Ένα άλλο θέμα εξαιρετικά σημαντικό που δείχνει ποια είναι η κατάσταση παγκοσμίως. Πριν λίγο καιρό οι αρχές της Ελβετίας ζήτησαν από την εταιρεία που έχει το ProtonMail να τους δώσει την διεύθυνση IP ενός ακτιβιστή για το περιβάλλον (μετά από αίτημα των Γαλλικών αρχών). Με την διεύθυνση αυτή κατάφεραν να τον συλλάβουν. Θα πει κανείς ότι αυτό είναι κάτι το φυσιολογικό Δυστυχώς, όμως, η κατάσταση είναι εντελώς διαφορετική. Η εταιρεία το 2014 διαφήμιζε ότι η κρυπτογράφηση γίνεται στο επίπεδο του χρήστη, οπότε δεν έχουν το κλειδί να την σπάσουν (αυτό ελέγχεται πλέον) και ότι δεν κρατάει δεδομένα των χρηστών. Δείτε για παράδειγμα την παρακάτω δημοσίευση η οποία αναφέρει πως η NSA αντιμετωπίζει πρόβλημα με τις λειτουργίες του ProtonMail.
The Only Email System The NSA Can't Access
The Only Email System The NSA Can't Access
May 19, 2014,11:54am EDT
When the NSA surveillance news broke last year it sent shockwaves through CERN, the particle physics laboratory in Switzerland. Andy Yen, a PhD student, took to the Young at CERN Facebook group with a simple message: “I am very concerned about the privacy issue, and I was wondering what I could do about it.”
There was a massive response, and of the 40 or so active in the discussion, six started meeting at CERN’s Restaurant Number 1, pooling their deep knowledge of computing and physics to found ProtonMail, a gmail-like email system which uses end-to-end encryption, making it impossible for outside parties to monitor.
Encrypted emails have actually been around since the 1980s, but they are extremely difficult to use. When Edward Snowden asked a reporter to use an end-to-end encrypted email to share details of the NSA surveillance program the reporter couldn’t get the system to work, says Yen.
“We encrypt the data on the browser before it comes to the server,” he explains. “By the time the data comes to the server it's already encrypted, so if someone comes to us and says we'd like to read the emails of this person, all we can say is we have the encrypted data but we're sorry we don't have the encryption key and we can't give you the encryption key.”
“We've basically separated the message that's encrypted apart from the key - all the encryption takes place on your computer instead of our servers, so there's no way for us to see the original message.”
This is different from all other systems, says Yen. While Gmail has implemented some encryption, they still have the encrypted message and the key to decrypt the message.
While half the team is now at MIT, some are still in Switzerland where the ProtonMail’s servers are housed for extra protection. “One of the key things we want to do is control our servers and make sure all the servers are in Switzerland which will increase privacy because Switzerland doesn’t do things like seize servers or tape conversations,” says Yen. This will help avoid a situation where the U.S government could forcibly shut them down, says Yen, similar to what happened to Lavabit last year.
Yen has turned down venture capital firms looking to invest in ProtonMail. “The reason we have to be bootstrapped is because if we take our money from something like Google Ventures, there goes our credibility. By being in this market we have to fund ourselves,” he says, adding that they’re considering a crowdfunding round next month.
ProtonMail’s revenue model is similar to something like Dropbox – charging only for extra storage.
“One of our motivations was human rights,” says Yen. “Having privacy is very important from a freedom of speech standpoint.”
The paid accounts will be $5/month and will provide 1GB of storage. Yen says they will accept bitcoin or even cash payments to allow users to remain anonymous.
They recently ran an update so they could support Chinese. Yen says they didn’t advertise this but through Twitter a blogger who has been involved in the freedom of speech movement heard about the service.
“All of a sudden we had an influx of hundreds of Chinese users - these are dissidents that don't want the government to be tracking them,” says Yen. “It's because we want to support users like this that we want to keep a certain level of the service free.”
Yen expects they’ll see the most traction in countries like China, Syria, Russia and Iran, where “you have these massive populations who cannot send an email without fear that they're going to get arrested.”
It’s also an alternative to the ad-based revenue model of free services like Gmail which actively scan your emails to deliver relevant ads to you online.
“You're forced to trust Google,” says Yen. “What this really shows is that Google is not really trustworthy. Google makes money by scanning your emails and feeding you ads off of what you're writing about; part of their core structure is to allow Gmail to read your emails and use your data.”
Most of ProtonMail’s team spends half their time working on the project. “We’re all CERN or MIT scientists, so we're doing research on computing, mathematics, physics that's actually closely related to what we do on the secure email. Encryption is very mathematical so we have four PhD physicists working on this,” says Yen.
ProtonMail just launched globally out of a private beta and is currently working on an Android or iPhone app expected to be ready by the end of the summer. Yen says demand is far higher than expected.
"We're close to 20,000 users now and have had to close the signups temporarily while we add more servers. We were not expecting 10,000 users per day even in our most optimistic projections so we're scrambling now to support more," he says.
Προφανώς στο κομμάτι της κρυπτογράφησης - θεωρητικά μιλώντας - έχουν δίκιο. Δηλαδή δεν μπορεί κανείς (είπαμε, μιλάμε θεωρητικά) να την σπάσει, οπότε το περιεχόμενο των emails παραμένει εμπιστευτικό. Έλα, όμως, που δεν χρειάζεται μόνο εμπιστευτικό περιεχόμενο, αλλά και άλλα πράγματα; Τον συγκεκριμένο τον έπιασαν μέσω δύο σταδίων: α) κάποιος κάρφωσε το περιεχόμενο του mail, δηλαδή μαρτύρησε την ακτιβιστική ενέργεια που θα έκαναν ή που είχαν ήδη κάνει, β) οι Αρχές μέσω της διεύθυνσης IP ταυτοποίησαν αυτόν που έστειλε το εμπιστευτικό email που είχαν ήδη στα χέρια τους. Την διεύθυνση IP την έμαθαν από την proton mail, που - θεωρητικά - δεν κρατάει στοιχεία των πελατών της. Είναι, όμως, έτσι όπως μας τα λέει ή παίζει κάτι διαφορετικό;
Πριν λίγα χρόνια και, μάλιστα, σιωπηλά οι αρχικές δηλώσεις που ήταν αυτές:
IP Logging: IP ProtonMail does not log the IP addresses used to access our Service unless this feature is specifically enabled by the user (it is disabled by default).
άλλαξαν σε αυτές:
IP Logging: By default, ProtonMail does not keep permanent IP logs. We also don't record your login IP address unless this feature is specifically enabled by the user. However, IP logs are sometimes kept to combat abuse and fraud, and your IP address may be retained if you are engaged in activities that breach our terms and conditions (spamming, DDoS attacks against ProtonMail infrastructure, brute force attacks, etc).
Η δεύτερη δήλωση είναι εξαιρετικά πονηρή και απατηλή. Το 1ο που γράφει είναι: Δεν κρατάμε μόνιμα αρχεία των διευθύνσεων IP. Αυτό ισχύει για την πλειοψηφία των παρόχων υπηρεσιών. Δεν υπάρχουν απεριόριστοι πόροι για να κρατάνε τα πάντα για πάντα. Τα κρατάνε, όμως, για 6 μήνες έως 2 χρόνια και αυτό αρκεί. Στην συνέχεια λέει και το πονηρό: Δεν κρατάμε την διεύθυνση IP από την οποία μπαίνεις, εκτός κι αν το επιλέξεις εσύ, αλλά μερικές φορές, όταν γίνεται κάτι που παραβιάζει τους όρους της εταιρείας (πώς το ξέρουν αυτό, αφού τα emails είναι κρυπτογραφημένα;), κρατάμε αρχεία. Σε αυτό το σημείο έχουμε τις εξής επιλογές: ή σπάνε την κρυπτογράφηση, οπότε γνωρίζουν ακριβώς τι μεταφέρουν τα emails σου, ή κρατάνε αρχεία έτσι κι αλλιώς και λένε ψέματα στεγνά, ή συμβαίνουν και τα δύο ταυτόχρονα, που είναι και το πιο πιθανό. Δείτε την παρακάτω σελίδα:
IP Logging Privacy Policy Update
Όποιος κάτσει να διαβάσει θα γελάσει με τα ψέματα που γράφουν οι εκπρόσωποι της εταιρείας. Δείτε μερικά:
ProtonMail Team έγραψε:Yes, we updated this for GDPR. While we don't keep logs for a long time, we do keep some temporary IP logs since that is necessary for anti-abuse and anti-fraud purposes.
Furthermore, if a court requests it, we do have the ability to log IPs for the particular account that is under investigation.
Και μετά:
torku έγραψε:So what’s stopping ProtonMail from logging an IP address under court order?
Απάντηση:
ProtonMail Team έγραψε:Nothing. Technical explanation is here: https://www.reddit.com/r/ProtonMail/com ... e/e1443ae/
Now, Swiss courts have never tried to force us to log IPs, and the law is not completely clearly if we have to comply or not. If we got such a request, we would probably fight it just to test this out.
Ακόμα πιο κάτω:
ProtonMail Team έγραψε:We still do not explicitly tie logs to specific user accounts.
However, we do analyze overall IP data for anti-abuse purposes. And we definitely receive IP data because whenever a client makes an HTTP request to the server, it sends its IP address. This is just how the Internet works.
Παραδέχονται ότι κάνουν ανάλυση των διευθύνσεων IP, υποτίθεται για λόγους προστασίας από κακή χρήση, αλλά στην πραγματικότητα για να έχουν έτοιμη την λίστα παραληπτών/αποστολεών και διευθύνσεων IP. Και πιο κάτω αποκαλύπτει πώς γίνεται και ότι το ίδιο κάνει και η Tutanota:
ProtonMail Team έγραψε:We're pretty sure that is not entirely correct in the case of Tutanota. Every HTTPS request sends the IP to the server. Unless you don't keep server logs whatsoever (which would make it impossible to do anti-abuse), there is going to be some IP logging taking place.
Notice that Tutanota is careful to state that they do not log when you login or send an email. But they likely log other API requests. This is essentially what we do too.
UPDATE: It seems like Tutanota updated their privacy policy now also. It now explicitly states that "In order to maintain operations, for prevention of abuse and and for visitors analysis, IP addresses of users are processed." So, definitely some IPs are being logged, and we wouldn't have expected anything different.
The big difference is that we also maintain an onion site, so it is in fact actually possible to access ProtonMail in a truly anonymous way.
Ξεχνάνε (ή μήπως δεν ξέρουν;) ότι οι περισσότεροι κόμβοι εξόδου του δικτύου TOR ανήκουν στις μυστικές υπηρεσίες κάθε κράτους, οπότε, ό,τι κι αν κάνεις, αυτοί σε παρακολουθούν. Η Tutanota πάντως είναι χειρότερη. Δεν σε αφήνουν να κάνεις λογαριασμό από δίκτυο TOR, μήπως και τους ξεφύγεις (υπάρχει ακόμα η πιθανότητα).
Δείτε και αυτό:
ProtonMail deletes 'we don't log your IP' boast from website after French climate activist reportedly arrested
Και αυτή είναι η ανακοίνωση που έβγαλαν μετά την σύλληψη του ακτιβιστή για να δικαιολογήσουν την κατάσταση. Το μόνο που ισχύει και έχουν δίκιο είναι το γεγονός ότι η προστασία στην Ελβετία είναι καλύτερη από τα άλλα κράτη. Βέβαια, υπάρχουν και φήμες ότι το ProtonMail ανήκει στην CIA, αλλά για αυτό δεν υπάρχουν αποδείξεις... ακόμα. Επειδή, όμως, υπάρχουν διακρατικές συμφωνίες, η Γαλλία έκανε το αίτημα, αυτό έγινε δεκτό από τις Ελβετικές αρχές, οπότε η προστασία που παρέχει η Ελβετία πήγε περίπατο.
Important clarifications regarding arrest of climate activist
Important clarifications regarding arrest of climate activist
Updated 24 September 2021
We would like to provide important clarifications regarding the case of the climate activist who was recently arrested by French police on criminal charges. We are also deeply concerned about this case and deplore that the legal tools for serious crimes are being used in this way. In the interest of transparency, we would like to provide additional context.
In this case, Proton received a legally binding order from Swiss authorities which we are obligated to comply with. There was no possibility to appeal this particular request.
As detailed in our transparency report, our published threat model, and also our privacy policy, under Swiss law, Proton can be forced to collect information on accounts belonging to users under Swiss criminal investigation. This is obviously not done by default, but only if Proton gets a legal order for a specific account.
We would like to provide the following clarifications:
- Under no circumstances can our encryption be bypassed, meaning emails, attachments, calendars, files, etc. cannot be compromised by legal orders.
- ProtonMail does not give data to foreign governments; that’s illegal under Article 271 of the Swiss Criminal code. We only comply with legally binding orders from Swiss authorities.
- Swiss authorities will only approve requests which meet Swiss legal standards (the only law that matters is Swiss law)
- Transparency with our user community is extremely important to us. Since 2015, we have published a transparency report publicizing how we handle Swiss law enforcement requests: https://protonmail.com/blog/transparency-report/
- Under Swiss law, it is obligatory for a user to be notified if a third party makes a request for their private data and such data is to be used in a criminal proceeding. More information can be found here.
- Under current Swiss law, email and VPN are treated differently, and ProtonVPN cannot be compelled to log user data.
- Due to Proton’s strict privacy, we do not know the identity of our users, and at no point were we aware that the targeted users were climate activists. We only know that the order for data from the Swiss government came through channels typically reserved for serious crimes.
- There was no legal possibility to resist or fight this particular request.
ProtonMail worked as designed
This case shows that ProtonMail works as it is designed to. The identity and location of the activist was already known to the French authorities (they had already been evicted once before for squatting, and the nature of squatting means that their location is known). Therefore, the authorities were most likely targeting email contents which might have provided further incriminating evidence. The fact that ProtonMail was not able to hand over any messages even under legal order proves that our encryption works, and very likely will be of great assistance to the activist in this case. Had they been using any other email provider, the outcome would have been very different.
What we are changing
We will be making updates to our website to better clarify ProtonMail’s obligations in cases of criminal prosecution and we apologize if this was not clear. As a Swiss company, we must follow Swiss laws. We will also clarify that the use of our onion site (details below) is highly recommended for users with heightened privacy needs. Finally, we will also be updating our privacy policy to make clearer our legal obligations under Swiss law.
What does this mean for activists using ProtonMail?
We understand your concerns and we stand with you – we are activists, too. There are a couple things we want to share.
Proton does fight for users
Unlike other providers, we do fight on behalf of our users. Few people know this (it’s in our transparency report), but we actually fought over 700 cases in 2020 alone. Whenever possible, we will fight requests, but it is not always possible.
Use Tor for anonymous access
There is a difference between security/privacy, and anonymity. As we wrote in our public threat model (published back in 2014), “The Internet is generally not anonymous, and if you are breaking Swiss law, a law-abiding company such as ProtonMail can be legally compelled to log your IP address.” This cannot be changed due to how the internet works. However, we understand this is concerning for individuals with certain threat models, which is why since 2017, we also provide an onion site for anonymous access (we are one of the only email providers that supports this).
Swiss law is still better than most
No matter what service you use, unless it is based 15 miles offshore in international waters, the company will have to comply with the law. The Swiss legal system, while not perfect, does provide a number of checks and balances, and it’s worth noting that even in this case, approval from 3 authorities in 2 countries was required, and that’s a fairly high bar which prevents most (but obviously not all) abuse of the system. Under Swiss law, it is also obligatory for the suspect to be notified that their data was requested, which is not the case in most countries. Finally, Switzerland generally will not assist prosecutions from countries without fair justice systems.
What should we do?
We need to help the youth activists, but ProtonMail cannot do that by breaking the law and ignoring court orders. We are on your side, and our shared fight is with the authorities and the unjust laws we have been campaigning against for years. The prosecution in this particular case was very aggressive. Unfortunately, this is a pattern we have increasingly seen in recent years around the world (for example in France where terror laws are inappropriately used).
We will continue to campaign against such laws and abuses, and we will continue to challenge unjustified government requests whenever possible.
Ευχαριστώ.