Your only option is to have it based in a country that doesn't cooperate with the US and ensure MITM isn't possible.
There is a wide scope of "cooperation with US", from extradition treaties (so the US could demand the operator be legally extradited & jailed as opposed to kidnapped) to mutual legal assistance treaties (police collaboration), to "cybersecurity agreements". And the US military/economic strength (such as their control of SWIFT or the widespread military and "intelligence" apparatus) means very few countries won't cooperate. The US does not follow international law unless it wants to. US most often collaborates with EU & Anglosphere countries (UK "commonwealth" countries).
Comparison of NSA spying collaboration (known) https://restoreprivacy.com/5-eyes-9-eyes-14-eyes/ NSA are also interested in undersea cable wiretapping: https://www.vice.com/en/article/wnnmv9/undersea-cable-surveillance-is-easy-its-just-a-matter-of-money https://www.theatlantic.com/international/archive/2013/07/the-creepy-long-standing-practice-of-undersea-cable-tapping/277855/
MLAT data: https://web.archive.org/web/20180325141949/https://www.mlat.info/
Extradition: https://qz.com/97428/map-how-to-stay-out-of-reach-of-us-extradition-treaties/ Note that they could probably use a third country that has treaties with both the US and the country where the operator is located.
The NSA also works to gather information before it is encrypted, or to weaken random number generators and encryption schemes. https://www.schneier.com/blog/archives/2013/09/good_summary_of.html https://www.zdnet.com/article/has-the-nsa-broken-ssl-tls-aes/ https://www.schneier.com/blog/archives/2012/03/can_the_nsa_bre.html Intel ME is a good example, also keyloggers, hardware surveillance devices. https://news.softpedia.com/news/intel-x86-cpus-come-with-a-secret-backdoor-that-nobody-can-touch-or-disable-505347.shtml Intel ME can be set to disable (ironically thanks to NSA), but since it's proprietary, you can't be certain. AMD and other chip makers likely have similar subsystems. https://privacysos.org/blog/did-this-tor-developer-become-the-first-known-victim-of-the-nsas-laptop-interception-program/
Oh and NSA is allowed to share with FBI. https://www.rt.com/usa/373644-new-rules-access-nsa-data/
Hmm depends on which part you want to read more about.
Basically you want to avoid 14 eyes+ countries, basically any country that you think would be friendly to US requests for data. China might be the best option.
I personally just don't out anything I wouldn't want anyone to read in email.
For MITM that means you need e2e encryption. This way, your email sending service can't read the contents of your emails even though you're sending them to them to pass on to the recipients' servers.
Been wondering lately if the folks who tell us shit like "we don't log your IP" are instead keeping a hash of the IP, which a dedicated actor (like a state intelligence apparatus, or law enforcement) could probably combine with other sources to out you.
The IPv4 address space is small enough where hashing is effectively useless. Though a bigger concern IMO is DDOS mitigation services like Cloudfare. It doesn't matter if websites log or not if half of the internet is using the same reverse-proxy service.
DDOS mitigation services like Cloudfare
Hexbear using Cloudflare
:side-eye-1: :side-eye-2:
Lol if it makes you feel any better it's basically impossible to be anonymous on the internet anymore, so we're fucked anyway
I wouldn't be a doomer about it, but it is important to understand that there will always be a man in the middle. That's literally how the Internet is designed. Your computer connects to an ISP which connects to some other ISP which connects to some other ISP (and so on) which connects to the destination of your message. Cryptography has afforded us the ability to ensure the messages aren't tampered with, but they can still be recorded and timestamped at every hop along the way.
To have real anonymity on the Internet would be like expecting to be able to mail a letter with no address written on it. You could get away with making a dead drop here and there, but not anything persistent.
tangential, but I remember reading about a physical dead drop method neatly updated for the internet age: a fake rock that had short-range wireless communication (I forget if it was bluetooth or wifi or what) that all you had to do to dead drop was walk past it with a keyed partner device and it would either upload or download the payload
I think the youtube channel The Modern Rogue did a demonstration on that.
Yeah, but ideally we'd have our DDoS protection done by someone other than the issuer of our certificate, so that they can't trivially decrypt and log any traffic.
Edit: https://hexbear.net/post/127316
Looks like there's plans to switch certificate providers.
They can't trivially decrypt and log the traffic if any cipher suite with forward secrecy is used. ECDHE is a good example.
They can and do trivially decrypt the traffic. The CF certificate is used only between the client and CF's servers, which decrypt the data.
Been wondering lately if the folks who tell us shit like “we don’t log your IP” are instead keeping a hash of the IP, which a dedicated actor (like a state intelligence apparatus, or law enforcement) could probably combine with other sources to out you.
Good thing this site is open source so we don't have to wonder.
Well yeah, of course. Otherwise there'd be more of us here who could build cool shit. My point is that it's all there for anyone to vet who has put in the time to learn how.
@LeninWeave linked to a good example of when we've noticed stuff and brought it to the devs / admins: https://hexbear.net/post/127316
If you've got any proof hexbear is hashing all the IPs of everyone and storing them, then please make a post about it because I think we'd all want to know.
Yeah, what's weird is that they were advertising that they wouldn't do something that they then went and did.
100% agree.
Rick Falkvinge, Pirate Party cofounder, had a good article making this point. https://falkvinge.net/2017/12/09/privacy-promises-company-worth-nothing-companies-cant-promise-anything/
Is there an alternative that is better?
doing everything in plain sight, and possibly getting some type of software that makes random internet activity to make even more cluttered data to sift through
it's just common sense, using a VPN basically screams "hey I'm not a normie and I have something to hide". Now you've cut down their work by 95%, because only 5% of people use VPNs at all
Steganography. https://www.drchaos.com/post/hiding-secret-messages-in-images-with-steganography-and-metadata
Trusting a company to be truly secure is, unfortunately, a terrible idea. They exist in a world where they can be compelled to cooperate or be shut down. They'll make the choice that continues to make some money.
Also any claim of no logging may as well be marketing nonsense. There's no way to verify it, logs have to be kept to some extent atleast for a little while to allow functionality, and adversaries may compel or compromise and thus create logs.
Moon of Alabama has pointed out protonmail showing its ass over the Ryanair Belarus scandal
https://www.moonofalabama.org/2021/05/how-protonmail-lost-the-public-trust-it-needs-to-do-business.html
https://www.moonofalabama.org/2021/05/like-an-amoral-infant-how-protonmail-contributes-to-false-media-claims-about-belarus.html
also
https://theconsciousresistance.com/protonmail-is-insecure/
This site's purpose is to discuss politics, economics, philosophy and blogger Billmon's Whiskey Bar writings.
Some time ago, the commenting at Billmon's Whiskey Bar became a bit excessive. Billmon therefore closed the comments at his place on June 29, 2004. The community of commentators was left behind to search for a new place.
Moon Of Alabama was opened as an independent, open forum for members of the Whiskey Bar community.
Bernhard started and still runs the site. Once a while you will also find posts and art from regular commentators.Whiskey Bar (from Wikipedia):
Billmon is the pseudonym of an American blogger who wrote commentary on various political and economic issues of the day from a left-wing perspective. His blog was called Whiskey Bar.
So they're a weird leftover from a blog that doesn't exist anymore?
edit: the original blog shut down in 2006 lol
I feel like you're really throwing stones from a glass house, given the site we're discussing this on.
:shrug-outta-hecks:
Just trying to figure out what their deal is because that site looks sus.
From what I can tell it's mainly the blog of this guy Bernhard who as long as I've been reading has given very good honest and well sourced geopolitical analysis. He has had trash transphobic takes but it's one of my favorite places to get global news, poor web design notwithstanding
I feel like I remember that name from the Bush years but memory is tricky so :shrug-outta-hecks:
Ah, sweet, thanks. I... didn't think to just look it up on Wikipedia since I figured it was un-notable or something stupid they delete articles over. Anyway, 'from a left-wing perspective' is probably why the news items were refreshingly honest and analytical.
Even when I use to use protonmail, we always PGP encrypted the text even if there really wasn't anything incriminating either. Always assume everything is insecure, it's really the only way to protect yourself.
Pgp seems pretty likely to have been a government plant from the start
PGP has been audited to death by security researchers (mostly people use the open source GPG, IIRC), and the crypto primitives used nowadays are not the original ones anyways. Beyond that, it's also used for government communications and so a backdoor would be a huge security risk for them.
? I'd love to read more. I haven't been following PGP stuff for years now but I'd still be interested
Feds force programmers to give them secret access all the time, seems like a pretty good candidate
If PGP was a government op then why did the government investigate Phil Zimmermann for creating the software?
Then you're saying it wasn't a government plant from the start, but was captured.
Obviously I don't know the details or particulars of what the activist was doing, but I would venture to suggest that a mistake on his part was to do activity that France disliked while logging in from his own IP, instead of via a VPN or Tor. Defense in depth, and all that.
Protonmail allows logins through a tor onion site, after all.
Wait, they advertised that they didn't log IP addresses and then did? What the fuck?
They said they don't log IP addresses unless ordered to by the Swiss government for a specific individual. And I believe Swiss law allows for the person in question to be notified that their IP addresses are now being logged.
I mean, this all isn't great but ProtonMail is still gonna be the most private email option available. We don't have the level of privacy we should have, so we should all act accordingly.
Email in general should never be considered private. We've moved beyond the need for email in 2021 tbh
We need to just start using Chinese messaging apps to organize in the US
Found some info on ProtonMail - apparently is not that secure. And email in general isn't either, and neither is GPG/PGP (GPG is an open source implementation of PGP)
End to end encryption not really offered by ProtonMail (as of 2018), proven mathematically. https://eprint.iacr.org/2018/1121.pdf
If the provider holds the keys, it is not secure. Hushmail, Canadian firm handed over all emails to US. https://blog.malwarebytes.com/privacy-2/2021/09/protonmail-hands-users-ip-address-and-device-info-to-police-showing-the-limits-of-private-email/ https://www.techdirt.com/articles/20071108/093110.shtml https://www.wired.com/2007/11/encrypted-e-mai/
Hacker news thread about ProtonMail's security/privacy https://news.ycombinator.com/item?id=28057433
Metadata not secure for email: https://www.schneier.com/blog/archives/2013/07/protecting_e-ma.html https://www.theatlantic.com/technology/archive/2013/06/email-metadata-nsa/313842/ https://www.nbcnews.com/technolog/take-peek-your-email-metadata-feds-do-6C10569544 The metadata is the most valuable part for the NSA, to build networks of people and then catalog & categorize them as threats or not (threats get more surveillance/hacking).
Problems with E2E email encryption (W3 paper): https://www.w3.org/2014/strint/papers/08.pdf
Problems with PGP: https://latacora.singles/2019/07/16/the-pgp-problem.html https://secushare.org/PGP
Different encryption technologies for email: https://en.wikipedia.org/wiki/Email_encryption https://en.wikipedia.org/wiki/Email_privacy StartTLS https://en.wikipedia.org/wiki/STARTTLS Test for StartTLS support: https://ssl-tools.net/mailservers GnuPG https://gnupg.org/ S/MIME https://en.wikipedia.org/wiki/S/MIME DIME/Darkmail (founded by Silent Circle & Lavabit) https://darkmail.info/downloads/dark-internet-mail-environment-december-2014.pdf https://www.pcworld.com/article/2059840/silent-circle-lavabit-unite-for-dark-mail-encrypted-email-project.html https://www.wired.com/2014/07/dark-mail-hides-metadata-from-nsa/ https://www.admin-magazine.com/Archive/2015/25/DIME-and-Dark-Mail-seek-to-change-the-world-of-digital-mail
Comparison of "secure" email providers: https://gist.github.com/ciktion82/dd9a52f6d160686dcf4471e488399b62
