this post was submitted on 07 May 2024
25 points (96.3% liked)

Proton

5268 readers
5 users here now

Empowering you to choose a better internet where privacy is the default. Protect yourself online with Proton Mail, Proton VPN, Proton Calendar, Proton Drive. Proton Pass and SimpleLogin.

Proton Mail is the world's largest secure email provider. Swiss, end-to-end encrypted, private, and free.

Proton VPN is the world’s only open-source, publicly audited, unlimited and free VPN. Swiss-based, no-ads, and no-logs.

Proton Calendar is the world's first end-to-end encrypted calendar that allows you to keep your life private.

Proton Drive is a free end-to-end encrypted cloud storage that allows you to securely backup and share your files. It's open source, publicly audited, and Swiss-based.

Proton Pass Proton Pass is a free and open-source password manager which brings a higher level of security with rigorous end-to-end encryption of all data (including usernames, URLs, notes, and more) and email alias support.

SimpleLogin lets you send and receive emails anonymously via easily-generated unique email aliases.

founded 1 year ago
MODERATORS
 

Apparently, the researchers contacted some VPN providers. Perhaps Proton is one of them.

you are viewing a single comment's thread
view the rest of the comments
[–] pathief 2 points 6 months ago* (last edited 6 months ago) (1 children)

They have posted on Reddit that if you have kill switch and wireguard you are safe on every platform except Linux. A fix is being worked on for linux, no ETA.

[–] [email protected] 3 points 6 months ago* (last edited 6 months ago)

Thanks for the reply! Here's their 2024-5-8 reply for reference:

Hi! Our engineers have conducted a thorough analysis of this threat, reconstructed it experimentally, and tested it on Proton VPN. We concluded that:

  • the attack can only be carried out if the local network itself is compromised
  • our Windows and Android apps are fully protected against it
  • for iOS and macOS apps, you are completely protected from this as long as you're using a Kill Switch and a WireGuard-based protocol (our apps use WireGuard by default, and if a user wants to use something other than WireGuard derivates, they'd have to manually set it up). Note that Stealth, WireGuard TCP, and our Smart protocol on iOS/macOS are all WireGuard-based.
  • for our Linux app, we're working on a fix that would provide full protection against it.