It is fairly easy to become a target/ victim of the police/state. Should this be a thing? No. I think everyone agrees on this.
It is a long and difficult fight. If we can win in the end is another story.
This in mind:
Could 'the user' protect itself better in the mean time?
Or is it ProtonMail's fault here?
Open-source doesn't equals trustworthy unless you reviewed the code and host it yourself.
+ the backend of ProtonMail is NOT opensource (to my knowledge).
I am aware of this. The fact that 'the user' hadn't been using Tor for this stuff speaks for itself.
I was responding to your new poll in which you'd added 'police' and 'legislator'. .
@hejowhat That's the idea behind open-source.
Encryption happens in the client, we don't need to trust the back-end.
@hejowhat You mean self-compiling? I don't think that's necessary if a trustworthy binary source is available such as F-Droid.
But also #ProtonMail has a responsibility in that matter, such as being very transparent against what threats their service can protect, without all that marketing speech that will just mislead people.
The general public does not have that knowledge, but ProtonMail has and they unfortunate continue to mislead them.
I wrote about that here:
@hejowhat I'm still OK with protonmail (awaits fire...)
Sure, ideally they wouldn't have given out the IP, but it's not like they just gave it at the drop of a hat. There was a legal process they were obliged to have to follow, not really a lot they can do about that (except move to another country or the moon).
They only enabled IP logging for that single user after that legal process and didn't/couldn't share any actual email content.
That's the way I understand it anyway. Maybe I'm wrong.
@pswilde I agree with you. I was wondering how 'the community' feels since I saw some outrage over it.
@hejowhat important to me, is that I'm sure that my mails are e2e-encrypted (and nobody except the receiver and me can read it). I trust PGP, and as long as I can verify that the PGP implementation PM ships with is trustworthy (Nadim Kobeissi paper), I can trust PM. Yes, they store IP-Addresses. And yes, obviously they have to abide the law (which is good, that's why we have laws after all). But if the only thing they have is my IP (and I don't like them to) it's up to me to hide it from them.
@rarepublic They don't even store the IP by default.
But depending on you threat model, even one 'IP slip' can cause you everything.
Are you using you own PGP key or does PM creates one?
@hejowhat I'm not quite sure under which circumstances they log IPs. But I'd assume they do it all the time (e.g. in the settings you find a list of IPs with failed login attempts for your account). Right, if your threat-vector includes IP, you're fkd,
PM frontend generates the private key for you. It's AES encrypted (with your Mailbox Password) on client-side and sent fully encrypted to the backend. You could just do the same thing through the API with your own keys. (I never did it though)
Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.