proton isn’t your friend
I keep seeing people recommend protonmail like it’s some kind of activist infrastructure and it’s starting to bug me
remember in 2021 when they handed over a french climate activist’s IP to the cops? swiss court order, data went through europol, person got arrested. this was while their website was still implying they couldn’t log you. they quietly changed the wording after they got caught
and like… switzerland isn’t what people think it is. they have treaties with the US and EU, they share intelligence, their whole “neutrality” thing has always been about protecting money, not people. ask any dictator who parked their cash there
also proton took VC money. it’s not a co-op, it’s not worker owned, it’s a company that sells privacy as a product. which means eventually the investors are going to want their returns and something’s gotta give
none of this means “don’t use it” - it’s still better than google. but e2ee doesn’t hide metadata and metadata is often enough. your threat model matters. a corporation is not going to protect you from the state, ever
Nobody is your friend… but at least proton isnt logging your data and selling ads into your inbox… that’s good enough for me…
Check your threat model… 90% of people arent doing direct action that needs protection from nation states… and proton isnt big enough to protect you from nation states. (pretty sure they tell you that they have to comply with legal, swiss laws)
Stop trying to scare people into going back to gmail… there will always be flaws in proton/tuta/whatever mail service…
Go try running your own email if you truly need perfect privacy and anonymity
Why scare people looking to ditch google with stupid stuff like “but they complied with the government”, bruh google complies with anyone who has their wallet in-hand.
ProtonMail is a free inbox and is privacy friendly. Yes there are other options, but this isn’t a bad one by any means.
a group called Youth for Climate was doing direct action in paris - occupying empty buildings near Place Sainte-Marthe to protest gentrification and airbnb bullshit. pretty standard stuff. they used a protonmail address to coordinate
french cops wanted to know who was behind the email. proton is swiss so france couldnt just demand it. so they went thru europol, who asked swiss authorities, who then issued a court order to proton
heres the part that matters: proton wasnt already logging this persons IP. the swiss court ordered them to start logging it. proton complied, collected the IP going forward, and handed it over. activist got arrested. charges were trespassing, theft, property damage
protons response was basically “we had no choice, swiss law, we support activists but cant break the law for you.” they also quietly edited their website - it used to say “we do not keep any IP logs which can be linked to your anonymous email account.” now it doesnt say that
the CEO said they didnt even know it was about climate activists when they got the order. which… okay? thats not really the defense you think it is my guy
the takeaway:
• proton can be legally compelled to start logging you specifically
• swiss “privacy” folds when another country wants you bad enough
• encrytpion doesnt protect metadata
• if your doing anything that might piss off a state, use tor. proton even says this themselvs now
No. The reasons the user gave against using ProtonMail are applicable to any and all commercial entities providing email service. It’s not even something you could accomplish yourself.
proton isn’t your friend I keep seeing people recommend protonmail like it’s some kind of activist infrastructure and it’s starting to bug me remember in 2021 when they handed over a french climate activist’s IP to the cops? swiss court order, data went through europol, person got arrested. this was while their website was still implying they couldn’t log you. they quietly changed the wording after they got caught and like… switzerland isn’t what people think it is. they have treaties with the US and EU, they share intelligence, their whole “neutrality” thing has always been about protecting money, not people. ask any dictator who parked their cash there also proton took VC money. it’s not a co-op, it’s not worker owned, it’s a company that sells privacy as a product. which means eventually the investors are going to want their returns and something’s gotta give none of this means “don’t use it” - it’s still better than google. but e2ee doesn’t hide metadata and metadata is often enough. your threat model matters. a corporation is not going to protect you from the state, ever
Nobody is your friend… but at least proton isnt logging your data and selling ads into your inbox… that’s good enough for me…
Check your threat model… 90% of people arent doing direct action that needs protection from nation states… and proton isnt big enough to protect you from nation states. (pretty sure they tell you that they have to comply with legal, swiss laws)
Stop trying to scare people into going back to gmail… there will always be flaws in proton/tuta/whatever mail service…
Go try running your own email if you truly need perfect privacy and anonymity
100% agree with your take.
Why scare people looking to ditch google with stupid stuff like “but they complied with the government”, bruh google complies with anyone who has their wallet in-hand.
ProtonMail is a free inbox and is privacy friendly. Yes there are other options, but this isn’t a bad one by any means.
a group called Youth for Climate was doing direct action in paris - occupying empty buildings near Place Sainte-Marthe to protest gentrification and airbnb bullshit. pretty standard stuff. they used a protonmail address to coordinate french cops wanted to know who was behind the email. proton is swiss so france couldnt just demand it. so they went thru europol, who asked swiss authorities, who then issued a court order to proton heres the part that matters: proton wasnt already logging this persons IP. the swiss court ordered them to start logging it. proton complied, collected the IP going forward, and handed it over. activist got arrested. charges were trespassing, theft, property damage protons response was basically “we had no choice, swiss law, we support activists but cant break the law for you.” they also quietly edited their website - it used to say “we do not keep any IP logs which can be linked to your anonymous email account.” now it doesnt say that the CEO said they didnt even know it was about climate activists when they got the order. which… okay? thats not really the defense you think it is my guy the takeaway: • proton can be legally compelled to start logging you specifically • swiss “privacy” folds when another country wants you bad enough • encrytpion doesnt protect metadata • if your doing anything that might piss off a state, use tor. proton even says this themselvs now
What’s about Tuta? Is that good enough as protection?
No. The reasons the user gave against using ProtonMail are applicable to any and all commercial entities providing email service. It’s not even something you could accomplish yourself.
Okay, thanks.
Time to host my own private encrypted email server
Honestly, you should try, if only to learn how many ways they have us by the balls.