@skinnylatte i've had Proton for over a year now and like them. Anyone who is disappointed about this shouldn't be surprised. They have to obey Swiss law after all.
If you want a privacy-focused email provider, there aren't a lot of choices and Proton is still one of the best.
If they can't structure their service in a way that avoids the collection and storage of personally identifiable customer data, then they have no business claiming they offer privacy. This is like charging a premium for the world’s most secure door lock when a burglar can easily enter your house by breaking a window.
@freediverx @taylor @boojum @skinnylatte
Privacy is not anonymity.
Encryption allows the details of a message only be read by sender and receiver. That’s privacy. Email otherwise is inherently insecure and not private. Your email address and the subject are plain text in transit.
It’s not who you are, it’s what you say that is protected.
Keeping financial records may very well be part of Swiss law. I know they have to keep financials for 10 years.
@freediverx @boojum @skinnylatte How do you charge somebody's credit card regularly on a subscription basis without storing any PII or working with a third party that stores PII?
This is like charging a premium for the world’s most secure door lock when a burglar can easily enter your house by breaking a window.
In which case it would be ridiculous to blame the door lock company when somebody breaks your window.
I think a more apt analogy is that it's like a hotel charging a premium for a high-privacy room, but still giving their card records to the FBI when they come with a warrant for those records, telling them what credit card paid for which room.
@taylor Service One sells subscriptions and verifies subscription status using the hashed version of a key.
Service Two is the encrypted email service. It also stores an encrypted version of the unhashed key.
Service Two verifies your subscription with Service One the first time you check your email each month.
I'm sure there are easier or more secure ways to do it, but that's one way.
And this service already exists? Get me right: This sounds (from my amateurish point of view) like a great solution, but is there a service that can already be uses? Or is the idea that proton also creates this service? (Not sure if "timing attacks" could leave a track).
If you need anonymity most services can't help you and it depends on your OpSec.
@dexternemrod @taylor Signal already uses something similar.
In the past, if you broke or lost your phone, your Signal message history was gone. This has been a challenge for people whose most important conversations happen on Signal. Think family photos, sweet messages, important documents, or anything else you don’t want to lose forever. This explains wh...
@dexternemrod @taylor Oh! Sorry, I just meant two services run by the same company.
Two different computers running two different programs.
@fedilore @taylor Could it be like this.
1. I enter my credit card details in Service One (S1).
2. S1 generates and stores a secret account number, SAN in a table with the credit card details.
3. S1 generates and stores a hash of SAN, HAN, and stores it separately as a paid account.
4. S1 gives me HAN, and I enter it into Service Two (S2) which stores it with my email address.
S2 can now verify that the account is paid, by querying HAN. But there's no way to get SAN and the credit card details from the email address.
?
@sjjh @taylor I'm going to point to what Signal actually does, since I don't really know what I'm talking about.
In the past, if you broke or lost your phone, your Signal message history was gone. This has been a challenge for people whose most important conversations happen on Signal. Think family photos, sweet messages, important documents, or anything else you don’t want to lose forever. This explains wh...
@fedilore @taylor
Thank you for the link. It says this.
> backup archives are stored without a direct link to a specific backup payment or Signal user account.
It doesn't seem to be specific about how the payment details are separated from the Signal user account though. Maybe they use the anonymous credentials mentioned here.
https://signal.org/blog/signal-private-group-system/
Groups are inherently social, and Signal is a social app. Whether you’re planning a surprise party, discussing last night’s book club meeting, exchanging photos with your family, or organizing something important, group messaging has always been a key feature of Signal. Signal provides private gr...
@freediverx @taylor @boojum @skinnylatte
> If they can't structure their service in a way that avoids the collection and storage of personally identifiable customer data, then they have no business claiming they offer privacy
Well they have, they give you the option of mailing them cash to pay for your service, that the person in question chose to use their credit card just shows bad judgment of their threat model and bad OPSEC.
> This is like charging a premium for the world’s most secure door lock when a burglar can easily enter your house by breaking a window.
Exactly, you hit the nail on the head, the person had bad opsec, like using Tor and Tails to go ahead and sign into your Gmail address before doing something the state disapproves of. Tech really isn't the issue in this case
@freediverx @boojum @skinnylatte tell me, friends: does anyone know what happens to your access to protonmail in the US if protonmail refuses a legal subpoena?
Yayyy we did it. We did it, everyone.
@freediverx @boojum @skinnylatte imagine trying to hold a privacy focused email provider responsible for...... responding to legal subpoenas from states in which they do business.
Yes, lets pretend that is a real critique, and hope people just dont think very deeply about the matter.
Adrianna Tan
Tim
FreediverX
Michael Santaly
taylor
Jeff Codes
The Fedilore Otter 🦦
dexternemrod
Gentleman Programmer
Bogdan Buduroiu
Michael Westergaard
Jo - pièce de résistance
RussianChineseDeepStateSock
Eric Schultz
Nathan A. Stine
Tim Lavoie
Beanface42
k3ym𖺀