Conversation

Notices

LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} (lnxw48a1@nu.federati.net)'s status on Tuesday, 07-Sep-2021 00:28:49 UTC LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864}

https://thehackernews.com/2021/09/protonmail-shares-activists-ip-address.html

I did not anticipate this, because I figured they’d have learned from Lavabit and designed their systems such that there was no way for them to have any metadata (user’s IP address, user’s ‘user agent’, timestamps of users’ correspondence, pretty much everything except what is required to send and receive messages). Any information your system has, however briefly, can be the subject of a government order.

My issue over the years has been that both Protonmail and Tutunota send you the JavaScript used to “end-to-end encrypt” your message. At any time, they could be ordered to modify that JS to cache the encryption keys for later reuse by government agencies.

Tags: #Protonmail, #surveillance, #government_over_reach, #metadata, #encryption, #JavaScript
In conversation Tuesday, 07-Sep-2021 00:28:49 UTC from nu.federati.net permalink
Attachments
1. ProtonMail Shares Activist's IP Address With Authorities Despite Its "No Log" Claims
  
  from The Hacker News
  
  Despite its "no logs" policy, ProtonMail discloses an activist's IP address to authorities.
- simsa04 (simsa04@gnusocial.net)'s status on Tuesday, 07-Sep-2021 00:50:56 UTC simsa04
  in reply to
  
  So what's the point of still using this mail provider then? I'm relieved I never used my account there much and didn't fall for the fake promises of purported "security".
  
  In conversation Tuesday, 07-Sep-2021 00:50:56 UTC permalink
  
  LinuxWalt (@lnxw48a1) {3EB165E0-5BB1-45D2-9E7D-93B31821F864} repeated this.

Public

Conversation

Notices

Feeds