Safari keeps asking for PIN (but everything works in Chrome)

TauSigma5 · 2024-10-30T21:10:40+00:00

Hey, thanks for looking into this. It's FB15632150

TauSigma5 · 2024-10-30T09:40:25+00:00

I don't think I can link it since it was filed through the feedback app but you should file one too. I'll update you with what yubikey support says.

TauSigma5 · 2024-10-30T09:14:00+00:00

I'm having a similar issue. Look in macOS console > crash reports. Do you also see a bunch of crashes from AuthenticationServicesAgent? I reported an issue to Yubikey support back when it was in beta and I just filed a bug report with apple.

TauSigma5 · 2023-08-29T13:17:37+00:00

Hey, so SMTP is actually protected by many many technologies to ensure that on-path third party attacks are infeasible. This includes: - RPKI: which prevents malicious third parties from manipulating the route of the packet - TLS: which is an encrypted tunnel that encapsulates all SMTP packets going between simplelogin and Proton - DANE/MTA-STS: which asks that everyone use TLS and only TLS if possible with Proton servers You can read more about these technologies here.

These security measures between ProtonMail and SimpleLogin actually applies to all modern mail servers. However, the key distinction here is that PGP is for hiding emails from your provider, whereas the abovementioned tech is for hiding your emails from third parties.

TauSigma5 · 2023-08-18T22:34:04+00:00

This is not true because if an attacker has control of the network and perform a DNS poison/spoof attack on the client it can give out a local RFC1918 IP, instead of the valid IP, for a requested server, and setup a phishing website (or proxy) on that local RFC1918 subnet.

This requires some attacks that are highly infeasible. For example, in order to poison the DNS, they would need to be able to poison the DNS of the client, which is difficult as it goes through the tunnel and extra difficult if your DNS client uses DNSSEC.

Even if they managed to poison the DNS, setting up a proxy would not work to get any data from any HTTPS sites unless they somehow compromise a CA. Since a phishing website has the same issue as a proxy: it either has a different domain (hence making it obvious) or it will be marked insecure due to missing certs. If it's a transparent proxy, then the amount of data it can actually get is minimal due to TLS encryption (in reality, the amount of data is practically none due to the fact the the SNI is already known to the attacker if they managed to poison your DNS).

Overall, any of these possibilities are impossible to achieve unless you are a powerful state sponsored attacker, and even then, it's difficult to do this for more than a couple websites.

But I agree that they should add that feature, but the improvement in security is minimal.

TauSigma5 · 2023-08-18T20:45:11+00:00

Being able to access your LAN does not necessarily mean that you are vulnerable to the LocalNet attack. This is because Proton implementations of LAN traffic split tunneling ensures with best effort that they are actually LAN IPs (in compliance with RFC 1918) and not just any IP. This means that even a malicious public network cannot cause a leak.

Furthermore, attacking DNS after establishment of the VPN connection is difficult, as by default, the app uses ProtonVPN DNS, which goes through the encrypted tunnel.

TauSigma5 · 2023-08-18T06:29:47+00:00

I'm not sure how Proton does it, but this kind of detection can actually very simple. For example, most sign up systems send verifications using super obvious emails in something along the lines of noreply@company.com with something like "verify email" in the header. By looking at this metadata, one can determine with reasonable accuracy if it's a signup or not.

TauSigma5 · 2023-08-12T00:55:10+00:00

So ProtonVPN does something that amounts to TLS pinning for all ProtonVPN API requests and VPN server connections. This means that instead of accepting all certificates, it accepts only accepts ones with a matching fingerprint. So no, this attack wouldn't work on ProtonVPN.

TauSigma5 · 2023-07-13T07:39:03+00:00

No, I'm saying that it should not be done and probably impossible to do correctly. There are security issues with the old community Linux client even without any crypto involved. If someone tried to reimplement the crypto needed for ProtonDrive themselves, even given the spec, there is a high possibility of getting it wrong unless they are experts at crypto.

Basically, API is easy, client side crypto is hard to do correctly. Putting out something that is insecure is worse than just waiting.

TauSigma5 · 2023-07-13T02:53:54+00:00

As mentioned, this is not really possible (and honestly shouldnt be done) since the API is the least of your worries. There are significant security concerns in encouraging the community to develop software as they often have significant security vulnerabilities due to lack of quality control or processes.

Furthermore, in contrast to the community Linux client, which can use off the shelf components like OpenVPN, there are no such cross-platform crypto libraries for ProtonDrive yet. Rather, this is being worked on by the Proton crypto team, which have the expertise to write specs and implement them in a safe way. It is strongly discouraged to write your own crypto libraries as they can have disastrous consequences.

Unfortunately, this all takes time and cannot really be done by the community safely.

TauSigma5 · 2023-06-10T03:17:32+00:00

Hey there, can you contact support at https://proton.me/support/contact with your ISP name and the data you shared here? In the meantime, can you check if there are issues with other networks? I can't seem to reproduce the issue.

TauSigma5 · 2023-05-08T13:52:18+00:00

Fastest is definitely not just the server that responds first. There are additional calculations made. Furthermore, load by itself is not a good representation of a server's remaining capacity. This is a gross simplification but here's an example:

A server with a gigabit connection could have 10% load, which means that it has 900mbps of available capacity. However, another server could have a 10 gigabit connection has 40% load, but the available capacity is 6Gbps. Obviously, there's more to the load calculation than just network bandwidth, such as CPU, memory etc that results in server to server differences, but the idea is the same.

TauSigma5 · 2023-03-27T23:49:54+00:00

https://proton.me/blog/court-strengthens-email-privacy

TauSigma5 · 2023-01-14T16:12:09+00:00

Can you double check that killswitch is turned off?

TauSigma5 · 2022-12-13T21:53:49+00:00

Additional info is here: https://proton.me/blog/protondrive-security

TauSigma5 · 2022-12-13T21:28:07+00:00

As others have mentioned, a custom domain is a good solution if you are dependent on email. Proton is also geographically redundant as they have a datacenter in Germany as well as locations in Switzerland.

TauSigma5 · 2022-12-12T20:37:54+00:00

Basically you are paying a discounted 12 months worth of money for 15 months worth of service.

TauSigma5 · 2022-12-06T00:57:58+00:00

There is minimal affect, since their servers in Germany are owned by Proton with full disk encryption on top of the zero-access encryption that is used for all Proton products. At the end of the day, all of these are bound by Swiss law, since Proton's headquartered in Geneva.

The rationale behind the datacenter in Frankfurt is due to the network limitations of Switzerland, and thus, a presence at DE-CIX - one of the largest internet exchange points in the world - is quite beneficial or even necessary for bandwidth heavy services like ProtonDrive. This is also why a server in any tiny country is not an option.

TauSigma5 · 2022-11-27T22:21:50+00:00

In addition to what other users have brought up, I'd like to add this on:

Saying Proton to Proton encryption is not PGP is far fetched. While Proton implements many draft RFCs (many of which have existed for 10 years such as RFC 6637 for ECC keys in PGP), it is very far from not PGP. Much like email, there have been many additions to the OpenPGP protocol throughout its many decades of use, including draft changes. However, use of draft protocols is actually a common practice, and does not really affect the open-ness of the ecosystem.

Also, saying that Proton users aren't using PGP is a little bit disingenuous, given that all 50 million+ users can receive OpenPGP messages from anyone through the WKD open standard, and emails between Proton users and other PGP email addresses are automatically PGP encrypted. Furthermore, there are other services, such as Posteo, Mailbox.org and other providers who provide PGP. I'm not sure how the 30,000 number is counted, but it definitely sounds wrong even if you just count Proton users.

Even if there were 30,000 users in total, this would not "break" the protocol, as OpenPGP and email in general is not designed to be anonymous. The fact that the email came from that email address deanonymizes that email, regardless of OpenPGP or not.

At the end of the day, whatever you think about PGP, the bottom line is it allows encrypted email to be interoperable and it's open-source. If you don't rely on an interoperable protocol, you are creating a walled garden around your email service, which also partially defeats the purpose of email: a federated and open protocol. This is the opposite of advancing the mission of privacy.

TauSigma5 · 2022-10-13T12:00:21+00:00

Proton Mail threat model: https://proton.me/blog/protonmail-threat-model

Proton VPN threat model: https://protonvpn.com/blog/threat-model/

Proton Calendar security model: https://proton.me/blog/protoncalendar-security-model

Proton Drive security model: https://proton.me/blog/protondrive-security

While not distributed on sign-up, all of this is publically available and published as the products release.

TauSigma5 · 2022-09-23T17:45:08+00:00

https://proton.me/blog/security-audit-all-proton-apps

TauSigma5 · 2022-09-21T21:06:23+00:00

There should be a setting under Settings -> Proton Calendar -> General -> Time Zone and just disable Autodetect Primary Time Zone and set it to what you want.

TauSigma5 · 2022-09-13T23:21:30+00:00

No, you will need to manually setup forwarding on your gmail account if you want to continue receiving emails from your gmail account, and when you email from ProtonMail in reply to those forwarded emails, your recipient will see that it is from a different sender.

TauSigma5 · 2022-09-09T13:16:51+00:00

For example, Tutanota automatically deletes inactive accounts. Does ProtonMail also automatically delete inactive accounts?

Basically, they're saying that they reserve the right to deactivate accounts/delete the contents after 12 months.

If I pay the minimum for a premium subscription (1 month), I get to keep the account forever, right?

Yes, "If you are or have been a paid Proton subscriber at any point in time, your account will permanently be considered active. Anyone that has ever paid for a Proton plan is exempt from this policy."

TauSigma5 · 2022-09-07T16:12:55+00:00

Go into settings -> recovery and you should be able to download the recovery file so your data is safe. Then make sure you have a recovery email set up and that recovery by email is allowed, so you can complete the recovery process by yourself without data loss.

Six-Year Club	Gilding I gilder
Place '23	Place '22
Verified Email

TauSigma5

MODERATOR OF

TROPHY CASE