I was reading this review of ProtonMail: https://www.helpnetsecurity.com/2016/05/26/protonmail-review/

I'm a bit of a security-nut, while I'm told that there are no viruses or malware on Linux, I still install Comodo Antivirus and religiously uses VirusTotal to scan everything I download, so, as you can imagine, I don't like the fact that Google records my searches and gives them to 3rd parties, so instead of using Google, I search with Startpage or DuckDuckGo, and I also hear that Google does the same for their email service, I hear they go into your inbox and read your mail, so I'm looking for alternatives to Google and I found ProtonMail.

While I'm throughly impressed with the review, I'd like other thoughts on it, is it really worth it? It is really that secure?

... while I'm told that there are no viruses or malware on Linux ...

By whom?

While the notion of the Windows virus is foreign to Linux, there may be similar things. There is most certainly Linux malware.

Just so you don't come at this with misconceptions and incorrect assumptions or a false sense of security.

Cheers!

In most security questions I've come across, sometimes on here and on AskUbuntu, the comments I've read comes to the conclusion that you don't really have to worry about viruses or malware on Linux because there are no viruses or malware for Linux in the wild so you don't need antivirus on Linux, and antiviruses like Comodo AV or ClamAV don't look for Linux viruses they look for Windows viruses and antiviruses are ideal for email servers to prevent malware or virus outbreaks.

I had two malware hits in 5 years.

I use Sophos anti-virus (https://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-linux.aspx).

There most certainly is malware in the wild.

the comments I've read comes to the conclusion that you don't really have to worry about viruses or malware on Linux because there are no viruses or malware for Linux in the wild so you don't need antivirus on Linux,
That conclusion follows a line of reasoning that skirts the dangerous abyss of complacency. Contrary to what you've read, there are Linux malwares out in the wild. Remember the compromised Linux Mint ISOs? Or the ransomwares that target Linux servers?

The better line of reasoning has been discussed in these threads -
https://ubuntuforums.org/showthread.php?t=2332576
https://ubuntuforums.org/showthread.php?t=2337052

I believe that there are indeed only a handful of viruses written for Linux and it's doubtful that there are any in the wild.

However, viruses are only one class of malware, and many of the other types of malware can and do affect Linux computers.

I have an account at ProtonMail and Tutanota which both have end-to-end encryption.

Not sure if it's end-to-end encryption if sending to hotmail, gmail and many others.

Keep in mind that you don't have any control over the end recipient. If they decide to forward it to everyone in their addressbook, or post it on Facebook, all the encryption in the world isn't going to help.

(and yes, something of the kind did happen to me)

That conclusion follows a line of reasoning that skirts the dangerous abyss of complacency. Contrary to what you've read, there are Linux malwares out in the wild. Remember the compromised Linux Mint ISOs? Or the ransomwares that target Linux servers?

The better line of reasoning has been discussed in these threads -
https://ubuntuforums.org/showthread.php?t=2332576
https://ubuntuforums.org/showthread.php?t=2337052

Yeah, I remember the story about the compromised Linux Mint ISOs, I learned about it from CNN, according to the hacker that created the ISOs, one way to defend against compromised ISOs was to check the hashes (md5, sha1, sha256), then he asked the question, 'who checks the hashes anyway?'

He makes a valid point, is hash checking empathized? Well, I do for one, whenever I download a new ISO, be it Xubuntu or ReactOS, I always check the hashes.

Now, one the topic, what are your thoughts on ProtonMail, is it really worth it?

I have an account at ProtonMail and Tutanota which both have end-to-end encryption.

Not sure if it's end-to-end encryption if sending to hotmail, gmail and many others.

Okay, how was it? It is really that secure, in security and privacy wise?

Okay, how was it? It is really that secure, in security and privacy wise?

Could be wrong but it's only secure if sending from ProtonMail to ProtonMail or Tutanota to Tutanota.

For security and privacy, who knows, your guess is as good as anyone can give you.

There is no such thing as 100% security and privacy on the Internet.

Could be wrong but it's only secure if sending from ProtonMail to ProtonMail or Tutanota to Tutanota.

For security and privacy, who knows, your guess is as good as anyone can give you.

There is no such thing as 100% security and privacy on the Internet.

But compared to Gmail, Yahoo Mail and Hotmail, would you say that ProtonMail is more secure and values your privacy more than those other email providers?

But compared to Gmail, Yahoo Mail and Hotmail, would you say that ProtonMail is more secure and values your privacy more than those other email providers?

Would hope ProtonMail is more secure. Not going to tell you that it's perfectly secure and you have not to worry about.

On that note, I'm done here.

While I'm throughly impressed with the review, I'd like other thoughts on it, is it really worth it? It is really that secure?
I don't spin my own email service on a server. I wanted more privacy in a web based email service than, the others' commonly used provide, and Protonmail does this nicely for me.

As earlier mentioned by another, I also have Tutanota. I had it first, while still on the waiting list for a Protonmail account. I only use the 'free' versions. I trust Protonmail a lot more for my use, than I do with Tutanota. I can't remember the last time I used Tutanota.

I have only tried the end-to-end encryption service once, and that was with Tutanota, when I first got it. With a 'trusted' friend. He responded to my request to see how the service 'works', and then told me, 'I don't need this'. I have never tried again with either provider. I don't use them for this.

Protonmail appears to have significant financial benefactors, that leads me to believe, they are serious and can be counted upon for what they provide, and will do so for the the long term. I hope so anyway.

A bit of a cautionary tale re secure email services. I had a Lavabit email account, thankfully I was using Thunderbird so had local copies of my Lavabit emails. One morning I checked my email accounts and Lavabit couldn't connect. I didn't find out until later why it couldn't connect. If I didn't have local copies, I would have lost all emails in that account. Thunderbird supports email encryption but it supposed to be not easy to configure. I have no experience with it so can't comment.