Julian OliverMar 6

Once again Proton hand over data on an activist to authorities, this time to the FBI via the Swiss High Court.

Proton is unsafe for use by frontliners.

https://www.404media.co/proton-mail-helped-fbi-unmask-anonymous-stop-cop-city-protestor/

#infosec #opsec

Proton Mail Helped FBI Unmask Anonymous ‘Stop Cop City’ Protester

A court record reviewed by 404 Media shows privacy-focused email provider Proton Mail handed over payment data related to a Stop Cop City email account to the Swiss government, which handed it to the FBI.

404 Media
Show threadJulian OliverMar 6

Group-wide selfhosted mail is so often the solution here, but it needs to be done right, and with strong operational security posture. This includes the jurisdictional layer relative to operating context.

And yet #selfhosted mail is famously hard. We dedicate much time to this, deploying a full blown high-reputation MTA with webmail frontend, in the Fortress sessions https://courses.nikau.io/fortress/

#selfhosting

Fortress – Nīkau Courses

Show threadmike805
@JulianOliver Has anyone considered replacing SMTP? People complain about mail all the time. The way to replace an obsolete protocol is to create a new one and use it in parallel with the old one until the old one goes away.
Mar 7 at 3:23amWeb
Show threadMiha MarkičMar 7
@mike805 @JulianOliver The few big email providers don't care.
Show threadmike805Mar 7
@mihamarkic @JulianOliver That's why I am saying you need an "email 2" that you use in parallel for the time being. You ultimately want "email 2" to become the high value endpoint and gmail to be the junk box.
Show threadMiha MarkičMar 7
@mike805 @JulianOliver From what I remember you'd want to standardize the protocols and there it usually gets stuck.