link to a VPN.

Users would have the ability to switch off alternate routing in the Preferences menu or their settings if they do not wish it to be included. However, if Proton services are disabled, the business would not be able to warn users to turn the function on, says ProtonMail.

To make alternate routing effective, ProtonMail often modified the TLS encryption protocol, utilizing public key pinning instead of depending on the certificate authority to authenticate servers, which might become an issue if the company’s servers become hacked.

“In our view, these issues should not matter for most people, but if you are concerned about this, you can turn off alternative routing. However, this may mean you will be unable to access your Proton account if you are on a network that is censoring Proton,” the company says.

To counter censorship, the company has introduced more protocols to ProtonVPN for Android and rendered the APK accessible on Github so that users could access it even though Google Play is unavailable for them.

Mark Funk
Mark Funk is an experienced information security specialist who works with enterprises to mature and improve their enterprise security programs. Previously, he worked as a security news reporter.