Hacker News new | past | comments | ask | show | jobs | submit login
Who Is Being Monitored? (tutanota.com)
197 points by upofadown 3 months ago | hide | past | favorite | 80 comments



I am being monitored for using a privacy focused email address when signing up for services operated by a government entity. Yep, it happens. Their AI determined that people using particular email providers need to be watched. Not only that, I have had payments mysteriously fail with big online merchants, and after following it up through multiple layers of support I was told that particular email services are automatically flagged. You can guess which ones.

Now what do I do? Avoid privacy-focused email addresses for anything in daily life. It seems to be a battle that cannot be won.


These sound like common blacklist-style defenses. As examples, mail services use RBLs to prevent spam, Cloudflare services often require captchas from Tor exit node IP addresses, many websites decline signups from throwaway email addresses like Mailinator. Credit card companies use various indicators to prevent fraud.

I'm not saying these measures are perfect or fair, but they are not related to government (though government may also use them); they are just obvious ways to prevent unwanted activity such as spam, fraud, hacking attacks, etc.

> Their AI determined that people using particular email providers need to be watched

How do you know that government has concluded 'particular providers need to be watched', and that the decision was performed by an AI?

> for using a privacy focused email address when signing up for services operated by a government entity

How do you know the cause?


The type of monitoring used was disclosed as was the "likely cause" of me being flagged. This wasn't a secretive kind of thing. Of course one can't "know" anything as it's a black-box. But it's not a stretch to see how such systems may conclude, from automated profiling, that users of privacy-centric services are more likely to be associated with fraud and hence flagged. This also represents a more general issue with the application of machine learning.


You're basically saying that you've been caught up in some surveillance dragnet/watch list, and that you have no proof but think it is for for using ProtonMail on a government website.

When your payment was declined, the company 1) had access to this watch list that you're on, 2) was able to share with you that you were on a watch list, and 3) you were able to figure out why this is. This sounds very unbelievable to me. The data that comes from programs like this isn't generally being passed around to businesses, and if it is, the support folks are not going to be in the know.

It still sounds more like you're being hit by algorithmic blacklisting than that you're on some secret not-secret blacklist. That, or you got added to a public sector blacklist, by some security company because you use ProtonMail which has issues with abuse by fraudsters.


No, you've misconstrued what I've said. I am not implying that the payment being declined by a merchant is anything related to the government. Nor am I implying that the government shared my information with any company. Nor I am on any kind of blacklist (at least that I'm aware of). Read my original post, they are two separate issues.


> The type of monitoring used was disclosed as was the "likely cause" of me being flagged

You're correct, I misremembered how you wrote that. Unfortunately, that makes it even less believable. How did you find out that you were being monitored, and why was that disclosed to you? Who disclosed this monitoring to you? Did you run some sort of FOIA request (whatever your nation's version is)? You're making a very big claim with very little to substantiate. Keep in mind ProtonMail has over 50 million users, It beggars belief that using PM is sufficient to get yourself monitored in any serious capacity.


all this nonsense would go away if we had some sort of universal identification system on the internet.

people act like anonymity is some kind of right, but it really wasn't in the past. You needed to prove who you are to get a loan, drivers license, etc.


Anonymity is the default, we don’t walk around with our names and all our interests and thoughts attached to a label to be read by anyone. If anything, internet made it go away. Eg. even if you knew a person’s name you wouldn’t be able to look up other information about them before, now you can. Previously, you’d be able to go to a store and buy a thing without giving any information, now you have to give the “email” that collects most information about you. Your examples of loan, licence etc are not like 99% of interactions, and those can be handled as special cases like before.


> Previously, you’d be able to go to a store and buy a thing without giving any information

We can still do that, it's called paying with cash. Paper money is the people's money.

> Your examples of loan, licence etc are not like 99% of interactions, and those can be handled as special cases like before

With regards to loans, it is possible for state governments to establish regional public land loan offices to issue equity loans in reference to the production and replacement cost of existent tangible personal property fixed or held on site without monitoring all of the purchases of movable personal property by the borrower to determine credit-worthiness. The borrower just has to prove there is some tangible artifact of personal property which exists, which the loan office can auction if the debt goes bad or write off if the artifact is destroyed.

We just have to mandate the loan offices don't do something stupid, like issue loans against the excess value of real estate attributable land scarcity and resell mortgages to private investors which will resell derivatives, to avoid generating a real estate bubble and the accumulation of $100+ trillion in derivatives. Additionally we'd probably need to replace many regressive taxes with distributive land taxes to ensure that households and cooperatives had cheaper access to land in order to obtain a deed or long term lease granting the security for spatially fixed personal property necessary to qualify for such loans.


for most of human history, people knew the names and interests of people around them

anonymity is a recent thing


I don't know where you live, but at least in North America the requirements for a loan are laughably low. I once was interested in getting a vehicle loan on a new vehicle purchase. I gave the financial guy all my information and he showed me the terms. I agreed to them and bought the vehicle.

I have no idea how, but he issued me a loan on that vehicle using incorrect information for basically everything except my address. Name, birthday, etc. did not match. Somehow the system had a completely different set of records. When I called the lender about it, they didn't even seem surprised. Just took a phone call to get everything corrected and a new set of paperwork mailed out to me.


It is and should be a right for a lot of things.

I imagine few people doubt the practicality of trust in a transaction or application as you mention.

But we should be able to sit in a cafe and discuss our plans for cultural subversion and last night's sports event without the *till* shopping us out to the thought police.


Can you see downsides to that? How do you address it?

I think it's not that anonymity is a right, it's that other rights are strongly impacted by the lack of anonymity.


Just make it zero-knowledge. You use the ID server to prove that you're not a sock puppet of someone already registered, but that's all the site needs to know.


> people act like anonymity is some kind of right, but it really wasn't in the past

it was for tens of thousands of years in the past


> it was for tens of thousands of years in the past

I wonder: Few people traveled and communities were smaller, so generally everyone knew you.


what's your name then?


User called fnord posts bait ideas, yeah I'm not biting.


What about whistleblowers?


> Not only that, I have had payments mysteriously fail with big online merchants, and after following it up through multiple layers of support I was told that particular email services are automatically flagged. You can guess which ones.

You don't need nefarious motives to explain that particular behavior. Operate a store or payment system without rejecting easy-to-sign-up-for-anonymously email addresses, especially ones with a free tier, and you'll find out very quickly why they downrank the trustworthiness of, or simply block, such services. Automated credit card fraud is huge and no fun at all to deal with.


And that is why some people really like crypto currency. You get what is essentially ssh for money with all the pro and con implications.


Note BTC and others are pseudo-anonymous, because the whole world knows the source and destination wallet of every transaction. If someone is ever serious about finding you, they can follow the chain to wherever you cashed out and a subpoena will do the rest.

There are fully anonymous coins like Monero, ZCash, etc.


Right, but you also don't have to deal with fraudulent claw backs like with credit cards. It's not secret but it makes the integration/code easier. This is why a lot of obscure/experimental services tend to have bitcoin payment support early on and struggle with paypal/credit cards.


Right: a vendor's not forced to care whether any bitcoin they accept was stolen, but they are forced to care whether a credit card they accept was stolen. Doing a sufficiently shitty job of keeping out purchases with stolen cards can literally end a business, in a hurry. Meanwhile nothing's going to happen about stolen bitcoin you accept—probably you'll never even know—unless there's an actual police investigation you get wrapped up in. In that respect, it's more cash-like.


I would strongly recommend running your own email. I've done it since I was 17 and it's a lot easier than you would think.


It got a lot easier, but mail server hosting should be done with care if you don't want it used as a relay and be put on blacklists. Still takes a while to setup.


Any tutorials/software you can recommend for this?


>Any tutorials/software you can recommend for this?

Not GP, but the process is pretty simple:

You'll need to be able to send, receive, store and forward emails. A variety of resources are required to do this. Note that pretty much all of the software suggestions are available through the default software trees of just about every Linux/BSD distribution.

1. You'll need a domain;

2. You'll need DNS services to publish your MX records with DMARC/DKIM/SPF[17] and/or DANE[18] support. If you can/want to host your own (not difficult), lots of folks like Unbound[0][1]. And while some folks hate on BIND[2][3], it's always a good choice. There are many others[4] as well;

3. You'll need a Mail Transfer Agent[5] (MTA) to send and receive emails. Postfix[6][7] is very popular. Some folks use Exim[8][9]. And others use the venerable sendmail[10][11];

4. You'll also need a Mail Delivery Agent[12] to store your mailboxes and serve them via a web interface and/or your mail client. Lots of folks like Dovecot[13][14]. Others use Cyrus[15][16].

[0] https://www.nlnetlabs.nl/projects/unbound/about/

[1] https://www.redhat.com/sysadmin/bound-dns

[2] https://www.isc.org/bind/

[3] https://www.firewall.cx/linux-knowledgebase-tutorials/system...

[4] https://en.wikipedia.org/wiki/Comparison_of_DNS_server_softw...

[5] https://en.wikipedia.org/wiki/Message_transfer_agent

[6] http://www.postfix.org/

[7] http://www.postfix.org/documentation.html

[8] https://www.exim.org/

[9] https://www.exim.org/exim-html-current/doc/html/spec_html/ch...

[10] ftp://ftp.sendmail.org/

[11] https://www.sendmail.org/~ca/email/doc8.12/op.html

[12] https://en.wikipedia.org/wiki/Message_delivery_agent

[13] https://www.dovecot.org/

[14] https://doc.dovecot.org/

[15] https://www.cyrusimap.org/

[16] https://www.cyrusimap.org/quickstart.html

[17] https://trendlineinteractive.com/resources/article/what-are-...

[18] https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Na...

Edit: Added link for DMARC/DKIM/SPF and reference/link for DANE.


Great reply, I would say this is the way to go to learn and then if you get lazy, mailinabox https://mailinabox.email/ it combines everything above into a few hours to deploy.

But you still need to know everything above.

Then once you done this a few times, you have your own niche in tech - email is old and going no where and job security is ensured, it's funny, tech really is a circle.


>Great reply, I would say this is the way to go to learn and then if you get lazy, mailinabox https://mailinabox.email/ it combines everything above into a few hours to deploy.

Thanks!

A fair point. Although the bulk of that deployment time is, regardless of platform, going to be the configuration.

And since pretty much all the tools needed can be installed via 'apt-get'/'dnf install', etc. through default software repositories, is there any real advantage for more technical folks (as we generally see here)to use mailinabox over someone's preferred *nix configuration?

I'm not being snarky here, I'm not familiar with mailinabox and genuinely curious.


The people that run mailinabox and the subscription list/slack/chat are nice. If you know exactly what you're doing, and can put it all together in a bash script, then it's no different. Especially the later configuration part.

But having a place where to exchange (haha get it) info and see whats targeting/affecting most self hosted email users is really a time savings vs having to scope through your own logs and wonder what broke, or what's wrong.


+1 on this, I'd be very interested too. I own a domain I'd like to use, and the entity I bought it from offers prepackaged email services I can attach to it. But it's not really running my own thing.


> I am being monitored for using a privacy focused email address

How exactly did you find this out? I don't think you generally get letter mail saying "Hey, we're monitoring you now". How do you differentiate monitoring behavior from something like an individual service flagging an individual transaction because of your email and killing it?

I'm always deeply skeptical of claims like this since they're almost always unverifiable by any party (including the commenter).


By the way, your email address provider is only one metric by which you are being monitored. Everything happening online is now being monitored, stored and AI analysed, and will be for a long time in the future as technology is evolving and new meaning can emerge from everything that is recorded.

Therefore, encryption is their enemy. For now. Until they break it all. Or until we break away.


It's a cruel fate of any privacy-focused service, as they are more likely to be used by criminals. Be it mailinator or TOR or monero.

This is ultimately a question of freedom vs security. Said government entity is prioritizing security over freedom.


Now you know what it is like to be a black person walking down the street. Instead of a chosen email provider it is an inherited skin color.


".....in certain countries".


>Now you know what it is like to be a black person

What makes you think this person isn't black?

Maybe the first step we can take to ensuring all people are treated with dignity and respect is to not assume Group X is that group other there, an other. Maybe we can instead assume Group X is everywhere.


You sure are making a lot of assumptions while lecturing others about how they should not make assumptions.


Very true.


That make sense. That's why I'm using two regular service addresses redirected to my privacy focused email address, and assign different tasks to each one of them. It even help me filter out more unwanted messages and subscriptions.


That sounds extremely frustrating. Maybe a good workaround is a custom domain?


Be aware that custom domains come with their own problems. Not being blacklisted is one of them.


I've never had this issue with a personal custom domain. Basically all businesses have custom domains so blacklisting all of them can't make sense, surely?


Using a custom domain doesn't necessarily mean using a custom mail server, they can point to a really common mail server such as gmail for instance. This is how a lot of business emails are set up.


True, but then I would assume that serious monitoring apparatus would include mail server monitoring, therefore defeating the need for a custom domain, which may contribute to identify you and/or stigmatise you further. Especially if one is accounting for other traffic carried by the said custom domain.


Oh I see. Yeah we use google mail for our business and I use fast mail, both with custom domains.


> particular email services are automatically flagged. You can guess which ones.

I can’t - is there a reason you can’t name the service?


It’s protonmail. Using a protonmail address will automatically cause a failure flag in the MaxMind checker which a ton of merchants use for fraud screening.


How about Tutanota?


> Recent successes in criminal investigation, such as the breaking of Encrochat, an encrypted chat app widely used by criminals as well as the AN0M crackdown where hundreds of criminals were arrested after having used an encrypted messaging app secretly run by the FBI, show that it is also not necessary to outlaw encryption for all citizens in order to prosecute criminals.

This. Good old fashioned police-work is needed instead of back-doors into our favorite messaging apps.

The Internet and app ecosystems can't work properly if they're weakened by LEAs. People would just not use them if they know they're being watched. I'm not saying the majority would switch to Linux phones either (like Librem 5 & Pinephone), simply that the two dominating app-stores (Play & Apple Store) would be phased out and people would probably fund independent FLOSS app stores to replace them.

In the end, the people will speak out and respond to back-doors. In-fact we need FLOSS app stores right now (Similar to F-Droid[0], but baked in as the default store), and they need to be funded properly & they need sound economic incentives to continue. No more 'free' apps where you pay for them with your data. It's possible to have FLOSS apps that are not gratis where people pay for them with money, not their data.

(The reason I suggest we switch to FLOSS app stores is that the apps can easily be checked for back-doors or malicious code since the code is open source. It makes the apps readily available for audits too)

[0] https://f-droid.org/


That trick won't work too often though.


The point of undermining confidentiality of communications (in law and practice), I think, is to herd the outlaws onto things like Encrochat and An0m - meaning fewer, softer targets (with likely much worse developers and lawyers than the mainstream communication services). That, and maybe picking up the occasional idiot outlaw still using a knowingly-backdoored mainstream service to discuss or commit their crimes.

We may see most mainstream services play along - maybe "voluntarily", as good citizens - because they would probably be quite happy to lose the dodgy contingent of their userbase. Let them be herded!

That does leave people who care about privacy, but aren't outlaws, with an awful dilemma - migrate to the few platforms that still offer confidentiality (along with the outlaws), and instantly make yourself a suspect - or give up and stay with the mainstream services, trusting that you'll be OK so long as you've got nothing to hide.

All of these are understandable forces and motivations - it'll be interesting to see how they net out. I do think the powers that be are overlooking what an appalling precedent / justification they offer, both for contemporary authoritarian powers in other countries, and the future authoritarians that from time to time form part of the government in our own countries.


> trusting that you'll be OK so long as you've got nothing to hide.

I don't think people are that stupid, they know they have everything to hide from someone, and no idea who someone is. People think they can hide in the herd, the zebra defense. So long as my stripes are the same as everyone else's the lions won't get me. And they are not wrong, its a poor substitute for anonymity but it is a substitute. Problem is with our every move cataloged and indexed, and with searching bots and AI becoming more and more complex.. Its becoming not good enough to just look the same, we have to have the same political views, the same opinions, the same interests. There are other countries that have taken this to its natural conclusion and; having grown up in a democracy, its depressing seeing the level of subjugation humans will put up with.


Nice quote in the article:

"Every time you use encryption, you're protecting someone who needs to use it to stay alive." -- Bruce Schneier


I think a lot of us grew up being some of the very few people "in the know" surrounded by masses of technologically-oblivious people who couldn't care less about such issues. I think a lot of us have a sense of "learned-helplessness" based on initial attempts to explain to people why such things matter.

However, in the meantime, I think the average citizen has largely caught up. For example, even on reddit, comments are exceedingly pro-privacy. I also remember net neutrality being overwhelmingly important to people, even the ones who had never programmed in their life.

I think it's time to unlearn that helplessness, because I think the average citizen is informed enough to care and finally is starting to care. A lot of the old fox-news-watchers have since passed on, and now nearly every citizen uses the internet daily. Examples of corrupts government are no longer hypothetical sci-fi exercises, they are public knowledge.


> I think a lot of us grew up being some of the very few people "in the know" surrounded by masses of technologically-oblivious people who couldn't care less about such issues.

TBH, the claim that normal people don't care about privacy has been almost exclusively used to silence normal people who are concerned about privacy on the basis of zero evidence. I remember being "in the know" about when and how people were being tracked and being paranoid about things most people weren't paranoid about, but when I explained it to people, it also bothered them - they hadn't 1) realized they were that interesting, or 2) realized how granular and concrete the records they leave behind are.

I've virtually never met someone who wasn't concerned about privacy other than David Brin-familiar nerdballs and radical devotees of communal living and/or eastern philosophy. What people don't know is how computers work, and people who build their business models around surveillance and rent-seeking make a huge effort to obscure how computers work.


You misunderstand. People say they care about privacy. And they do, in their day-to-day context. But they don't care enough about mass surveillance to make any tradeoffs to avoid it.


Why should they have to? The tradeoffs suggested are ridiculous and untenable, like "not having a phone" or "never using the Internet" which is incompatible with participating in modern society. Those behaviors don't inherently need to require abandoning all privacy, but they've been recently built to not allow any alternative.


Ironically I think the latest decade has brought conservatives up to speed on some topics.

Not from the US, but could you have imagined a US conservative arguing for free speech and against censorship in 2010? They were always big on the constitution, but very selectively for this topic and there was some kind of flip.


Decentralization as well. 10 years ago your average conservative didn't even know that word, and now the big tech monoculture has taught huge portions of them why using distributed, decentralized systems is important.


There's nothing new here. The "conservatives" in the US are arguing for free speech and against censorship while passing laws banning the mention of concepts in the classroom.


It's been a tactic since the days of "Jewish Questions." Why are you angry, we're just asking questions, what are you trying to hide?

But even a disingenuous introduction to matters of digital privacy and mass censorship is an education. 1/20 of them may enter into a relationship with the subject separate from the people clumsily manipulating them. Part of the right-wing revival (really a Eustace Mullins revival) amongst average people is a sense that they are being deceived and a consequent lust for secret, forbidden knowledge. Real conspiracies are going to be more interesting to the smarter ones than the ancient, fake conspiracies that are constantly being pumped by people asking for money.


I came here to grump about the fact that if Tutanota cared about privacy they would upgrade from using STARTTLS to using DANE for SMTP.

But lo and behold tutanota.de is using DANE for SMTP. I know the last time I checked they didn't have it, and I think that was a few months ago or maybe a year.

Good job Tutanota!

https://www.huque.com/bin/danecheck-smtp


I've learned that child pornography and other similar arguments have been used by the FBI and CIA since the fight to publish PGP decades ago. It's never been mainly child pornography.

Government always thinks they're the good guys, but we increasingly become aware of abuses by agencies and people working in government, and also companies who increasingly exploit people with tactics that are always ahead of lawmakers.


This became very dangerous. Putting a taboo, sensitive topic on stakes (even though actual impact is almost zero) and many people objecting against would sound like criminals commiting a crime.

I really doubt those governments even care about children or their abuse, all they want is to break encryption for survelliance, and they are using a sensitive topic about children for their own benefit.

Disgusting.


I live in Germany and tend to follow politics to a degree that some would consider unhealthy.

While I am sure there are instances of politicians invoking child pornography to argue against encryption, I do not remember any specific instances of it from the recent past.

Claims of "massive propaganda" are stretching the facts beyond what's reasonable. Indeed, it might itself be the only instance of propaganda on the issue.


Your view is too optimistic: [1] mentions "Kindesmissbrauch" amongst other reasons to withhold end-to-end-encryption for the masses. It's newer than a year. By the way, bringing uncomfortable things via EU is a common tactic.

[0] https://www.heise.de/news/Crypto-Wars-Deutsche-EU-Ratspraesi...


Germany is a decent offender of executive overreach, you can see that in the numbers. It is not just prominent cases where the governor of Berlin searched a home for a twitter post. Is it called swatting if you just call your police dept to raid someone?


I used tutanota not because they encrypted their email, but because they were the cheapest managed option that let me use my own domain. I just didn't want to enrich Google with my data and I wanted to use catch-all. But over time, I really missed using K-9 so I switched to hosting my own.


Slightly off-topic, but IMO this article could use an editor. At the "Drug related crimes at the top"-headline, 4/5 paragraphs state basically the same thing and of those four, three are simply different formulations. This is very irritating, for me personally at least.


Now I cant unsee that. tbh I need an editor for most of my comments, so I can hardly talk. They obviously drafted the same statement a few times forgot to delete 3 of the versions of the same thing. Sloppy in the comments section, but really poor on the headline article.


It's the politicians who must be stripped of privacy. They're servants of all of us. They must be controlled the most, because our societies depend on them the most.

It's them who are the most vulnerable to corruption. It's them who are most likely to abuse their power, including child abuse.

It's them who are most likely to think that they're some privileged caste, so they can do "whatever they want" (c) Trump.


> It's the politicians who must be stripped of privacy.

Don't worry, they have been and will be. Monitoring dragnets filled with normal people are attractive because squeezing a dime out of a few million people is profitable. But the real monitoring will be of wealthy, powerful people, for the purpose of manipulation and blackmail.


One obvious thing: Major US political parties should insist that prospective presidential candidates disclose their tax returns.


I don't think tax returns are the most important thing to be transparent about. Things like Hillary's mechanical destruction of digital data and other such abuses are a much bigger issue.


47% of orders are for drugs, 0.1% are for child rape, what of the other 53%?

selling some weed == selling photos of a baby being raped? Probably not right? So what is the scalar of impact on society & the victims of these crimes? 10x? 100x? 1,000x? 1,000,000x?

What about terrorism? Is death by terrorism == death by murder? Based on the way the two are treated for 'privacy' reasons it would apper that being shot and killed by a terrorist is about 1,000x more impactful than being shot and killed by a school shooter which in turn is about 100x being shot by the guy who lives down the street.


Probably political prosecutions (hate speech). Germans are currently much afraid again, so diverging opinions have low tolerance. It is getting uncomfortable again. And it isn't even the party on the right side of the spectrum, those are just dumb and won't get anything done. Authoritarianism has a long culture here and people happily prosecute you for the common good just as well as for nationalistic ambitions.

It is a fundamental fear that people believe they can get rid of if they constrain others.


Seems a bit of an oversight to ignore the reasoning for 53% of the requests, or perhaps the classification of them was inconvenient for the purpose of their argument.


When you realize that surveillance = control then it starts to make sense why governments do this. It is not about prevention of bad things happening.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: