this post was submitted on 11 Aug 2023
-11 points (46.3% liked)

Privacy

32173 readers
1748 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
all 37 comments
sorted by: hot top controversial new old
[–] [email protected] 75 points 1 year ago (1 children)

You had to dig deep to get a news from 2021. and still, private doesn‘t mean anonymous, idk why everyone relates the both.
And still, no news here, Proton explained this case several times and they‘ve been pretty transparent.

[–] Potatos_are_not_friends 11 points 1 year ago (2 children)

Details? Im not familiar with the explanation. Thanks!

[–] [email protected] 61 points 1 year ago* (last edited 1 year ago) (2 children)

let me quote from reddit (https://www.reddit.com/r/ProtonMail/comments/15luwua/comment/jvd0fz9/?utm_source=share&utm_medium=web2x&context=3):

The article doesn't link the original court filing or discuss what actually happened, and from the title alone, is rather misleading.

The actual warrant can be found here and has the important missing details: https://drive.proton.me/urls/57QC5F26BW#nseYl6ICaQHm

The only data we could provide (in response to a binding Swiss legal order), was the user's recovery email address, which the user added himself, and is optional to begin with.

Unfortunately, said user also used that recovery address to create a Twitter account, and Twitter turned over his phone number and IP address. So probably not the smartest move if you want to threaten public officials.

Coincidentally, this case again proves that Proton Mail's encryption cannot be bypassed by law enforcement.

[–] [email protected] 11 points 1 year ago (1 children)

At least he didn't use Twitter for this threats.

I should check proton mail, self hosting is exhausting.

[–] [email protected] 5 points 1 year ago (6 children)

They don’t offer unlimited addresses for your own domain. And I kinda rely on that to route different registrations around. Don’t even need unlimited mailboxes, just the ability to use patterns and direct assignments to route mail to a few mailboxes.

If that was an option, I’d switch a week ago.

[–] [email protected] 3 points 1 year ago
[–] [email protected] 2 points 1 year ago

They semi-recently bought Simple Login which you can provide with your own domain. That does allow you to create unlimited addresses and they'll all be forwarded to the inbox of your choice. Can also disable any addresses when you no longer want them.

[–] [email protected] 1 points 1 year ago

Ah shit. I had hoped it would. Didn't yet read into the service.

[–] sudneo 1 points 1 year ago

They support catch-all addresses. So essentially any email @your.TLD will work. I use this and it works perfectly. Nowadays I also use the included simplelogin address if I don't want to disclose even my domain.

[–] [email protected] 1 points 1 year ago

I haven't switched yet but I'm about to.

Proton seems to have a pretty powerful filtering system that you can program using a DSL: https://proton.me/support/sieve-advanced-custom-filters

From what I've gathered, you can simulate unlimited addresses for your domain by setting up a catch-all. To reply from a certain catch-all'd address, you need to create an address for that name.
I wonder if you could do that via API; creating and deleting the address just for the moment where you're sending the reply.

It's strange to me that they don't offer unlimited domains. I guess it's to discourage business users from using the cheap email plan intended for individuals? That one doesn't have user management, so that doesn't really make sense either.

[–] [email protected] 7 points 1 year ago

and the other one regarding the clima activist:
https://protonmail.com/blog/climate-activist-arrest/

[–] [email protected] 38 points 1 year ago (1 children)

Instead of the original Forbes article, this post links to a youtube video, where an "AI-generated newscaster" talks some general crap without providing any details. I wish I could downvote this spam more than once.

[–] Goodie 4 points 1 year ago
[–] breadsmasher 14 points 1 year ago (1 children)

Seems it was metadata rather than any emails themselves?

[–] [email protected] 7 points 1 year ago (1 children)

Yeah, a recovery mail address (which is optionally added) that was connected to a Twitter account. There is nothing dishonest happening here. They don't have access to our mails, but they are legally bound to share the metadata they do have access to when there is a lawful request from a government agency.

[–] breadsmasher 0 points 1 year ago (1 children)
[–] [email protected] -1 points 1 year ago
[–] [email protected] 12 points 1 year ago (1 children)

Forbes: https://www.forbes.com/sites/thomasbrewster/2023/08/08/protonmail-fbi-search-led-to-a-suspect-threatening-a-2020-election-official/?sh=48791539235c

  • Claire Woodall-Vogg, the executive director of the Milwaukee Election Commission, was harassed and threatened after an innocuous email exchange with an election consultant was published by conservative news outlets.
  • One of the harassers used ProtonMail, an encrypted email service, to send Woodall-Vogg a threatening email.
  • The FBI acquired data from Proton Technologies, the owner of ProtonMail, to help them identify the anonymous emailer.
  • The FBI was able to find the suspect's identity and conduct a sweep across their internet accounts, but they were not charged with any crimes.
  • Woodall-Vogg said that the harassment has not continued recently.
  • ProtonMail said that they employ several teams to handle instances of abuse on their platform and that they only provide metadata to law enforcement agencies.
  • ProtonMail has received 6,995 orders for data in 2022, of which it contested 1,038.

They said in the past that to retain anonymity, users should use Tor to access the service.

[–] Decentralizr 11 points 1 year ago

As far as I remember, that was back in 2021, and except some Meta data not much what could been shared. If they have been approached under Swiss law, nothing can be done.

[–] [email protected] 5 points 1 year ago

Here is an alternative Piped link(s): https://piped.video/watch?v=_5b-vityKJs

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I'm open-source, check me out at GitHub.

[–] [email protected] 5 points 1 year ago

Sauce? YouTube vídeo doesn’t seem to have any sources

[–] [email protected] 5 points 1 year ago

Mail encyption on proton is useless once you send a mail to google or any other provider. That is not bashing proton, rather to point out that glowies do not need to deal with proton too much to get what they want.