Why does Proton not sign it’s software installers with a digital signature? Isn’t this a ubiquitous and good practice when distributing security critical applications? What would help a particularly paranoid or vulnerable person from knowing their installation could be tampered with?
1 Like
Thank you for the question. In short, manual signature verification is not always the standard to ensure a download is not tampered with. You usually see them associated with Linux ISOs or software that functions independent of an online service.
The idea is that a hash signature will be modified if there is a malicious change
Proton is online service provider, not a Linux ISO. Assuming that you are downloading the desktop version of the app on Linux, what you are installing is essentially a glorified website wrapper. If you are concerned about this threat model, download the mobile app versions from the Apple App Store or Google Play or use the web app version of the Proton ecosystem.
I’m not familiar about how Proton protects against this on MacOS or Windows. Please ask their customer support for more details.
TLDR; Not everything requires you to verify your download with a signature. Only specific types of software or files require you to do so.
2 Likes