:kitty-cri-screm: :cia

  • PorkrollPosadist [he/him, they/them]
    ·
    3 years ago

    This is not unique failing of ProtonMail. It is an inevitable outcome of any company which is trying to sell you privacy in one form or another. Like all capitalist firms, they are driven first and foremost by an imperative to accumulate capital. They cannot accumulate capital if the state drops the hammer on their executives or on the firm itself. If they are given an ultimatum, they will throw you under the bus without a second thought. Think about this not only with e-mail providers, but chat services, VPN providers, VPS hosts, the whole nine yards.

    • Mardoniush [she/her]
      ·
      edit-2
      3 years ago

      There is no such thing as true opsec online, I keep saying.

      Yes, use secure stuff as a general precaution, but remember, the only secure transmission is something whispered in private with grey noise over it, and maybe not then (rubber hose decryption is a wonderful thing). If someone really wants to know what you're saying, they'll find out.

      EDIT: the solution to this is to build networks that are resilient to compromise or better yet, resilient to infiltration. The old Moon is a Harsh Mistress "how to build an org cell structure" discussion is not how you should build such an org today, but is a good introduction to the general principles.

      • Alaskaball [comrade/them]MA
        ·
        3 years ago

        Online opsec is supposed to be preventatives against non-state entities such as the proud Boys or 3 percent hogs trying to look into a socialist org's internal matters.

        Anyone in our game should know better than to put anything illegal into the Fed's backyard aka the net

        • Mardoniush [she/her]
          ·
          3 years ago

          Yeah, don't disagree. That said, there are some truly dedicated chuds out there, and sometimes the line between fed and hog is pretty porous.

          • D61 [any]
            ·
            3 years ago

            Hogs don't live without being fed.

      • happybadger [he/him]
        ·
        3 years ago

        rubber hose decryption

        In cryptography, rubber-hose cryptanalysis is a euphemism for the extraction of cryptographic secrets (e.g. the password to an encrypted file) from a person by coercion or torture[1]—such as beating that person with a rubber hose,

        When our turn comes, I shall make jokes about the rubber hose decryption.

        • D61 [any]
          ·
          3 years ago

          The Average Fishing Email vs The Chad Rubber Hose Decryption

          • happybadger [he/him]
            ·
            3 years ago

            Good day sir or mam,

            I am writing you from country of Nigeria. My name is Prince Happybadger and I am rightful heir to the throne. Due to corruption I need to get $200.000.000 million dollars out of Nigeria to a bank in your country. For your services I will not beat you to death with a hose. Please replying with haste.

            Respectfully yours,

            Prince Happybadger, rightful heir to Nigeria

    • invalidusernamelol [he/him]
      ·
      3 years ago

      They start off as accidental honeypots, then after the first big run in with the state become regular honey pots.

  • SolidaritySplodarity [they/them]
    ·
    3 years ago

    Ensured private email is not possible precisely because you have no control over how the receiver stores the data. To make matters worse, the technology itself means you essentially have to have a third party manage your email and they will be subject to subpoena.

    Taking measures to increase your privacy can be good but may not really be worthwhile when it comes to email right now. e.g., you may be tempted to send encrypted with GPG, but this will do nothing if the email host can read it and the receiver forwards it / is subpoenaed. Worse, it might flag you as someone to pay particular interest to. Simply do not send anything over email that you would not want the feds or friends and family knowing.

    This applies to virtually all electronic communications, in fact. You are only as secure as the least-secure party and if the feds were to go after you they would not have much trouble getting your emails. If they were particularly hardcore, they'd go after your friends/family to get the contents.

  • Wildgrapes [she/her]
    ·
    edit-2
    3 years ago

    The email is encrypted and this provides privacy. It's absolutely fuck that the company was compelled to track ip info for an account but I suppose the other option would be to defy the swiss legal system and subsequently be forced out of business.

    To me what this truly highlights is that if you truly wish to be anonymous... Well don't actually expect to be. A dedicated enough adversary with enough power will be able to untangle the threads. Best you can do is understand the difference between privacy, being anonymous, and security and work towards each as needed. Know your tools.

    Use Tor.

      • Wildgrapes [she/her]
        ·
        3 years ago

        Yes if you need email. Protons encryption keeps others from reading your mail(proton included) and tor keeps your ip from them(anonymous) of course both these could be breached in plenty of ways (using a phone number traceable to you to sign up for proton maybe, using a email name you've used before, etc)

        Email is broadly speaking not a very secure communication anyway because it has to somehow identify you to give you messages. But tor + encrypted email attempts to solve both privacy and anonymous better than just email.

        Proton has an onion site. Use it for more anonymous access. Still expect a powerful enemy to find you but it'll be harder.

    • SolidaritySplodarity [they/them]
      ·
      3 years ago

      A VPN will also obfuscate your IP, though the VPN also has to be non-subpoenable (or follow through on promises of not keeping logs) to really help you out.

      • Wildgrapes [she/her]
        ·
        3 years ago

        That's true in theory but does require you to place absolute trust in a company motivated to stay in business. Additionally having no way to verify their no log policy makes trust harder. Great for torrents; less great for genuine security.

          • Wildgrapes [she/her]
            ·
            3 years ago

            Of course. I'd say it's harder than serving a binding court order or targeting one company that you know has much sensitive data.

            • SolidaritySplodarity [they/them]
              ·
              3 years ago

              Actually I guess we shouldn't frame this as an either/or. Tor with a VPN is probably best, so long as you find one compatible.

              • Wildgrapes [she/her]
                ·
                edit-2
                3 years ago

                Generally that was my initial thought. But I'm not convinced now. There seems to be some specific use cases (tor is blocked and bridges aren't working) but outside of that it seems uncertain that increased security or anonymity is gained.

                Good write up talking about it generally here that I found informative. And an overview of various ways they might be combined here that isn't quite so negative on adding a vpn.

                But I agree with you that framing anything in online security as an absolute either or is a bad idea. It depends on your specific threat model and needs. Which requires a fairly deep understanding. Which sucks since who has time or technical skill enough for that. Not most people. Thus marketing saying "hey this is the one thing you need to be safe."

  • carbohydra [des/pair]
    ·
    edit-2
    3 years ago

    honeypot time

    We only know that the order for data from the Swiss government came through channels typically reserved for serious crimes.

    :cap-think:

    • LeninWeave [none/use name]
      ·
      3 years ago

      Proton literally have a page on their website explaining the instances of them collecting data for the feds lmao. What do people expect? They're a company operating in the legal jurisdiction of a European country.

    • Ithorian [comrade/them, null/void]
      ·
      3 years ago

      Yeah that was me. And this I'll admit this is some disappointing shit. But all they were able to turn over to the feds was an ip address, they had zero access to the content on the account. Which is a hell of a lot better then most email providers can say. I almost added something about using a vpn in my post because the ip address visibility is a known thing. It even mentioned it in the article I linked.

      But seriously if you can recommend another email provider that has end to end encryption and no ability to track my ip I would love to know. I'll switch immediately.

    • SolidaritySplodarity [they/them]
      ·
      3 years ago

      Which is absurd. ProtonMail can easily access your emails if they want to and spend the tiniest of efforts. Fundamentally, you read your emails by decrypting them with a private key. That key is (supposedly) unlocked via your password. They already have the locked private key - they store it for you. All they need to do is also store your password (or a hash of it, if they do that first) - like when you type it into their websites every time you log in. They don't even have to put this functionality in JS, they can just intercept requests in their back end and clip out the password / the hash of it.

      ProtonMail is a third party to which you have to give credentials and you are trusting them to not do these things and "trust me bro" is generally bad security.

      A properly secure version would require the use of an open source native client whose releases are signed and verifiable. The client would fetch emails (better hope the senders use encryption) and you would unlock them with a private key that ProtonMail has never and will never see. ProtonMail claims to do something like this in your browser but cannot make such ironclad guarantees about signed releases, thus ensuring that any snooping code would be revealed and noticed by others as part of any release.

  • viva_la_juche [they/them, any]
    ·
    edit-2
    3 years ago

    man only way you can really know for certain something is secure is to build it yourself

    and even then... lol

    • PorkrollPosadist [he/him, they/them]
      ·
      3 years ago

      I feel like by the time you're running an email box which is in your physical custody and have it tunneled through TOR to some public domain/proxy purchased by a straw-buyer, your data at rest may be very secure but you're throwing up hella smoke signals.

    • Alaskaball [comrade/them]MA
      ·
      3 years ago

      I reckon the only secure method is building a completely alien os system with your own original code then keep it isolated from the main global systems aka make all your own shit from scratch.

      At that point I think training messenger pidgin would be a cheaper, faster and more secure system because nobody expects you to use fucking pidgins of all thingd in this day and age

    • SolidaritySplodarity [they/them]
      ·
      3 years ago

      Yes but even then email, as a technology, can't be fully built securely yourself.

      3 examples:

      1. ISPs block the port used for sending emails. You therefore need to have a third party do it for you, sending your emails through them. Only e2e-encrypted emails will be nominally safe in that arrangement.

      2. As part of spam-fighting efforts (supposedly), the big email providers will tend to block IPs that are sending emails if they aren't already part of a "trusted" set. So even if you could pay your ISP to open the port you want, you'd probably get banned by Gmail, etc. This restricts the set of providers you can use as well.

      3. Email is only as secure as the other parties that can read them. If you send an email to a buddy, even e2e encrypted, but they decide to forward their emails to Gmail (very common), well now Google can see everything and be subpoenaed.

      • viva_la_juche [they/them, any]
        ·
        3 years ago

        Hmm If I was sending sensitive illegal emails I would simply make them impossible to be read by the feds by making all the subjects “feds not allowed to read this pls”

        • SolidaritySplodarity [they/them]
          ·
          3 years ago

          The feds can't prosecute you if you put "are you a cop?" at the end of all your emails and they never reply, "yes"

  • Pirate [none/use name]
    ·
    3 years ago

    :downbear: They were required by law to collect the info on that guy so they did it. If you gonna do illegal shit via ProtonMail then connect via Tor or VPN and they won't know your ip address

  • Deadend [he/him]
    ·
    3 years ago

    You need to think about security as a measurement of time.

    Like door locks, there is no door lock that is unbreachable, but how long does it take and what’s there to get?

    Everything online can be assumed to be backed up.

    Proton gave information, but it wasn’t instant.

    But really, if a Government has it’s lawyers asking about your email, you’re already fucked.

  • D61 [any]
    ·
    3 years ago

    Ham radios and numbers stations to transmit PPG