This situation really pissed me off. FSB (Russian FBI) had problems with receiving bomb threats coming from Protonmail addresses. So, they secretly ordered (with an almost classified order) major ISPs to block Protonmail bypassing Russian's existing website/IP addresses blocking scheme.
Even worse, they ordered to __BLACKHOLE__ traffic coming to Protonmail. It means that ISPs were ordered to silently drop all traffic coming to Protonmail addresses. This raises problems not only for Russians, but for potentially for other countries as well.
So, for example, someone connects from Japan to Protonmail (server is located in Europe, for instance). So, if traffic decides to go through Russian channels, for a client in Japan it will be just like Protonmail is not just responding because a Russian ISP in the chain silently drops traffic.
Again. I want to repeat this once again. FSB had problems receiving bomb threats to their addresses. Instead of configuring their mail servers to ignore Protonmail incoming mail, they ordered major ISPs in Russia to block Protonmail for EVERYONE in the country. That's so dumb.
Moreover, another recent leak coming from another Russian ISP indicates that FSB also ordered to block sending and receiving mail for certain mail addresses regardless of their domain. They ordered an ISP to block Email for certain addresses. Like, they ordered to ban all Email going from/coming to Emails starting with "putin666", like putin666@protonmail.com, puting666@gmail.com, puting666@example.com, any email coming from an email staring with "putin666".
It's so dumb, oh god. They cannot configure their mail servers, but they have power to threat ISPs to ban Email for the entire country.
So there are email addresses, that if properly used, will keep my email from being read within the confines of Russia? You might label that a bug, but I'll call that a feature.
The source is in the article, actually. This is the order from FSB that MTS operator received.
They translated this as: “the mass distribution of obviously false reports of a terrorist act” in January, resulting in “mass evacuations of schools, administrative buildings and shopping centers.”
Right before the IP addresses list, you can find terms "blackhole", "BGP".
The document has a signature of a head of the FSB center that handles this types of requests and orders. Also, you can see a stamp in the right bottom corner on the first page.
Full story, how a Russian internet company has actually found out about blackholing can be found here (in Russian): https://habr.com/ru/company/tm/blog/443222/
In the story, you can find that MTS confirmed that they are blocking traffic and referenced the order in the original article.
If the CIA said “we got bomb threats from Tor so we need to block it,” I wouldn’t believe it. This source appears to have a similar level of corroboration. It looks far more likely that ProtonMail is being blocked to perpetuate the Russian elites’ control of Russia’s polity and economy. Not for security reasons.
The sad truth that it isn't. The most of the services they blocked were chosen for some insignificant reasons. This is what happens when you have a ruined system where every district judge can order to ban Youtube.
In Russia there is an anonymous network of political Telegram channels which is read by both citizens and elite.
The largest one, @russica2 acquire its information using protonmail.
Looks like these measures are taken to restrict russian officials to send their information to these accounts.
I switched to protonmail after losing my gmail password.It was literally impossible to get my account back thanks to gmail "security features". The 500mb free plan is enough for personal usage. I hope other 3rd world countries don't block it following Russia.interestingly this happened not long after EU €2 million award.Probably someone read the news and googled protonmail, saw "encrypted email" in Wikipedia page and decided to block the whole thing.
It's also the weak point - do you trust your domain provider he won't allow a domain move / access based on parts of your personal information, like here [0]?
You shouldn't use the almost-scammers of GoDaddy as an example. Whenever I hear any Domain horror story it's about GoDaddy, it seems like a bad idea to extrapolate from them.
Yes, my main domain is locked by the registry and transfer requires some form of state ID validation with the registry to unlock the domain, before a registrar can transfer the domain.
Should be good enough protection against social engineering targeting registrars.
You can take this a step further. You can set up multiple VM's in multiple regions to be your MX relays for your domains and route the traffic to whichever mail provider you want to use. You can then enforce TLS or set up TLS transport rules to require/optionally validate or enforce name+cert validation for specific domains (banks, etc). This also means that you can queue up mail even if that provider goes offline and you can see if the content is being tampered with (message sizes, headers excluded).
If your mail provider runs into problems or you choose to change, then instead of waiting for DNS to propagate, you simply update your relay configuration.
I should add that not all paid mail providers support this. Some lower-end providers require that you point your MX directly to them. Check before setting this up.
I once lost my protonmail password and was able to get my account back by providing only my browser information, display name, rough timestamps of my requests to their servers and that "i preserved the last session for quite long time". Not sure how secure that was :d Of course I didn't get back any of the emails since they were encrypted with the previous password but still if that is their normal protocol, someone with my browser information and name could just mitm me recording the timestamps of requests to protonmail's server and request a password reset.
>someone with my browser information and name could just mitm me recording the timestamps of requests to protonmail's server and request a password reset.
If they can MITM you, why not steal the password directly, or serve malicious js to get your password?
Because https mitigates their attack vectors as a mitm. They can't steal the password since it's not sent in plaintext, and for similar reasons can't deliver/inject malicious Javascript. They could collect timestamps though and scrape header information from http connections to other sites.
Not really. It just requires HTTPS mitm. It is harder to have a CA that can create a cert that looks like it was issued by the original website you are trying to achieve but this is standard practice in gov agencies to mitm HTTPS communication. The mitigation of these sort of attacks is called certificate pinning.
That's a fair point. My reply was more in the context of the root comment - and with an average attacker in mind - where they were describing eavesdropping as opposed an attack carried out by a sophisticated actor.
My point was that MITMing HTTPS and HSTS isn't really necessary to carry out an attack as described by the root comment.
You only need to be in position to eavesdrop and/or MITM http connections to scrape together the necessary information; a much lower bar.
> I switched to protonmail after losing my gmail password.It was literally impossible to get my account back thanks to gmail "security features"
Same here. I gave them everything there is to identify me yet they refused to help on the same grounds. The only difference was the phone number, because the one associated with the account died. Funny thing is, if it were not for an accidental removal of cookies, I would still be using that account, and I would have been able to login as it only seems to ask for the code sent via SMS is when you lose your cookies and/or change your user agent.
I've been surprised to learn that several of my non-technical friends forget their passwords and rely on cookies, and then reset the password using their phone number whenever the cookies are lost.
> I've been surprised to learn that several of my non-technical friends forget their passwords and rely on cookies
As a "technical" person, I despise passwords and tend to avoid using them. My preferred way to log-in somewhere is either with ssh keys or with single-usage codes sent by mail.
This has nothing to do with "losing" passwords.
For example, I actually have a password for amazon written in a file, but I don't bother looking for it, I prefer to use the single-usage code anytime I want to use the site.
If you lose your phone number gmail asks you these:
-Last password you remember
-Last time when you logged in
-Your security questions
-Devices connected with your Google account
Just to tell you gmail is unable to recover your account. I am not sure but I think the more you try to recover it the worse it gets (which is understanble). So either you have the phone number and you magically get everything else in those questions right(what counts as right is the real question), or you enter a rabbit hole and get further from getting your account back the more you try.I'm not blaming this system entirely but apparently nothing matters except your phone number when it comes to recovering your account.
Not even getting everything else right works, you need ALL of it right, including the backup email address, when the account was created, last password, location, some captchas, and the backup phone number.
Once one of my Google Accounts was taken over by a hacker (I had reused the password on another site, which was hacked around that time), and even although Google warned me that someone was trying to take over my account, and told me someone was logging in from Russia (I always logged in from the exact same IP address from which I tried to recover it), and even though a friend at Google submitted an internal request to get me the account back, and even though I sent them a photo of my ID (with the Google account having that exact name in it), they refused to help me.
Google support did try to reach out to me, as I later figured out, but they had instead contacted me via the hacked email account, I only found the "thanks for your support chat" mail in the account after I regained access.
Which I was only able to do so by talking to the person who now owned the phone number I had used a decade before for that account (the ISP had long recycled it).
Interested to know how it works if Google don't have your phone no.? Certainly every time they've nagged me for a phone no. I decline the gracious opportunity to give them another identifier. My gmail account long predates the mandatory phone no. step, and so far I think I've managed to dodge it.
Thinking of ditching the ~tracking device~ phone anyway... what then? Have we sleep-walked into a world where people without a mobile phone are the underclass who barely even exist?
> but apparently nothing matters except your phone number when it comes to recovering your account.
Kind of legit to be honest. Anything else would make it far too easy to recover accounts. Also Gmail is far too large to have a customer care that could also do things like passport verification or so.
Having said that, Protonmail has no phone number recovery. That's kind of bad. You can enter an old E-Mail address there though but it would be so much better to link this with a phone number. If you loose your sim card, you can always get a new one from the phone company with your passport.
> Kind of legit to be honest. Anything else would make it far too easy to recover accounts. Also Gmail is far too large to have a customer care that could also do things like passport verification or so.
Why is being able to recover accounts easily a bad thing when you, and only you have or should have access to, say, the password?
> Protonmail has no phone number recovery. That's kind of bad
I do not use it, so it is fine by me.
> If you loose your sim card, you can always get a new one from the phone company with your passport.
Not necessarily. It is more and more difficult to get a new one, and there are prerequisites that one may not meet, or they decide they do not want to do business with you, or your social credit is too low, etc.
The differences are: one is given to you by a third party, and the other one is made up by you.
I would like to be able to opt out of it, e.g. phone number should not be required.
>Protonmail has no phone number recovery. That's kind of bad. You can enter an old E-Mail address there though but it would be so much better to link this with a phone number. If you loose your sim card, you can always get a new one from the phone company with your passport.
Considering how many high profile bitcoin thefts occured using hijacked phone numbers, it's probably better not to have that as a reset method.
But this should be up to the user. I mean if your 1 million BTC account is protected through a phone number, someone might want to still do it that way.
Most users don't even have Bitcoin but normal bank account which are oftentimes protected by different second factors. It would be nice if they would provide different options. For me it would suck if someone hacked my E-Mail but I could reclaim it quickly and the damage would be very limited.
Probably it is better to forget a strong password and reset it, than use a weak password that is easy to remember.
Last year I was working on a service that skipped passwords altogether. We used the phone number and a one time pin code by sms for registration, login and order confirmation all in one step.
Google's security is designed to safeguard accounts from usage that would inconvenience Google. It's not designed to provide security to users. It's extremely easy to get locked out, even if you remember your password.
Simple use case. You create an account while on VPN. You don't provide a phone. Then you clear your cookies. That's it. If your exit point IP changes, Google will not allow you to log back in even if you know the password.
> I hope other 3rd world countries don't block it following Russia.
Interestingly, the original meaning of "third world" country was: a country that is neither part of the Soviet block nor the US side ( the two first worlds)
People didnt jump on blocking Telegram after Russia blocked it also. So I dont see people jumping on the bandwagon now. Well except for maybe other countries ran by authoritarians.
This is true .I thought Iran followed Russia in blocking telegram but it was not the case.Anyhow higher publicity means higher chance of censorship in certain countries.
russia isn't a third world country by any definition (second world by the original definition....)
"Probably someone read the news and googled protonmail, saw "encrypted email" in Wikipedia page and decided to block the whole thing." <-- where do you get that? it's complete nonsense
I didn't mean to say Russia is a third world country .but I live in a third world country which closely follows Russia's rules.Apology to all Russians misinterpreting my comment :)
As for the complete nonsense you have something working for 5 years suddenly it gets news coverage with no significant usage increase and is blocked . I have no source but this is the exact case where I live. there's something ,like a publicity threshold.It sounds silly and irrational because it is silly and irrational.
Or perhaps I am wrong and some experts were analyzing protonmail for 5 years and now came to the rational conclusion to block it.
Also ran into this. Even had a Google manager I've known for years go to bat for me internally. No dice. Which is crazy, since web logs would have shown that the account was completely and always under my control.
Like a distant god, Google gives and Google takes away...
if we keep using it (the "free world") then they will be the ones missing out on communication capabilities because we can send them email but they can't.
1st, Russia is not a 3rd world country. Second, if you'd read the article, it wasn't a case of someone seeing "encrypted email" in a description of protonmail and blocking it, they were having problems with bomb threats.
What Exactly protonmail offers you over any other disposable email if you are sending bomb threats? I think this was just a an excuse made just to have an excuse.
IMHO, anyone who claims to care about privacy should seriously consider throwing down the ~$10 a month (I forget exactly how much it costs) to have a paid PM account. The company isn't perfect, but it's a far sight better than the majority of other providers out there. Furthermore, by paying for your account you are not only directly supporting a service that aspires to provide communications privacy, you're also helping to subsidize said service for those users who may not be able to afford a paid account (particularly important in countries where economic and governmental problems overlap).
I pay for my PM account and have had nothing but good experiences with the company and service so far (including with the VPN and with the mobile app before I ditched my iPhone). It took me years to migrate off of Gmail but since I finally managed to do it I've never looked back. Give it a shot.
In Russia now. Just successfully logged into my protonmail account over VPN. My guess is that if you're a protonmail user in Russia, you're knowledgeable enough to use a VPN.
We implemented some technical tweaks yesterday so that Russian users will no longer have any issues. Communications with Russian mail servers are also back up.
As the article itself states, problem is not with the frontend, but they block incoming e-mail to protonmail servers. Which is actually clever in a way, and smarter than just blocking the front-end.
(And it shows another negative side of federated systems, like E-mail.)
> (And it shows another negative side of federated systems, like E-mail.)
The obvious point of comparison would be with a centralised system, but I can't see any possible way that would be better than federated in a situation like this.
It seems that secret blocking now only affects MTS and RT. There are alternative outbound channels in russia, for instance TTK, so protonmail may be available for somebody.
ehh... it's been known for awhile that protonmail is in the pockets of the US government so it's not really a loss for the russian people.
What they should be using is either Streisand[0] email with a server in a country that respects their privacy(neitherlands, panama, etc) or lavabit email[1].
I didn’t know they had “support centers in San Francisco, CA, and Skopje, Macedonia” [1]. Thank you.
Still a far cry from proof of being “in the pockets of the US government” [2]. Signal, too, has American nexuses. That doesn’t automatically render it compromised.
Protonmail is one of the last sane email providers. Gmail is essentially spyware and they can block your access to your account on a whim, especially if you refuse to have a phone number connected to it (phone numbers are commonly used to link your account across many different websites, that's why many of them force users to hand over their phone numbers under the guise of "security" or "2fa").
Protonmail has its problems but I hope they get over them as a company. Personally, so far I've received nothing but great customer support from them.
Protonmail has been a huge disappointment personally. It took days of trying to get my email in over the IMAP bridge, and now it still has weird spazzes where it will suddenly decide to redownload all my 30k emails, effectively making all inbound mail wait for over a day while my laptop fans fire at full speed.
On top of that, the mobile app is atrocious. It crashes at a drop of a hat, doesn't autosave drafts, and doesn't even do threading. It also makes terrible use of space, and has a permanent upsell ad in the sidebar, pushing my folders offscreen. Someone actually approved this design...
I guess for those weirdos who can live with a webmail client it's servicable, but it's an embarrassment that they've been at it this long, and this is the state of their offering.
>Protonmail has been a huge disappointment personally. It took days of trying to get my email in over the IMAP bridge, and now it still has weird spazzes where it will suddenly decide to redownload all my 30k emails
I've never had this problem, but since you mention the IMAP bridge it's worth noting that a) the linux version of the bridge is still an on-request beta rather than a freely available download despite working flawlessly for me for the last year and a half and b) you can only use the IMAP bridge with subscribed accounts. So if you're using a free account you can't use it at all, but if you have a mix of paid and free accounts only the paid accounts can use the bridge.
I find the bridge pretty nice in and of itself, but the way it's managed and monetized is a bit of a trainwreck.
I think that’s fair. But it’s not /much/ different legally than using a US company as your third party as a non-US citizen. Non-US citizens have no rights of any kind in terms of data protection from the US government.
I would highly recommend mailbox.org. Based in Germany, their offering is similar but cheaper than ProtonMail. They are much more flexible as well, and allow for better security.
If you want to use the webmail client with javscript PGP (a la ProtonMail), that's supported, but they also allow you manage your own PGP keys and support using Thunderbird or Mailvelope. Additionally you can connect via a Tor Hidden Service if you want and they can PGP encrypt incoming plaintext messages if you want them to.
Even worse, they ordered to __BLACKHOLE__ traffic coming to Protonmail. It means that ISPs were ordered to silently drop all traffic coming to Protonmail addresses. This raises problems not only for Russians, but for potentially for other countries as well. So, for example, someone connects from Japan to Protonmail (server is located in Europe, for instance). So, if traffic decides to go through Russian channels, for a client in Japan it will be just like Protonmail is not just responding because a Russian ISP in the chain silently drops traffic.
Again. I want to repeat this once again. FSB had problems receiving bomb threats to their addresses. Instead of configuring their mail servers to ignore Protonmail incoming mail, they ordered major ISPs in Russia to block Protonmail for EVERYONE in the country. That's so dumb.
Moreover, another recent leak coming from another Russian ISP indicates that FSB also ordered to block sending and receiving mail for certain mail addresses regardless of their domain. They ordered an ISP to block Email for certain addresses. Like, they ordered to ban all Email going from/coming to Emails starting with "putin666", like putin666@protonmail.com, puting666@gmail.com, puting666@example.com, any email coming from an email staring with "putin666".
It's so dumb, oh god. They cannot configure their mail servers, but they have power to threat ISPs to ban Email for the entire country.