• 0 Posts
  • 21 Comments
Joined 2 months ago
cake
Cake day: November 4th, 2024

help-circle

  • The reason you got that reaction in your last thread is because you’re dealing in absolutes, and most people don’t. Most people do not have a threat model that requires them to worry about whether or not second-hand Thinkpads are secretly a honeypot to steal their data. And I honestly would wager money that your threat model doesn’t require you to be that conscious of attack vectors either.

    For most people, the common sense steps to limit corporate tracking of personal data is more than enough to meet their needs. There’s no reason for anyone to sacrifice convenience for security to the degree you seem to be worried about, if they don’t have a practical need to. For example, they are doing something their government would frown upon, be it political activism or illegal activity.

    That doesn’t mean those people aren’t privacy conscious. It just means they don’t require absolute privacy, which is impossible to obtain online anyway. And just because this is a community dedicated to privacy, it doesn’t mean everyone here is as worried about privacy as Edward Snowden. Most of us probably don’t need to be, because we didn’t piss off the NSA, and we aren’t worried about covert rendition to Guantanamo Bay. So when you make posts like you did, worried about an attack that is so unlikely that it would be incredible if it actually ended up being worth the effort, of course people are going to poke fun at you.


  • _cryptagion@lemmy.dbzer0.comtoPrivacy@lemmy.mlDone with r/Privacy on Reddit
    link
    fedilink
    English
    arrow-up
    0
    arrow-down
    1
    ·
    edit-2
    1 month ago

    A bit more context is important here. They aren’t E2EE, but they are stored encrypted. In the case of the person whose meta information was turned over, ProtonMail wasn’t forced to hand over the information right away, they were forced to collect it the next time that person accessed and used their email. That tells us that they didn’t store the information beforehand and could not access it without preparing to intercept it the next time their service was used.

    Ultimately, though, if something like that’s a dealbreaker, it’s likely you’re doing something that would benefit from a more secure way of communicating than email.



  • _cryptagion@lemmy.dbzer0.comtoPrivacy@lemmy.mlDone with r/Privacy on Reddit
    link
    fedilink
    English
    arrow-up
    0
    arrow-down
    1
    ·
    1 month ago

    They gave meta information like IP to the government in Switzerland, where they are based, after the government forced them to with a court order. Not the encrypted mail, mind you, because they can’t do that, just the additional information they have on a user like email and IP.

    Because of that, a lot of redditers on r/privacy think they spy on their users for the US government. It’s a stretch, yes, but you have to remember they take turns using the one brain they collectively have.





  • OK, let’s check then.

    You can usually sign up anonymously without giving an email address or phone number, although we may require human verification in some cases.

    Source

    I’ve signed up on Tor and the clearnet, and both times without providing an email address or phone number. Meaning if you keep running into that problem, it’s a sign that something you’re doing or have done is causing them to think you aren’t somebody that should be signing up without verification. Either way, the fact remains that most people aren’t having this issue.