LukefromDCMar 5

#Protonmail #CopCity

Reposting this about the Protonmail collaboration to bring this commentary to the front and ensure it is seen:

Responding to
https://mastodon.social/@h4ckernews/116178994327797393

This of course means Protonmail can no longer be trusted, so for any email that needs to be secure use anonymous random numbered accounts and PGP/GPG used locally to encrypt and decrypt messages That's how SHAC (Stop Huntingdon's Animal Cruelty) used to do it and neither the US nor the UK was ever able to defeat their encrypted emails to my knowledge

Weak spot in this case was the account was a paid account, thus identifiable by payment info. This attack might have failed against a free account.

No paid online account should ever be considered secure unless MAYBE managed only w prepaid cards bought with cash from a variety of locations and not requiring personal info to activate.

At the Stop Cop City level the cards should be purchased by someone who does nothing else and ideallly pass through a "cutout," which is a courier again doing nothing else

Also cash (accepted by Proton it seems) should not come from an ATM due to risk of serial numbers being recorded or recoverable. I read somewhere that some ATMs are dispensing sequentially serial numbered bills.

Show threadRadicalEcologist

@LukefromDC
Proton has been shady for years. On device encryption and always anonymized connections with no link to the real you (like payment and ip addresses) are necessary for any real security. Tuta has a better record, but I only use Tor to connect and won't pay for it using information linked to me for those reasons.

There is a real need for a better solution. I personally thought the reticulum project was it, but I lost faith in them. PKC like GPG is effective for now, but too intimidating and confusing to the average person and won't protect you any more than proton did. Using random anonymous accounts in addition to PKC helps more, so long as they are always accessed through anonymized networks, but that is difficult to coordinate and is still subject to modern network analysis tools and techniques.

Maybe I'll use this as the motivation to finish my project inspired by reticulum to likewise solve these issues, but without some of the issues they fell into.

Mar 6 at 11:58amWeb