![]() In this case, French authorities asked the Swiss government for assistance. However, on 5 September of 2021 the Swiss government forced ProtonMail to hand over IP addresses of French activists charged with theft and destruction of property. Offering some of the strongest privacy protection in the world, their 1993 Federal Act on Data protection strictly prohibits any processing of personal data without explicit consent. Switzerland is renowned for being neutral territory – being outside of US and EU jurisdiction. ProtonMail uses its Swiss location to take advantage of the DPA and DPO acts. ![]() Essentially, it prohibits the collection and use of personal data unless the law specifically permits it or you have given your informed consent. Germany may be one of the Fourteen Eyes, but it is protected by The German Federal Data Protection Act – a modification of the general EU GDPR law. Tutanota is based in Germany (one of the Fourteen Eyes). I think it much more likely that an opportunist would be getting in and a skilled hacker targetting something more important instead, and that the canary stands a slim chance of being useful instead of zero chance.Let's talk about the data laws under which these companies operate. Metalfrog's claim is that it is more likely that a real hacker would get in, be taking precautions against honeypots, and the canary would be useless. This is likely to be most successful, but due to the knowledge, effort and skill and sustained interest required, to be the least common by volume.Īnd then above that, people who do the last one "for a living".Ī canary that squawks against "I made a mistake and some opportunist got into my email" is more likely to go off, and more likely to be useful, than a canary that squawks against "a skilled hacker targetted me and got through Google's security". The hardest way is to understand and find flaws in a system and then exploit them. The next most easy way is to do phishing scams, it needs some chops to fake login forms and bulk email, but it's not massively complex. Most exploits by volume are going to be like these because these are easiest. None of that needs any hacking chops or brains. Or to look over someone's shoulder as they type a password in, or to walk up when they step away from their computer for a moment. a traffic sniffer, a wifi encryption breaker, Firesheep, or any one of many vulnerability scan/exploiters. The easiest way to "hack" is to install a script and run it, e.g. Why does the most obvious and logical course of events require justification? Maybe an appropriately paranoid way to set up this sort of canary is to have all your mobile (ie, non-fixed ip address) devices use a vpn into a trusted and well secured host? It took me way longer than it should have to debug, partly 'cause I started looking in the wrong place, but largely because most of the testing we did was with mail clients that were perfectly happy to transfer mail unencrypted when the STARTTLS capability wasn't announced.Īnybody MITMing you in Starbucks could easily do the same.Ī little bit of thinking with my "evil hat" on leads me to believe a similar protocol aware packet inspection/modification tool could easily rewrite webpages on the fly, looking for links to common service login forms and rewrite appropriate links and form actions to be http instead of https. I wasted _days_ recently trying to track down code bugs that weren't there - a piece of Cisco gear that was in the clients network was running a standard configuration called SMTP Fixup which was deep packet inspecting and rewriting the "250-STARTTLS" capability responses and passing them on as "250-XXXXXXXA" on the fly. And many mail clients happily continue non-encrypted sessions if the STARTTLS negotiation fails.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |