527
you are viewing a single comment's thread
view the rest of the comments
[-] RootBeerGuy@discuss.tchncs.de 126 points 6 months ago

They provided the backup e-mail address

Upon receiving the recovery email from Proton Mail, Spanish authorities further requested Apple to provide additional details linked to that email, leading to the identification of the individual.

Just in case anyone thinks they decrypted mails and handed them over, nope. I hadn't thought about that "settings" are not encrypted. Guess if you want to stay anonymous you shouldn't add your private mail address in there as a backup.

[-] Alk@lemmy.world 53 points 6 months ago

Yeah. Even if they couldn't hand over recovery emails, having a personal email as a backup to a "private and sensitive" email account is bad practice.

[-] BlushedPotatoPlayers@sopuli.xyz 7 points 6 months ago

But what do you do if that field is needed? A throwaway address won't work as it's easy to recreate. Buy your own domain and run a server?

[-] Alk@lemmy.world 11 points 6 months ago* (last edited 6 months ago)

I don't believe you need that field with Proton, correct me if I'm wrong. If you do need that field with an email provider, and you need complete opsec, use a different provider.

[-] Legend@lemmy.sdf.org 3 points 6 months ago
[-] pineapplelover@lemm.ee 10 points 6 months ago

I put the Simplelogin email alias as my backup mail. Which forwards mail to my proton, so I guess it isn't really a backup. Even more so if you realize I need to sign into simplelogin with my protonmail account and protonmail owns Simplelogin.

Ah yes the email ouroboros

[-] Scrollone@feddit.it 7 points 6 months ago

No, domain names are tied to a person and, even if that person register the domain with fake person details, there will be a digital payment associated with the purchase.

[-] EngineerGaming@feddit.nl 1 points 6 months ago

Some registrars accept crypto though.

[-] asdfasdfasdf@lemmy.world 6 points 6 months ago

Which also isn't private. In fact, it's the opposite of private since it's a public blockchain.

[-] EngineerGaming@feddit.nl 1 points 6 months ago* (last edited 6 months ago)

Yes, I am aware. But nonetheless it is far easier to use anonymously/pseudonymously than "traditional" payment. Like, exchanging BTC/LTC from Monero, and buying said Monero via a non-kyc method as well. And whatever protections you want to layer, depending on how much effort you think "they" would spend on you.

[-] EncryptKeeper@lemmy.world 3 points 6 months ago

It’s not needed, that’s just it.

[-] WaliBoi@lemmy.world 1 points 6 months ago

Proton doesn't require recovery. But if you want recovery without email addresses, there're multiple different ways from recovery phases to recovery phone number to even an encrypted recovery file you download onto a local device.

this post was submitted on 07 May 2024
527 points (100.0% liked)

Technology

59407 readers
2482 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS