:kitty-cri-screm: :cia

  • PorkrollPosadist [he/him, they/them]
    ·
    3 years ago

    This is not unique failing of ProtonMail. It is an inevitable outcome of any company which is trying to sell you privacy in one form or another. Like all capitalist firms, they are driven first and foremost by an imperative to accumulate capital. They cannot accumulate capital if the state drops the hammer on their executives or on the firm itself. If they are given an ultimatum, they will throw you under the bus without a second thought. Think about this not only with e-mail providers, but chat services, VPN providers, VPS hosts, the whole nine yards.

    • Mardoniush [she/her]
      ·
      edit-2
      3 years ago

      There is no such thing as true opsec online, I keep saying.

      Yes, use secure stuff as a general precaution, but remember, the only secure transmission is something whispered in private with grey noise over it, and maybe not then (rubber hose decryption is a wonderful thing). If someone really wants to know what you're saying, they'll find out.

      EDIT: the solution to this is to build networks that are resilient to compromise or better yet, resilient to infiltration. The old Moon is a Harsh Mistress "how to build an org cell structure" discussion is not how you should build such an org today, but is a good introduction to the general principles.

      • Alaskaball [comrade/them]M
        ·
        3 years ago

        Online opsec is supposed to be preventatives against non-state entities such as the proud Boys or 3 percent hogs trying to look into a socialist org's internal matters.

        Anyone in our game should know better than to put anything illegal into the Fed's backyard aka the net

        • Mardoniush [she/her]
          ·
          3 years ago

          Yeah, don't disagree. That said, there are some truly dedicated chuds out there, and sometimes the line between fed and hog is pretty porous.

          • D61 [any]
            ·
            3 years ago

            Hogs don't live without being fed.

      • happybadger [he/him]
        ·
        3 years ago

        rubber hose decryption

        In cryptography, rubber-hose cryptanalysis is a euphemism for the extraction of cryptographic secrets (e.g. the password to an encrypted file) from a person by coercion or torture[1]—such as beating that person with a rubber hose,

        When our turn comes, I shall make jokes about the rubber hose decryption.

        • D61 [any]
          ·
          3 years ago

          The Average Fishing Email vs The Chad Rubber Hose Decryption

          • happybadger [he/him]
            ·
            3 years ago

            Good day sir or mam,

            I am writing you from country of Nigeria. My name is Prince Happybadger and I am rightful heir to the throne. Due to corruption I need to get $200.000.000 million dollars out of Nigeria to a bank in your country. For your services I will not beat you to death with a hose. Please replying with haste.

            Respectfully yours,

            Prince Happybadger, rightful heir to Nigeria

    • invalidusernamelol [he/him]
      ·
      3 years ago

      They start off as accidental honeypots, then after the first big run in with the state become regular honey pots.