Privacy

31790 readers

380 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

290

Your VPN provider won't go to jail for you for 5 dollars (www.ivpn.net)

submitted 7 months ago by [email protected] to c/[email protected]

72 comments fedilink hide all child comments

It is something to always take into consideration and not forget.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 7 months ago* (last edited 7 months ago)

Sure here's the correction, and why I'd never trust them with anything sensitive.

They had a no-log policy, and all mail is PGP encrypted on their servers and proton to proton is encrypted in transit and at rest (it doesn't travel), decrypted only client-side in the browser or with proton bridge, with your account password acting as the PGP key password.

They could have designed the system so they couldn't be forced to add that backdoor, or at least automatically notified all users when an unauthorized change was detected, or they could have shutdown, or they could have revoked their warrant canary, but instead they were caught when the court case came to light and they were caught with their pants down, and revoked their no-log policy. https://arstechnica.com/information-technology/2021/09/privacy-focused-protonmail-provided-a-users-ip-address-to-authorities/

This weekend, news broke that security/privacy-focused anonymous email service ProtonMail turned over a French climate activist's IP address and browser fingerprint to Swiss authorities. This move seemingly ran counter to the well-known service's policies, which as recently as last week stated that "by default, we do not keep any IP logs which can be linked to your anonymous email account."

That's why I asked if the proton VPN is token-based and completely disconnected from the proton email account, or if they're the same login. If the latter, it's trivial to request the IP address of email account [email protected]