Hacker News new | past | comments | ask | show | jobs | submit login

Stop trying to defend indefensible behavior by getting hung up on semantics.

I, for one, will not renew my ProtonMail account if that's their status quo.




I'm extremely confused by this.

Unless you are naive enough to assume that ProtonMail is incapable of logging IP addresses (in which case they'd be incapable of serving HTTP requests...see the problem?) then they can log. And they most certainly aren't going to declare independence from Switzerland and refuse to turn on IP logging when required to by law.

Whereas with E2E-E, they actually are incapable of turning over readable emails.


what other status quo do you expect from them? Having to provide IP logs after a warrant has been issued is the law in switserland (and most if not all of the EU).

Sure, the law would (hopefully) be changed, but at the moment, this is the best they can legally do?


Tell users you are being logged on website.

Put alert warning that account has logging enabled

Change the service so collecting logs is not possible

Stop adding captcha to tor users login because you want to identify users


>Tell users you are being logged on website.

Frequently not legal

>Put alert warning that account has logging enabled

See above. Gag orders a problem with government in general. They do have a warrant canary page though, as well as a transparency report.

https://protonmail.com/blog/transparency-report/

>Change the service so collecting logs is not possible

You mean stop serving HTTP and MX requests?

>Stop adding captcha to tor users login because you want to identify users

You mean let bots brute-force my password?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: