this post was submitted on 10 Aug 2023
218 points (100.0% liked)

Memes

1354 readers
35 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
gary_host_laptop@lemmy.ml
sexy_peach@feddit.de
cyclohexane@lemmy.ml
cypherpunks@lemmy.ml
218
My holy trinity of trust (lemmy.ml)
submitted 1 year ago by sgtnasty@lemmy.ml to c/memes@lemmy.ml
43 comments fedilink hide all child comments
 

The inner circle so to speak

top 43 comments
sorted by: hot top controversial new old
[–] dingus@lemmy.ml 59 points 1 year ago* (last edited 1 year ago) (3 children)

The thing is, ownership of any of these can change at any time. Bitwarden, Mullvad, and Tutanota could be sold to very different owners.

That is up to and including something like uBlock Origin, which only has one developer, and would suddenly be very different if that developer died and the project had to be forked.

You can never trust that the person who takes on the reigns has the same ideals as the people running them now.

Hell, Mullvad was abused to the point they removed access to Port Forwarding on their VPN service, which has led to many people needing to switch to crummier, shadier VPNs that still offer port forwarding access. That's not Mullvad's fault, but it is an example of them having to change their philosophy and what they offer because of abuse.

Trust should only go so far, and loss of trust should be very easy. There's not a good reason to keep "trusting" something when it has fundamentally changed from its initial ideals.

[–] r00ty@kbin.life 11 points 1 year ago

Hell, Mullvad was abused to the point they removed access to Port Forwarding on their VPN service, which has led to many people needing to switch to crummier, shadier VPNs that still offer port forwarding access. That’s not Mullvad’s fault, but it is an example of them having to change their philosophy and what they offer because of abuse.

It's a real shame too. It was a nice feature.

[–] Rayspekt@kbin.social 7 points 1 year ago (2 children)

Hell, Mullvad was abused to the point they removed access to Port Forwarding on their VPN service, which has led to many people needing to switch to crummier, shadier VPNs that still offer port forwarding access.

Could you explain what happened?

[–] dingus@lemmy.ml 17 points 1 year ago

As clear as I can make it out, it seems like it was related to a search warrant that was executed on Mullvad.

https://mullvad.net/en/blog/2023/4/20/mullvad-vpn-was-subject-to-a-search-warrant-customer-data-not-compromised/

Because just a little over a month after the news of the failed raid, there was news of them removing port forwarding.

https://mullvad.net/en/blog/2023/5/29/removing-the-support-for-forwarded-ports/

Emphasis mine.

Unfortunately port forwarding also allows avenues for abuse, which in some cases can result in a far worse experience for the majority of our users. Regrettably individuals have frequently used this feature to host undesirable content and malicious services from ports that are forwarded from our VPN servers. This has led to law enforcement contacting us, our IPs getting blacklisted, and hosting providers cancelling us.

The result is that it affects the majority of our users negatively, because they cannot use our service without having services being blocked.

The abuse vector of port forwarding has caught up with us, and today we announce the discontinuation of support for port forwarding. This means that if you are a user of forwarded ports, you will not be able to add or modify the ports you have in use.

[–] apt_install_coffee@lemmy.ml 3 points 1 year ago

They made a smart call that has probably increased the long term privacy of their users.

People were using port forwarding to host illegal shit, and governments were getting pissed off about it. Mullvad has been able to prove in court that they don't keep logs, but that's not a perfect deterrent; a properly motivated government, perhaps if somebody is using Mullvad to host CSAM, might attempt to legally force Mullvad to put logging in and add anti-canary clauses.

Preventing port forwarding keeps customers as consumers rather than hosters, and avoids this issue.

[–] SIGSEGV@waveform.social 4 points 1 year ago

Same thing just happened with IVPN :⁠-⁠\

[–] Qkall@lemmy.ml 29 points 1 year ago

bruh, i can't be the only one confused why state farm's drive safe app was being touted...

[–] revlayle@lemm.ee 23 points 1 year ago (2 children)

I love Mole, Shield and Road

[–] RootBeerGuy@discuss.tchncs.de 12 points 1 year ago

Ah, the new pokemon game that just came out.

[–] sgtnasty@lemmy.ml 2 points 1 year ago

the mole creates the tunnel for the road, and the shield is for the travelers' protection

[–] Fazoo@lemmy.ml 20 points 1 year ago

Why do you trust a Germany based secure email over something like Proton? At least Mullvad is Sweden based.

[–] WtfEvenIsExistence@reddthat.com 16 points 1 year ago (3 children)

Tutanota is German, which is part of the 14 eyes global surveillance network. I prefer my Switz Protonmail better.

[–] SmoothSurfer@lemm.ee 16 points 1 year ago (2 children)

https://www.engadget.com/protonmail-climate-activist-ip-swiss-french-authorities-233004304.html

Europol requested it. Even though you think your service is not under 14 eyes there still is gonna be many other problems.

You can always find problems with the service itself.

[–] Fazoo@lemmy.ml 9 points 1 year ago* (last edited 1 year ago)

And that proves what exactly? Swiss law required them to hand over an IP address. Swiss ptivacy is not absolute. They have laws. An IP address didn't grant them access to the encrypted emails. Proton openly admits they had no idea who the user was. The activist should have used a VPN, which Proton also offers as a service, and then whatever activity trail they linked to the IP would have died at Proton's VPN network.

[–] reddithalation@sopuli.xyz 3 points 1 year ago

Protonmail then went to court, and got the law changed so it doesn't happen again https://www.reuters.com/technology/proton-wins-swiss-court-appeal-over-surveillance-rules-2021-10-22/

[–] palebluedot@discuss.tchncs.de 8 points 1 year ago

Five and eleven eyes doesn't matter if the service is encrypted and open sourced. Also, did you know that Switzerland has no superior privacy laws comparing to Germany? It's all marketing bluff.

[–] jvrava9@lemmy.dbzer0.com 3 points 1 year ago* (last edited 1 year ago) (1 children)

Selfhosting an email is very hard but I think that at the end it’s worth it

[–] jherazob@kbin.social 4 points 1 year ago (1 children)

Until Gmail/Hotmail decides your IP is a spammer and forever you have deliverability issues from then on

[–] jvrava9@lemmy.dbzer0.com 1 points 1 year ago (1 children)

Interesting, is this a wild spread problem? I have heard of people that host email services for years and have no problems.

[–] NightAuthor 2 points 1 year ago (1 children)

It’s a worry I see posted a ton, and have been advised numerous times that email is the one thing you don’t wanna selfhost.

[–] legios@aussie.zone 1 points 1 year ago

I self-host (postfix and dovecot) and will admit of all the self-hosted stuff I have it's the most annoying/time-consuming to manage but doable if you're willing to spend a lot of time reading and updating things. I wouldn't recommend it to the vast majority of people though.

[–] DarkwinDuck@feddit.de 12 points 1 year ago

I have bitwarden and mullvad, but what's the other one?

[–] FunzioneSperimentale@feddit.it 9 points 1 year ago (1 children)

Proton does all of this at once

[–] Almace@kbin.social 16 points 1 year ago (2 children)

You do also kind of put all your eggs in one basket so to speak though. I don't have anything against Proton and the pricing makes sense if you value all their services and pay for Ultimate (though by my estimate, less sense if you are only looking for a smaller handful of services). However, if you go fully into Proton for everything, you're placing your trust into an entire stack of services and it can end up a single point of failure.

[–] retro@infosec.pub 1 points 1 year ago

I trust their privacy claims but if you backup your email and calendar you can just as easily move elsewhere if Proton does go down. Having only one provider can make things a lot easier to manage.

[–] FunzioneSperimentale@feddit.it 1 points 1 year ago

However, if you go fully into Proton for everything, you're placing your trust into an entire stack of services and it can end up a single point of failure.

Yeah, I know

The point is that Proton offers good service at a reasonable price, and for me that's it, that's perfectly fine

[–] sabreW4K3@lemmy.tf 8 points 1 year ago (1 children)

tutanota is terrible though

[–] twei@feddit.de 10 points 1 year ago (2 children)

Tutanota is one of the few good E-Mail services that i can think of, what's so terrible about tutanota?

[–] WtfEvenIsExistence@reddthat.com 7 points 1 year ago

Tutanota is in Germany, which is part of the 14 Eyes global surveillance network. Protonmail is located in Switzerland, not currently part of any such intelligence agreements. Switz courts are also much less willing to approve search warrants.

[–] sabreW4K3@lemmy.tf 3 points 1 year ago

The lock in and the lies. The first being your inability to read your emails in another client. Second is the lie that it's secure when email is inherently not second. It's making a false promise.

Oh and I forgot the new issue, being that you can't zoom mail, which is infuriating.

Disclaimer: I pay for Tutanota and have for a few years. But I'm tired of it. Will switch to another season once K-9 becomes Thunderbird for Android

[–] Mr_1077@monero.town 6 points 1 year ago (1 children)

For anyone still using Mullvad and wants port-forwarding, I recommend AzireVPN.

Good list! I use all of them too.

[–] pedro@lemm.ee 1 points 1 year ago (2 children)

I don't get what you mean, Mullvad supports port forwarding

[–] cma3246@lemmy.ml 1 points 1 year ago

They very recently stopped supporting it.

[–] rambos@lemm.ee 5 points 1 year ago

I trust bitwarden, but android app doesnt trust me!

[–] gvasco@discuss.tchncs.de 4 points 1 year ago

I might swap bitwarden by passbolt as it uses a more recent programming stack, although vaultwarden looks to be a good alternative too.

[–] Samsy@lemmy.ml 4 points 1 year ago (1 children)

That mole is sus to me, I am more like into Snakedragons.

[–] sgtnasty@lemmy.ml 2 points 1 year ago

Snakedragons

I heard it was a mythical creature

[–] Gnubyte@lemdit.com 3 points 1 year ago

As a US consumer, I can't use a lot of these VPNs. When you dig into how local governments are trying to break encryption in many countries overseas it makes you slow to sign up for services. The worst case would be you use a service, get invested and a few weeks later new legislation you're not following/in the know about gets passed and some of your data is now in some foreign governments jurisdiction more so than it was before.

It's not that Germany or Sweden in particular do that today but I also haven't quite looked into its bounds, if five-eyes alliance reaches them, etc. There is a lot you have to be cognizant of.

Also I like Bitwarden but Vaultwarden is the way to go; just make sure to donate/pay somehow for bitwarden if you use its clients.

[–] pewgar_seemsimandroid@lemmy.blahaj.zone 2 points 1 year ago

mine is larger for sure

[–] MonkderZweite@feddit.ch 1 points 1 year ago (1 children)

Translation of the logos?

[–] jackpot@lemmy.ml 5 points 1 year ago (1 children)

bitwarden (password manager) top, mullvad (vpn) left, tutanote (email provider) right