mirror of
https://github.com/privacyguides/privacyguides.org.git
synced 2024-10-01 01:35:57 -04:00
Better describe Proton Drive threat model (#335)
Signed-off-by: Daniel Nathan Gray <dng@disroot.org>
This commit is contained in:
parent
29f717b651
commit
efa9b5f1cc
@ -6,7 +6,7 @@ description: |
|
||||
|
||||
Proton Drive is currently in beta and only is only available through a web client.
|
||||
|
||||
When using a web client, you are placing trust in the server sending you the JavaScript code that encrypts your files.
|
||||
When using a web client, you are placing trust in the server to send you proper JavaScript code to derive the decryption key and authentication token locally in your browser. A compromised server can send you malicious JavaScript code to steal your master password and decrypt your data. If this does not fit your <a href="/threat-modeling/">threat model</a>, consider using an alternative.
|
||||
|
||||
website: 'https://protonmail.com'
|
||||
privacy_policy: 'https://protonmail.com/privacy-policy'
|
||||
|
Loading…
Reference in New Issue
Block a user