It seems Proton is based in Switzerland, and operates under their strict privacy laws. The UK part of my question was only the YouTube channel where I saw the advertisement.
On Fri, Mar 21, 2025 at 7:40 AM Tomas Kuchta <[email protected]> wrote: > > I think that the elephant in the room may be UK legislation - which > explicitly forces anyone's provider using encryption to hand over > decryption keys to UK government - that in turn has treaties to share them > with other 5 nations security agencies. > > I am not a user and, I hardly encrypt anything other than TLS to save me > from marketing research/analysis. > > For me, the issue would be that once bunch of agencies + the king and his > sidekick(s) can see my stuff without warrant - then there is no privacy > left. They will of course pay some "super secure/trusted" partner to store > and analyse the data for them .... At the very least they will use it to > train models which of course are free to be monetised . .... I have no > control to what end and to what conclusion they arrive. And no recourse, if > they/AI just makes stuff up about me. > > See: Why apple doesn't encrypt UK user's data. > > -T > > On Fri, Mar 21, 2025, 00:25 Russell Senior <[email protected]> > wrote: > > > One question I've had for a while is: how does key management work at > > Proton. Public key encryption rests on a foundation where your private > > key is exclusively known to you, and that all reasoning about what is > > private is directly tied to "who has access to your private key". One > > thing I have been unable to discover, which doesn't seem to be well or > > transparently documented, is "where is my private key and how is > > access to it managed?" Does anyone know? > > > > My vague understanding is that, supposedly, proton stores an encrypted > > version of your private key and supposedly when you type in your > > password to the random javascript they send you, you get a copy of the > > encrypted key and unlock the key in your browser, but ... and stick > > with me here, what if they send you javascript that leaks your > > password to them. In that case, they have the encrypted key and the > > unlocking password and therefore, they have possession of your private > > key and all privacy guarantees provided by the math of PK encryption > > are lost. Can someone please help me understand why or how that isn't > > possible? > > > > Thanks! > > > > -- > > Russell Senior > > [email protected] > > > > On Thu, Mar 20, 2025 at 8:23 PM King Beowulf > > <[email protected]> wrote: > > > > > > On 3/20/25 17:41, Michael Ewan wrote: > > > > I saw that Proton Pass sponsored a YouTube channel I enjoy (All The > > > > Gear is in the UK). It looked good on the surface. I know some of you > > > > use Proton Mail, any experience with Proton Pass? > > > > > > I've been using proton pass on my main linux box for a 2+ years with 90+ > > > password stored (mmm....I should check on some of those sites!). Works > > > well, easy and transparent, with goo feature set. Only sloth has > > > prevented me from migrating it to other devices. > > > > > > Highly Recommended. > > > > > > Diclaimer: I am a paying proton mail customer > > > > > > -Ed > > > > > > > >
