Secure Communication. Beware Proton Mail, Telegram and Signal

in LeoFinance3 years ago (edited)

Gooday LeoFinance Community

Researching

i have been doing a lot of research lately to tighten up my online security. This is especially important for those of us w upho are dealing with #cryptocurrencies, or posing potential threats to the status quo. If/when the The Powers that Shouldn't Be notice this and come gunning for as, we need top notch security. So, we better do that now before we leave too much trace.

VPN, Browser, Password Manager, Cloud-Drive

Before my research i was using Proton Mail, SurfShark VPN, Brave Browser and a password spreadsheet on an unencrypted cloud drive. Duh! I was aware the cloud drive was not the best idea but i wanted access from PC, phone and web-browser. Eventually i decided it was time to sort things out. I found Mega, a cross platform cloud storage which is decentralised and encrypted and run by a good guy i think. So, temporary solution, i moved password spreadsheet there, syncing to computer, accessible by mobile.

Password Manager

Now, feeling a bit more secure, i took time researching password managers, and for the time being i chose Bitwarden (which can be self-hosted. I'll progress to that bit for additional security. I had considered KeepassXC for desktop and KeePassDX for mobile, but there's a bit of additional work to do to make them work together which i didn't fancy tackling just yet. The only drawback i see so far with Bitwarden is it uses the system clipboard to copy across the passwords, although it does delete after a chosen timespan. I chose 10 seconds. Keepass DX however has it's internal clipboard process to avoid the risk of clipboard being hacked in that 10 second period. KeepassXC did not have that feature. So, Bitwarden it is for now. I've been using it for a little over a week and it works very well. I need to figure out how to get it to autofill to apps and extensions, but autofill to web pages works fine.

Telegram Replacement

Next came messaging app (or maybe that was before :-). I had been using Telegram more and more due to WhatsApp and Fakebook being spies and censors for The Powers that Shouldn't Be. But i recently noted several people saying Telegram groups are not encrypted and Signal also not only has security issues but also could well be a spyhole for the bad guys! So, more research and i settled on the seeming very secure element.io on the matrix protocol. This can do all Telegram can and more. I've not figured how to screenshare yet in video calls, but i think it's there somewhere.

Proton Mail

Click image for Source

Next, email. I thought Proton Mail was secure, but after reading a post https://t.me/neo_network/39 by Ramiro Romani in his neo-network Telegram group about security, which led me to several posts talking about issues with Proton Mail, and then to his own excellent article http://theconsciousresistance.com/protonmail-is-insecure about Proton, which goes into great depth and detail as to how Proton Mail are lying to us about their security. It convinced me. Goodbye Switzerland, Hello Iceland!

Power to the People

Let us withdraw our agreement from the 1% and create and use open source decentralised platforms (especially governance - more on that later) until the corrupt platforms fall into disuse. Power to the People!

That's all (for now) folk's.

Wishing you freedom, peace, prosperity.

Con Amor
Atma

Posted Using LeoFinance Beta

#leofinance #security #securecommunication #cryptocurrency #protonmail #ctemplar #ramiroromani #hive
3 years ago in LeoFinance by
$1.32
  • Past Payouts $1.32
  • - Author $0.67
  • - Curators & beneficiaries $0.65
  • > null: $0.66
50 votes
Reply 5
Sort:  
  • Trending
    • [-]
     3 years ago  

    $0.06
    • Past Payouts $0.06
    • - Author $0.03
    • - Curators $0.03
    2 votes
    Reply
    [-]
     3 years ago  

    @chrisrice might be interested in your article! 😁 Actually, I wonder why he hasn't read that yet. 🤔

    $0.03
    • Past Payouts $0.03
    • - Author $0.01
    • - Curators $0.01
    2 votes
    Reply
    [-]
     3 years ago  

    Well, i didn't tag him, and he is a Busy Bee. By the way, Protonmail responded to Remiro Romani's article. I may locate it and post the link, but if you find it first, please share. Thanks

    $0.03
    • Past Payouts $0.03
    • - Author $0.01
    • - Curators $0.01
    1 vote
    Reply
    [-]
     3 years ago  

    Thank you @savvyplayer, I will read it later tonight.

    • @atma.love has always seemed good at finding exceptional products and critiquing their weakpoints.

      Posted via D.Buzz
    $0.05
    • Past Payouts $0.05
    • - Author $0.02
    • - Curators $0.02
    1 vote
    Reply
    [-]
     3 years ago  

    I have read the article at http://theconsciousresistance.com/protonmail-is-insecure. 📖 The author claims that the weakness of ProtonMail is that its developers did not explicitly say that its web app (which can be accessed by any web browser) is vulnerable to attacks from hackers or the company itself by inserting a script that captures the password that decrypts the private key. 🕵️‍♂️ Therefore, the author expresses that the problem is with the team's transparency, not the security itself. 🕵️‍♂️🕵️‍♂️

    A comment on that article says that CTemplar prevents such attacks on their web app by making sure that the page of the web app has the same checksum as that of their source code on GitHub. 👍 I have read somewhere else that CripText offers the same functionality and protection, but encryption is available only in CripText-to-CripText emails. 🕵️‍♂️🤓

    $0.00
      Reply