I no longer trust ProtonMail

I have to say two things. First, Switzerland’s privacy laws remain amongst the strictest in the World, and that despite dilution under pressure from the international community because of decades of endemic money laundering. Switzerland was the go to jurisdiction to bank one’s ill gotten loot because — if I recall correctly — Swiss law criminalised the disclosure of client details to anyone (including, I believe, cantonal and confederal government) and allowed the creation of truly anonymous accounts (the “numbered accounts” of 1980’s crime thrillers).

Interestingly, ProtonMail have commented upon this request, which indicates to me that the Swiss law under which it was made is nowhere near a draconian as, say, a US National Security Letter, with its embedded gagging order.

Second, along side their E2E encryption, ProtonMail offer a “secure gateway” using Tor. I suspect their CTO is saying, well you can compel us — against our commercial practice — to enable IP address logging on a particular email account, but a fat lot of good that will do you if they route in through our Tor node!

For the truly paranoid, or those facing a state actor after their communications, remember to reboot your phone before connecting to any email or messaging service — it’s difficult to keep malware alive across a reboot — and to change it frequently in case someone has compromised the boot process.

Finally, remember we’re all doomed if a bad actor has at any time has access to the compilation tool chain of your chosen system. I think it was Dennis Ritchie who demonstrated in the mid-80s that, because the C compiler is used to compile future versions of itself, you can compile malicious code into the compiler that can inject actions into any or all applications subsequently by it, including subsequent versions of the compiler from which the malicious source has been deleted.

3 Likes

On a related note:

It was Ken Thomson :slight_smile: (I’ve posted it in this forum before when similar things were discussed, and it’s such a delightfully geeky read that, since you bring it up, I’ll post again: https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf )

1 Like

I’m still trying to understand all the fuss over that one. Of course any end user has access to the contents of a message and can submit it to anyone they want.

I find that putting top secret documents in a rolled up newspaper, donning a fedora and trenchcoat and then meeting a recipient on a bench in a public park works best. just leave the newspaper on the bench and walk away. recipient can pick up newspaper and then leave in another direction.

4 Likes

I agree that it always should have been obvious that “end to end encryption” means you have to trust the endpoint. However, Facebook hasn’t been real transparent about how their moderation feature works (to the point of not calling it “moderation”) or the volume of posts they’re moderating.

4 Likes

Then there’s the software and firmware in many, many devices.
E.g. NSA Planted Stuxnet-Type Malware Deep Within Hard Drive Firmware

And just google ‘huawei spyware’ for many scenarios.

1 Like

I suppose that the simple moral here is be offline as much you can. Online = Public, encrypted = possibly private, and everything that can probably has a backdoor that the company can use as well as your local government. Read the small print, “off by default” probably doesn’t apply to you. If it’s free they’re making a profit out of you somehow and trust large business corporations at your peril.

Does that about cover it? :grin:

1 Like

… and your boss is never too busy to buy their own gift cards. :grin:

Perhaps I was unclear, I believe the article said (I may be conflating this with another article I read) that the Swiss government acted because a foreign government (France? I don’t recall which) requested the action. This is what I meant by the Swiss doing the work of another country.

The (seeming) key that I got from one article was that the thing being reported as a crime was also illegal in Switzerland - so that’s why ProtonMail couldn’t challenge the order.

1 Like

Ah ok, then I get your point.

It’s always difficult to strike the balance between privacy and the Justice system.
Even though I do not like it I would expect a government to act within the confines of their legal system. And if/when there is a treaty in place I would expect them to act accordingly. In this case a request was made under the EEA Mutual Legal Assistance Treaty and was handled in this way.

Also: In the case of ProtonMail it’s not the first time it happened. Their annual report lists requests by law enforcement which they are obliged to follow. Any time a request is made the company also is obliged under Swiss law to inform the account holder of the request.

Since they are only able to provide meta data for the account I don’t think it’s a matter of “not trusting” them. They are operating within their ToS and legal system.

My choice for ProtonMail was made because of my estimation of the way the EU/CH legal systems work. I would expect them to be a lawful company and I do have confidence in the legal systems across Europe to handle Government over-reach when and if it happens. The CJEU (EU high court) is not known for being overly Government friendly)

I might be a bit naive but I do still believe that E2E encryption can exist in a lawful environment. And I do really think ProtonMail prove it can.

4 Likes

Even with all this bad press I do think that it’s still probably the best option for E2E encryption. I was just recommending it yesterday for an institution that needs better privacy in its communications.

Rather than putting your trust in someone else to do the right thing when encrypting your mail, you can encrypt it yourself using e.g. OpenPGP.

You can also establish webs of trust giving you some assurance that people are who they say they are. This is all based on the exchange of public keys. So if you want to email me, I’ll send you my public key. When you receive it, you can verify that it is signed by someone you already know and/or trust. Now you can sign my key, thus giving me more credibility, and I can do likewise.

I’m not sure why this isn’t built into all mail clients now (I can guess).

Documents leaked by Snowden showed that the NSA, et al. were having trouble with Tor and PGP back in 2012. Things may have changed since then. Without another leak, we won’t be able to know for sure.
By way of comparison, the NSA et al. have no trouble snooping HTTPS and VPN connections.

On the openpgp website, you can find email clients, plug-ins, browser extensions, etc. The backstory is interesting to read too (tldr; Phillip Zimmerman created pgp, and the US government lost its mind, then eventually dropped their investigation of him).

1 Like

I think that this needs some context: Is this due to flawed implementations, old ciphers, subversion/coercion of certificate authorities, weak keys, subversion/coercion of products/vendors/service providers, unpatched vulnerabilities? It’s a pretty big claim that HTTPS (TLS) and “VPNs” (there are a lot of things that get labeled VPN) are generally subject to interception.

All the cool kids are going after endpoints these days. It turns out it’s way easier to unmask a TOR user if you can get a bit of your code running in their browser :wink:

and the idea of privacy that people (not only on the internet) has, I’d say.

to me this looks like a case where privacy was respected, since all the actors acted according to laws.

and it’s normal for a government to ask another government (or better, for a justice system to ask another justice system) to act in their country. For a foreign authority acting without asking is an hostile act.

1 Like

Yeah, just quoting from the linked article here:

Virtual private networks also offer little protection: documents show the NSA planning the capacity to surveil 20,000 VPN connections per hour. Perhaps most alarming, the NSA seems to have completely circumvented the HTTPS system, which is used to secure connections between websites and browsers. By late 2012, the agency expected to be able to intercept 10 million HTTPS connections per day.

The means with which they do those things is another matter :slight_smile:

I think TLS was owned years ago. I remember being in NY at a conference and hearing a speaker discuss it in depth (pre Snowden). Then you hear about the dealings with NIST and others and it makes sense. None of this is confirmed, but if I had to guess I’d say yes. I’m unsure on VPNs, but if you ping back to what’s happened with NIST and look at all of the router vulnerabilities it would make sense…

1 Like

Router vulnerabilities shouldn’t figure into TLS issues, as TLS is there largely because routers are assumed to be hostile. TLS/SSL has evolved considerably since 2012 and has many possible vectors for attack, so I think the claim that it’s been broken needs some qualification.

The NIST/RNG fiasco (which probably involved at least one VPN provider) is a worrying indicator shenanigans are going on though.

Agreed. I probably should have been more clear. The router comment was strictly in regard to VPN’s as an example of not needing to break encryption of you own the concentrator or endpoint.

To be clear, I have no evidence that it’s been owned. I’ve just seen too much over the years to think that it there isn’t some set of exploits, or discrete MITM attack being used, some CA that’s compromised, etc… (Putting tinfoil hat away)

1 Like