The part about ProtonMail and Tutanota seems pretty biased. I would like to hear how the author suggests that they should implement IMAP and SMTP without compromising the encryption.
It sounds like the author prefers dubious advantages to real improved security.
That's quite ridiculous considering that according to him HTML emails are:
>"... a security nightmare, are mostly used for advertising to you and tracking you, are less accessible for many users, and don't offer anything especially great for it."
The data in a protonmail account is encrypted with your own key. How is protonmail supposed to encrypt an email if they receive it unencrypted over SMTP?
There are various ways. One would be to use standard imap and decrypt the message on the client. Their bridge sort of does that but with proprietary protocol.
Either way, that has absolutely nothing to do with the security issues of html email. Eg phishing and tracking still works when you decrypt the message and open it.
I'm on mobile so I can't give you an adequte response, but I can link you to a previous commment I wrote on the subject...
Or I would, but pasting seems to be broken on my phone as well. If anyone can search HN for "Sir_Cmpwn Protonmail" and link the relevant comment I'd appreciate it very much.
It sounds like the author prefers dubious advantages to real improved security.
That's quite ridiculous considering that according to him HTML emails are:
>"... a security nightmare, are mostly used for advertising to you and tracking you, are less accessible for many users, and don't offer anything especially great for it."