this post was submitted on 07 May 2024
103 points (90.6% liked)

Technology

34437 readers
160 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.

Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.

Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
MinutePhrase@lemmy.ml
103
Proton Mail Discloses User Data Leading to Arrest in Spain (restoreprivacy.com)
submitted 4 months ago by RedditEnjoyer@lemmy.world to c/technology@lemmy.ml
20 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] Saik0Shinigami@lemmy.saik0.com 0 points 4 months ago (1 children)

Proton would have the key. A government that is already compelling them to hand over your account can simply be compelled to provide the TLS keys. The point is that government doesn't have to compel proton for at rest storage, but can compel for in transit interception.

[–] jbloggs777@discuss.tchncs.de 1 points 4 months ago* (last edited 4 months ago) (1 children)

Read up on perfect forward secrecy and TLS.

And yes, a jurisdiction could compel them to break their security, depending on laws and ability to threaten.

[–] Saik0Shinigami@lemmy.saik0.com 0 points 4 months ago (1 children)

"read up on pfs"
"Pfs doesn't matter"

Literally this post.

[–] jbloggs777@discuss.tchncs.de 0 points 4 months ago (1 children)

PFS matters where a party hasn't already been compromised. Not so hard.

[–] Saik0Shinigami@lemmy.saik0.com 0 points 4 months ago* (last edited 4 months ago)

This whole discussion is about a government forcing Proton mail to take actions. Telling me to "read up on pfs" is irrelevant by your own admission. ProtonMail can be compelled to give up their keys, or to hand them over for all current/future transactions.

So once again...

“read up on pfs”
“Pfs doesn’t matter”
Literally this post.

You cannot rely on MTAs to transmit ANYTHING securely in the context of this discussion. Period. There is no E2E when there's an MTA involved unless you're doing GPG/PGP or S/MIME. Nobody does this though... Like literally nobody. I've got both setup and have NEVER had an encrypted email go through because nobody else does it. It doesn't matter what Proton claims to support.

That's it. Telling anyone to read up on anything when they're 100% correct is asinine.

Email in transit is not encrypted. At least not encrypted by anything that the government can’t compel the company to hand over.

Edit:

Email in transit is not encrypted. At least not encrypted by anything that the government can’t compel the company to hand over.

This is what I originally said. It was clear. I don't know why you're arguing otherwise.