ProtonMail Bridge on Sailfish

Applications C++
#1

As you all know, we can only access the excellent ProtonMail through the browser at present. However, there’s a native way too using their bridge which has been open sourced for quite some time now. I’ve checked that it uses Qt/QML which means it could be built for Sailfish and work there (unless the deprecated Qt poses an obstacle). This way we’d have support for ProtonMail through the built-in application. Please share your thoughts.

P.S.: I know about the approach with the alternative bridge of hydroxide and I’ve tried it. It was so unreliable connecting to ProtonMail and obtaining and loading my e-mail that I even reported a bug. Unless somebody’s faced and fixed this, I see no point in discussing it on this thread.

7 Likes
Xperia 10 II + SFOS
#2

I’m a bit thick perhaps, but can’t protonmail be used like a ‘normal’ smtp/imap/pop service? An email account? If it’s about sync, then there are many ways to securely sync imap / pop mail stores.

#3

No. Their approach is different because of security: for example, users can specify 2 passwords for their e-mail. The original bridge I’m talking about porting is their own development; they wouldn’t’ve bothered if they could directly support standard protocols.

1 Like
#4

Mail servers speak with other mail servers to exchange mail. There is no authentication involved in this. So the only security that you may be interested in is encryption. And that is not somthing unique to proton mail.

2FA is nice for ‘apps’ but has nothing to do with the security of your mail once it actually leaves your machine. My ‘single factor’ auth mail to MY mail server with encrypted headers and gpg content is about as secure as it gets. But even that is only as secure as the crypto you get with gnupg.

If you can only use the service with a special app and still send mail to ‘the rest of us’ you are being had.

If the encryption is not based on public key crypto, then how do others read your mail? Well, of course, they can’t. So, proton is saying they’re doing ‘better’ transport encryption on they way to ‘them’. Well, that’s ‘useless’ ™.

Now I’m only saying that as someone who has managed mail for many tens of thousands of users. I didn’t do it as well as proton, probably :slight_smile:

As to the bridge itself and QT. It seems to be written in GO. This, in it self is ‘a good thing’ ™. I like go. But compliling this in the sailfish context is going to be ‘non-trivial’.

The whisper fish rust project is a demonstration of just how difficult this is. I haven’t gotten around to that in a really serious way, but that’s also supposed to be a security ‘thing’. However, it’s a massively bloated project which is very probably very insecure. Just look at this:

8.0K /usr/bin/harbour-2048
244.0K /usr/bin/harbour-advanced-camera
8.0K /usr/bin/harbour-audiocut
8.0K /usr/bin/harbour-defender
808.0K /usr/bin/harbour-fahrplan2
336.0K /usr/bin/harbour-file-browser
80.0K /usr/bin/harbour-fishtheke
8.0K /usr/bin/harbour-gameoflife
224.0K /usr/bin/harbour-hafenschau
8.0K /usr/bin/harbour-newsapi
212.0K /usr/bin/harbour-pure-maps
8.0K /usr/bin/harbour-quantofa
24.0K /usr/bin/harbour-sailfishreboot
80.0K /usr/bin/harbour-sailhn
32.0K /usr/bin/harbour-screenshot
8.0K /usr/bin/harbour-scribble
8.0K /usr/bin/harbour-simplecrop
8.0K /usr/bin/harbour-simplemahjong
348.0K /usr/bin/harbour-storeman
544.0K /usr/bin/harbour-taot
244.0K /usr/bin/harbour-tidings
152.0K /usr/bin/harbour-videoPlayer
18.4M /usr/bin/harbour-whisperfish
21.7M total
#5

I won’t delve into the internals of mailing services. You asked why ProtonMail can’t just use IMAP/POP3 and I’ve answered. They don’t know what to do with 2 passwords while ProtonMail doesn’t open with just one: there’s just one example of the bridge.
Now, the remark about Go is worth thinking about. I had assumed C++ because I didn’t bother to check all code thinking the Qt version would be enough of a problem (and it is, they use Qt 5.13). The 18 MB-s you’ve shown are indeed atrocious, I do hope Go fares much better. But I’m not even sure it works on Sailfish. I guess it’s one item I can check tomorrow as it’s very late here.

#6

It’s certainly worth looking at supporting GO and nothing against custom clients for mail services.

I just read: https://protonmail.com/support/knowledge-base/the-difference-between-the-mailbox-password-and-login-password/

They make it clear it’s not 2FA but is actually what I describe. 1 mailbox password and 1 password for gnupg.

I’ll have a look at the bridge implementation when I have a moment.

#7

@ddobrev Did you mange to get ProtonBridge running? I saw some guides for Pinephone and it seems that they managed to compile non-gui version of ProtonBridge from Github that worked fine with PASS. Maybe that will work too on SFOS?

#8

I’m afraid not - they don’t support 32-bit builds and Jolla won’t support upgrading to 64-bit on devices older than Xperia 10 II. I got hydroxide working and especially with their latest code it works acceptably.

#9

I am running into an permission error when trying to authenticate with hydroxide.

[nemo@Sailfish ~]$ hydroxide auth username password
-bash: hydroxide: Permission denied


[nemo@Sailfish ~]$ systemctl --user status hydroxide
● hydroxide.service - Hydroxide ProtonMail bridge
   Loaded: loaded (/home/nemo/.config/systemd/user/hydroxide.service; enabled; vendor preset: enab
led)
   Active: failed (Result: exit-code) since Sat 2021-09-04 13:15:16 IST; 1min 43s ago
  Process: 2247 ExecStart=/home/nemo/bin/hydroxide serve (code=exited, status=203/EXEC)
 Main PID: 2247 (code=exited, status=203/EXEC)

Anyone any idea?
Its the same result with devel-su

#10

Did you chmod +x hydroxide?

#11

Thank you ddobrev, you got me closer to it. The service is now running after changing chmod, but I still have no permissions to authenticate.

[nemo@Sailfish bin]$ ls -l hydroxide
-rwxr-xr-x    1 nemo     nemo       9847214 Sep  3 11:29 hydroxide
[nemo@Sailfish bin]$ systemctl --user status hydroxide
● hydroxide.service - Hydroxide ProtonMail bridge
   Loaded: loaded (/home/nemo/.config/systemd/user/hydroxide.service; enabled; vendor preset: enab
led)
   Active: active (running) since Sun 2021-09-05 16:15:56 IST; 2h 14min ago
 Main PID: 9656 (hydroxide)
   CGroup: /user.slice/user-100000.slice/user@100000.service/hydroxide.service
           └─9656 /home/nemo/bin/hydroxide serve
[nemo@Sailfish bin]$ hydroxide auth username password
-bash: hydroxide: Permission denied
#12

Which is that bin you’ve placed your executable in? Is it a system one, such as /usr/bin or /usr/local/bin? It should work this way too but my personal one has always been in a home subfolder (~/Documents/hydroxide). If this doesn’t work either, I fear I’m out of ideas.

#13

Thanks a million. I moved the hydroxide executable to /bin and changed the hydroxide.service file accordingly. Now authorization seems to work and I got my bridge password.

#14

Just info, it may not mean anything to you.

1 Like
#15

Not really, still the best email service out there.

Really looking forward to see ProtonMail Bridge implemented in Sailfish OS :slight_smile:

Best would be if it can be supported on the OS level, so as a user you can select the mailservice in your account settings. Why have only Gmail, etc. ProtonMail deserves to be in the list for sure. But fully understand that the implementation of it is another beast.

7 Likes
#16

I agree, this would nicely complement Sailfish’s focus on privacy and security.

5 Likes
#17

Have there been any updates on this? It would be great to have it as a function in Sailfish OS

2 Likes
#18

I’m curious why it’s ‘the best’? I run my own mail servers and crypto mailing lists so I’m not a client anyway, I’m just curious why you think it’s ‘good’ ™.

I looked at the bridge code, both from proton and hydroxide and can’t see how this doesn’t actually make email LESS secure. In the main because adding an ‘entity’, like a service on the client in the mix adds complexity and increases the attack surface.

If you ‘only’ use a web client to access it, it’s probably more secure than many ‘things’ but I don’t buy the security argument.

But it might be better for other reasons. Although I am, of course, inclined to believe my own services are best :slight_smile: (ducks and runs…)

EDIT: just for the sake of completeness, some of the systems I run are very much like:
https://thomas-leister.de/mailserver-debian-buster/
But with slightly differnt SQL schema and standard postfix admin (which is also not quite standard).
For crypto lists, one setup uses:
https://schleuder.org/

I also run more exotic setups.

1 Like
#20

I’m currently running protonmail-bridge on my SFOS device and it is working with the SFOS email client for both sending and receiving mail. The approach I took to get it working is somewhat convoluted. Running natively should be possible with more effort on packaging the dependencies.

Approach:

  • Install Harbour Containers and dependencies (n.b. aarch64 packages available from @Levone1 in this thread)
  • Create an Arch linux container
  • Attach a terminal session and install the protonmail-bridge build dependencies
  • Build protonmail-bridge from source with the make build-nogui
  • Run protonmail-bridge --nogui, login then use the output of info to configure SFOS email account settings

I’ve yet to bother tidying it up by automatically starting the container/application on reboot but it is great using the native email client with a server that is PGP signing my mails. And while obviously a hacky fudge it is wonderful to be able to do this at all on a mobile device! :slight_smile:

4 Likes
#21

Hi, I have a question: if you are running ProtonMail Bridge in a Container constantly, doesn’t his produce high battery drainage? How is battery life with this approach? Because I’m also looking into using this approach daily