#protonmail

Affaire du 8 décembre : le chiffrement des communications assimilé à un comportement terroriste – La Quadrature du Net
►https://www.laquadrature.net/2023/06/05/affaire-du-8-decembre-le-chiffrement-des-communications-assimile-a-un-

Cet article a été rédigé sur la base d’informations relatives à l’affaire dite du “8 décembre”1 dans laquelle 7 personnes ont été mises en examen pour « association de malfaiteurs terroristes » en décembre 2020. Leur procès est prévu pour octobre 2023. Ce sera le premier procès antiterroriste visant « l’ultragauche » depuis le fiasco de l’affaire Tarnac2.

L’accusation de terrorisme est rejetée avec force par les inculpé·es. Ces dernier·es dénoncent un procès politique, une instruction à charge et une absence de preuves. Ils et elles pointent en particulier des propos decontextualisés et l’utilisation à charge de faits anodins (pratiques sportives, numériques, lectures et musiques écoutées…)3. De son côté la police reconnaît qu’à la fin de l’instruction – et dix mois de surveillance intensive – aucun « projet précis » n’a été identifié4.

L’État vient d’être condamné pour le maintien à l’isolement du principal inculpé pendant 16 mois et dont il n’a été libéré qu’après une grève de la faim de 37 jours. Une seconde plainte, en attente de jugement, a été déposée contre les fouilles à nu illégales et répétées qu’une inculpée a subies en détention provisoire5.

De nombreuses personnalités, médias et collectifs leur ont apporté leur soutien6.

C’est dans ce contexte que nous avons été alerté du fait que les pratiques numériques des inculpé·es – au premier rang desquelles l’utilisation de messageries chiffrées grand public – sont instrumentalisées comme « preuves » d’une soi-disant « clandestinité » venant révéler l’existence d’un projet terroriste inconnu.

Nous avons choisi de le dénoncer.

« Il nous faut retrouver une forme d’hygiène numérique »
▻https://le1hebdo.fr/journal/silence-on-vous-surveille/298/article/il-nous-faut-retrouver-une-forme-d-hygine-numrique-3865.html

Quelles traces numériques laissons-nous au quotidien ? Elles sont de plus en plus nombreuses. L’image d’Épinal de ces « traces » renvoie surtout au profil que l’on se construit sur un réseau social. On y renseigne son nom, son état civil, son âge, sa profession, ses goûts… Mais ces données personnelles ne constituent que la face la plus visible, la plus évidente du traçage numérique. Ce que l’on saisit peut-être moins, c’est la transformation de toutes nos petites actions quotidiennes en signaux (...)

#Airbus #Clearview #Datakalab #DGSI #Google #In-Q-Tel #Microsoft #Palantir #Ring #CIA #FBI #Amazon #Facebook #Gmail #ProtonMail #algorithme #Alexa #CCTV #domotique #InternetOfThings #Navigo #Siri #technologisme #vidéo-surveillance #COVID-19 #écoutes (...)

##santé ##surveillance ##CNIL ##LaQuadratureduNet

https://le1hebdo.fr/medias/articles/pub-2-04_1590426745.jpg

Vivre sans Google et cie ? La liste des alternatives aux GAFAM
▻https://mrmondialisation.org/vivre-sans-google-et-cie-la-liste-des-alternatives-aux-gafam

Les GAFAM – ces mastodontes du web – sont régulièrement sous le feu des critiques. Contrôle du marché de l’information et de la publicité en ligne, revente des données personnelles, pouvoir économique mondial hors norme, influence de la démocratie via des lobbies surpuissants, les motifs de se méfier de ces géants ne manquent pas. Difficile pourtant de s’en défaire une bonne fois pour toute tant ils sont partout dans notre univers numérique. Néanmoins, voici quelques pistes pour les remplacer au (...)

#Alphabet #Apple #Google #Microsoft #Mozilla #Amazon #Diaspora #DuckDuckGo #Ecosia #Facebook #Mastodon_ #ProtonMail #Qwant #Wikimedia #Wikipedia #Firefox #Linux #Windows #Brave #Android #Chrome #Apache #domination #Wikileaks #bénéfices #BigData (...)

##data ##GAFAM ##profiling ##publicité

https://mrmondialisation.org/wp-content/uploads/2019/07/but_firefox_humour.jpg

Open source cryptography takes a step forward with the release of O...
▻https://diasp.eu/p/7656632

Open source cryptography takes a step forward with the release of OpenPGPjs 4.0 | #cryptography #streaming #web #openpgpjs #protonmail #javascript

#Caliopen, la messagerie libre sur la rampe de lancement
▻https://framablog.org/2017/11/02/caliopen-meassagerie-libre-rampe-lancement

Le projet Caliopen, lancé il y a trois ans, est un projet ambitieux. Alors qu’il est déjà complexe de créer un nouveau logiciel de messagerie, il s’agit de proposer un agrégateur de #correspondance qui permette à chacun d’ajuster son niveau … Lire la suite­­

#Contributopia #Dégooglisons_Internet #Framasoft #Libres_Logiciels #Alpha #Chemla #Confidentialite #mail #ProtonMail #Snowden #Surveillance #Test #Zimmermann

Pourquoi ProtonMail est le service de communication le plus sécurisé du monde ? - Esprit Créateur
▻http://espritcreateur.net/protonmail

http://espritcreateur.net/wp-content/uploads/2017/03/facebook_logo.jpg

Search Risk - How Google Almost Killed ProtonMail - ProtonMail Blog
▻https://protonmail.com/blog/search-risk-google

https://protonmail.com/blog/wp-content/uploads/2010/10/google-search-risk-monopoly.jpg https://protonmail.com/blog/wp-content/uploads/2010/10/google_protonmail_search_risk-1024x163.png

This incident however highlights a previously unrecognized danger that we are now calling Search Risk. The danger is that any service such as ProtonMail can easily be suppressed by either search companies, or the governments that control those search companies. This can happen even across national borders. For example, even though Google is an American company, it controls over 90% of European search traffic. In this case, Google directly caused ProtonMail’s growth rate worldwide to be reduced by over 25% for over 10 months.
This meant that ProtonMail’s income from users was also cut by 25%, putting financial pressure on our operations.

#google #monopole

Squire
►http://neilj.github.io/Squire

Un éditeur wysiwyg simple et léger (en HTML 5) basé sur un iframe dont le <body> à pour attribut « contenteditable=’true’ » à la place du classique <textarea> (autorise aussi l’utilisation d’un quelconque noeud du DOM à la place d’un iframe)
Utilisé comme éditeur du webmail ProtonMail

Squire is an HTML5 rich text editor, which provides powerful cross-browser normalisation, whilst being supremely lightweight and flexible. It is built for the present and the future, and as such does not support truly ancient browsers. It should work fine back to around Opera 10, Firefox 3.5, Safari 4, Chrome 9 and IE8.
Unlike other HTML5 rich text editors, Squire was written as a component for writing documents (emails, essays, etc.), not doing wysiwyg websites.
If you are looking for support for inserting form controls or flash components or the like, you’ll need to look elsewhere. However for many purposes, Squire may be just what you need, providing the power without the bloat.
Installation
– Download the source from neilj/Squire
– Copy the contents of the build/ directory onto your server.
– Edit the <style> block in document.html to add the default styles you would like the editor to use (or link to an external stylesheet).
– In your application, instead of a <textarea>, use an <iframe src='https://seenthis.net/path/to/document.html'>.
– In your JS, attach an event listener to the load event of the iframe. When this fires you can grab a reference to the editor object through iframe.contentWindow.editor.
– Use the API below with the editor object to set and get data and integrate with your application or framework.

Voir la doc officielle sur ▻https://github.com/neilj/Squire/blob/master/README.md

#editeur #wysiwyg #squire #protonmail #textarea #iframe

ProtonMail still under attack, discloses details and writes “lessons learned”

About a month after the DDoS attacks started on their infrastructure[1], ProtonMail says they are still getting hit by 40 to 50 Gbps attacks.
The initial attacks knocked them offline, but with new equipment & mitigation service they purchased (#RadWare) they were able to withstand these attacks.

In a recent blog post they disclosed details about the attacks. The next day they were hit with a 59 Gbps attack...

In that blog post they also give some (basic) advice on how to protect against DDoS, such as:

• baseline your legitimate traffic
• take into account vulnerabilities outside your perimeter, such as your ISP or datacentre
• take into account reaction of your third parties, such as your ISP or datacentre; they may decide to take you offline so as to not disrupt the service of their other clients.
• don’t compromise on security: careful if you chose to provide your SSL keys to your DDoS mitigation service, because that also means they can scan ALL your traffic, all the time.

When facing a truly large scale DDoS, the attackers will also go after your upstream providers. In ProtonMail’s case, all of our upstream ISPs were attacked, and in fact the entire data centre we [and other companies there] are located at was taken offline,

What ProtonMail did:
• implement a direct connection to Tier-1 #Level3 and become their own ISP
• contract a cloud-based DDoS mitigation service, to help protect against volumetric attacks

https://protonmail.com/blog/wp-content/uploads/2015/12/ns-sp-bgp-routing-graphic.jpg

What it cost them:

Networking equipment: $30’000
BGP/GRE DDoS Mitigation (per year): $50’000 – $100’000
Dedicated IP Transit (per year): $20’000
Maintenance Overhead: $10’000+

ProtonMail DDoS attack details can be found here:

▻https://protonmail.com/blog/ddos-protection-guide

#DDoS
#ProtonMail

_

[1] See also ►http://seenthis.net/messages/425368

ISIS OPSEC manual advice:
▻http://www.wired.com/2015/11/isis-opsec-encryption-manuals-reveal-terrorist-group-security-protocols

There are no surprises among the documents. Most of the recommendations are the same that other civil liberties and journalist groups around the world advise human rights workers, political activists, whistleblowers and reporters to use to secure their communications and obscure their identity or hide their location. The appearance of this and other OPSEC documents in ISIS forums and social media accounts indicate that the jihadis have not only studied these guides closely, but also keep pace with the news to understand the latest privacy and security vulnerabilities uncovered in apps and software that could change their status on the jihadi greatest-hits list.

It contains advice on:
– How to use Twitter securely
– How to take photos bearing in mind Exif, tagging, geolocation etc
– The usage of encrypted phones (Cryptophone, Blackphone, SilentCircle)
– How to transmit info when public networks are (made) unavailable
– VPN software to use (Freedome, Avast SecureLine)
– safe browsing (TorBrowser, also on Android & iPhone, Aviator browser, Opera Mini, TrueCrypt, VeraCrypt)
– Use e-Mail security (HushMail, #ProtonMail, Tutanota
– Instant Messaging (Threema, Telegram, SureSpot, Wickr, CryptoCat, IO SwissCom, PQChat, Sicher, even #iMessage)
– How to use encrytped VoIP (Linphone, IO Swisscom, Silent Circle, RedPhone, Signal, and also #FaceTime)
– safe Cloud storage (MEGA, SpiderOak, SugarSync, Copy.com,

▻http://www.wired.com/wp-content/uploads/2015/11/ISIS-OPSEC-Guide.pdf
backup: ▻http://docdro.id/COUqJwe

#OPSEC
#cybersecurity

#protonmail cède au chantage pour faire cesser une attaque #ddos
▻http://www.zdnet.fr/actualites/protonmail-cede-au-chantage-pour-faire-cesser-une-attaque-ddos-39827816.htm

« Pour faire cesser l’attaque, la société a accepté de payer la rançon exigée par les attaquants, mais l’attaque a continué malgré le versement de l’argent. »

Quelle surprise !(Permalink)

100 Gbps DDoS on ProtonMail

http://traditores.org/wp-content/uploads/2014/06/protonemaillogo.jpg

Then they paid the 15 BTC (5.380 EUR) ransom but the attacks didn’t stop. Instead, it moved upstream and attacked the ISP’s infrastructure.
This is a fairly recent and new approach which may have an interesting outcome not in the advantage of the attackers.

On top of the 15 BTC ransom, ProtonMail also had to pay the ISP and the datacenter for the collateral damage incurred.

Because ProtonMail was unreachable it had to set up a communication channel via Wordpress:

▻https://protonmaildotcom.wordpress.com

You can find there details about the attack

This threat was followed by a DDOS attack which took us offline for approximately 15 minutes. We did not receive the next attack until approximately 11AM the next morning. At this point, our datacenter and their upstream provider began to take steps to mitigate the attack. However, within the span of a few hours, the attacks began to take on an unprecedented level of sophistication.

At around 2PM, the attackers began directly attacking the infrastructure of our upstream providers and the datacenter itself. The coordinated assault on our ISP exceeded 100Gbps and attacked not only the datacenter, but also routers in Zurich, Frankfurt, and other locations where our ISP has nodes. This coordinated assault on key infrastructure eventually managed to bring down both the datacenter and the ISP, which impacted hundreds of other companies, not just #ProtonMail.

[...]

The attack against ProtonMail can be divided into two stages. The first stage is the volumetric attack which was targeting just our IP addresses. The second stage is the more complex attack which targeted weak points in the infrastructure of our ISPs. This second phase has not been observed in any other recent attacks on Swiss companies and was technically much more sophisticated.

It is believed that the ProtonMail attack is likely to have been operated by two separate groups. The first one calls themselves the Armada Collective, and the second attackers exhibiting capabilities more commonly possessed by state-sponsored actors,, ProtonMail said.

#DDoS
#ransom #bitcoin
#Armada_Collective

Mr. Robot’s Toolbox

1. DeepSound

DeepSound is a steganography tool and audio converter that hides secret data into audio files.

▻http://jpinsoft.net/DeepSound

2. ProtonMail
Web-based, privacy-oriented e-mail with end-to-end encryption hosted in Switzerland. All the messages are encrypted in the user’s web browser before it reaches the ProtonMail servers. ProtonMail doesn’t hold the password and can never decrypt user messages. It works with two passwords, a user password and a mailbox password.

►https://protonmail.ch

More details about the security used:

▻https://protonmail.ch/pages/security-details.html

3. Raspberry Pi

►https://www.raspberrypi.org

4. Tastic RFID Thief

The Tastic RFID Thief is a silent, long-range RFID reader that can steal the proximity badge information from an unsuspecting employee as they physically walk near this concealed device. Specifically, it is targeting 125KHz, low frequency RFID badge systems used for physical security.
▻http://www.bishopfox.com/resources/tools/rfid-hacking/attack-tools

5. RSA SecurID
For 2FA (Two-Factor Authentication).

▻http://www.emc.com/security/rsa-securid/index.htm

6. Kali Linux
A Debian-based version of Linux that’s specifically built for penetration testing and security auditing.

▻https://www.kali.org

7. John the Ripper
A password cracker tool use to detect weak Unix passwords.

▻http://www.openwall.com/john

8. Metasploit and Meterpreter
A penetration testing tool.
(Penetration testing is the process of identifying security gaps in your IT infrastructure by mimicking an attacker. Think about it as quality assurance for your IT security.)

▻http://www.rapid7.com/products/metasploit/index.jsp

Meterpreter is a payload (tool) for Metasploit. It uses in-memory DLL injection stagers and is extended over the network at runtime.

▻https://www.offensive-security.com/metasploit-unleashed/about-meterpreter

9. Social-Engineer Toolkit

TrustedSec’s Social-Engineer Toolkit is an open-source pen testing framework designed specifically for simulating social engineering attacks, such as phishing, spear phishing, credential harvesting, and more
▻https://www.trustedsec.com/social-engineer-toolkit

10. FlexiSPY

A tool that lets you monitor other people’s device activities with an online portal. FlexiSPY doesn’t recover past data, but can show you anything still stored on their phone’s memory or SIM card,
▻http://www.flexispy.com

The WIRED article in which these tools are mentioned:
(warning, if you still have to see it, it contains spoilers about the technology used and in what episode & what for)

▻http://www.wired.com/2015/08/peek-inside-mr-robots-toolbox

WIRED Security writer Kim Zetter called it “the best hacking show yet.”

#security
#privacy
#hacking