This comment seems to conflate resistance to mass surveillance with resistance to targeted surveillance. It's almost as if the fact that I'll never be able to resist a targeted attack means that I shouldn't attempt to have any privacy at all, but surely that's not right.
Encrypted messaging apps and services like ProtonMail have never been primarily to help people with Snowden's threat model. They're for people like you and me to reclaim a semblance of privacy, and they work even with "Uncle Sam" as the threat model in a limited, dragnet surveillance sense.
> They're for people like you and me to reclaim a semblance of privacy, and they work even with "Uncle Sam" as the threat model in a limited, dragnet surveillance sense.
They don't work, because the US government's modus operandi is compromising machines or forcing users to provide access to their encrypted data. It's unclear to me why, if you take as premise a government capable of forcing one of the most valuable organizations in the world to hand over its data, you believe a company several orders of magnitude smaller is safe because it's "end to end encrypted" and has servers in Switzerland.
Put another way, I find the concept of a government willing to force Google to give up data but unwilling to use operational vulnerabilities to achieve the same thing to be contrived - how is this not just an arbitrary line in the sand?
Furthermore, the heuristic itself is a red herring, in my opinion. It is far more likely that Protonmail has a critical security vulnerability inherent to its software than Gmail does. And even if we assume that the government doesn't want to spend economic resources on actively compromising you as an individual, why would the government not spend resources on a system to compromise you passively as part of an en masse campaign? In other words, are you using a custom built computer with parts designed by a boutique firm from another country immune to the wiles of government backdoors?
How do you decide where you want to stop down the rabbit hole, and are you really doing so empirically?
"Put another way, I find the concept of a government willing to force Google to give up data but unwilling to use operational vulnerabilities to achieve the same thing to be contrived - how is this not just an arbitrary line in the sand?"
In the US we have a constitution the prohibits searches of our papers without a warrant signed by a judge. It might be out of fashion is some circles, but the rule of law and not just rule of power is quite popular and I would say a superior system of governance. Many Chinese who are acquiring assets outside of China feel the same way.
With the current legal uncertainty around whether your fingerprint or retina scan locking your device has the same legal protection as a passcode - do you _really_ think every Three Letter Agency isn't operating under flimsy legal advice that "papers" does not include anything stored digitally? "The rule of law" is _very_ open to interpretation... (And it's not like parallel construction isn't a well known tool used to hide questionably legal (or outright illegal) law enforcement activity from whatever limited oversight they have anyway... A "Superior system of governance"? My opinion differs somewhat there...)
"willing to force Google to give up data"
first they issued a gag order, and then they came for the gold
"use operational vulnerabilities" am I the only one who strongly believes that Micro$oft is in bed with every 3-leter-agency in haning out backdoors/vulns for the last 20 years?
"They don't work, because the US government's modus operandi is compromising machines or forcing users to provide access to their encrypted data."
I'm not so sure - at least as recently as 2013, Lavabit showed that even top level US govt targets had some realistic reliance on properly encrypted 3rd party email providers...
The "dragnet" is the thing that's potentially useful - if it's difficult enough for them, they can't do warrantless "full take" surveillance - even for non US citizens, then choose to individually target you later based on a complete historical record being open to keyword/"selector" based searches.
(And for the appropriately paranoid - even Levison's comments back then suggested the thing he was prepared to fight and maybe go to jail for was handing over the SSL key that'd have exposes _all_ users. Reading it the right way suggests he may have sold Snowden out on his own - and I can't exactly say I wouldn't have done so myself in his position - but he was principled enough to not hand over the keys to the entire userbases's security. I sincerely hope _I_ never have the protection of privacy of a user like Snowden being my responsibility while the full pressure of the US government bears down on me. I strongly suspect my strongly-held personal principles would not stand up to that...)
> This comment seems to conflate resistance to mass surveillance with resistance to targeted surveillance.
ProtonMail doesn't meaningfully address the mass surveillance aspect, though. Most emails still hit its servers in plain-text form. Encrypting once it hits their server doesn't help the mass surveillance aspect, it only helps the targeted surveillance when a warrant comes in.
And if you're willing/able to get everyone that emails you to switch to PGP to get real end-to-end encryption then protonmail is worth even less, since none of their benefits matter anymore (google is obviously not able to decrypt your PGP emails, either).
And sadly - if someone emails a PGP encrypted mail to a protommail address using a key the recipient knows but protonmail doesn't - it doesn't work. Protonmail gives an "unable to decrypt" error, and doesn't hand over the encrypted body...
For me - I think they're useful protecting against dragnet "full take" surveillance (especially since I'm a non-US citizen, so am considered "fair game" for warrantless surveillance), but I don't for a moment think they'll protect me from any sort of state actor level interest targeting me specifically (I'm still gonna get Mossad`ed upon...)
(In more paranoid moments, I suspect that the first "dragnet" protection quite probably makes the second "targeted interest in _me_" more likely...)
There is still a possibility, a scenario only a crazy conspiracy theorist could imagine a few years back, but I believe the current development of closed chipsets could soon allow remote penetration into any machine using any network card by any vendor, and in a way that nobody can even sniff the suspicious traffic over the network.
It seems really complicated, if not impossible, but I'm starting to think it can be done if one has full access to the chipsets and their firmware (users, admins and developers don't, vendors and their "partners" do).
Let's assume a system where every piece of hardware has a closed device driver, or part of it, CPU included. We're there, or very close. It's not that hard to imagine a system within the system that can access data (hard drives have closed blobs), read passwords before they are encrypted through keylogging (USB sniffing), make screenshots of the desktop (video card closed blobs) and send them wherever they're instructed to (network card blobs), not to mention downloading and executing arbitrary code.
Now one could object that the traffic could be easily intercepted, but what if all network chipsets of all vendors, including those inside routers, had a small set of instructions to intercept any magic packet satisfying some rules and treat it differently. Let's say send it to some hardcoded addresses without counting them or reporting them to user applications; even leds on front panels would not report those packets passing through. The only way to realize something fishy is going on would be by tapping physically into the network cable using non-network dedicated chipsets, say very fast digital analyzers, decode all traffic and match it with what a normal sniffer would report.
I admit this is a crazy scenario, but if an entity with nearly infinite resources had the power to force any hardware vendor to put spying hardware/firmware into every machine, wouldn't it attempt to do something like that?
100% correct. Even with fully patched software/OS/hardware/drivers/firmware we are regularly 'surprised' by a number of 0-day vulns that has been around for 1-2-5-10 years and 'suddenly' we discover it/them.
Putting my tinfoil hat on, I'd say that they got a new-improved way to get in, and they patch the old one because now the 'others' got whiff of this (e.g. shadowbrokers) and are about to start abusing it themselves :)
Uncle Sam can’t dragnet root everyone’s machine, but they can (and do) dragnet surveil large email providers not focused on security.
“The government can hack anyone, just give up” is a dumb objection if you view security from an economic perspective. Defenders have a huge advantage over attackers that we aren’t sufficiently taking advantage of yet.
I am more worried about hacking from a competitor than I am from the government. That being the case, I trust Google far more than most.
I am not sure I understand the “fear” of the US government. Do we have cases of “normal” people being harmed from NSA type activities? We’ve had a ton of cases of normal people being harmed from non-government “hackers,” so, from a risk management perspective it seems silly to prioritize surveillance avoidance over garden variety thieves. To think Proton has the same level of experience and technology that Google has is a bit naïve.
And server location doesn’t particularly mean much. Plenty of Swiss banks have been compelled to turn over US citizen information due to FATCA — it’s not a stretch that a legitimate request for information by the US government would be honored by the Swiss if it pertains to a US citizen. For non-US citizens, there might be some benefit to an offshore server, however email is generally not the weakest link in surveillance. Also, you’d need to ensure that all your recipients are also using non-US as well as non-British, or non-French systems as well.
US surveillance is in the spotlight, but France and the UK are equally aggressive, if not more so since the actual laws in the UK and France are much more liberal in terms of allowing government to intercept communications. The French law doesn’t even require a judge (secret or not.)
I think Proton is a nice alternative, but other than effective marketing, there isn’t much differentiation from paid Google Apps/Gmail plans. Comparing “free” gmail with Proton isn’t exactly honest, comparing paid gmail to Proton is probably a more valuable comparison.
With Gmail, for example, it’s possible to get a Business’s Associates Agreement for HIPAA compliance.. which means that it’s possible to have email that’s more secure than “normal” free Gmail. Of course HIPAA isn’t relevant to government surveillance, but really, how many people are actually at risk from the NSA? If that concern is part of your risk profile, then perhaps you ought to be living in a Tora Bora cave with messages being delivered encoded with a one time pad. If you are worried about your Antifa or KKK meeting minutes being intercepted, it’s likely Proton isn’t going to be much help.
This is not a good heuristic, for several reasons.
First and foremost, despite widespread fetishization of things like end-to-end encryption, real world software rarely differentiates its security based on superior cryptography. Most security vulnerabilities occur at the endpoint level and are not even technical vulnerabilities, they're just successful, targeted phishing campaigns. The next most common set of vulnerabilities are in mundane software, typically in the infrastructure and peripheral logic. These are due to developer ignorance, misconfiguration or sometimes both. From there we have crypto implementation flaws, which are typically due to software engineers' fascination with implementing their own cryptography libraries or taking strange liberties with existing libraries that deviate from the explicit or implicit intentions of the original author. Finally, on a peak so remote and small it's scarcely visible from the ground, we have actual cryptography design flaws, where someone literally rolls their own crypto at the conceptual level and deploys it.
Second, email is a fundamentally antagonistic medium when it comes to end-to-end encryption. If you are actually concerned about your privacy and you're discussing something that warrants extreme care, email is the least user-friendly and most error-prone method of going about it. You should consider a synchronous medium with forward security if possible, probably based on a well-known and well-audited messaging protocol (to avoid a flame war I'm not going to suggest any particular one - do your research).
Third, if your threat model is honestly the US government, you need to significantly revise your opsec entirely if you're realistically considering Protonmail. Regardless of its actual security, you're (implicitly) saying that you trust Protonmail to be capable of withstanding the resources of a motivated three letter agency with an armada of security compromising tools at its disposal. Why trust a third party at all then? What makes you think the servers being in Switzerland is going to help you if you distrust the government this much? By all means, don't use Gmail either, but then Protonmail isn't really a coherent security measure either - again, use a synchronous messaging platform, or develop the opsec needed to consistently use PGP correctly on your own.
Given the foregoing, if your adversary is actually the US government, neither Gmail or Protonmail are effective strategies, and if your adversary is not the US government, Google's security team is vastly more qualified and has overwhelmingly more resources at its disposal to secure its email infrastructure.
Seconded! You could add Tutanota + 1$ per month = you will never see ads for a <insert_item_name> like the one you just bought, plus you will be driving Uncle Sam crazy!
Gmail + 0$ per month = zero privacy for you and anyone who emails you, plus Uncle Sam has full access to your life.
Protonmail + 4$ per month = you will never see ads for a <insert_item_name> like the one you just bought, plus you will be driving Uncle Sam crazy!