Proton: “We’re consolidating our social media presence due to limited resources and no longer posting on Mastodon. Follow us on Reddit for the latest updates: Reddit - Dive into anything”. This is unexpected, as they had around 50k subscribers on Mastodon, and mirroring posts is super easy. I find that concerning that they stopped posting on open and decentralized platform, but keep posting on Meta and X.

Proton: “We’re consolidating our social media presence due to limited resources and no longer posting on Mastodon. Follow us on Reddit for the latest updates”

  • loudwhisper@infosec.pubEnglish
    0·
    5 hours ago

    Security is hardly a binary property.

    Given you mention the specific technical setup, I would say yes - that is secure against most risks relevant for most people.

    At least, it’s totally fine according to my own threat model, where I looked specifically at broswer-based encryption vs “manual” encryption (I.e. using PGP tools locally).

    • DreamlandLividity@lemmy.worldEnglish
      0·
      4 hours ago

      It is nuanced, but having the ability to selectively serve malicious javascript stealing keys to specific people only on one access is considerable issue in practice, compared to distributing binary where you would generally have the same binary for everyone and you are able to archive and analyse it. Especially if you use third party distributions, like github releases or flatpaks.

      • loudwhisper@infosec.pubEnglish
        0·
        3 hours ago

        Well, yes-ish.

        An organization with resources to coerce or compromise Proton or similar wouldn’t have trouble identifying individual users “well enough” (trivially, IP address). At that point there is absolutely nothing stopping a package distributor to serve different content by IP. Not even signatures help in this context, as the signature still comes from the same party coerced or compromised.

        Also most people won’t (or are unable to) analyze every code change after every update, which means in practice detection is even more unlikely for OS packages than it is for web pages (much easier to debug code and see network flows). The OS attack surface is also much broader.

        In general anyway, this is such a sophisticated attack (especially the targeted nature of it) that it’s not relevant for the vast, vast majority of people. If you deal with super sensitive data you can build your proton client directly, or simply use the bridge (which ultimately is exactly like other client-side tooling), so for those very rare corner cases where this threat is relevant, a solution exists. Actually, in those cases you probably don’t want to use mail in general. So my question is, who is the threat actor you are concerned about?

        All in all I think that labeling “insecure” the setup for this I think is not accurate and can paint a wrong picture to people less technically competent.

        • DreamlandLividity@lemmy.worldEnglish
          0·
          3 hours ago

          Bridge did not exist back then.

          As for it being sophisticated attack, I think it is relative.

          Regardless, if Proton said it did not matter to most people, I would respectfully disagree and move on. They did not. They claimed it is not at all less secure than a native app, which is BS.