this post was submitted on 20 Apr 2024
215 points (96.5% liked)

Privacy

32103 readers
538 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] firefly@neon.nightbulb.net 5 points 7 months ago (1 children)

Everything you need to know about so-called 'Swiss Privacy' we learned decades ago from Operation Thesaurus, AKA, Operation Rubicon. We learned that CIA operations and black budget banking are actually headquartered in the Swiss underground.

Operation Rubicon
https://en.wikipedia.org/wiki/Operation_Rubicon

Crypto AG
https://en.wikipedia.org/wiki/Crypto_AG

If you trust any third-party server to protect your privacy, you're a rube. If you trust Proton Mail to protect your privacy, you're a rube getting 'crossed' by the Swiss Rubi-con. Either you own your keys and your data on your computer or else you have no privacy. Someone else's promise that your data will be 'encrypted' so they can't decipher it is a hollow pledge. If you send any form of plaintext to a remote server, no matter how much they claim to encrypt it, you have zero assurance of data privacy.

Watch the phan boiz rage outlet!

#Cryptography #Cryptology #Encryption #Crypto #Protonmail #CryptoAG #Switzerland #CIA

[–] Doods@infosec.pub 0 points 7 months ago (1 children)

So what should we do then? switch to something else? Host our own email service?

I really don't know.

[–] firefly@neon.nightbulb.net 1 points 7 months ago

It depends upon your security needs and risk assessment.

Are you a whistleblower?

Are you handling confidential business, financial or legal communication?

Are you being monitored by state agents?

Are you sharing love letters with someone?

Are you discussing or transferring confidential records?

You have to look at and assess your use case before you can decide on a solution.

No matter what your risks are, every solution should ALWAYS include end-to-end encryption in which the parties own and control their own encryption keys and identity on their own devices, not in the cloud.

That is the baseline. Then depending on your situation there are other factors and solutions to consider on top of the baseline.

When you own and control your encryption keys on your own device, then no third party can turn over your keys to a hostile entity. If you encryption is dependent upon a third party, they own your encryption and you have zero security, no matter how much they promise you.

Here are a few secure communication software examples for consideration:

Onionshare: https://onionshare.org/
Retroshare: https://retroshare.cc/
Bitmessage: https://bitmessage.org