this post was submitted on 30 Jun 2023
107 points (97.3% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
54577 readers
238 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
💰 Please help cover server costs.
Ko-fi | Liberapay |
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Proton requires an email because they offer a free tier, without some way of regulating users their servers would be overrun with bots and spam...
The difference between what recently happened with Mullvad and what happened in the article you linked about Proton is that with Mullvad they were looking for general user data for VPN usage, not a specific persons email account like with Proton.
If a copyright holder or law enforcement is in a torrent swarm and logs all of the IP addresses of the seeders of Frozen II and then goes looking for the users of those IPs then ProtonVPN and Mullvad VPN would have the same response - No logs, no idea
Sure, not having to register with an email with Mullvad and IVPN is great but they're not offering port forwarding any more so we recommended ProtonVPN and you said you didn't trust them because they followed the law, if Mullvad or IVPN offered email services then they would have to do the same thing Proton did.
If you make a ProtonVPN account with the sole purpose of torrenting then all you have to do is not publicise your Proton email along with the fact that you're torrenting and then nobody can really do anything about that because law enforcement can't go to Proton like they did with that guy because they don't know the account linked to you.
I didn't hear about the onion issues, but again unless Proton was specifically told to log specific users IPs then even if they were redirected, their IPs wouldn't have been logged in those instances.
Its still user error, he must have publicised his Proton account, law enforcement found out about it and his IP was logged under Swiss law, thats user error. Its crappy that thats law but if you're going to do things like that then you should know how to protect yourself properly
Even worse:
So they were probably not using a VPN to connect to Proton Mail, which was the specific target, since e-mail and VPN providers were treated differently under Swiss law until Proton and Threema fought the government on this issue. Tutanota had a similar issue. If you're gonna rely on these services to break their jurisdiction's laws, you should be covering your own ass with bulletproof opsec, because businesses with millions of accounts are not gonna shut down and burn evidence in order to protect one user. In the Proton case, the activist apparently connected to a known Proton Mail account with no VPN or Tor; in the Tutanota case, only e-mails that were not end-to-end encrypted would pose at risk