Here is also an excerpt from the answer by protonmail about the same
questions put to Kolabnow. The answer came 6 days later with an excuse they
have too many emails (which I read as a hint about what support you can
expect):
------------
Unfortunately, we have hundreds of emails per day to answer.
For how and why we are superior to Lavabit I encourage you to find an
unbiased source (not us or them) and see for yourself.
As for CPU's being vulnerable, that is possible but we offer the best
possible security. We dont intend to manufacture our own chips. Not sure what
answer you're looking for.
As for quantum, we are adding EC support to OpenPGPJS and to ProtonMail as
well in the coming months.
Sorry for the sparse answers.
Best regards,
The ProtonMail Security Team
------------
After further questioning:
------------
Our threat model is here:
https://protonmail.com/blog/protonmail-threat-model/
Obviously if you don't trust your device you can't trust anything that runs
on it. So we don't propose to be immune to device level compromise.
We offer encrypt-for-outside for non-protonmail users.
------------