265
Proton Mail Discloses User Data Leading to Arrest in Spain
(restoreprivacy.com)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 08 May 2024
265 points (94.0% liked)
Privacy
31601 readers
116 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
the two you suggested though are US based though. they'd also have to answer to court orders right?
Disroot is in Europe.
thanks
okay but court orders tho? not immune, just like proton. also they can be administered gag orders(think lavabit), unlike proton
Not sure how they’re better than proton is terms of compliance and anonymity
Source: trust me bro
It’s just that more people use proton so more of them have their identity leaked. I don’t see how the terms of these 2 companies are better
I’ve never heard of those 2 providers and they don’t seem to be any better. I’m just looking for facts to back that and so far I haven’t seen any
Being skeptical doesn’t mean being a troll or a fed, wtf. I don’t know what you’re on but it seems cool
As for the « are you trying to discredit … without evidence » I want to answer « what can be asserted without evidence can also be dismissed without evidence »
You never heard of the other two providers but yet you already draw the conclusion that they don't seem to be better. What does "better" mean to you in this context ?
Their privacy policy. They log IP addresses and are not immune to legal actions, and as such, are not really better than Proton in terms of legal actions
They log IP addresses ? Source ?
Source: the 3 first words of my comment…
https://disroot.org/en/privacy_policy Section 4.1
You’re the ones defending a service yet you don’t know that. Seems like someone who just found out the service can do better research. But hey, thanks for not being overly aggressive and claiming to know everything like this other guy.
I simply asked you a question and thanks for pointing out more details. I have decided to trust Riseup and Disroot for reasons in the past. It is up to me to care about my privacy and security when there is the need for it. Other people will use Google Gmail with GnuPG, that up to them.
Sorry for being aggressive :)
I just believe that Proton with end to end encryption by default is better than having unencrypted mail or similar
Good for you if you trust them, but you might as well self host then if you don’t need protection from the government 🤔
You react to small disagreements with insults, accusations of the user being a fed and threats of censorship (banning him because you disagree with him). I have no idea if you're an admin on lemmy and actually have the power to do this, but this is fairly downvoteable in my view.
Exactly! I am not saying that Proton is some kind of virus but lots of folks are screaming "Proton! Proton!" (and "You have to think for yourself!" - Life of Brian) as if it is the only answer for privacy and security.
Riseup exists since about 1999 and is like Disroot non profit with focus on activism. Proton is like some other companies, I think, a response to the Snowden revelations, which is iirc 2013, a time after which self-hosting email (e.g. Mail in a box) became topical for a while and several other new email companies started to pop up.
What’s wrong with those 3 things you cited?
I should for sure trust a random guy on Lemmy with no arguments whatsoever and that criticizes well established services for no reason, and also criticizes all YouTubers with no distinction.
Oh so you use the argument of authority now. Great.
I’ll check your thing. I would have enjoyed if you could have linked it because I’m a young stupid guy with a short attention span, but fine.
If you actually checked my profile you could’ve found out I’m pretty deep into Monero, and that’s pretty much what got me into Lemmy. Don’t make assumptions without knowing people.
I checked this page https://digdeeper.club/articles/email.xhtml#disroot and surprise surprise, no real arguments apart from quoting stuff from disroot's website. Disroot has a worse privacy policy than Proton, stores email unencrypted. You’re basically trusting Disroot not to do harmful things, which is a red flag when you could recommend services that do things properly.
If that’s the best source you have, I seriously doubt your knowledge.
I guess it’s now time for my ban
You can’t encrypt received unencrypted mail (except if you use POP but it’s not an option if you have multiple devices), but you’re right about one thing, it’s that we can’t trust that proton doesn’t store the encryption keys. Although it is still safer to go with them because if they did, they would either have given the mails to the govs, exposing them (which didn’t happen), or they just wouldn’t hand out your mails, which is better than nothing.
You really have a problem with people. You can only attack personally or throw baseless insults.
I talked a lot about XMR, but also talk about session, Firefox and its privacy, file sharing like torrents, pirated stuff, VPNs… and I haven’t been very active on lemmy. But I don’t see how that gives you any more power in that conversation, knowing how bad you handled it.
You’re just saying the same thing over and over while not understanding that what you propose is no different (or even worse), and that your pseudo arguments are empty and invalid. Just stop.
It is indeed probably a new and young generation preferring to watch videos on their smart phones rather than reading from a desktop computer. YouTube (with its influencers and content creators) is very popular and that is unlikely to change any time soon. Problem is that getting privacy and also security right is not that simple. Take for example the Riseup and Disroot comments in this thread. I trust Disroot and Riseup to do the right thing, and I bet that handing over personal data would be about the last thing they would ever do. I guess this is difficult to understand for people who have nothing at all in common with activism and for that matter anti-capitalism.
👍
Oh so you believe that Proton wants to hand out user data? Absolutely not. It gives them bad publicity and discredits them.
Capitalism and activism has nothing to do with the subject. We’re here for privacy and anonymity. A good service is trustless. It’s not up to Disroot and Riseup to decide whether they’ll hand out user info or not. They subject to some legislation because of the country they’re based in, and I don’t think they’re willing to go to jail by not cooperating.
And you can spread your hate towards the younger generation and smartphones all you want, it only makes you more irrelevant. You didn’t write any argument as to why those services are better except “they’re activists” and “I trust them”, which doesn’t matter in any way.
Law can be different per country and when there is nothing to hand over, then there is nothing. Here is an example of Mullvad : https://mullvad.net/sv/blog/update-the-swedish-authorities-answered-our-protocol-request
Except with a VPN you’re not identified by the servers you connect to, so they can safely not log any traffic and as such, law enforcement can’t ask to hand out data about a specific account because they don’t know which account did it. Same goes for logging the IP of the account, because again, they don’t know which account it is, and can’t force a service to log all users for the sake of finding one.
It’s not true for mail services however, as the email address is your login and/or is linked to a specific account, forever and exclusively.
Disroot stores your IP address so there’s already that. Didn’t check the other one.
VPN and Tor and I guess i2p can disguise your IP address indeed.
I'm not following what you mean by this ?
What I’m saying is that VPNs can legally not give out your info, while mail services can’t, because of the technical reasons I mentioned, and as such, it doesn’t make Proton any more faulty for handing out info that it would make Riseup or Disroot to do the same. At the end, they’re all legally required to comply and will do if asked to.
Email is bad in general and nothing can fix that
PGP doesn't protect anything but message contents. Additionally, if you key it compromised all of your messages are compromised.
Indeed, be careful with choosing your email subject line when using GnuPG to encrypt.
Yes, maybe for some people it is. I once knew a person who created a new GnuPG key every few months. It is also recommended in some howtos that making your key never expire is a bad idea.
By the way, for all readers interested in using GnuPG, FSF updated their Email Self-Defense guide this week. https://hostux.social/@fsf/112405348416810419