• /home/pineapplelover@lemm.ee
      link
      fedilink
      English
      arrow-up
      38
      ·
      edit-2
      10 months ago

      You understand how the internet protocol works right. This argument has been going for a long time now. Yes, they gave up IP address because they couldn’t win in court. They’re like the only company who will fight tooth and nail for you in court but the feds ordered them to do so, so they had to comply. The messages were all end to end encrypted and other than what metadata was requested, they didn’t get much.

      Edit: Additionally, if you use protonvpn, mullvad, or any no-log vpn, you would probably be immune to this.

        • sanpo@sopuli.xyz
          link
          fedilink
          English
          arrow-up
          13
          ·
          10 months ago

          There’s no “feds” in Europe.

          And if you bothered to check it yourself instead of removed about it based on some random guy’s post spreading FUD you might have found out Proton contributed to a legal fight that changed the Swiss law and made a repeat of this situation impossible.

        • loudwhisper@infosec.pub
          link
          fedilink
          English
          arrow-up
          6
          ·
          10 months ago

          The law - for good or for bad - is what defines rights. If there is a judge which says that an investigation has to happen, and also the companies ensured that the claim is legit (you see from the stats that the context 15-20% of the data requests), then what else can be done?

          You cannot operate illegally, so either you comply or you shut down.

    • GigglyBobble@kbin.social
      link
      fedilink
      arrow-up
      13
      arrow-down
      2
      ·
      10 months ago

      Yeah, based on a legal request - that’s how it should be. Our problems are not police listening in on criminals but unwarranted mass-surveillance.

    • cybersandwich@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      10 months ago

      Email by its nature is not private or secure. You can do all sorts of things to try and make it private or secure but at the end of the day it’s still email. It’s going to sit somewhere plain text.

      If you want a secure communication channel use something like signal.

      People spend a lot of time and money trying to fight with the nature of email.

      • You999@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        5
        ·
        10 months ago

        That’s my problem with proton as their marketing would lead you to believe their email is completely encrypted. Their marketing really needs a asterisk that tells you exactly what is encrypted and when.

        • cybersandwich@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          10 months ago

          Exactly.

          It’s true, your emails are end to end encrypted…if they are sent to another proton mail address. But your emails from friends, family, your doctor, etc…are all very much not encrypted.

      • loudwhisper@infosec.pub
        link
        fedilink
        English
        arrow-up
        4
        ·
        10 months ago

        They did not disclosing any content of any email. They disclosed the very little they have. Once they have been forced to log IP addresses and that was turned to law enforcement, another time they were forced to disclose a recovery email address. These facts if anything should help build trust in proton, as they show how little they collect and therefore can disclose. With signal is the same, they collect super minimal info (the time you last logged in and a couple more data points, I think), and that’s what they disclosed in the past.

        It’s a non-news.