• Varen@kbin.social
    link
    fedilink
    arrow-up
    62
    arrow-down
    1
    ·
    edit-2
    1 year ago

    let me quote from reddit (https://www.reddit.com/r/ProtonMail/comments/15luwua/comment/jvd0fz9/?utm_source=share&utm_medium=web2x&context=3):

    The article doesn’t link the original court filing or discuss what actually happened, and from the title alone, is rather misleading.

    The actual warrant can be found here and has the important missing details: https://drive.proton.me/urls/57QC5F26BW#nseYl6ICaQHm

    The only data we could provide (in response to a binding Swiss legal order), was the user’s recovery email address, which the user added himself, and is optional to begin with.

    Unfortunately, said user also used that recovery address to create a Twitter account, and Twitter turned over his phone number and IP address. So probably not the smartest move if you want to threaten public officials.

    Coincidentally, this case again proves that Proton Mail’s encryption cannot be bypassed by law enforcement.

      • Slotos@feddit.nl
        link
        fedilink
        arrow-up
        5
        ·
        1 year ago

        They don’t offer unlimited addresses for your own domain. And I kinda rely on that to route different registrations around. Don’t even need unlimited mailboxes, just the ability to use patterns and direct assignments to route mail to a few mailboxes.

        If that was an option, I’d switch a week ago.

        • dracs@programming.dev
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          They semi-recently bought Simple Login which you can provide with your own domain. That does allow you to create unlimited addresses and they’ll all be forwarded to the inbox of your choice. Can also disable any addresses when you no longer want them.

        • Atemu@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          I haven’t switched yet but I’m about to.

          Proton seems to have a pretty powerful filtering system that you can program using a DSL: https://proton.me/support/sieve-advanced-custom-filters

          From what I’ve gathered, you can simulate unlimited addresses for your domain by setting up a catch-all. To reply from a certain catch-all’d address, you need to create an address for that name.
          I wonder if you could do that via API; creating and deleting the address just for the moment where you’re sending the reply.

          It’s strange to me that they don’t offer unlimited domains. I guess it’s to discourage business users from using the cheap email plan intended for individuals? That one doesn’t have user management, so that doesn’t really make sense either.

        • mishimaenjoyer@kbin.social
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          you can use services like proton as much as you want, if you interlink other, more transparent accounts and infos about yourself to it, there’s no one to blame but yourself when the feds knock on your door eventually. “f*cked around and found out”.

          • Varen@kbin.social
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            agreed on that, but I think, before that would be, don’t try to threaten ppl on the internet and don’t expect to be anonymous by just using a private service. I mean, the mail might be encrypted, but the recipient gets it, can read it and can show it to anyone else.
            still: private ≠ anonymous

            • mishimaenjoyer@kbin.social
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              sure and encryption isn’t even the issue here. i don’t defend ppl sending others threads via mail, that’s unquestionable a very dumb move, but in case you do something else that is privacy sensitive to you - like being a whistleblower, leaking stuff - you should know what you’re doing to protect your identity. using an encrypted, swiss mail service and then have like gmail as your recovery address and use that very mail to register on a social media site isn’t even trying - could have just attatched his phone number in the mail to get over it :>

              in that case, good for the victim, but bad for proton because there are still so many ppl around thinking services like proton stand above the law and would rather face court than to send the feds a .zip with metadata that could be completly useless if the account was used right.