Oddbean new post about | logout
Ava | 11 months ago (raw) | root | parent | reply | flag 
 don't quote half a quote to make a point. here's the rest

"...are scanned for spam and viruses to pursue the legitimate interest of protecting the integrity of our Services and users. Such inbound messages are scanned for spam in MEMORY (i.e. it is not persistent), and then encrypted and written to disk. We do not possess the technical ability to scan the content of the messages after they have been encrypted."

mullvad has gone ram only for similar purposes as data stored in ram is temporary and not persistent.

using pgp or encrypted messages for private conversations is essential. if you don't anyone can read the contents of said messages. this is not a revelation, it's common sense and a problem proton solves as transparently as possible.
d18443bb | 11 months ago (raw) | root | parent | reply | flag +1 
 You are so naive,👋
Ava | 11 months ago (raw) | root | parent | reply | flag 
 and you don't understand how tech works. have fun calling every privacy-focused service a gov owned honeypot. oh, and i guess you also think ed snowden is naive too huh? you know, since he uses and recommends both tor and signal and all. later 🤙🏻
nobody | 11 months ago (raw) | root | parent | reply | flag +6 
 Imagine calling one of the actually legitimate opsec experts on Nostr naïve. 

🙄
nobody | 11 months ago (raw) | root | parent | reply | flag +1 
 Why do you guys get pulled into the fake accounts engaging?
Just take 2 seconds to look at the source & you should know it’s a purely shitposting account. 
Be better.
nobody | 11 months ago (raw) | root | parent | reply | flag +4 
 Because random normies see this stuff and get turned off to tech that would actually benefit them. 

The only way to counter bad speech is more speech and all that jazz.
nobody | 11 months ago (raw) | root | parent | reply | flag 
 Nah. And stop worrying so much about normies. They’re normies for a reason. 
The world needs ditch diggers too.
Ava | 11 months ago (raw) | root | parent | reply | flag +1 
 thx fren. unfortunately, i deal with people like this all the time. they give actual opsec/infosec professionals a bad name by spewing baseless fearmongering that really does nothing but scare people into apathy
nobody | 11 months ago (raw) | root | parent | reply | flag +3 
 I have very strong feelings about people giving security advice online, especially generalized advice. My faith in you was built by validating what you said through research and my own experience multiple times. So far, you’ve been batting 1000. 

I deeply appreciate that you take time to form context based on threat model of the individual, and explaining the tradeoffs between services honestly. 

One size fits all cybersecurity is worse than no cybersecurity imo. There are very few things (2FA over SMS is bad) that apply to everyone equally. 

Conspiracy theories are the worst though. That’s not even true information taken out of context - that’s just made up shit misleading people.
Ava | 11 months ago (raw) | root | parent | reply | flag 
 💯! well said. good on you for doing the research. and thank you for the complement
zhenya | 11 months ago (raw) | root | parent | reply | flag +2 
 Here here for @Ava
d18443bb | 11 months ago (raw) | root | parent | reply | flag 
 I am an expert - starter pack


Best services: Protonmail, Tutanota, Signal👏

And nostr... nightmare regarding privacy...
d18443bb | 11 months ago (raw) | root | parent | reply | flag 
 Please don't call yourself opsec expert.
d18443bb | 11 months ago (raw) | root | parent | reply | flag 
 Expert... we are fucked😐
d18443bb | 11 months ago (raw) | root | parent | reply | flag 
 Protonmail is NOT privacy focused.
More privacy oriented is using Gmail with Delta Chat or just with email clients + gpg (you own keys)