I do wonder what could they have done in the email case? I don’t think that there’s any country where they could just let you not comply with a court order. And due to how email works they can’t just encrypt the subject lines or the sender/receiver.
In that one case I lean more into pointing more fingers to the Swiss government, rather than to proton. They’re still not blameless tho, maybe they could have used some sort of canary to let people know they were being surveilled, and be more clear on how to avoid these situations.
Don’t log it, you can’t be compelled to hand over data you don’t have. They said outright that they didn’t log it.
Run SMTP purely on IO sockets. Don’t make files. You draft your email into your own cryptographically secure blob, When it’s time to send it, you fire it through an SMTP daemon built to use memory only, once it’s gone it’s gone. If the govt wants that data, they can go to the ISP for it. Maybe it communicates securely with SMTP servers set up in countries that are actually good at observing privacy.
Good Guy security provider could also terminate your account or lose your password.
The thing is, they oversold their security. They’re STILL overselling their security. The release rabid PR dogs / Trolls out there to discount/discredit people bitching about the situation.
I do wonder what could they have done in the email case? I don’t think that there’s any country where they could just let you not comply with a court order. And due to how email works they can’t just encrypt the subject lines or the sender/receiver.
In that one case I lean more into pointing more fingers to the Swiss government, rather than to proton. They’re still not blameless tho, maybe they could have used some sort of canary to let people know they were being surveilled, and be more clear on how to avoid these situations.
Don’t log it, you can’t be compelled to hand over data you don’t have. They said outright that they didn’t log it.
Run SMTP purely on IO sockets. Don’t make files. You draft your email into your own cryptographically secure blob, When it’s time to send it, you fire it through an SMTP daemon built to use memory only, once it’s gone it’s gone. If the govt wants that data, they can go to the ISP for it. Maybe it communicates securely with SMTP servers set up in countries that are actually good at observing privacy.
Good Guy security provider could also terminate your account or lose your password.
The thing is, they oversold their security. They’re STILL overselling their security. The release rabid PR dogs / Trolls out there to discount/discredit people bitching about the situation.