Posted on 05/09/2024 7:38:14 AM PDT by yesthatjallen
ProtonMail, a managed email service popular with the crypto community, surrendered a user’s information to Spanish authorities, leading privacy rights advocates to claim it had violated its sworn promise to protect user data.
ProtonMail is based in Switzerland and uses privacy and security themes in all of its corporate messaging. Like Switzerland’s once-enviable numbered bank accounts, ProtonMail made allusions to Swiss privacy, pseudonymity, and jurisdictional legal protections from the power of certain subpoenas. As a result of this marketing campaign, it attracted many crypto users who wanted a private email service.
In this instance, the user was a member of Mossos d’Esquadra, a police force in Catalonia. Spanish authorities identified him via subpoenas to ProtonMail and Apple.
The secure email service provided police with a recovery email address that revealed the pseudonym ‘Xuxo Rondinaire.’ Alongside information from Apple related to that recovery email and pseudonym, Spanish authorities believe he assisted the Democratic Tsunami movement.
SNIP
(Excerpt) Read more at protos.com ...
Looks to me like that page is meant for their members. Looks like it is promoting Proton as truly secure service for their criminal members.
That would probably work if you didn’t have a recovery email for it.
In most cases, like email, most platforms and providers make no pretense about privacy. Even if you use a VPN, your data is not safe. You should treat mail as public, and never transmit anything you consider private.
Just because you operate under the delusion that the world respects your privacy doesn’t make it so.
Exactly so. Anything transmitted over the phone system or the Internet is going to be captured and stored.
Humans may never look at it, but it is available if someone decides it is worth looking at.
Thank you for your post.
>> I expect the NSA operates ProtonMail as a honeypot.
ROFL! That same thought crossed my mind not long ago... what if? I laughed it off as silly paranoia; maybe I should reconsider?
TO MY FBI HANDLER: Of course I have nothing to hide, just fooling around with this technology ‘cause it’s cool and interesting. We good?
>> Humans may never look at it, but it is available if someone decides it is worth looking at.
These days I bet they crawl all over it using AI — just because they can.
If you want privacy and electronic communication 1. Write your message in a txt file. 2. Get your recipient’s GPG public key. 3. Encrypt the text file with GPG encryption. 4. Send the message. GPG is unbreakable under the current technology. The government has been pressuring the developers of GPG to put in a back door so that they can spy on their citizens, and to the best of my knowledge there is currently no back door. PGP which is a commercial product that uses the same algorithms has been under the same pressure, ut I don’t know if they’ve caved in or not.
Bump!
Tower of Babel II
There is a reason your bank (and most others) wont email you your password after you lose it. It’s not secure. That’s why most lost password protocols send you a link to reset it or a PIN or code, both of which only verify that you are the owner (or at least someone with access too) your email account. Sending a reset code or link to your email is NOT ironclad secure method, but it mostly absolves the bank of their liability, because it’s a reasonable legal assumption that the owner of the email address assigned to their authentication system is the one receiving the email messages. But the point is, they wont just email you your password, because it’s not a reasonable assumption that it will be safe either in transit or in storage.
Although there are still some second rate websites that will email passwords, but I guess that’s just a long-winded example demonstrating how it is assumed that email communication is not safe for private data.
Two factor authentication will actually use a second method to verify your identity, like texting a separate PIN.
Having strong passwords and two factor authentication is rather tiresome for the average Joe, but sadly it is necessary. Big brother isn’t the biggest threat to most people, although it might be for “crypto users” I suppose.
That may be changing for politically active people such as those on freerepublic...
That may be changing for politically active people such as those on freerepublic...
~~~
Oh I can see that coming, if the current course doesn’t change.
That’s what a lot of people fail to do. Look ahead.
I was reading about data aggregation and the lack of privacy (particularly by silicon valley) and actually mentioning it to people long before it started to enter the public consciousness, although it’s debatable that it has yet actually that pervasively known. It was easy to predict then the things that are happening now, and the future looks a lot worse with biometrics, and again, it’s probably not ‘big brother’ that your average person should really be worried about. The private sector exploitation of people’s everyday activity has only just begun.
So speaking for myself, I would take the stand and defend anything I’ve posted on FR, at least in the context of the article and/or the conversation, but that doesn’t mean that people wont still get railroaded by lawfare in the future if this political climate heating up.
Willing to bet that unless you wrote the code and control the servers... They ALL do this.
Yep. The illusion of online security only protects you from the casual criminal and does nothing against the professional criminals in either the private or government sectors.
Oh no doubt. If truth be told, the only safe way to guard your data is to go completely off grid.
I hear ya. If we did things as we did in the old days, just use postal mail for everything we do, you’d be in much better shape. But as you suggested, even that is probably not totally secure from someone tampering with.
Yep.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.