fsebugoutzone.org:9999

       Post AcdaOEfeEjNFrSnq5Y by thenewoil@mastodon.thenewoil.org
 (DIR) More posts by thenewoil@mastodon.thenewoil.org
 (DIR) Post #AcZPOSCPAW9L5hwftA by thenewoil@mastodon.thenewoil.org
       2023-12-07T15:21:45Z
       
       0 likes, 1 repeats
       
       @protonmail how do you guys handle push notifications? In other words: in light of this article does Proton take any steps to protect users from this type of surveillance?https://www.404media.co/us-government-warrant-monitoring-push-notifications-apple-google-yahoo/
       
 (DIR) Post #AcZXCy61Y8HuAzzkXY by protonmail@mastodon.social
       2023-12-07T16:49:22Z
       
       0 likes, 0 repeats
       
       @thenewoil All Proton push notifications are protected by end-to-end encryption.
       
 (DIR) Post #Aca9yTiuT67IjbVRaa by JustaWorkingMan@fosstodon.org
       2023-12-08T00:03:47Z
       
       0 likes, 0 repeats
       
       @thenewoil @protonmail I wonder if just shutting them off like I normally do and when I check it I check it avoids the problem
       
 (DIR) Post #AcaFclW4EYIdGwWqmm by case2tv@social.tchncs.de
       2023-12-07T19:14:12Z
       
       0 likes, 0 repeats
       
       @protonmail of course they are. But that’s nothing special and other nearly all do the same. The point is the push token at all. ALL anonymization attempts can be thwarted with push tokens from the APN (Apple) and FCM (Google) services. The Protonmail app only uses push services and offers no alternative. When using IMAP with other providers you can change to pulling messages! So big downside when using protonmail! @thenewoil
       
 (DIR) Post #AcaFcmuD4HCna6pe3U by thenewoil@mastodon.thenewoil.org
       2023-12-08T01:06:57Z
       
       0 likes, 0 repeats
       
       @case2tv @protonmail I need to educate myself more on this. Tbh I was asking more cause someone in my Matrix room expressed concern and hadn&#39;t bothered reaching out, so I figured someone should.
       
 (DIR) Post #AcaHhUeAa3x2JEhVxI by thenewoil@mastodon.thenewoil.org
       2023-12-08T01:30:21Z
       
       0 likes, 0 repeats
       
       @case2tv @protonmail Now that I&#39;ve read up on it a little, I agree that Proton needs to accelerate efforts into eliminating their dependency on GCM and APN wherever possible. While the metadata itself is alarming - and potentially revealing as all metadata is - the existence of the push token renders connecting a device with an account trivial regardless of push notifications, from what I understand. Someone please correct me if I&#39;m wrong.
       
 (DIR) Post #AcaHnP5SAJFKnqHTIO by thenewoil@mastodon.thenewoil.org
       2023-12-08T01:31:30Z
       
       0 likes, 0 repeats
       
       @JustaWorkingMan @protonmail From what the article indicates, no. Unless you never registered for push notifications in the first place, in which case possibly? The article suggests that when you first set up the app it creates the push token which links your account with your device. But it&#39;s unclear at what stage of the process this happens (at least, to me).
       
 (DIR) Post #AcaMlrdNYXWuX3EbFg by Decentralize@dt.gl
       2023-12-08T02:26:57Z
       
       0 likes, 0 repeats
       
       @protonmail @thenewoil the problem with proton is they use google services in the first place. Tuta does not, as an example and android people who don’t use google services still get push notifications. This should been addressed years ago but been ignored so long.
       
 (DIR) Post #AcaSarHz69PQ09MYIy by Bernard@friends.ravergram.club
       2023-12-08T03:32:36Z
       
       0 likes, 0 repeats
       
       @thenewoil @case2tv @protonmail What metadata is exposed in Protonmail notifications?
       
 (DIR) Post #AcbLwbAvBWmVsIREtk by protonmail@mastodon.social
       2023-12-08T13:52:24Z
       
       0 likes, 0 repeats
       
       @thenewoil @JustaWorkingMan Proton push notifications are already protected by end-to-end encryption.
       
 (DIR) Post #AcbUmd2wGvWsN01dmi by case2tv@social.tchncs.de
       2023-12-08T15:31:48Z
       
       0 likes, 0 repeats
       
       @Bernard Translate this german site into your language and you will get more detailshttps://privacy-handbuch.de/handbuch_73.htm@thenewoil @protonmail
       
 (DIR) Post #Acc1CCuPGqHLMsH7T6 by Joel____@toot.community
       2023-12-08T21:34:27Z
       
       0 likes, 0 repeats
       
       @Decentralize @protonmail @thenewoil If you are looking into protonmail push without firebase, this app is pretty great. https://github.com/LeanderBB/you-have-mail
       
 (DIR) Post #Acc4R5uNsbntrZ3T7Y by thenewoil@mastodon.thenewoil.org
       2023-12-08T22:11:18Z
       
       0 likes, 0 repeats
       
       @Bernard @case2tv @protonmail I just meant in general. Any metadata. Just cause the notifications themselves are encrypted doesn&#39;t guarantee the metadata is safe.
       
 (DIR) Post #Acc6YYsmkihrezzmls by Decentralize@dt.gl
       2023-12-08T22:34:41Z
       
       0 likes, 0 repeats
       
       @Joel____ @protonmail @thenewoil that is great, but my point is where we need a third party app for something proton should address
       
 (DIR) Post #AcdW61kF9l4Gk90xHc by thenewoil@mastodon.thenewoil.org
       2023-12-09T14:55:38Z
       
       0 likes, 0 repeats
       
       @protonmail @JustaWorkingMan This doesn&#39;t address the concern we&#39;re talking about. What about metadata? Can Proton ensure that the metadata for push notifications is somehow protected? Can you ensure that the user account isn&#39;t linked to the device in a way that would allow authorities to gather information even with a warrant?
       
 (DIR) Post #AcdZIZ1tWvynJMwMDI by case2tv@social.tchncs.de
       2023-12-09T15:31:44Z
       
       0 likes, 0 repeats
       
       @thenewoil that’s it. At the moment no chance to protect metadata. But proton does reveal metadata quite often. Authorities don’t care about the content. It’s all about the metadata. @protonmail @JustaWorkingMan
       
 (DIR) Post #AcdZwbESlAnHj5uROK by gabehcuod@ioc.exchange
       2023-12-09T15:38:48Z
       
       0 likes, 0 repeats
       
       @thenewoil @protonmail @JustaWorkingMan Their response does in fact address the concern you&#39;re talking about. Like they stated in their response as well as during their AMA on Reddit the other day: &quot;This was not a surprising revelation at all, in fact, we anticipated this years ago, which is why we end-to-end encrypt all push notifications between our servers and users&#39; devices.&quot; The metadata for push notifications is protected by said end-to-end encryption. See the following for additional information:https://proton.me/blog/android-client-security-modelhttps://proton.me/blog/ios-security-model
       
 (DIR) Post #AcdaOEfeEjNFrSnq5Y by thenewoil@mastodon.thenewoil.org
       2023-12-09T15:43:11Z
       
       0 likes, 0 repeats
       
       @gabehcuod @protonmail @JustaWorkingMan Thanks for the additional information. I don&#39;t monitor Reddit so I didn&#39;t see the AMA, and their response here didn&#39;t say anything about metadata. I&#39;ll check out the links you shared.
       
 (DIR) Post #Acdaq3tnsYf6Yth08u by gabehcuod@ioc.exchange
       2023-12-09T15:47:33Z
       
       0 likes, 0 repeats
       
       @thenewoil @protonmail @JustaWorkingMan You&#39;re welcome. I don&#39;t use Reddit but saw a post about their AMA when I was researching more about their push notifications and so I thought I&#39;d at least mention it.
       
 (DIR) Post #AcfwEMCLytmVcSiOsi by Joel____@toot.community
       2023-12-10T18:57:42Z
       
       0 likes, 0 repeats
       
       @Decentralize @protonmail @thenewoil I totally agree. They should just implement their own push or unified push. Both of those would be great solutions and I would have to imagine unified push would not be super hard to integrate.