All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Proton Mail Cooperation Helped the FBI Reveal Identity of "Stop Cop City" Protester
Privacy-focused email provider Proton Mail provided Swiss authorities with payment data that the FBI then used to determine who was allegedly behind an anonymous account affiliated with the Stop Cop City movement in Atlanta, according to a court record reviewed by 404 Media.
The records provide insight into the sort of data that Proton Mail, which prides itself both on its end-to-end encryption and that it is only governed by Swiss privacy law, can and does provide to third parties. In this case, the Proton Mail account was affiliated with the Defend the Atlanta Forest (DTAF) group and Stop Cop City movement in Atlanta, which authorities were investigating for their connection to arson, vandalism and doxing.
Broadly, members were protesting the building of a large police training center next to the Intrenchment Creek Park in Atlanta, and actions also included camping in the forest and lawsuits.
https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/
Comments
Me when I'm privacy focused and cooperate with the fbi
LOL
Thats a Swiss court issue and a Proton still being in the Swiss jurisdiction issue, but with a butt-plug in your ass, thinking clearly is hard
a lot of people are gonna say "oh this guy needs better opsec" or something and maybe that is true but I feel like proton is also complicit in the way they advertise. All this stuff about "swiss privacy" as if an MLAT wouldn't immediately divulge what they can even without a valid warrant in the country.
If proton cared more about this stuff they could do something like Mullavad does where they decouple the payment and account info. There was another case where they outed a protestor due to the recovery email. I believe tuta has another way of recovering accounts for that exact reason. They could at least have a warning when you try to select it.
i feel like this is honestly by design. governments benefit by having proton do this kind of advertising and then have people get lazy on opsec due to it. Companies like tuta or posteo seem to fight this kind of stuff more and honestly proton needs to move out of the Swiss jurisdiction which I think they are doing, which may or may not help.
proton also doesn't do a great job at making it very clear that emails and subject lines are exposed as metadata, when subject lines are encrypted in tuta for example. There's also a weird side effect of this that bleeds over to contacts where your contact names and emails aren't encrypted even if you never have emailed this person. It is very subtle in the UI but you can see there is no lock on them.
I wish there were a third option because tuta just doesn't seem to cut it currently.
On the one hand I do see this: what's a CEO going to do, protect their customers - whom they lured in by promising that - but risk serious harm to their operation -or- serve their customer's head on a platter to the authorities? I guess we all know the answer.
On the other hand I find the whole thing despicable, of course.
But let's be honest, the problem is with the laws, or in other words, with the politsters, in this case the swizz ones, who sold out "their" country to the Yankees and to the WEF gangsters. And turned a country formerly known and respected as neutral into just another shithole (like pretty much all of eu-rope).
Yep, very shocking that privacy ≠ anonymity, especially after what they have clearly stated how they’d respond to such requests.
I am a big fan of what Proton stands for and their recent additions like Docs/Sheets. Proton is a great platform with a big suite of apps to compete with your standard Google/Microsoft products with a super strong privacy/encryption/freedom aspect, I like it a lot since it's a pretty awesome Google/Microsoft alternative. I do would like to see that they start encrypting your subject line in emails and streamline some stuff like Proton Drive not being great for Linux users.
That being said, it is lacking on the jurisdiction front and overall - rep with their .onion solution redirecting to clearnet and there were some certificate related things going on in the past that was not so great. If you need a hardcore schizophrenic privacy encryption solution there are better platforms out there, and no one beats a beer and an afternoon of self-hosting your own applications.
Big shoutout to the slaves who work hard to bring gitea/forgejo/vaultwarden/synthing/immich/nextcloud and many more products to our doorsteps for free.
you should try one it feels good on your prostate
maybe you would be less of a bitch to everyone and wouldnt get banned every second month
Nothing enters my butt, butts are a strict simplex channel, and kait is just a bitch, a cat in heat who hits everyone every other month
look carefully who are the owners of proton, its clearly a honeypot harvester, like cloudflare.
Non-paywalled in-depth article with good context:
https://www.sambent.com/proton-helped-the-fbi-unmask-a-protester-then-said-they-didnt/
From Proton:
It's unsurprising that Proton can be legally compelled by Swiss courts into handing over recovery emails and payment method info. They can also be compelled into logging IPs.
Proton sorta glows so I'm honestly more surprised than anything that they apparently don't log IPs by default.
It’s long been known that the purpose of privacy-focused companies is not to enable users to break the law. I am not arguing about whether the activist’s agenda or behavior was good or bad, but that at the end of the day, email is an insecure protocol, and reliance upon it for legally gray matters is inherently risky.
Agree with this overall. The more like Google/MS anyone, not just Proton, tries to become, the more risk they incur and the more tradeoffs they make with hardcore privacy measures. If a company wants “normal” people who don’t think about encryption etc. to adopt their product, this is necessary.
Proton remains a strong competitor to Google/MS/etc, but should be regarded as a middle ground between them and, for example, self hosting.
Proton is borderline snakeoil with their advertising but they never advertised as being marketed towards anonymity. That person being burned by proton should've known better to not use traceable visa/mastercard or paypal if to expect anonymity. Basic opsec 101 being ignored there and it costed them dearly. Personally if I'm an activist I'd use riseup or systemli or disroot etc instead, not snakeoil proton.
Yeah, I do would like to add that between Proton and self-hosting there is a smaller "don't put all your eggs in one basket" group of companies like iVPN/Mullvad/Tuta/StartMail type services I would trust over Proton. But other than that, I find self-hosting fun and is unbeatable, privacy wise. (If done right) I do plan on making some blog articles about some self-hosted services that I love and use on a daily basis.
protonmail charityhostmail
Yep, the smaller, more specialized companies are definitely a good point to mention. I think they’re probably the most robust in terms of longevity and commitment to the mission, because they’re less likely to sell out or over-generalize, but their business model also depends on being accessible and stable to customers.
Arsonists should be turned over to the authorities. There's no basis to protect the anonymity of anyone threatening human life.
I had made a reddit post on r/protonmail asking if it was possible that they can add first class monero support and it seems that post got taken down by reddit or something
I don't really use reddit so idk.
So if I remember correctly, If you use their docs feature. I was able to write a comment in the doc and then use curl to find log info. I might have to look more into it as I did it because I wanted to automate the docs feature as s3 (type of) using pupeteer and had looked into curl automation.
So some amount of logs within their service does feel natural to me although the data itself was encrypted. But I was unable to find what the passkey to remove that encryption was but if anything, it feels as if proton controls the passkey itself.
This is because you can enter into the server by say even if you forgot the password, they can send phone otp and then verify with their servers to change the password
so they definitely got the ability to change passwords and when you consider the fact that theoretically nothing stops them from doing so especially if it means that they have to comply with law.
Technically, Swiss police is lenient but not so lenient. In both cases proton gave protestors info, it gave enough info just as to catch the perpetrator. (Whether card payment or the first IP)
I am not sure what to make of it all as I still like proton but yeah. At some point, if you don't have the keys (I do think that they support this feature but almost none use them and I am not even sure if they do now when I think about it)
So if you don't have the keys, you are still trusting them and at some point they have to comply with Swiss police if they want to exist till future and so you are essentially trusting swiss police department which is nice but yeah... Maybe its the best we got.
Hope my comment helps.
So, he would have had better privacy with apple mail...
That's funny as protonmail is constantly making it more difficult to even register with tor. Try it and you will be asked to provide another email address with the disposable ones being banned. Even their customer service asked me to log in with my residential connection.
If they dont cooperate they go to jail in usa is very simple.Even countermail will do same if they are confronted with this.
A service is either anonymous for everyone or no one. As soon as the laws change (or someone pays a script kiddie $100 for a fake EDR), "the good guys" will get screwed through the same backdoor that was used to screw the bad guys.
The only solution is to implement technical measures, not policies, to make this impossible.