Skip to main content

Proton Mail denies that it offers real-time surveillance assistance


A Swiss lawyer has accused Proton Mail that the company has initiated offering IP Logging upon request of Swiss authorities.

ProtonMail, the famous end-to-end encrypted email service from Switzerland, has denied the claims made by a Swiss lawyer Martin Steigerregarding the company’s involvement in voluntary assistance to Swiss authorities for real-time surveillance.
The head of the Cyber crime Competence Center, Zurich, and public prosecutor Stephen Walder stated that the company doesn’t offer voluntary real-time surveillance but is obliged to help authorities in certain situations. However, Mr. Steiger publicly posted about Proton Mail’s offer stating that the company has initiated offering IP Logging upon request of Swiss authorities.
For your information, Zurich, Switzerland-based lawyer attended a presentation earlier in May where he mentioned ProtonMail, and later Mr. Steiger tweeted from his Twitter account that he learned at the event that the encrypted email service provider “voluntarily offers assistance for real-time surveillance.”
Gelernt: @ProtonMail unterstützt Echtzeit-Ãœberwachungsmassnahmen, auch ohne BGE … Wird von Cybercrime-Staatsanwalt Walder ausdrücklich als positives Beispiel erwähnt!
— Martin Steiger (@martinsteiger) May 10, 2019
Contrary to Mr. Steiger’s claims, Walder states that he is being misquoted and that he only said that ProtonMail is a reliable assistance provider. Steiger immediately responded that he has reported everything he learned at the event accurately and to prove his point, he cited the company’s recent Transparency Report in his blog post, which read that:
“In April 2019, at the request of the Swiss judiciary in a case of clear criminal conduct, we enabled IP logging against a specific user account which is engaged in illegal activities which contravene Swiss law.”
According to the report, ProtonMail enabled IP logging in April 2019, which actually falls into the category of criminal misconduct as per the Swiss law.
ProtonMail claims that the use of the term Voluntary is rather misleading because the company is obligated to assists authorities just like every other company does not just in Switzerland but around the world. ProtomMail cleared the air in one of its tweets that read:
“All Swiss service providers are obligated by law to assist law enforcement in criminal cases, and the law requires us to enable IP logging in criminal cases.” Hence, the company isn’t offering its services on a voluntary basis.
ProtonMail has also claimed that they offer end-to-end encryption and therefore, they cannot share unencrypted messages of its users to a court of law no matter how much is it pressurized through court orders.
According to ProtonMail, its T&Cs prohibit users from using this service for carrying out illegal activities, which is why when such infringements occur the company is obligated to help the police. But, this only happens when the company receives an order from some prosecutor or a Swiss court.
“ProtonMail does not voluntarily offer assistance. We only do so when ordered by a Swiss court or prosecutor, as we are obligated to follow the law in all criminal cases. Furthermore, end-to-end encryption means we cannot be forced by a court to provide message contents,” the company’s spokesperson told TheRegister.

 Mr. Steiger, on the other hand, wrote in his blog post that the real concern is about the metadata and the way real-time surveillance can be performed using the services of ProtonMail.

So far, ProtonMail has denied the claims made by Mr. Steiger but the lawyer stands by his claims and even said that using only the metadata the authorities can learn a lot about an individual’s personal life.

 

Comments

Post a Comment

Popular posts from this blog

List Of Sql Infected Sites-HACKEREAD

SQL injection  is a  code injection  technique, used to  attack  data-driven applications, in which malicious  SQL  statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).  SQL injection must exploit a  security vulnerability  in an application's software, for example, when user input is either incorrectly filtered for  string literal   escape characters  embedded in SQL statements or user input is not  strongly typed  and unexpectedly executed. SQL injection is mostly known as an attack  vector  for websites but can be used to attack any type of SQL database. List of SQL Infected sites:  http://www.genhound.co.uk/source.php?id=477 http://www.lcoastpress.com/journal.php?id=8 http://www.travellers-tales.co.uk/travelJournal.php?id=42 http://www.arrowvalves.co.uk/content.php?id=8 http://www.reaplasrack.co.uk/content.php?id=129 http://www.arrowval...
Post a Comment
Read more

Google dork list for XSS (Cross- site scripting)-2020

GOOGLE DORK LIST FOR Cross-site scripting -2020 Google Dorks  its also known as google query ,List “Google Hacking” is mainly referred to pull the sensitive information from Google using advanced search terms that help users to search the index of a specific website, specific file type and some interesting information from unsecured Websites. Google Dorks list  2020 can uncover some incredible information such as email addresses and lists, login credentials, sensitive files, website vulnerabilities, and even financial information (e.g. payment card data). Here you can see an example to understand how  Google Darks   password  used by hackers to gain sensitive information from specific websites. You can also use for Exploit DB site to give you according to you Search state. https://www.exploit-db.com/ “ inurl: domain/ ” “ additional dorks A hacker would simply use in the desired parameters as follows: inurl = the URL of a site you want...
Post a Comment
Read more

Popular Android Zombie game phish users to steal Gmail credentials

The app made its way to Google Play Store was also found phishing users for Facebook credentials. Scary Granny ZOMBY Mod: The Horror Game 2019 is the latest game on Google Play Store that is condemned by the digital security fraternity for sneakily stealing personal data from unsuspecting users. The game, which has been downloaded for over 50,000 times, was available for Android devices making Android users its primary target. The malicious app attempts to collect sensitive information such as Facebook and Gmail login credentials. The malicious activities of Scary Granny ZOMBY Mod were detected by the mobile security firm Wandera. The company found out that the app asks users to enter their Gmail or other Google account credentials, which are then used for collecting private data of the user by hijacking the account –  All of this happens, unsurprisingly, without alerting the user. Gmail phishing page on the supposed gaming app (Screenshot: Wandera) Rese...
Post a Comment
Read more