sudneo @ sudneo @lemm.ee

🇮🇹 🇪🇪 🖥

---

Read more

Posts

0

Comments

569

Joined

1 yr. ago

Oh that makes sense. Yeah, definitely simple encryption and exported (unencrypted) emails are not going to work together.

I am all in support for European tech companies, so I think that mailbox.org, tuta, proton etc. Are all good options.

From what I read though, the GPG security model for mailbox.org is the same as it is for Proton webmail (except for the browser plugin, where the difference is not really there). I like mailbox.org, to be clear, but I don't get how it is an alternative to the bridge.

I can't comment on this, since I don't use the bridge for a while. But it's just an IMAP/SMTP server, so not sure why certain features wouldn't work. What service did you end up using which has gpg integration?

One of the biggest risks is when someone knows your password.

Just a curiosity. How do you think every password for every online service works? The service "has" your password. It is hashed, but if this doesn't matter (similarly for encryption) to you, then you should be panicking about basically everything.

In the case of Proton an attacker has basically these options:

• Option 1: Attack you, try to compromise your device. If this is the case, your local keys are going to be taken, one way or another, even if you have them locally and encrypted. The only way you might save yourself in this scenario is if you store them on an hardware device (like a yubikey).
• Option 2: Attack proton. Once the infrastructure is compromised, the JS code that does the crypto operation needs to be backdoored, you need to use the service while the JS is compromised, and the attacker will obtain the keys and the messages.
• Option 3: Compromise the sender/recipient for the emails (this is in cleartext in any case).

In the case of a manual solution:

• Option 1 is identical.
• Option 2: Attack the software you use (let's say, mutt). Once you gain access to the repository, push a backdoored update and wait for you to install the new version. Incidentally, compromising this tool also allows the attacker to compromise your whole machine (unlike what happens with JS code, which runs at least in the browser sandbox).
• Option 3 is identical.

So the tradeoff is really that:

• With Proton an update is going to be pushed quicker and without your explicit interaction, but
• compromising Proton is going to be much, much harder than compromising the laptop/repository for the handful of maintainers that generally have the keys to push updates for the software you are most likely going to use. We are talking company with security department + SOC vs maintainers with whatever security practice and no funding.

It’s not even hard to manually encrypt emails.

Yeah, and this is why 99.9% of the people have never and will never touch GPG with a 10-foot pole. The tradeoff is a complete no-brainer for the vast majority of people, because the reality is that for most, either someone else does the key discovery, management, signing, encryption, decryption, or nobody does. We can sit here and pretend that it's easy, but it's not. Managing keys is hard, it is painful, especially on multiple devices, etc..

EDIT:

The entire threat model for proton is also documented BTW: https://proton.me/blog/protonmail-threat-model

Introduces some risks in terms of security. Privacy concerns are extremely minimal, because in any case you don't control the setup of your other interlocutor(s).

Considering that the realistic alternative is not using anything at all and the fact that you have both options with Proton, it's a win-win scenario.

There is a reason: simplicity. Either you do all the key management yourself, which in practice means 98% of the people won't do it at all, or you implement a solution like they did and increase the risk of a small % (see my other comment) but you cover every customer.

It's not "insecure", it's simply a supply chain risk. You have the same exact problem with any client software that you might use. There are still jurisdictions, there are still supply chain attacks. The posture is different simply by a small tradeoff: business incentive and size for proton as pluses vs quicker updates (via JS code) and slower updates vs worse security and dependency on a handful of individuals in case of other tools.

Any software that makes the crypto operations can do stuff with the keys if compromised or coerced by law enforcement to do so.

In any case, if this tradeoff doesn't suit you, the bridge allows you to use your preferred tool, so this is kinda of a moot point.

The main argument for me is that if you rely on mail and gpg not to get caught by those who can coerce proton, you are already failing.

The Bitwarden client has all the data cached, so the server can be down and you still get access to the passwords (same for internet connection).

You upload your private key to the cloud. Encrypted or not, this is a bad idea.

An encrypted key is a useless blob. What matters is the decryption key for that key, which is your password (or a key derived from it, I assume), which is client side.

They can do the signing and encryption with my public key

They can't sign with your public key. Signing is done using your private one, otherwise nobody can verify the signature.

Either way:

and then I’ll do the decryption with my own private key locally without them storing it.

You can do it using the bridge, exactly like you would with any client-side tooling.

It depends on location. Getting a disc shipped from the other side of the world, paying 20 bucks + shipping for each movie in not sustainable.

Shouldn't we worry of enshittification when we are on the verge of, or on the descending side of trajectory?

So far they added features in a way that keeps respecting users rights, without changing their business model (which is 90% of the reason why companies enshittify BTW). Just because these products have something in common with products of companies who enshittified doesn't mean the same applies here.

You can use your own GPG key (https://proton.me/support/importing-openpgp-private-key or using the bridge), whatever tool does the signing needs the key (duh) so I am not sure what you mean by "they store your private key" (they stored it encrypted as per documentation https://proton.me/support/how-is-the-private-key-stored), their AI was specifically designed as local, exactly to be privacy friendly, plus is a feature that can be disabled (when it will reach general subscriptions).

I don't care about cyptocurrencies, but I suppose they started with the most popular, nothing to do with privacy as they just let you store your currencies.

Anyway, use what you like the most, of course, but yours don't look very solid motivations, quite a lot of incorrect information, I hope you didn't take your decision based on it.

I wish there were. I have a huge DVD collection (2000+), and yet now it's borderline impossible for me to find a DVD/Blueray for the stuff I want. Shops have shelves with maybe 100 blockbusters at most. It's also impossible to buy the single product online, you can "rent" it, but you can't buy it in a way that you can watch it with whatever device I want, with whatever tool I choose and without an internet connection.

This is my main beef with streaming services, you are permanently renting and therefore depending on the whim of the distributor (which in 90% of the cases now is also the maker).

No, 670k from 42 investors means less than 20k of investment per investor. 670k is already a number ridiculously small for VC funding, but 20k is basically nothing.

Also, after just a few years, 37 employees and 30k users the company became profitable, which is an insanely low period/scale for usual VC funded tech companies.

Fair enough.

it’s been pointed out that Cho and Chang are both family names from entirely different cultures

Just for fun I opened LinkedIn, and I have found 2 pages of people called Cho Chang. This doesn't say anything, of course, and I know nothing about Asian names and cultures, but I still found it interesting.

I will leave out interpretations of stuff in the book. You can interpret it in multiple ways, the author might have meant it in multiple ways, plus there are probably way more facts to keep into consideration that revolve around a character in the book that is pivotal for the whole plot.

I think it’s incredibly silly to suggest that you can’t make some judgements about an author

You can make some judgements, of course. But there

Nobody is really saying she was a hateful bigot while writing those books

The first comment in this chain, which is the reason why I am discussing at all...:

Harry Potter is racist AF. Rowling named the black guy Kingsley Shacklebolt and the Asian girl Cho Chang. The books are pro-slavery too, and argue that if you free slaves they’ll turn to alcoholism. Rowling has always been a white supremacist.

So, the nuance of the characterization of women, whatever that actually means in practice, sounds already more reasonable. Stuff like this quote are completely insane IMHO.

I am not a fan of some of his ideas either, especially the ones tending towards libertarianism. Some other ideas instead are quite decent, like how he thinks companies should give back to the community. He also built a tech company without VC funding and with a good share of ownership for workers (which I think is nice), without any marketing (which I despise as industry) and generally without the predatory nature that 98% of tech companies have nowadays.

I am sure you are referring to the Brave debacle of months back, and FWIW, I agree with his position on that particular issue. Anyway, considering that I have no ideas about the positions for the CEOs/founders of the alternatives, I think it's still a very worthy compromise to have a good product (incl. nonfunctional qualities like privacy, ecological impact etc.).

She invented a world with race based slavery and only addressed it by normalizing the slavery whenever an outside took issue with it. It would have been easy to have the Weasleys be opposed to House Elves, but they also wanted one and the reader is suppose to feel pity that our poor, loving, relatable family can't have a house slave.

This discussion is the kind of stuff I really don't care about. I read the book when I was a kid and I remember clearly feeling for the injustice of elves being slave, cheering when Dobby was freed and for Hermione and her movement (she started one, I believe). So I am not sure what's the point to discuss what the author "could have written" or what you think she meant you to feel when writing. These are both assumptions that I can't even relate to, so they fit perfectly into what I was talking about: starting from "she is racist" and then trying to find bits and pieces in the books that can be used to support the claim.

but the thesis of a story is going to reflect the writer's beliefs and morals.

Assuming this is true in every case, which is debatable, none of the stuff mentioned is the thesis of the book. In fact, I answered to a comment that was claiming she was a white suprematist based on character names and stuff like this. On the other hand, a HUGE role in the story is taken by the opposition to the "pure blood" movement (embodied by the main villain), and basically every positive character is or supports mixed-bloods (in English they are called mud-bloods? Not sure). To me this in complete anthitesis with white suprematism, but I would use neither to try to infer what JKR views are on race/society.

My point is that in 7 books and thousands of pages you will find details that you can use to suggest her views are anything you want. The main plot of HP is generally a positive story, nothing that can be linked to racism, white suprematism etc. and so are the main characters. So why picking minor details or creative interpretations of the books instead of her actual words as JKR? Like yes, a transphobic, racist, whatever wrote a nice book series, possibly before becoming transphobia, racist etc.

Completely agree, I started seeing business hours popping up lately, I know that they know it's an area of improvement.

It's a premium service but it has very nice features and is a good product overall.

I specifically suggested to use her actual opinions (like the shit she tweets) instead of making stuff up from the books.

So I guess we agree...?