Proton mail may log ips after all...

Lakados

Supreme [H]ardness
Joined
Feb 3, 2014
Messages
4,712
I assume that using the MITM proxy as you do in your company, you'd be able to see the unencrypted TCP/IP data through the HTTPS connection, then, if desired, take the time to piece together the HTML/JSON/JS bits and retrieve the data sent to a client workstation (unless your firewall can give you a direct preview)? That is pretty dang cool.
Yeah, but how it normally works is it just decrypts, scans, then re-encrypts and passes it on. If I start digging that deep it takes up a crapload of storage space to log it all and that gets expensive fast. The basic logs are already at 60GB a month, adding those extra features can easily triple it, and the Ministry wants me to keep my logs for a year at a time to upload and submit to their usage pools so they can track metrics and usage to blah blah blah blah. So I only turn on in-depth logging if I get asked to track somebody specifically, or if I am finding too many flags coming from a specific account and even then I need to get permission first (I don't like acting unilaterally even if I am the whole department). But yes Palo Alto gives a lot of tools to keep people and data safe.

A side note from today's analysis is a lot of traffic poking around from Kazakhstan, which is weird AF wouldn't normally add them on the list of places to watch out for, it's all getting dropped but it certainly made me do a double-take when I checked it over coffee this morning.
 

AaronGant

Limp Gawd
Joined
Feb 21, 2010
Messages
391
I'm specifically referring to websites in this argument, and not to a direct protocol such as SSL / SSH. If websites did any client-side decryption, it would be through javascript, with the data first (re)encrypted and passed through a backend API. The client would not know how to decrypt the data without the key given to it at some point through the API. The API could encrypt the data in whatever format (PGP) it wanted, and the client could decrypt it (for example, through OpenPGP), but again, the client would require a decryption key given to it at some point in the process from the API.
ok (y)
 

d3athf1sh

Gawd
Joined
Dec 16, 2015
Messages
920
Realistically companies can't do much when they have a court order at their door. We say well how does it make it any better?

The observation is that no matter what you think, or someone says, if you have a connected device you are prone to being tracked. It may be harder in some cases than others but isn't that just reality?

I guess in terms of it (giving them the benefit of the doubt) they didn't track until their hand was forced. At that point it is a matter of how much is it worth to you to do business? Most of us are going to cooperate with them because we don't have the resources to fight it in court (even businesses) or we don't have the means to not be shut down by them.

You can hardly blame Proton for this. What we can attribute blame to and should be justly so is the way they are marketing their service. If that doesn't change then I would say trash all day long.

As it is, I think they are better than most in this respect. So I can cut some slack at this point.
well they could do like AIRvpn does and tell the "WE DON'T KEEP LOGS, fick off" but instead....
 

Gavv

[H]F Junkie
Joined
Dec 4, 2005
Messages
14,552
well they could do like AIRvpn does and tell the "WE DON'T KEEP LOGS, fick off" but instead....

Sure and then the conversation:

Employee meeting in 5 minutes.

Sorry to inform you….

You’re all fired as the government shut us down.

Paychecks in the mail.

It helps to understand dumb actions have consequences too.
 

d3athf1sh

Gawd
Joined
Dec 16, 2015
Messages
920
Sure and then the conversation:

Employee meeting in 5 minutes.

Sorry to inform you….

You’re all fired as the government shut us down.

Paychecks in the mail.

It helps to understand dumb actions have consequences too.
if you don't keep logs... YOU DON"T KEEP LOGS. end of story. whats not clear about that?
 
Top