Seeing Proton get heat on social media for their marketing again so lets repost this. Treat these email services for what they are: Alternatives to Gmail or Outlook with a security perspective and aut...
No matter now secure your email encryption is, the email server is still the central weak point. The metadata (header information) is never encrypted, and we know the metadata is far more valuable than the message content. If you know who talked to whom and when, that's about all you need to know when tracing a target.
I've been running my own email servers since 1994. It is a federation system. I can tell you who sent what email to who and when at any time from the server logs. The very idea of thinking a honeypot like protonmail or signal as "the secure alternative" is exactly where the magnifying glass of the "eyes" will be focused, and there is no stopping governments from using force, persuasion or theft to acquire the information they want. It doesn't matter how "honest" or ideological the company may be, if the data is valuable (and it is), it will be exfiltrated.
@White Noise and maybe Tox is the only truly secure solution I know of, and that assumes your android device truly is even capable of being secured (even with @GrapheneOS)
I've been running my own email servers since 1994. It is a federation system. I can tell you who sent what email to who and when at any time from the server logs. The very idea of thinking a honeypot like protonmail or signal as "the secure alternative" is exactly where the magnifying glass of the "eyes" will be focused, and there is no stopping governments from using force, persuasion or theft to acquire the information they want. It doesn't matter how "honest" or ideological the company may be, if the data is valuable (and it is), it will be exfiltrated.
@White Noise and maybe Tox is the only truly secure solution I know of, and that assumes your android device truly is even capable of being secured (even with @GrapheneOS)
1
