We are one step closer to fully open sourcing all our apps. Proton Mail Bridge joins iOS and the web app as open source software, and it has also passed an independent security audit.
Trust and transparency are core values of Proton Mail. We want you to know who is on our team(nouvelle fenêtre) and how we protect your privacy(nouvelle fenêtre). Similarly, we want you to be able to see the code that makes up our apps and keeps your data safe. That’s why we have prioritized making all our apps open source.
You can view the code(nouvelle fenêtre) for Proton Mail Bridge for macOS, Windows, and Linux on our GitHub page.
Why open source matters
Our effort to open source all Proton apps began in 2015 with our Proton Mail web app(nouvelle fenêtre), followed by our iOS app(nouvelle fenêtre). Earlier this year, we open sourced all of the Proton VPN apps(nouvelle fenêtre). And most recently, we published the code for our Android app(nouvelle fenêtre), which means all Proton apps that are out of beta are open source.
Proton Mail Bridge is a desktop application that allows you to fully integrate your Proton Mail account with any IMAP and SMTP email client, including Outlook, Thunderbird, or Apple Mail. Open sourcing the code lets anyone verify how the encryption process takes place through Bridge as the emails are transferred between your Proton Mail account and your desktop email app.
Security experts can now examine the Bridge code and submit any findings via our bug bounty program(nouvelle fenêtre). By leveraging the entire IT security community, we are making it more likely that potential vulnerabilities are quickly discovered and fixed.
A better Internet is possible with open source
Open sourcing all our apps is the culmination of our development approach.
We have long been an active member and supporter of the open source community. We contributed to the development of the open source VPN protocol WireGuard(nouvelle fenêtre), and we maintain two of the largest cryptographic libraries on the Internet, OpenPGPjs(nouvelle fenêtre) and GopenPGP(nouvelle fenêtre).
Because Proton is rooted in scientific rigor, transparency, and peer review, we believe in the open source ethos of showing your work. Users can verify our code and see how it works at any time. This leads to more secure and reliable digital products that integrate feedback from all our users and impact our whole community.
In the same spirit of transparency, we have contracted the information security firm SEC Consult to conduct an independent security audit, and we are publishing their full report here(nouvelle fenêtre).
You can also read our article describing the Bridge security model(nouvelle fenêtre). Raw code is only useful if you know how to read it. Providing this technical documentation helps more people understand the security features of Bridge.
Thank you for your support
All of this is possible because of our community. You allow us to continue prioritizing open source projects and furthering the Proton mission to build a safer Internet.
Make sure to check our blog and follow us on social media for more product updates.
You can get a free secure email account from Proton Mail here.
We also provide a free VPN service(nouvelle fenêtre) to protect your privacy.
Proton Mail and Proton VPN are funded by community contributions. If you would like to support our development efforts, you can upgrade to a paid plan(nouvelle fenêtre). Thank you for your support.
Feel free to share your feedback and questions with us via our official social media channels on Twitter(nouvelle fenêtre) and Reddit(nouvelle fenêtre).