Tutanota was (at least) compromised from the moment that they were ordered by German courts to spy on anyone that they were ordered to. Including skipping encryption upon email arrival. Why the hell they are suggested in the privacy space after that just proves how retarded most privacy bros are.
Why, what else could have they done with laws? Protonmail and literally every other provider on the clearnet is also susceptible to this. The only thing they can do is have lawyers to find what the absolute most minimum they are required to do and only do that, but that’s all.
Proton can be legally ordered to start recording the IP address of a specific user. That’s why they recommend that you always connect through their Onion site.
Other than that and if that’s possible, I think it may also be possible to legally order Proton to keep the unencrypted form of incoming emails for a specific user, but Proton did not said it in the article, and Swiss laws might protect them against that. It’s certainly possible technically, and good to be aware of it, I think.
Sorry but I can’t open the second link, as it actively resists it. I suspect though that the problem with Tutanota was not their encryption, but their legal system, which required them to keep a copy of the incoming emails.
Also, don’t mistake me, I’m all for protonmail, and I mean this. But did you know they only encrypt the email contents? Metadata like title, sender recipient and other things in the mail header don’t get encrypted.
you’re right about the IP thing. that’s a good clarification rather than just “spy”. i suppose it’s less dire than Tutanota not encrypting incoming mails if you use tor and vpn by default.
yeah basically it more or less proves that swiss privacy is a bit stronger in this case vs Germany.
on the proton encryption, i did know about this but does that apply to proton-to-proton, proton-to-NonProton, or both? if you have details on this let me know.
either way the fact that they dont makes me feel that proton is a similar honeypot to signal and telegram, where they make a compromise with the five eyes, to give them metadata even if actual contents are safe. metadata can be much more powerful than contents often times
in general email is just the worst protocol when it comes to privacy. sadly.
on the proton encryption, i did know about this but does that apply to proton-to-proton, proton-to-NonProton, or both? if you have details on this let me know.
As I know it applies to both. Formerly they were asking (among other things) about the titles of your latest emails for account recovery. (after I have put all the links here I realized that these don’t give a details on whether this also applies to inter-proton messages…)
either way the fact that they dont makes me feel that proton is a similar honeypot to signal and telegram, where they make a compromise with the five eyes, to give them metadata even if actual contents are safe. metadata can be much more powerful than contents often times
Yeah, might as well be. But if it is, I’m afraid we won’t get to know for a few decades, if ever. And I think it’s still better than the alternatives… the alternative email providers, that is.
If it comforts you, in their reddit comment I linked they mention (in 2019…) that there’s a proposal they support for openpgp to be able to have an encrypted subject line.
I found out also that Tutanota is essentially the same, except that they do E2EE subject lines between tutanota users, but I am guessing that is because they don’t use PGP unlike Proton. In which case, Proton is in the right in this case because they are increasing E2EE interoperability beyond just their own users. So, my comment about honeypotting was really uncalled for I think, and I apologize for that.
The OpenPGP proposal is interesting, but I couldn’t find anything on it. All I found was this below, which explains that email headers can’t be/aren’t encrypted, and subject is one of those, so that’s why. I have no clue what Proton was talking about, or where they got that info
The plan was to have criminals use the storefront — an online end-to-end encryption service called Tutanota — to allow authorities to collect intelligence about them.
Not an answer, but a clarification. You seem to be messing up two things. DoH is basically encrypted DNS, i.e. no one other than your DNS provider can see what domains you ask for. It’s orthogonal to ad blocking; there are various service that provide one, or another, or both.
Yup I understand that. I’m primarily asking what the community thinks is a better DNS blocker between Aha Blitz and Mullvad’s, both of which provide DNS blocking over https.
In order to read gmails, you have to work at google.
In order to read the upvotes on this post, all you have to do is spin up your own lemmy instance. Anyone with technical knowledge can do it. The problem is a bit different. I could do it, if I was motivated.
If lemmy gets popular enough, there will be 3rd party sites with search bars and nice UIs and graphs to help you see how someone votes.
Not sure what the solution is. Maybe if we can’t make votes private, they should be fully public.
I don’t understand the concern though. I always assumed my votes, comments, or even PMs here were readable by at least the admins of the instance I’m a member of. The fact that votes and comments are public doesn’t seem to matter from a security or privacy standpoint.
There was an era of reddit where some nerds used addons to tag users for their own personal notes. Nothing wrong with making your own tags for people, imo.
But I do remember there were extensions for “mass tagging”. You could install browser extensions to label people based on their post history. Someone would run a script, aggregate data, put little tags on people based on how they post. Like, maybe you would install a tagger to label people who don’t agree with you politically, based on someone’s aggregated data.
I never personally liked the mass tagging stuff. It felt toxic to put people you don’t know in boxes. But, I never felt like it should be prevented. At the end of the day if you post something publicly, you shouldn’t be surprised when people respond to that.
But, some people here might not realize how public their vote history is. Not sure anyone wants weird graphs about how they vote. I upvote a lot of stuff, I’m sure a lot of people upvote stuff they don’t totally agree with. Maybe I’m imagining a problem where there isn’t one. I’ve just seen how weird people get when it’s easy to put people in boxes.
Reddit enhancement suite would do manual, single user tagging and the Masstagger browser add on would do… well, mass tagging.
I used it to show me when people I interacted with made more than 50 posts/comments in places like r/conservative or r/thedonald. It would also link you to the comments so you could see what they were saying there.
I found it helpful because there were times when I found people undermining concepts like cultural pluralism and participated in those subs. I knew where they were coming from and what they were trying to convince readers of (nothing good).
Several times it helped me effectively argue against white supremacists.
As long as comments are public, which I think is the point of sites like Reddit, lemmy, and kbin, those types of plugins and info will be available.
@andrew_bidlaw this feature request for KBin to change voting so it is NOT public from 5 months ago has a lot of examples of why public voting can be dangerous, but there doesn't appear to be much interest in changing how this works in KBin or MBin.
I can imagine a couple of ways it can be obfuscated, but here in your link I’ve been reminded ActivityPub also serves Mastodon, where interactions are way less impersonal by design.
@andrew_bidlaw You can simply see this data on any Friendica instance if you have an account. Just hover your mouse over the like/dislike numbers, and you can see who upvoted/downvoted shit. You can even receive notifications about this on your own posts, just as on Facebook.
To me, it was funny back in the day to see all tankies brigading to downvote me on any single post or comment I made, the moment I started showing my political stances 😆 (yes, even stuff posted before that had no political stuff in them, lol). But yea. To some people, this might be a drawback.
The good thing, however, is that neither Kbin nor Friendica show you a centralized place in your profile to see what did you downvote. You just have to search every post you can find to see this info.
Is there a plugin for like firefox, available which tracks what you write? Something which analyzes your output stream, or lets say, fetch all lemmy posts of a user and analyze how “easy” the writing patterns are and how easily the user is traceable via shadow linking multiple accounts etc.
I know in order to compare this data privacy violations are necessary, but I am genuinely interested in how ad companies are tracking myself and how easy I am to follow through patterns in my texts.
As far as I know, LLMs are not that clever yet, and it would require a lot of work to automate tracking of so many targets. But a dedicated person tracking one user can see these. Unknowingly, we leave a lot of cues to know who we are. Not only patterns, but exact word-markers, like calling something by a regional-accepted name. Like how my english teachers insisted London’s metro is called Tube.
It’s mainly keywords at that point. This process is sure to have steps. To step into a suspected category, to be elevated into those who are to be studied closer, you should ring some alerts.
From when I was asking about it, I think it’s only the instance admins that can see the details. It would be nice to have this information clearly outlined somewhere, so people know and aren’t surprised.
That may not be complete or consistent though given the way federation works.
Downvotes from lemmy do not show up. (Not sure why not; haven't dug into it.) Only downvotes from kbin members are shown on kbin. Also unclear to me if downvotes between different kbin/mbin instances show up or if it's the local instance only. (I've only noticed local downvotes, but haven't really been looking.)
Yeah, I had a mixed reaction to finding that out a while ago, but I'm kind of just rolling with it for now. Votes are just simply NOT private on here, for better or worse. My feeling right now is that it's sort of positive from a community feel perspective, but I'm also avoiding interacting with a lot of subjects I consider more controversial.
Probably we'll end up developing a culture of either lots of alts used simultaneously, short lived accounts with regular name changes, or both as people become more aware of this. Either that or people will just say "Fuck it. You really want to see all the weird porn I like and my political preferences and what not? Don't blame me if you regret looking!" :p
A vote on kbin/lemmy is closer to a retweet than to a vote on reddit in terms of its potential impact on folks. You are publicly saying you support/do not support a post by voting on it (which might be taken as publicly thanking someone with an upvote or publicly saying fuck you with a downvote in some contexts); that can be a workable system, but it's surprising if you're coming from reddit where basically no one but the admins (and whoever they told/sold the data to) actually knows what you voted up/down.
Hell, consider all the drama around "YOU DOWNVOTED ME!!" / "No I didn't!" BS that was so common even when it was just suspected -- now it can be confirmed (again, for better or worse), for kbin users. I was on reddit for a long time and just thinking about that crap makes me feel tired... -.- Downvoting on kbin is potentially picking a fight every time. The end result is that I've basically never downvoted anything except some spam bots. I don't need that shit in my life again -- even for some of the posts that I think really should be downvoted, I'm just ignoring now. (Not getting into it further. Don't ask. I won't respond.)
If your IRL identity is associated with your account (or can be figured out eventually...), upvoting something really spicy could also end up causing you the same kind of drama IRL as retweeting or commenting strongly on the post -- e.g. job loss, loss of business, targeted harassment/violence campaigns, loss of friends/romantic partners, etc...
I really don't need more drama in my life, so I'm a bit more mindful of how I'm voting (for better or worse) and some stuff I probably would've voted on before, I am just leaving alone now.
Appreciate the thoughts, it gives me more to think about. I’ve also been avoiding controversial subject matter and I think I’ll avoid it even more now.
I do think the Fediverse needs to improve privacy and ease of use for alts. I’ve seen a lot of stuff over the years on Reddit that an authoritarian government would love to get their hands on. I guess the fediverse, by design, can’t be private? I worry that someone who doesn’t know better will get hurt because they don’t understand the risks.
All the more reason to join trusted instances with solid admins, and to keep your Lemmy profile separate from your real identity.
A possible workflow right now might be to browse on one account, and post comments from another. Boost on Reddit made that easier, but I don’t think the Lemmy one does that yet
The internet is a messy place and I like my privacy
I think people will feel more comfortable voting if it wasn’t made public. Same reason we add privacy booths during elections, or put our heads down in class when voting on simple things
If everyone can see what I upvote, then I’m going to take that into consideration before voting. If it was private, then I wouldn’t worry about it and vote whenever I want to.
Overall this might be a good thing because it exposes bad behaviour, such as downvoting the person who disagrees with you.
This might be a problem if, for example, there’s a post critical of moderators / admins. You might want to upvote it, but worry about getting banned. If your Lemmy profile can be linked to your real identity, you might worry about real world consequences too.
I just keep my posting habits the same as on reddit. I mostly comment on things instead of making posts myself unless I have a specific question, but I also have never paid much attention to how others might think of me from my statements or votes. If someone tries to message me privately to argue something I just block them if I don’t feel like it.
Ultimately this account is not my personal identity and I couldn’t care less what others think of it. I just state what I think on a subject and if that is upvoted, fine, if not who cares.
privacyguides
Hot
This magazine is from a federated server and may be incomplete. Browse more on the original instance.