Their threat model and all threat scenarios should be front and centre on their front page and sign up page. That is if they care about user privacy not just the bottom line. They have a choice between better-informed customers or more money, and so far, they have chosen the latter.
What this and the new Apple debacle have proven to me is that privacy is not a product that can be purchased. If you want real privacy, you have spend a lot of time learning how to preserve your privacy. No matter what Apple and ProtonMail and similar companies tell you, you cannot buy privacy off-the-shelf.
What you can buy is various degrees and quality of sensible defaults and behaviours that serve your general interest in privacy and security. Privacy from casual snooping or commercial tracking, security from unsophisticated attacks or even sophisticated attacks if you're wiling to also sacrifice some convenience.
These are all worth having, and your choices of product and service provider can have a significant impact on them. I know little to nothing about ProtonMail but maybe they're a better bet than many other similar services, even if they're not perfect.
the key you pointed to tho was regarding convenience. simple fact is that most of the usability desired in consumer email is not compatible with the practical design principles of covert communications.
They do explain the threat model quite well but the information is scattered around (e.g. https://protonmail.com/blog/protonmail-threat-model/) and this matters in an era where the attention span of people is very short.
The cost is personal time and effort, not money. The software needed is generally free of charge. The goal being not a physical product or a service, but a level of knowledge and proficiency. To put it another way, "tech-savviness" cannot be purchased, it has to be achieved.
The cultural problem we face is that the so-called "0.1%" are leveraging their "tech-savviness" against the rest of the population, working for so-called "tech" companies, websites that make money by exploiting the privacy of the "99.9%" in the service of online advertising.
If we take HN comments as true, in some cases, these employees do not even believe in the bottom line they are working to support.1 They are not adopting the behaviour of the "99.9%", i.e., the "expected" behaviour required to sustain their employer's bottom line. Not sure about you, but that would not give me much confidence they are going to work very hard to protect other users' privacy.
The term "dogfooding" is sometimes used amongst tech companies to describe the situation where employees themselves partake in what they offer to non-employees, i.e., "users".2 To persons outside the tech bubble this can be quite amusing. Does this suggest they view their relationship to users as more like "human-to-dog" than "human-to-human". There is nothing inherently wrong with someone peddling something she does not believe in, however we might consider what is/are the reason(s) for her lack of faith.
To be clear, I am not suggesting the cultural problem can be solved. I am attempting to provide further reasons that digital privacy is, like the parent suggested, generally not something you can "buy".
1 Evidence appears periodically in HN comments. For example, yesterday: "Disclaimer: I work at Google. In cloud, not on Android. I am privacy conscious so I though I would give a try at Graphene OS, it was brutal."
2 The term is alleged to have first appeared one the joelonsoftware.com website and to have originated at Microsoft.
You can. It's just not that cheap, and not quite as convenient.
edit: for those curious, discussion on HN 3 years ago https://news.ycombinator.com/item?id=18238581
I'm not saying "think of the children", I'm saying "think of law enforcement and the judicial system"
thinking about it now in retrospect, do you think that really could have been a possibility? I don't.
The only thing I am saying is that if real privacy is not a possibility (and it may very well not be), they shouldn't pretend they are selling real privacy. I am not saying they should find a way to do the impossible and legally avoid laws. I am saying they should not pretend their service is any more private than it actually is.
Think of it this way: imagine someone starts advertising a magic potion that stops aging. People buy it, but they predictably continue to age and die. If someone starts protesting, we shouldn't say "what are you complaining about? what do you want the seller to do? break the laws of nature? that's ridiculous." We should say, "we really should stop that guy from making baseless promises about his potions".
I'm not saying "think of the climate", I'm saying "think of law enforcement and the judicial system"
thhinking about it now in retrospect, do you think that really could have been a possibility? I don't.
All of the above and more.
You can’t have privacy; you need to be actively participating in our society or you’re dead. As soon as you try to build it you’ll realize it’s a full time job and you won’t be able to afford to eat on what it pays.
Only 5% of people in the US still hunt. We are coupled to the modern systems we have (unless MIT is right and it falls apart soon).
You want privacy, go off grid. Those of us living on grid will be sure to leave you be and keep everything we build for ourselves.
None of us explicitly cheered on the end of privacy but we did cheer on the engineering effort that made it happen. Despite numerous voices warning us.
Ciao.
As the manager of various accounts used by environmental and social activists on Protonmail, this is really bad.
I understand they have to follow Swiss law, but surely there are higher standard and processes than: police forward foreign request. Don't challenge or question, just do task required.
Interpol requests are not as universally recognized as what some people here are alluding to. Countries can file these requests with interpol but it's up each country to determine if they act or recognize the request.
If the Chinese government files 500 requests via interpol and the swiss police merely pass them on the proton, will proton mail automatically comply and install malware on their client on targeted accounts?
I hope this is not the case but I expect this to be clarified. On th face of it, organizing an occupy protest hardly seems to pas the bar of "serious criminal cases"
I'm not saying Swiss laws are infallible but this request was not simply "forwarded": "Swiss authorities will only approve requests which meet Swiss legal standards (the only law that matters is Swiss law)"
As they mentioned in the blog post, they do challenge many of these requests but it was not legally possible in this case.
Now, I don't support squatting, but launching an interpol notice, and attacking privacy under color of law seems like a misuse of the law, and abuse of the Swiss legal system.
We may need to attack this problem differently since it appears the Swiss do not have the vaunted protections they claim.
Also, we need Protonmail to look into offshoring, and obtaining independence of a potentially abusive legal system.
Sealand had at least a few good ideas around immunities from State power.
As much as we might like to believe it, law is not universally applied in a fair manner. Swiss authorities will approve requests that are total garbage requests. I happen to be on the receiving end of one of those, which was eventually, after significant time, effort and money thrown out for prejudice.
If I were an environmental activist, I would definitely step up my operational security.
I have seen this commented a lot by people, that specifically anti-terrorist laws were used? But from what I have found, they used regular laws. Any chance you can point me in the right direction?
I have been a riseup user for years. They have received foreign legal requests, and they do not simply do the task requested. They've also received US-based legal requests, and challenge them, but in the end, they do not have the data that is being requested, so ultimately they can respond saying exactly that.
(throwaway aswell)
If the Chinese government files a request by means of Interpol, it’s very dishonest to say “an Interpol request.” It’s a Chinese request.
There are, which they specifically described.
This also goes for your second described case. The chinese government is only one of the two required.
But usually interpol rejects many requests from the Chinese government (to track uyghurs for example).
The real scandal here is why the French authority is making such request on an activist, why Interpol processed it (as far as I understand there are no crimes in play here?), and why the Swiss authority recognizes the request? Perhaps we don't have the full story, but, with only the information we have, it sounds like an abuse of the protocol on 3 different entities. And double standards from Interpol (not okay to track down chinese activists, but ok for french activists?)
This seems easy to answer - according to French media[1], they were activists illegally occupying[2] buildings to protest rising real estate prices. This is illegal in Switzerland, too. What's the scandal? Authorities using their powers?
[1]: https://www.lesnumeriques.com/vie-du-net/protonmail-a-fourni...
[2]: https://www.lefigaro.fr/societes/a-paris-un-local-du-restaur...
Climate is fashionable and respected today, they would got medals maybe if not hiding?
I can openly say that I am for good climate and ecology. Greta Thunberg is also not hiding.
And about this specific activist, do you know what he is accused of? (It must be something other than activism, right? Difficult to imagine climate activism is illegal in France).
PS: I understand this topic is mostly about Proton failing the privacy expectations, but curious to know what can activist be charged with.
https://techcrunch.com/2021/09/06/protonmail-logged-ip-addre...
Still strange, how could they anonymously occupy the places, if they were physically present there.
If that qualify as serious crime is still up to debate and it could just be a excuse to go after the organizers. I do however find the case a bit more nuanced after reading those details.
PGP has been around since 1991, if it was as easy as writing a catchy how to, then some people might use it. Now 30 years in, basically nobody uses it. Got to wonder why ...
> don't offer this option for some (likely legal) reason
Not at all, they dont do it because it is a terrible customer experience. It is confusing, it is hard, if you lose a key, your data is garbage. If you make a copy of your key, you are not secure. Some people are happy to go that path, most are not.
If only it was so simple. Imagine a world where Gmail launched, but if you forgot your password, boom, all your email is gone as is access to your email address. The next company that came along and offered 'password resets' would have wiped them out.
This is false.
Each time you visit protonmail you re-download (cache can be invalidated) their client. It would be trivial for them to serve a specific user a modified client which uploads their encryption keys.
This problem is not specific to protonmail, any service which contends to be secure with respect to some server (the protocol relies on the client to decrypt stuff the server cannot) can be compromised this way because of implicit trust in the client software which can be modified at any time with no notice - making any auditing entirely meaningless in the case of targeted attacks.
This problem should perhaps be addressed by browsers since it seems they are becoming pseudo operating systems.
Maybe what they mean is that the swiss authorities have no legal basis on which to force them to serve a modified, backdoored, client like the one you're talking about.
And "Unlike competing email services, we do not track you."
Nowhere does it say "Unless your government asks the Swiss government then we'll capture, log and report every IP address you use".
Source: https://protonmail.com/security-details
Screenshot: https://imgur.com/a/gfUcYme
And this marketing copy was rewritten after this incident.
Before this incident it didn't say "opt out of tracking". How does one "opt out", by using Tor?
It used to say, in bold print, "No tracking or logging of personally identifiable information".
No weasel words about requiring the user to take some unspecified action to "opt out". No asterisks or caveats or warnings of any kind.
It also used to explicitly promise: "we do not record metadata such as the IP addresses used to log into accounts".
Now that part is mysteriously gone.
Pretty shitty to quietly flush this down the memory hole, then pretend nothing's changed, blaming and gaslighting users for not understanding.
Source: https://web.archive.org/web/20210607023937/https://protonmai...
Screenshot: https://imgur.com/a/R1muChN
The idea that someone can just pay €60 per year and expect to be safe from State prosecution seems so naive.
At worst, this means the security level fits the TOFU model (Trust On First Use), which is better than the default BEEF model, which stands for "Beware Each and Every Fetch".
What about their app? They'd have to push a malicious update through the Play Store or Apple's Store to target someone, which is very unlikely.
Very classy post. To-the-point. There are limitations with digital services.
If you don't like what happened, you need to change things. They only way to change things is to change the law. This begins with voting.
Modern labor rights, environmental policy, and basic equality for marginalized groups (women, POC, LGBT people etc.) under the law, are frequently touted as victories of liberal democratic systems but almost all of these rights exist because of massive civil disobedience, and often violent protests.
In all cases, you need huge support of the voter base for a particular issue before voting for a candidate to represent it is ever an option. Even then, there is simply no way to hold elected officials accountable to implementing their platform, and how could there be? No plurality of elected officials would ever want to pass that law in the first place.
You do, typically, need a majority of the voters to agree with you. In representative democracy that means you need a plurality of representatives.
Candidates can and do lie. That is something you need to evaluate as part of voting for them.
Anonymity doesn't exists for GAFA or Big governments on internet that's all, if you are not happy with that, you can vote as you want it will not change. But anonymity in society will soon stop existing as well. With all cameras that we have everywhere, we just need the Chinese facial recognition system and that will be the end. That's how it is.
- Same point as before but indirectly: gather public support by leveraging the (social) media available to you.
- If all else fails: run for office yourself.
1. It's impossible to create a paid account with cryptocurrency: You can only use it to pay for an existing account
2. It's impossible to anonymously create any account over Tor: You have to at least pass SMS / secondary email verification, and it better not be an easy to get address ("Email verification temporarily disabled for this email domain" etc.)
Lots of marketing and boxticking (.onion: check), but it looks curiously hostile to anonymity if you actually try to use it.
Proton's first and last blog post about Tor was in 2017. [1]
The CEO today claimed to be a leader with Tor simply because they have a Tor site up.
This is 2021, not 2017. I expect better.
Link back to thread about this in the earlier protonmail story: https://news.ycombinator.com/item?id=28429582
Transparency as the bare minimum? We are talking about a service that you expect to handle some sensitive information, you expect them to be transparent on what they do. If they block account creation over TOR because of spam issues, then that's should be said clearly on their platform.
OP is not only complaining about free account, they are also mentioning paid account, which has a 1k message per day limit. No spammer is going to pay 5 euros to send 30k message in a month, that just not worth it. So there's no reason to block paid account too.
Why give up on this point? There's nothing that says true anonymity has to lead to spam. Spammers have the limit that they have to spam to , presumably make money, since they go via the 1000 tries and only needing one hit to win. They have a weakness. users and activists dont have this weakness really.
Otherwise I'll just use Gmail it's free.
And I bet that these big corporations have better security.
Please advise…
[1] https://www.wired.co.uk/article/how-to-delete-google-search-...
In relation to GMail specifically see[1]
[1] https://protonmail.com/blog/protonmail-vs-gmail-security/
You can also encrypt emails with PGP with someone's public key from within ProtonMail, in this scenario you don't need to send them a password or a link. They do however have to have you in their address book with public key attached.
It's nice that they offer hosted secure mail, like those on offer from enterprise tools (Proofpoint, Mimecast etc.), but it's not really E2EE email. Signing up to Protonmail may not require a mobile number, but a recovery email (PII) must added and linked the account.
Here is an example of a Protonmail to Gmail message (potential PII removed):
Delivered-To: xxxxx@gmail.com
Received: by xxxxx with SMTP id {...};
Mon, 6 Sep 2021 00:00:00 -0000
X-Google-Smtp-Source: {...}
X-Received: by xxxxx with SMTP id {xxx}.50.{xxx};
Mon, 6 Sep 2021 00:00:00 -0000
ARC-Seal: i=1; a=rsa-sha256; t={...}; cv=none;
d=google.com; s=arc-20160816;
b={...}
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-{...};
h=mime-version:message-id:subject:reply-to:from:to:dkim-signature
:date;
{...}
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@protonmail.com header.s=protonmail header.b={...};
spf=pass (google.com: domain of xxxxx@protonmail.com designates {...} as permitted sender) smtp.mailfrom=xxxxx@protonmail.com;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.com
Return-Path: <xxxxx@protonmail.com>
Received: from mail-{...}.protonmail.ch (mail-{...}.protonmail.ch. [{...}])
by mx.google.com with ESMTPS id {...}.{...}
for <xxxxx@gmail.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Mon, 6 Sep 2021 00:00:00 -0000
Received-SPF: pass (google.com: domain of xxxxx@protonmail.com designates {...} as permitted sender) client-ip={...};
Authentication-Results: mx.google.com;
dkim=pass header.i=@protonmail.com header.s=protonmail header.b=WRR3qgpc;
spf=pass (google.com: domain of xxxxx@protonmail.com designates {...} as permitted sender) smtp.mailfrom=xxxxx@protonmail.com;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.com
Date: Mon, 6 Sep 2021 00:00:00 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail; t={xxx}; bh={...}; h=Date:To:From:Reply-To:Subject:From; b={...}
To: "xxxxx@gmail.com" <xxxxx@gmail.com>
From: {...} <xxxxx@protonmail.com>
Reply-To: {...} <xxxxx@protonmail.com>
Subject: Testing proton mail "encryption".
Message-ID: <1234567890@protonmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="THE_BOUNDARY"
X-Spam-Status: No, score=-1.2 required=10.0 tests=ALL_TRUSTED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE shortcircuit=no autolearn=disabled version=3.4.4
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on mailout.protonmail.ch
--THE_BOUNDARY
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: base64
--THE_BOUNDARY
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: base64
--THE_BOUNDARY--
Email, no matter what you do to try and make it secure, is an inherently insecure protocol, that has been mangled beyond what it was intended for. I'm not suggesting that we shouldn't try to make it better, but that it might just be closing the proverbial stable doors.
Other providers might be able to be compelled to provide much more explicit data such as email content or the user's identity.
Obviously there is a lot of overlap, but the reality is that civil disobedience is often the only way to force changes in unjust laws, history (even incredibly recently) has proven that time and time again.
It seems like the safest way to use email is to use email operated outside your own country.
It simply means that if, lets say the US, govt makes a request, they are not obligated to comply unless they are specifically requested by the Swiss authorities.
The linked post by Proton suggests VPN and Tor usage for better anonymity.
So, to avoid this, a user would need to not be accused of a crime in a country that is on speaking terms with Switzerland.
this has been the case for a very long time. (more then 80 years in the benelux for example).
> For the past year, a group of people have taken over a handful of commercial premises and apartments near Place Sainte Marthe in Paris. They want to fight against gentrification, real estate speculation, Airbnb and high-end restaurants. While it started as a local conflict, it quickly became a symbolic campaign. They attracted newspaper headlines when they started occupying premises rented by Le Petit Cambodge — a restaurant that was targeted by the November 13th, 2015 terrorist attacks in Paris.
[0] https://paris-luttes.info/recit-policier-de-sainte-marthe-15...
> ProtonMail does not give data to foreign governments; that’s illegal under Article 271 of the Swiss Criminal code. We only comply with legally binding orders from Swiss authorities.
But the arrest was by the French police. So the Swiss government used a warrant to get info from PM and then passed it to France because the charges passed muster under Swiss law ("Swiss authorities will only approve requests which meet Swiss legal standards (the only law that matters is Swiss law)")?
cross border criminal investigation and police cooperation is very common in Europe, and fully within swiss law.
Seriously I thought I was the uncool kid for not using ProtonMail and some other HN favorites. In the end, they are all someone's server with unknown connections. Do not trust other companies no matter what. Period.
One could argue they only protect good users - as defined by Swiss law. Then what's the point of Proton?
Next time, a whistleblower from a Swiss bank or agency?
But curious about the other part of the story. The word "activist" is abused very often. I can not find the details, what exactly they are trying to dress up as "activism" is this case.
Also, "activist arrested" makes impression he was arrested for activism. But strictly speaking, the charge may be totally unrelated.
No matter what PM promises, without addressing this issue it is all bull.
Ladar Levison from Lavabit (Snowden email case) tries to square this circle to provide safe services.
Unless payment is made in a way that preserves the user's privacy (i.e. using cryptocurrency).
So, if I was actually concerned about my privacy and anonymity, I would not transact in (most, at least) cryptos, dealing only in much less traceable cash.
How does squating in France break swiss law?
[0] - https://twitter.com/andyyen/status/1434665940696846340
What are the best alternatives to ProtonMail?
It wasn't too long ago that Eco-terrorism was a thing that resulted in people's homes being burned down. I have a family member who got injured as a result of somebody digging holes in a fairly remote grass air strip. I'm sure somebody would describe the guy with a post hole digger as a heroic "climate activist". This situation doesn't appear to be that, but that might provide a little good faith context for why law enforcement would be interested in going after the likes of ELF.
It's in french but here is a summary: Law enforcement contacted Protonmail directly and the company told them to use the "Europol channel", which law enforcement did.
Protonmail then provided the date when the account was created, the IP address (Not clear if it is the one when it was created or last login) and the "device", I suppose they are talking about the user agents.
Please keep in mind that companies can charge processing fees on law enforcement requests. I would really like to know if ProtonMail is earning money on this.
I think I would be happier with a "no, we cannot comply with your request" rather than the "no, we cannot comploy with your request, go to this other window..." but I wouldn't be surprised if the option they took is the legally safer route.
This is a weak response. "What we're changing" isn't specific. It's a "our shit doesn't stink" kind of reply.
"What we're changing" should be far more specific. Start educating users about Tor on your homepage.
Start blogging about Tor more than once in 2017. Have a score for how many users log in through Tor. Have a score for how many times your privacy policy is loaded.
Stop claiming to be the best simply because you have a Tor site with an old version of your app. That's not good enough.
I'm looking for leadership. Protonmail is clearly an "explainer" more than a leader. I'll keep my eyes peeled for whoever comes along to replace them.
[0] https://ctemplar.com/how-ctemplar-over-tor-makes-your-email-...
I don't understand what this is about. Would they had refused to comply, was that the case?
Climate activist arrested after ProtonMail provided his IP address - https://news.ycombinator.com/item?id=28427259 - Sept 2021 (552 comments)
ProtonMail logged IP address of French activist after order by Swiss authorities - https://news.ycombinator.com/item?id=28433131 - Sept 2021 (139 comments)
At some point everything on the internet becomes local, because people and businesses eventually must exist at a location in the real world. Proton is always going to be subject to local law enforcement wherever they are based.
They’re not explicit with regards to the activist, this would mean the activist was notified upon ProtonMail receiving the request?
I’m not sure there’s much you can do but lawyer up if you receive such a notice, but potentially the activist could have immediately started using Tor (maybe too late though, because to read the notice they might have already leaked their IP).
the only way for an entity to never comply with government orders and continue to function is to remain anonymous and their servers accessible only via temporary addresses or tor since static ip's and domains can be taken away. Making it impossible for receiving email and more effort than the average person would want to access. It then becomes a catch 22 as you cant fully trust an anonymous, transient entity since their motivation can never be verified(they could be a honey trap), they can rarely be held accountable if they betray you, and they could be replaced or compelled to comply without anyone knowing(someone part of a visible physical social network could have friends put out a warning if something suspicious happened to them).
What it comes down to is what we already know. they only way to be sure your email provider wont hand over your emails is to run your own email server anonymously. For anyone who cant do that protonmail is still likely the best choice even if its imperfect. plus adding whatever other layers of protection on top you are capable of.
It seems prudent that Proton customers would want to have a look at those "Swiss laws" (a) to see what sort of protection they offer and (b) to make sure they dont violate one. In the case of (b) the customer will potentially lose all privacy protections, as emphasized in this announcement.
1 It appears that Swiss law is conveniently published in English however the English translation is not what Swiss courts use.
I'm seeing a lot of people here that are surprised by the fact that even a company who has privacy as their main marketing point has to deal with compliance, but really, unless you host your own mail server, you just can't guarantee your own privacy.
I don't generally advise hosting your own mail server due to all the troubles that come with it, but this is really one of the only ways I can think of where you can achieve a decent enough level of control when it comes to exchanging emails.
I would definitely love to switch to something like this.
Edit: in addition, every time there is a new javascript library installed, user need to have confirmation if he/she wants to proceed. Otherwise it could be email provide on behalf of LE under their enforcement installing middle man.
It’s also concerning, legal or not, that logging was required in this case, which is not about drugs or the murder or corruption. But climate activism. By very young people. If the Swiss police will demand that data for something so small, that’s a a concern about trusting their laws and authorities to be “better” than the alternative.
So, this might be in line with their policy of not having logs by default- but I have to wonder if this applies to phone numbers(which the crowd that signs up using VPN/TOR reports that they're required to provide).
If they don't keep that info, then Protonmail would be solid as long as you access it via VPN well before a order tells them to start monitoring the IP.
I'm also curious, I see here they do this for spammers - there is no way, a better system can't be created to 'verify' users against spammers ,since I see their logic here that spammers are why they do it https://old.reddit.com/r/ProtonMail/comments/phnyd9/why_is_p...
I'm aware that every other major email provider bans your account if you don't provide a phone umber shortly after account creation, such as Outlook for example. (Others require phone numbers up front, and all of them ban VOIP numbers)
We're nearly at the point that you can't email anyone without providing your phone number or other details...I know social media is already like that.
One thing i noticed, For things like Discord even, if you make an account, give them a non-major email address and they then force you to give a email, or else you can't sign in to that formal account. for now one can still use a permalink to get to a discord server without having to make an account...for now..
Protonmail is a standout if they don't log any of it, and still the best option left in the world, but this is still a icky situation.
I see also they point out Swiss law means this cannot happen to the ProtonVPN service, as email providers are specifically legally in the situation they have to allow active monitoring. Not for Swiss VPN providers...
And one needs a 'big' email provider address, or else it gets rejected by multiple services now that require a email address for sign up or usage.
I hope they clarify that payment details /phone numbers of TOR/VPN users doesn't get logged, like IP addresses, by default. Also, more importantly- that they move forward in fully dissuading spammers, and remove the phone requirement of people signing up anonymously
This is subject to carve-outs of course, but it would be interesting to see how PM seeks to achieve this.
So, they could offer the service only over Tor and their own vpn (possibly adding in mullvad/Firefox and a few others to the whitelist) - and the email logs would be less useful?
Ie: build vpn into the email app?
This is false. Just like LE forced them to turn on IP logging on someones account, same LE can force them - by law - to install some javascript code to AJAX back home the unencrypted content of the email once the client opens their email. How stupid do they think people are??
> There was no legal possibility to resist or fight this particular request.
WTF? So Switzerland is a fascist or authoritarian state now that you cannot take your own Government (in this case LE) to court and argue in front of a judge? I thought there is a separation of power in Switzerland, no? Then why the heck did Protonmail chose Switzerland to host their mail if they are being so oppressive?
That is not something I'm ready to believe.
I remember trying to sign for a protonmail account a while back.
At some point in the process, they do ask for a valid cell phone number, which, unless you go to the length of getting a burner (not easy in many European countries except maybe the UK) basically means they know exactly who you are.
When I saw this, I walked away.
> under Swiss law, Proton can be forced to collect information on accounts belonging to users under Swiss criminal investigation.
There's complying with the law like a good little sheep, and there's acceptable civil disobedience.
In this specific instance, proton should have taken the latter approach.
Take the fine, go to court, fight the injunction tooth and nail, make sure that even if they lose, the Swiss govt. knows the kind of fight and waste of time and money they're in for each time they come knocking.
They just bent and complied like good little boys.
Now their business model is compromised, serves them right.
Is it a list of access time, IP tuples? Is that it or more?
"...we are one of the only email providers that supports this). "
What now?
Don’t know why they can’t plonk a tcpip->tor->ProtonMail reverse proxy in front of their infra offering this facility to every connecting client, and transparently. After all, their services (including ProtonVPN) already support tor to some extent.
Good PR job! Instead of saying "okay we remove "by default" from our marketing materials because yeah if LE ask us to start logging, we gladly do whatever the case against someone is, i.e. jaywalking", they simply post a fake outrage in hope to minimize people leaving them. Well, I wasn't to, but now after this blog, I am moving away my 8 domains on platinum account. I mean seriously Google Suite is $6 per month, so why the heck should I need this fancy email hosting in the middle of Switzerland mountain BS, if at the end of the day they will comply with everything LE will throw at them, and then some. Seriously at this point it looks like Google legal arm is better at trying to fight subpoenas against you and force LE to show serious crimes, than Proton is.