[robcohen]

> Proton only has access to your IP and device ID, not your data.

I like Proton. I use Proton.

However, the problem with proton is that if you access your email via a web browser, there's nothing stopping protonmail (to my knowledge) from reading your email from within their webapp via JS. This type of attack could be targeted at the behest of authorities.

So, actually, Proton COULD read your email (IFF you use webmail).

[gruez]

>So, actually, Proton COULD read your email (IFF you use webmail).

The authorities can also read your self-hosted email if they had a warrant to search your house. Even if you enable FDE they can do a cold boot attack.

[golem14]

I believe that you would not expect that level of interaction with LEAs for a "stop cop city" dude that hasn't even been charged with a crime.

I'd count that up as a hypothetical win of the self-hosted main in your own location.

If you are Dr. Evil, OTOH, other calculi apply.

[encrypted_bird]

Just out of curiosity, what is a cold boot attack?

[gruez]

https://en.wikipedia.org/wiki/Cold_boot_attack

tl;dr they pull the decryption keys from your computer while it's still running, which of course it is because your mail server has to be up 24/7.

[wildzzz]

Simple solution: put your server inside of a cabinet or enclosure that immediately powers it off if opened with a hidden micro switch. Additionally, write a little udev rule to immediately power off if any new USB device is connected or Ethernet is unplugged.

[encrypted_bird]

So a trip-switch for the server?

How would one access it if one needed to do config changes or, really, anything the server for legitimate purposes?

[quesera]

ssh in and shut down first (and/or just use a properly reliable filesystem).

Mail transfer can tolerate multi-hour interruptions. Imagine the drama if it couldn't!

[encrypted_bird]

That is fascinating! Thanks for sharing!

[Tepix]

What if you use encryption?

[perching_aix]

FDE stands for "Full Disk Encryption" in this context.

[johanyc]

You always put trust in the vendor even if they use e2ee because the end clients are made by them.

They can just send things without e2ee from any of their clients (not just web).

> This type of attack could be targeted at the behest of authorities.

No? How can authorities tell them how to do their business?

[perching_aix]

Is even that needed? Nothing e2ee about the emails you receive normally, they could just read them right away if they really wanted to. And that is to say nothing about the metadata.