• yolo@r.nf
    link
    fedilink
    English
    arrow-up
    167
    arrow-down
    10
    ·
    8 months ago

    Upon receiving the recovery email from Proton Mail, Spanish authorities further requested Apple to provide additional details linked to that email, leading to the identification of the individual.

    I like how no ones talking about how Apple (the one its fanboys say is most privacy centric company) was the one that helped identity the individual.

    • azalty@jlai.lu
      link
      fedilink
      English
      arrow-up
      60
      arrow-down
      11
      ·
      8 months ago

      Proton leaked the recovery email. Apple has never given any guarantee about their mail service, which isn’t the case of Proton

      Don’t put any recovery info on Proton

      • Encrypt-Keeper@lemmy.world
        link
        fedilink
        English
        arrow-up
        24
        arrow-down
        2
        ·
        8 months ago

        Proton has never given any guarantee about hiding all account metadata from the Swiss government either.

        • azalty@jlai.lu
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          4
          ·
          edit-2
          8 months ago

          They’re all like “privacy and freedom”, “take control of your data”…

          They’re saying they’re the best for privacy literally on their website. You might argue that Apple does it too, which is fair, even though everyone knows it’s a lie

          But yea anyways that’s a big flaw, they shouldn’t push customers to enable a feature that effectively deanonymizes them

          • Encrypt-Keeper@lemmy.world
            link
            fedilink
            English
            arrow-up
            8
            arrow-down
            3
            ·
            8 months ago

            They’re all like “privacy and freedom”, “take control of your data”…

            That’s correct. And the fella used that freedom and control over his data to deanonymize himself. It isn’t proton’s job to be completely idiot-proof. They tell you what it is they do, and they do it. There are no false claims made.

      • NeatNit@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        13
        ·
        8 months ago

        Don’t put any recovery info on Proton

        About that. I’m still making the transition from gmail and currently most of my mail still goes to gmail first and gets forwarded to Proton through their easy switch process. Surely this is just as up for grabs as a recovery email, right?

        FWIW I’m not likely to be investigated any time soon so I’m not worried either way.

        • Spedwell@lemmy.world
          link
          fedilink
          English
          arrow-up
          20
          ·
          8 months ago

          That’s significantly worse privacy-wise, since Google gets a copy of everything.

          A recovery email in this case was used to uncover the identity of the account-holder. Unless you’re using proton mail anonymously (if you’re replacing your personal gmail, then probably not) then you don’t need to consider the recover email as a weakness.

          • NeatNit@discuss.tchncs.de
            link
            fedilink
            English
            arrow-up
            8
            ·
            8 months ago

            That’s significantly worse privacy-wise, since Google gets a copy of everything.

            Obviously, but I still haven’t gone through all the things I’ve ever signed up to and changed my email to the proton one. When I sign up to new stuff I use Proton, this is a necessary step for transition… And one that is likely to stay in place for a very long time since I’m going to keep procrastinating it.

            Unless you’re using proton mail anonymously then you don’t need to consider the recover email as a weakness.

            Excellent point.