PROTONMAIL COMPROMISED

PMAN EDIT:

This is the response from Protonmail. Remeber, your OPSEC is only as strong as your weakest link.

By Published On: May 7, 2024Categories: Uncategorized6 Comments on PROTONMAIL COMPROMISED

Share This Story, Choose Your Platform!

About the Author: NC Scout

NC Scout is the nom de guerre of a former Infantry Scout and Sergeant in one of the Army’s best Reconnaissance Units. He has combat tours in both Iraq and Afghanistan. He teaches a series of courses focusing on small unit skills rarely if ever taught anywhere else in the prepping and survival field, including his RTO Course which focuses on small unit communications. In his free time he is an avid hunter, bushcrafter, writer, long range shooter, prepper, amateur radio operator and Libertarian activist. He can be contacted at brushbeater@tutanota.com or via his blog at brushbeater.wordpress.com .

6 Comments

  1. Alan Rush May 7, 2024 at 13:05

    I wrote my comments on the X forum you provided. People are saying protonmail is strong. BS. They say no logs stored. One needs a passkey phrase to recover a protonmail acct. NOT a recovery email. They use PGE for encryption, which has had a back door since version 6 required by US Gov’t. Also, emails from Protonmail are only encrypted end to end if the recipient also has Protonmail. People look at https://sekur.com/, recommended by Epoch Times.
    There is also https://unplugged.com/pages/up-suite?customer_posted=true, recommended by Okeefe OMG; Albeit no email service.
    sat123.com also has end to end encryption by voice, provided both ends have the needed device to do so.
    We live in unprecedented times. Figure it out!

    • Alan Rush May 7, 2024 at 14:12

      WOW no edit. So, a thought. Does a possible anomaly that is nearly impossible to compromise sound safe to you, OR a potential back door no one wants to recognize!?!
      If it is so hard to find said anomaly, once compromised, how hard would it be for someone else to find the compromise!?!

  2. Alan Rush May 7, 2024 at 13:13

    Correction: PGP not PGE

  3. Alan Rush May 7, 2024 at 14:08

    https://www.varonis.com/blog/pgp-encryption

    EXCERPTS:

    Finally, you should be aware that PGP encrypts your messages, but it doesn’t make you anonymous. Unlike anonymous browsers using proxy servers or working through a VPN to hide your true location, emails sent through PGP can be traced to a sender and recipient. Their subject lines are not encrypted either, so you shouldn’t put any sensitive information there.

    How to Select PGP Software
    Your primary reason for using PGP is to ensure the security of your messages. When looking for PGP software, therefore, security should be your first concern. Though PGP itself is unbreakable, there have been instances where specific implementations have been compromised. Unless you are an experienced coder, spotting these vulnerabilities is essentially impossible, and so the best solution is to check for any reported vulnerabilities in the software you are considering.

    I ask myself, with today’s brute force quantum computing, do I think PGP can defeat quantum computing? I would not bet my freedom on it, meaning today even legal by law info in my messages I do not trust i.e. Christian talk regarding Bible quotes.

    Parting note only your message in encrypted, NOT the sender or recipient address!!

    P.S. I may be wrong on needing proton accts on both ends. Any service that supports PGP can be used. Not all emails support PGP. That would be where I confused the issue.

  4. K CSG May 7, 2024 at 19:43

    Just wanted to address this and some of the comments posted above….

    1. No commercial entity is going to go to prison for you, in other words, they are bound to comply with lawful requests from the authorities in their respective jurisdictions. This fact needs to be kept in mind whenever dealing with services provided by tech companies, regardless of whether they are considered “good” or “bad” actors. That’s a whole separate aspect.

    2. PGP proper was purchased by Symantec years ago and became proprietary, I would avoid it and instead use OpenPGP or GnuPG (open-source versions). If I recall correctly Proton uses OpenPGP. I am not aware of any “backdoor” in OpenPGP/GnuPG; furthermore, we are still many years away from a quantum computer with enough logical qbits to run Shor’s Algorithm which could conceivably break public/private key encryption. There is simply no evidence of this and to suggest it without any evidence or data just creates paralysis of paranoia.

    3. Email is and always has been a security and privacy dumpster fire. It is wholly inappropriate for anything needing high security. Even with well implemented GnuPGP it spills a shit ton of metadata. Not good. There are far better comms solutions out there for secure communicating.

    • Alan Rush May 8, 2024 at 04:52

      I should expand on PGP back door. In the early 90s a computer show would have an MI6 come on and share information. That is where the source for the back door originated . also, I distinctly remember an article stating the US Gov’t required PGP to install a back door. So take that for what it is worth. Version 6 is where it started happening. I recall at the time the dark web had source code for version 5. Of course, using that could get one looked at.
      Thanks to K CSG for expanding on my comments. I’ve never claimed to be a perfect person! You spoke wise words. I’m curious what “better comms solutions” you mentioned would be?
      You are correct about openPGP:
      EXCERPT:
      Proton
      proton.me
      › blog › what-is-pgp-encryption
      What is PGP encryption and how does it work? | Proton

      August 8, 2019 – Most don’t offer email client support, so if you use a desktop app like Outlook, Apple Mail, or Thunderbird, you won’t be able to encrypt your emails. The final way to use PGP is to get an app or software that supports OpenPGP(new window).
      https://proton.me/blog/what-is-pgp-encryption#what-is-openpgp
      My information was based on 1991 PGP, before Zimmerman created openPGP in 1997.
      Paul Harvey rest of the story stuff.

Comments are closed.

GUNS N GEAR

Categories

Archives