[ 3 / biz / cgl / ck / diy / fa / g / ic / jp / lit / sci / tg / vr / vt ] [ index / top / reports / report a bug ] [ 4plebs / archived.moe / rbt ]

/vt/ is now archived.Become a Patron!

/g/ - Technology

View post   

[ Toggle deleted replies ]
>> No.74801282

ProtonMail Claims to be "Independently Audited."[8] There is only one company listed as conducting an Audit of ProtonMail, Cyberkov.com.[9] Cyberkov's website says it's connected to Harvard, MIT & CERN. And their team is full of Harvard and MIT grads, exactly like ProtonMail. So ProtonMail's audit was most likely conducted by ProtonMail's college friends or colleagues.

ProtonMail betrayed all early Crowdfunder's. When ProtonMail was being created the founders would frequently decline seed startup capital. Andy Yen clarified this when he told Forbes "The reason we have to be bootstrapped is because if we take our money from something like Google Ventures, there goes our credibility. By being in this market we have to fund ourselves,"[10] So ProtonMail crowdfunded $550k to create a secure & 'independent' email service. A few months after this croundfunding, they accepted $2 million from CRV & FONGIT.

CRV’s founder is Mr Ditersmith a US State Department employee appointed by President Obama himself.[11] The nature of a delegate’s work requires close communication with the CIA & NSA. ProtonMail is part owned by this company.

ProtonMail also sold equity to FONGIT. FONGIT is financed by the Swiss Government.[12] FONGIT installed their director, Antonio Gambardella, as ProtonMail's "guide" to all "strategy and operations." ProtonMail's website states that Antonio represents the "State of Geneva and the Swiss Federal government."[13] The Swiss Government signed an MLAT treaty[14] with the US government which can allow the US government complete access to ProtonMail's decrypted data.

(Part 3, next post)

>> No.74801297

Later in 2018, ProtonMail was hit with another DDOS attack. After the attack appeared to have ended, ProtonMail CTO, Dr. Bart Butler, mocked the attacker and then later goaded them via Twitter.[15] In response to the harassment, the attacker restarted the attack with increased strength resulting in ProtonMail being taken offline again. The attackers said 3 times they would stop the attack if ProtonMail CTO, Dr. Bart Butler, apologized. Dr. Butler would not apologize for publicly mocking and goading the attacker, so the DDoS continued. ProtonMail tried to blame the DDOS attacks on Russia,[16] jumping onto the "Just blame Russia" bandwagon. Everyone who had the facts disagreed with ProtonMail's "blame Russia" approach, including their own contractor, Radware. As ProtonMail was trying to figure out where it was coming from, Krebsonsecurity came to the rescue and identified the attacker as an autistic teen living in the UK.[17] ProtonMail later credited him officially. ProtonMail was not taken offline by Russia after all, it turns out it was pretty easy to do.

>> No.74801318

[1] https://www.vice.com/en_us/article/qvvke7/email-provider-protonmail-says-it-hacked-back-then-walks-claim-back
[2] https://privacy-watchdog.io/protonmails-creation-with-cia-nsa/
[3] https://privacy-watchdog.io/protonmails-crowdfunding-equity-sale/
[4] protonirockerxow.onion
[5] https://eprint.iacr.org/2018/1121.pdf
[6] https://protonmail.com/blog/cryptographic-architecture-response/
[7] https://privacy-watchdog.io/protonmail-devs-do-not-use-protonmail/
[8] https://protonmail.com/blog/protonmail-security-contributors/
[9] https://cyberkov.com/
[10] https://www.forbes.com/sites/hollieslade/2014/05/19/the-only-email-system-the-nsa-cant-access/#6a8aa8167f7f
[11] https://teddintersmith.com/about-ted/
[12] https://fongit.ch/about-us/</wbr></wbr></wbr></wbr></wbr></wbr></wbr></wbr></wbr></wbr></wbr></wbr></wbr>

>> No.74801323

I don't fucking care stop making these threads every god damn day.

>> No.74801328

still better than everything else. stay mad shill

>> No.74801638

Impressive # of sources. Interesting, thanks for sharing OP

>> No.74801643
File: 95 KB, 1234x1070, 1537048262357.jpg [View same] [iqdb] [saucenao] [google] [report]

No, I won't stop using protonmail
Yes, I did pay for protonVPN
Suck my dick bitch
Infact, protonmail is better than privacy niggerdog for 1 reason alone.
It doesn't use google fonts

>> No.74801645

I dont trust the swiss. I prefer Belgium. Go with Mailfence.

>> No.74801687

Tutanota and Mailfence don't use google fonts either. That's not a very good argument anon.

>> No.74801724
File: 12 KB, 400x400, ctemplar.jpg [View same] [iqdb] [saucenao] [google] [report]

What about Iceland. Does anyone have ctemplar? Has anyone used it? Howe is the security there?

>> No.74801740

privacywatch.io isn't a fucking source, it's a one man blog and he cites himself. absolute lunacy.

>> No.74801805

Ok, 3 out of 17, but what about the other 14? Do you have counter arguments to what OP presented?

>> No.74801810

I never heard of it and also be wary of "new".

>> No.74801819

Ok? Swiss have MLAT with US and sharing agreement.

>> No.74802575
File: 30 KB, 607x607, 1581953560166.jpg [View same] [iqdb] [saucenao] [google] [report]

>tfw you sign up for protonmail because you saw it on mr. robot

>> No.74802601
File: 49 KB, 640x640, 1581953585976.jpg [View same] [iqdb] [saucenao] [google] [report]

>tfw you realize you fell for yet another jewish trick

>> No.74804176
File: 788 KB, 500x240, giphy.gif [View same] [iqdb] [saucenao] [google] [report]


>> No.74804480

yet you presented no evidence to counter OP's claim... if the evidence is that weak surely someone can debunk it

>> No.74804720

this dude is a fucking luddite
>I am just an old defense contractor, with PTSD, running a shitty wordpress site
plus he NEVER EVER posts facts
>maybe muh nsa backed it but I can't prove it
>obama friend has shares so it must be backdoored
>muh privacyio is corrupted because they refuse baseless things I say
>muh ceo wrote the code at mit on his freetime and maybe nsa told him to giff code or whatever
>muh public mails are gmail so they don't trust protonmail which imply gmail is better but whatever I don't care as it goes against me and such thing does not matter to me
>muh i'm so influent and spot on they will change mails so I cap them nothing changed, nobody cares
>muh they flexed ruskis when it was a bloody kid in UK so they must be corrupted (this one is golded, really shows his obsessional disorder)
>muh they can decrypt e2e pgp encryption, I claim it's big because I have no clue about how email and related encryption work but it serves my narrative so it's good
You can't make this up, you can't be sane and this retarded at the same time, not a surprise coming from a retard that fought for people that consider him as disposable asset in a war that does NOT concern him. He is now "getting back" at them by calling them out even if it's FUD or strawman, as long as his message is comming across and looks good.
I predict suicide in the coming months

>> No.74804782

t. privacytoolsIO mod team

>> No.74805265
File: 157 KB, 765x988, CFBCEE74-4C31-4A27-89D9-2F9735F95B7F.jpg [View same] [iqdb] [saucenao] [google] [report]

>"Wow you truly debunked or countered a single thing either I or the other guy said. Good job discount vegetable."

>> No.74805318

>run a phising site
>protonmail 'hacks you back'
>illegal hack against an innocent target
what did the ameriblubber meme by this?

>> No.74805551

Still trying to wrap my head around that.
>DDoS website
>Websites owner mocks you for being a faggot
>Keep DDoSing while the feds raid you and the owner mocks you
>Cry about muh harassment and abuse
Like what the fuck did he expect?

>> No.74806585


>> No.74808125


>> No.74809460

>host your own fucking server
and have all your mails filtered out by everyone who doesn't host their own mail server

>> No.74809494
File: 84 KB, 533x700, 4ecef4cd2f1eaa306b6ae7500fda55474ad14589bf3b37b1f02401ef7e7075bd.jpg [View same] [iqdb] [saucenao] [google] [report]


>> No.74809504

>A long researched list of sources
>I can't take it seriously without a pair of boobs

>> No.74810710


>> No.74811393

Jesus fucking Christ.. What kind of retard wrote this paper?

>> No.74812999

i literally only use it for job applications

>> No.74813266

a frogposter

>> No.74814378

Thank you Rafficer, very cool.

>> No.74815924


>> No.74816829

t. ProtonMail pedos

>> No.74818753

bump for interest

>> No.74819339

I'm not going to overthrow the government by email, watchdog. I use PM because I prefer it to Gmail datamining my emails. Also, Tutanota is practically the exact same. It encrypts my work emails from 1337 h4x0rz and that's fine with me. Use PM, Tutanota, ctemplar, whatever. No one email provider is safe, use the one you like. Also, stop making this thread I've seen it already the last couple hundreds times.

>> No.74819395


>> No.74822553


>> No.74822613

Is there a definitive answer on this? It's gonna be a pain in the ass to start migrating if this is true; gonna self-host eventually but I'm lazy

>> No.74822721

As it has been said, there is no true "safe" email provider. Tutanota is just as bad as ProtonMail, it being in the 14 eyes doesn't help.
>"We can read only the following metadata:
>date of the email"
>"We only log IP addresses of individual accounts in case of serious criminal acts such as murder, child pornography, robbery, bomb threats and blackmail after being served a valid court order by a German judge."
>No cryptomeme
>Get your PayPal name if you use it
>"The personal data shall be deleted no later than 30 days after termination of the contract, unless specific reasons to the contrary apply in an individual case."
There's no escaping mass surveillance

>> No.74822974

>ProtonMail has since publicly acknowledged that they can decrypt anyone's encrypted content by obtaining their password/passphrase.

First let me say that I hate ProtonMail, and that I've contacted Lavabit's support to transfer my domain name to their servers.

Now, your claim is wrong. What ProtonMail say about their passwords is pic related.

That a hashed password can be bruteforced is common sense. Any qualified IT worker will tell you that a hash of a letters-only 20-characters password can be bruteforced.

An additional note: ProtonMail's passwords aren't just "authentication passwords", they're actually used to encrypt/decrypt data. I mean here that your password is used to prove your identity, and that ProtonMail is built so nobody can read your emails without your password. (And, without 2FA, anyone with your password can read your emails.)

To generate this kind of passwords, e.g. a password that you can't recover, you must pick 5 or 6 words from a dictionary counting in hundreds of thousands of words (such as the Wiktionary, preferably downloaded with Kiwix or through the Tor browser).

This will also be true with Lavabit's trustful and even cautious mode: if this bother you, you'll need to manage your own key in paranoid mode, for example with a Yubikey.

>> No.74824613

He's on the case, screaming "mods" "mods"

>> No.74825065

Sure thing if you start taking your anti shizzo pills and stop spreading your fud everywhere.

>> No.74825172

(I'm the person to whom you're responding.)

Indeed, but the article the OP (opening post) was quoting had this specific section about passwords, where they were "admitting" that they could bruteforce weak passwords hosted in their own database.

Yeah, sure thing. Everybody could bruteforce a weak password. That's why I use a second hexadecimal 50 characters mailbox decryption password, which isn't sent over the network.

Obviously, accessing to my emails this way is long and painful, and as I've said here >>74823027 without much utility.

1) I hope Volcano will be released soon. For the very simple reason that as a pre-release supporter I have a 50% lifetime cut on it, so it's cheaper than ProtonMail.

2) Email is useful for archiving because it makes an unerasable copy in every mailbox. Don't talk about transitioning or about direct action using anything that looks like "making an unerasable copy in every recipient's private storage space".

But otherwise, the claim you make is very important and it's a very strong argument in favor of a verifiable, self-buildable standalone client like Volcano. ProtonMail can present to their userbase whoever they want as whatever they want, so their reputation wouldn't take a hit if they "collaborated with the police services to arrest a cybercriminal" or whatever. That's not a vulnerability, just a measure like another one. They're closer to Bitcoin traders than to actual privacy advocates (who know what they're talking about).

>> No.74825804

I mean, not right now, but as soon as the ecosystem will be mature, then Lavabit will be the best choice.

Lavabit have open-sourced their server under the AGPL license and Ladar hopes to see the DIME implemented in postfix and dovecot, so in some distant future, email will be transparently and federally encrypted.

>> No.74827278

Yep, they did indeed.

>> No.74827528

Cute little virus carrier. Yummy. I would like to suck her spit bubbles off that straw and feel her rapidly multiplying viral load slide down my throat.

>> No.74827710

>3 years later retards are still seething

>> No.74827736

Sure thing kiddo

>> No.74827770

always used gmail, and always will.
literally not point on using any "privacy" email service.
want privacy? setup gnupg

>> No.74827853
File: 98 KB, 540x564, 1565195603002.jpg [View same] [iqdb] [saucenao] [google] [report]

>make outrageous claims

>"those claims are outrageous"
>haha nice counter argument faggot! where's your evidence????

>present evidence/counterargument
>shill! samefag! incel! 50 cents have been deposited into your account :)))

>> No.74827880

I'm convinced these are actual glow in the darks.
They're just inept enough that I can see them working for a government agency trying to discredit threats.

>> No.74828496

Yeah the local insane asylum has some pretty interesting news stories every day.

>> No.74828520

Yes, your mainstream media has published on it, but they are only wrong once it goes against your own particular world views. But the rest of the time? Absolutely, unequivocally, 100% guaranteed to be true. You are not a human being, you need to commit suicide by the end of the day in order to be a human again you pedophile scum.

>> No.74828538

I don't even know what the fuck you are rambling about but I learned that you can't reason with the mentally ill like you can with people high on meth so sure thing, whatever you say.

>> No.74828554

were decent iirc
i too ended up only looking on 4chan for news and stuff
its bad to be centralized

>> No.74828564

I was thinking of the cryptoAG leaks from recently and posted randomly without thinking. I honestly have no idea why I thought you were talking about that, I just got caught in the moment.

>> No.74828576

ProtonMail is shit. Tutanota is shit. Gmail is shit. It's all fucked. Life has no meaning and God is dead. I want to die.

>> No.74828583

This but unironically.

>> No.74828606

This but ironically.

>> No.74828970

is there anything that should be known about them which proves that they're in fact a good provider. I'm genuinely curious

>> No.74828992

It being based in Iceland is actually a good start. Swiss companies cream their pants in their marketing over the supposedly great data protection laws but in truth swiss is kinda fucky too. Iceland is actually as good as you can get unless you relocate the servers and the company on some island nation in the pacific. Other than that I never heard of this specific company so no fucking clue.

>> No.74828997


>> No.74829032

I switched from protonmail to tutanota to ctemplar, and I gotta say, FUCK them for selling my data to cia niggers

>> No.74829072
File: 82 KB, 361x351, file.png [View same] [iqdb] [saucenao] [google] [report]

Why does the Netherlands hate Peru so much?

>> No.74829198

They do hate it a lot. Same with all South Americans in regards to their country. That continent is a true shithole!

>> No.74829282

can such a thing be monetized, somehow?

>> No.74829437

I think I have a pretty subtle username

>> No.74830520

unless you're a high profile target no one is going to care or bother to link your shitposts back to you. they'd have to get the ISP to turn over IP logs of who had what address and when, and only the govt can do that

>> No.74831299

How does a site like this even work?

>> No.74832321

I suspect it may be just random animations and cool-looking text in order to sell weird security stuff on the rest of their website. I've since found that this isn't the only fpage to have such "functionality"

>> No.74833629

bump for interest

>> No.74833742

See >>74828576

>> No.74835379

I use mail.com and gmx mail with no fucks given.

>> No.74836984
File: 87 KB, 1600x1200, Beni-Weder.jpg [View same] [iqdb] [saucenao] [google] [report]

>What's wrong with Kolab Now?
Dreamlab, Berne = Kolab.
t. Beni

>> No.74838616

u can use literally any shit-tier webmail with PGP if you're that concerned about people reading your mom's emails to you about how much of a disappointment you are.

>> No.74839160

>ProtonMail is a criminal organization that conducted an illegal hack against a target that ended up being innocent
That's pretty fucking based if you ask me. Gonna make an account right now.

>> No.74841084

cared enough to reply

>> No.74841985

It's Tor, it hides your ip whether it's clearweb or not.

>> No.74841989


>> No.74842067

Exactly, that's why you use Tutanota, which has been PROVEN to be safe, unlike PM that bans you for wrongthink

>> No.74842259

>giving people tips on how to send out a bomb threat
So don't use it, same as any normal email provider, but an encrypted body. Better than nothing

>> No.74842276

yup, protonmail and also yandex mail. you mad, fagboy?

>> No.74842670

>implying any of this fits the average /g/ users threat-model

secure email is a meme anyway

>> No.74843303


This can't be serious. Any form of "secured even against knowing the user's credentials" just doesn't for a mail system.

>> No.74844349

where is niggerdog font?

>> No.74845394


>> No.74845463

Yea it sucks but honestly if you want security use primitive methods not everyone can make stunxnet

>> No.74846766

that's a good comparison since, like protonmail, the owner of cock.li will sell you out to the feds for good boy points

>> No.74848583
File: 2.19 MB, 3840x2160, Quotefancy-360489-3840x2160.jpg [View same] [iqdb] [saucenao] [google] [report]

There's this answer to ProtonMail: https://www.reddit.com/r/privacytoolsIO/comments/f66vyq/what_else_does_the_cia_secretly_own/fi4ielv/

I must admit that the comment that was deleted was bullshit, though

>> No.74848804

Didn’t lavabit shut down a few years ago suddenly?

How do u know this is not a honey pot

>> No.74848961

i use it as a throwaway mail. i also have cockmail if they ban me from protonmail some day.

>> No.74849196

>Can you elaborate?
No babysitting today, Zoomer. Google is yr friend.

>> No.74850865

shut up i do not care

>> No.74850913

Are there any mentally ill trannies, pajeets or CoC bullshit involved ?
If so, fuck off and die.

>> No.74851343
File: 291 KB, 1080x1080, 08581e073fdb33f3b5e3e5d7cd2a21e67485632f1c6633d98c15dcd87206585b.png [View same] [iqdb] [saucenao] [google] [report]

No. There is not. It is all pale faced seasoned engineers who are working for free, myself included. We raised some cash on republic.co, lavabit.com has paying users and a self-sufficient cash-flow. The problem, by the way I appreciate your screening out trannies, but im not sure what a coc is and I sure as fuck ain't looking it up. pajeets know java, or javascript, generally speaking. The warlocks who actually write effecient code, the programmers who aren't having their little asses wiped by Java's automatic memory garbage clean up, or some other little kid guardrails where, the guys who actually understand system architecture, the cost of a cycle, the subtle nuances between encryption, privacy, non-repudiation, those guys aren't exactly churning out of these shit tier university or "code academys" We did get funded from nlnet - projects focused on hardening the internet. We have enough cash to pay ONE EXCELLENT C coder. for a year, maybe two. and not well. we need people who give a fuck, can take their dick out of their hand and stop wacking off and write some excellent C code or it'll be a lost project and SMTP will stay as private as postcard and die an ugly death as we march into a thousand years of darkness. This is the last stand on earth.

>> No.74851667
File: 46 KB, 473x500, 1438303997539.jpg [View same] [iqdb] [saucenao] [google] [report]

Just made an account for a operation I am working on.

>> No.74851778

Nothing special. Just making fake ads of puppies on Craigslist, listing as for free, hoping to lure some people that use them for dog fighting, and find info on them, and what not.

>inb4 "you're a faggot"

>> No.74851863

>I would much rather the glowies be able to see my emails than glowies at this point

>> No.74851904

Subject I mean, not header

Name (leave empty)
Comment (leave empty)
Password [?]Password used for file deletion.