From 2019, but still [this fullstop signals not only the end of that sentence, but also the end of this statement]. And here [those two words indicate that new information/context is being added; it is being indicated that we now no longer talk about the article, which the uneditorialized post title references and the post link leads to] something a bit more recent about the glorious “swiss privacy” [this makes it further clear that the following is about swiss privacy in general and not about Proton] https://www.republik.ch/2024/01/09/der-bund-ueberwacht-uns-alle
key points
[they were added because the main article is about Proton and written in english and because OP assumed that most in here are unable to read german and care less about general swiss privacy than they do care about Proton]
-
New reporting based on documents and court records shows that since 2017, the internet traffic of Swiss citizens has been massively monitored and read when it crosses borders, which happens routinely even for communication within Switzerland.
-
The intelligence service’s claims that purely domestic Swiss internet traffic is collected are false, given how internet routing actually works. Traffic flows across borders dynamically, not through static “cables” as claimed.
-
All data is stored and searched, including retrospectively, meaning the intelligence service builds an ever growing haystack of private communication to dig through. This includes communication from journalists and lawyers that should be protected.
-
In 2023, steps were taken to expand monitoring further by requiring more Swiss internet providers to enable access to their infrastructure, including providers that don’t directly deal with cross-border traffic. This contradicts previous claims about how the monitoring would work.
-
Critics argue this invalidates assurances given earlier by the government and intelligence officials and constitutes mass surveillance that violates civil liberties. There are plans in 2024 to revise the intelligence law again, possibly to retroactively legalize monitoring practices already occurring.
That’s why you should always use E2EE if you want something to stay private
sure, but also
„We kill people based on metadata.“ Michael Hayden, NSA
What does this mean? That people are targetted based on who they’re talking to instead of what they’re saying?
basically.
even minimal metadata for example from signal contains
Message dates and times
Message senders and recipients (via phone number identifiers)
From these 2 pieces of information, its possible to build social graphs: who talked to who, and when they did it. Also, who’s in a group chat with who else.
https://github.com/dessalines/essays/blob/master/why_not_signal.md#why-not-signal
(worth to read in full)
OFF WITH HIS HEAD
How PM voluntarily offers any assistance? Key points don’t mention PM at all.
read the article, the keypoints have nothing to do with proton or the posted article. i just tried to add more context and illustrste that “swiss privacy” is an empty marketing phrase, like “military grade security” etc.
If your key points aren’t about Proton, why is it in the title?.
😒 if people comment, why do they not read the post or the linked article?
If the title and the key points don’t match each other, why would I then go and read an archive of a translation of the 5-year-old article they are supposed to represent
And if they don’t represent the article, why would you bother writing them without making that abundantly clear
Thanks for your feedback, I tried to clarify it a bit, the post title, however, cannot be changed because of rule 7.
Ok isn’t there still TLS encryption on top? Even if the Swiss Government were to tap ISP routers they won’t see much.
my inability to answer that question makes me consider to apply for a job in the swiss secret service.
Isn’t tls just strong enough that by the time it takes to crack a packet its contents will be irrelevant? If they’re keeping past records they could focus on key connections and hope to stumble on something important
I might be thinking of something else
Jezus Christ, what a misleading post. This only has to do with Proton in the sense of:
“Company doesn’t move country after information becomes public that state intelligence is as scummy as that of neighboring countries.”
This does not imply Proton to be involved or offer assistance. This does not mean it invalidates Proton’s use of Swiss privacy as a selling point. It’s better than what you get in many countries. Sad? Sure, but that’s where we are, currently.
Privacy on the internet can hardly ever be guaranteed, there’s just best case scenarios on an individual level. Be critical of the companies you trust with your data, obfuscate what you can, use secure connections and encryption where possible, be smart with what you share and pray you never become a target for state intelligence. That’s the most attainable level of privacy for most of us.
These types of defamatory posts seem like personal attacks born from personal disillusionment and a flawed understanding of either the tech, the laws governing it or the political context around it.
Lastly, if you feel passionate enough to be an activist, attack the system, not the cogs.
As a paying customer, i wanna hear from the other side, plus wanna see if this ping works across ActivityPub services, pinging @protonmail@mastodon.social
The website linked above is filled with false information. We have in fact attempted to reach the author and clarify this, but haven’t heard back. Some of the points have been clarified here: https://web.archive.org/web/20210727224547/https://serpentsec.1337.cx/i-was-asked-to-review-an-article-from , as well as in direct communication with our users: https://www.reddit.com/r/ProtonMail/comments/d58cq1/protonmail_questions_and_concerns/
Regarding the recent revelations about surveillance, Proton users are not impacted, because we aren’t considered a telecommunications service: https://proton.me/blog/court-strengthens-email-privacy (1/2)
can you also give a response to the “Addendum 2” in the article?
and sorry but how is this not false advertising? https://proton.me/blog/switzerland
@birdcat Please read the edited version of our response above, and accept our sincere apologies for sharing some links that were irrelevant to your original concerns: https://mastodon.social/@protonmail/111958985077770856.
The benefits of running Proton’s services under Swiss legislation described in the article above remain correct.
Thanks, appreciate it. And just to be clear, i found this article on the internet and thought its interesting to share with a community who claims to care about privacy; it was not meant to be a slander attack or anything, and I remain like 80% sure that youre not CIA 😜
Not to invalidate your argument (it’s still pending in EuGH) but germans BND scandal was about wayy to extensive selectors for NSA on europe’s main internet node RIPE. They just made it legal afterwards. My point is, be it swiss or german + US government…
geeat website, thanks!
So, I’ve been in touch with some privacy advocates who I know do their research and that I trust the opinions of, and this article is bullshit.
Can someone answer this from the “I am a criminal, if it matters” side as well?
Let’s not be biased now.
If you are a criminal (or are being treated like a criminal by a hostile government), use I2P Mail. It is self-hosted over I2P (Invisible Internet Project), which can make you more anonymous than even Tor (provided you don’t leak personal information by other means).
Thanks I forgot I2P had email and all the extra stuff. Do they have inproxies and outproxies or do both sender and receiver have to use the i2p service?
You know, I never found out. I never used the email service. In fact, the only thing I really used I2P for was accessing one of the Invidious instances hosted over there.
However, I follow a channel on PeerTube which did a few videos on I2P.
That’s a great tip. Thanks ✌🏼
Removed by mod
