I know there are plenty of software missing from here. This is just a fun infographic I made, no need to take it seriously :)

  • pyre@lemmy.world
    12·
    10 hours ago

    except they shared the IP address of an account even though they state “No personal information is required to create your secure email account. By default, we do not keep any IP logs which can be linked to your anonymous email account. Your privacy comes first.” on their homepage

    • andronicus@lemmy.world
      41·
      9 hours ago

      It’s right there in your copy-paste my dude, “BY DEFAULT”.

      The jackass(es) who actually was at risk went the extra step to enable IP address logging, which means that when Proton had to comply with a lawful court order, they actually had data to give.

      Proton is a company like any other that has to comply with laws in the country they operate in, but unlike a lot of other companies, they don’t log data UNLESS YOU ASK THEM TO.

      Moral of the story is, like has oft been repeated, know your threat model and plan appropriately.

    • UltraMasculine@sopuli.xyzEnglish
      1·
      9 hours ago

      If I understood correctly from Proton’s privacy policy, VPN does not log IP addresses but at least in some circumstances Mail does. This is from their privacy policy:

      Due to limitations of the SMTP protocol, we have access to the following email metadata: sender and recipient email addresses, the IP address incoming messages originated from, attachment name, message subject, and message sent and received times.

      One thing must be remembered: Even Proton must follow the law and rules.

      • kadu@lemmy.world
        1·
        8 hours ago

        And those are the limitations created by the fact that email was never meant to be truly secure, not in the way we define and expect security and privacy nowadays at least.