Well This can't be good (ProtonMail tracking IP)

ProtonMail has been tracking your IP address all along | TweakTown

Unless there is new information, that is a seriously misleading headline.

Unless there is something I haven’t read yet, I don’t think they were tracking IPs “all along”. What I have read stated that they were ordered to track the IP of that user so they had to enable logging. Is their any evidence to the contrary?

Hmm, makes me wonder if ProtonVPN is susceptible to this as well.

Of course it is. All VPNs are.

This is why it is so important to understand the privacy laws in the countries with jurisdiction of your data.

Swiss privacy laws changed a couple of years ago and the protections are not nearly as strong as they used to be.

So. Self host your own email?? It can’t be that hard.

It’s not too hard, but… every mainstream mail service, like gmail, yahoo, etc… is going to send your mail straight to the spam folder.

Uhh…wouldn’t that give everyone your IP?

If you host it at home, sure. But if you rent a server?

If you rent a server, you have the same exact problem where the ISP can be ordered to provide your IP.

But if you steal craft yourself a dedicated server and access it from Whonix / TOR to self-host your shady e-mail somewhere out there, until somebody will find out…

All right all right! I shut up

P.S. e-mail is just something that is not secure, unfortunately…

If worried use TOR to access ProtonMail people.

TAILS / Whonix piggybacked on a VPN connection running in a VM.

Probably not totally foolproof, but good enough for everyday users’ piece of mind.

I hate technology. There’s always something. I just want to drink and fish and die off without anyone knowing me at all.

Yeah this is a lie and click bait.

Their ToS has stated they may be forced to comply with law enforcement and in this case they had been forced to track the IPs of several individuals associated with this email. They’re a radicalist group being painted as simple climate change activists and used to demonize proton for something they couldn’t prevent. The actual data wasn’t decrypted or handed over.

Every single service is susceptible to this and anyone thinking otherwise is delusional. If OPSEC is that important to you then trust nobody and if you need to hide you’ll have to take much care. Proton offers services over TOR which could’ve made this more difficult.

This is all a fat nothing burger cooked by people who don’t read or know what they’re talking about so just parrot crap they hear.

Here’s another provider like Protonmail that was forced to comply yet nobody was freaking out

censored not this one too! Well, nobody can protect us.

You are the only one who can protect yourself. You need to look at your threat model and make decisions on what youre going to do and use based on that.