With ProtonVPN on my phone and desktop, I have 8 VPN connections left. One of Proton’s VPN selling points is “Access content on streaming services from anywhere”. So the plan was to install this on the family Nvidia Shield (Android TV).
However, every tech savvy family member has access to this Shield device and I don’t know what kids installed, so I cannot trust this device. I wouldn’t want to enter my super sensitive ProtonMail password.
Is there a solution for this problem? I’m sure others have the same reservations.
Someone recommended two password mode to be able to use a password to VPN that doesn’t give access to email, but it still gives access to your proton.me account. Second, iirc it will make all your email unreadable. You need to export and re-import all your keys for all your email addresses, doubling your number of keys. And third, you will cripple your carefully designed simplified ProtonMail experience just to install a VPN on your TV. This is not a proper solution.
I would like to know if any such feature is either already possible or planned. Otherwise I need to downgrade back to Proton Plus and get a separate VPN account.
Well, a few things I’d say here, in theory entering your password in the Proton apps on the Shield shouldn’t be an issue, the only thing I’d see being an issue around that is potentially a key logger, but those are relatively rare.
But if you are wanting to do this, I’m not 100% sure (would need to test at home) but if you can get the WireGuard app on ShieldTV, you could then build a WireGuard profile on ProtonVPN’s website on your computer, and then connect using that.
It does not give access to your proton.me account. Seriously, do you guys even test anything before you ask?
Enable two password mode (heck, throw in 2fa as well). Then try to recover or login ti your account.
You cannot do it. The mailbox password is needed tod ecrypt all data in the account. The only way around it is to reset everything, which requires a recovery option that shouldn’t be connected to your TV.
The way I would do it is install the wireguard (or openvpn) client on the TV an load a config file generated from the protonvpn account. That way you won’t have to type the password on the TV.
I am not aware if the wireguard/openvpn apps work on that TV, but I assume being android they would.
tie observation gold narrow threatening glorious expansion close complete sable
This post was mass deleted and anonymized with Redact
Second, iirc it will make all your email unreadable. You need to export and re-import all your keys for all your email addresses, doubling your number of keys.
No that does not happen. Also, if I remember correctly, you also need the mailbox password then togo into your account settings, it wouldn‘t give full access to the account with only the login password.
The only other way around that would be to generate openvpn or wireguard configurations and use that with a native openvpn or wireguard app.
Quit being paranoid and take off the tinfoil hat.
Then just login to vpn on the damn Shield.
??? Profit
The only way to achieve this would be getting a business account and setting up an user account for the Shield.
First of all, if you’re this paranoid but don’t even use 2FA, you have other things to worry about.
Secondly, how tech savvy are your family members/kids exactly? Enough to root the device without you knowing? It’s Android, so just make sure you’re not typing with some weird third party keyboard app and no screen recording app is running, and you’re good to go. Session tokens are safely stored and near impossible to extract by other apps or a user on any recent Android version.
they won’t ever add it I think because it’d allow you to share vpn connections
That’s so stupid in my opinion. They sell you 10 connections, and if they are all occupied, you can’t make another connection.
If they are not comfortable selling me 10 connections, they should sell me less, say 5 or 3.
Either way, they should just provide a secure different password option, because dangling your Email security (password) over the gutter in an attempt to discourage you from using their service is not really doing it for me.
Yeah that might be a workable solution. I need to look up what Wireguard is to see if it’s preferred over OpenVPN and give it a try. Still have a month of VPN.
I guess it depends a little bit on the streaming experience. If you can use the same server for a while, it’s a good solution. But if the server gets blacklisted every other day, it will be tedious to manually get a new config all the time.
This is interesting. I read somewhere in the documentation that all password changeroo destroys the encryption (and PGP) keys. Perhaps this can be clarified in the two password page.
Right! VPN doesn’t ask for a OTP key. 
These proton guys thought of a lot of things, most of them engineers that have tested out several options thoroughly.
squalid library snobbish longing scandalous point husky frighten spoon paltry
This post was mass deleted and anonymized with Redact
if you’re this paranoid but don’t even use 2FA
Don’t make things up please. I surely didn’t say I did not use 2FA. It is not relevant to the issue at hand. 2FA is supposed to be additional security. A second factor. You can’t just frivolously enter your main password into every public computer you encounter, because guess what, your password just leaked and now that 2FA is your only factor.
You are right, it’s Android, so just make sure you’re not using a weird keyboard, make sure no one modded your keyboard, make sure no screen recording software is running, make sure there are no sniffers, make sure there is no man in the middle bluetooth dongle you’re connecting to, make sure there are no weird apps running, make sure there is no debug mode on with a usb cable plugged in, make sure there is no camera in the house recording the screen, make sure there is no one in the room watching the big keyboard appear on screen,
or just use common sense best security practices and don’t make us re-use the same passwords for different applications. I don’t understand why a request for something so logical is met with such dismissal.
You can have a few different servers configured at the same time just to switch between which would make it easier to switch.
However, it might be a push to tell the other users of the TV they have to check that of something doesn’t work…
No that isn’t correct. When you change your password, your current encryption keys will be re-encrypted with the new password, thus keeping your emails readable.
When you reset your password, that is when a new pair of encryption keys are generated, thus making your emails unreadable (up until you re-activate the old keys with your old password or recover the data with the recovery phrase/file)
When you reset your mailbox password, it stops decrypting your mail. In order to then see the old mail, you must have the old mailbox password
There’s a big difference between a public computer and an Android device in your house.
And you didn’t answer my question, how tech savy are your family members? Forensic scientists? Your points about hidden cameras or snooping people in the room… In that case how are you even logging into your Proton account on other devices? Just look around. And if you’re that distrusting of your family, I wouldn’t offer them access to your VPN at all. And sniffers? Again, are they forensic scientists? This is not Windows we’re talking about. Bluetooth dongles and weird apps don’t matter either. Android has very tight sandboxes. An adb debug connection would be visible as a notification. Really, unless they installed a fake version of ProtonVPN for you to type your credentials in, the main threat is just a potential third party keyboard since it can see all key presses, so switch to the default one and you’re good to go. No amount of installing weird apps and bluetooth devices will extract credentials from an app that uses the Android key store.
This is what I would do personally:
- Reboot the device, it would show you if secure boot was off (e.g. when running a custom ROM)
- Open the PlayStore and check that the legit ProtonVPN is installed
- Make sure you use the stock keyboard app or any one you know and trust
- Log in
- Profit.
And if you still don’t feel safe, but are okay with only having a fixed set of profiles for countries, you could generate OpenVPN or Wireguard access credentials/profiles and use those. This way you won’t even need to install the ProtonVPN app. I’ve been using it on my computer like this. Get an OpenVPN profile on the website, drop it into GNOME network settings and toggle it on. I never did it on Android but I’m sure it’s possible.
Thank you for clarifying this!
These proton guys thought of a lot of things, most of them engineers that have tested out several options thoroughly.