Indian government moves to ban ProtonMail after bomb threat

whats alternative if not proton ?
try JioMail or AdaniMail.

on serious note, Tutanota & Mailbox are way better than proton, but no guarantee those wont be blocked in future.
iIt's not about a particular govt, rather the masses, internet landed in all wrong hands in this country, who can sell their persona/private information for a 10/- coupon. And there is no returning back.
Privacy & democracy in this country is Myth.
Whatever you use, for example you purchase tutanota subscription, its already attached to centralised surveillance system adhar. (banks,mobile, everything is attached you to adhar profile)


gov will have an excuse to ban all privacy related apps/protocols.
No need.
they will chose the "whatsApp model", where you are in a dream that your messages and calls are encrypted.
 
Last edited:
Every day, the current govt. strives to emulate Sasta China!

The privacy community faced a major setback this week as Skiff was acquired by Notion, forcing users to migrate. I've been busy replacing the Skiff email address with a Proton email address everywhere this week. Fortunately, I used a custom domain on Proton. If using Proton becomes too challenging despite using a VPN, I can easily migrate away without any hassle this time because of a custom domain.
 
This is so sad. I have a lot of services liked with my proton e-mail. Should I just start changing my email address, or will there be a substantial notice period before any potential ban is implemented?
 

The police is now tracking the IP address of the email address. Sources have told ANI that these kind of emails are usually sent using a VPN connection to enable the sender to mask the original IP address. The cyber team is confident of tracing the IP address. Sources in the investigation team also say that the Dark Web could have been used to send the threat mail.
 

Related. Given Proton will comply with countries that are signed into by the Swiss govt. for data sharing, I guess this might not be as big of a problem in the future once India is also a member. Though, even in the above case, Proton was just one of the links.
 
@enthusiast29
Can tracking onion exit node help to trace the culprit, is that easy ?
That would... depend, but it's rarely ever easy. Whenever multiple countries/destinations comes into play, it becomes really difficult. Even setting that aside, most 'consumers' using Onion wouldn't keep logs, which would make it even more difficult (not impossible by itself, 'technically').

That said, most 'dark web' users are caught when they have to come in physical contact with something else, not by being traced via their onion routes. It's basically a game of phishing over there, lol


As for email, I'd like to point towards what Migadu says, and I've to agree with them:

Email as we know it and encryption are incompatible. If someone is telling youotherwise, they are not to be trusted.


Email is built on top of plain text protocols and messages flow in plain text.If you encrypt, you cannot scan for spam or viruses, index messages for searchingor recover messages when a password gets lost. Not to mention the usability issuesof changing passwords / encryption keys.


This cannot be fixed, at least not any time soon without breaking the protocolson which email relies.


If we were to roll out encryption at rest, we would have to keep theencryption keys ourselves. That means we would be encrypting and decryptingmessages on the fly using a key which is available on the same storage whereyour data is. That is not encryption but rather encoding, and we do not see thegreat benefit of it.


You may be thinking now, what if someone obtained the hard drives from the servers?Good one. We split data between disks and ensure individual disks are not sufficient torecover data. Our servers run in secure data centers that are internationallycertified for their security and data privacy processes. In short, a Hollywood-likeaction would be needed to get physical access to the servers, and the data-centeradministrators do not just toss out faulty disks into the nearest garbage bin.


We know some email providers automatically encrypt messages as they arrive using users'public keys. That sounds exciting but in practice it does not really preventthe provider from accessing the mails. It only makes email less usable, lessstandard and more tied to that provider. What you gain in security you lose inportability and usability, and what we do not want for ourselves, we won’t beoffering others either.


If you are interested in real encryption and absolute security for your Santa letters,please use end-to-end encryption tools such as GPG with your correspondents or pulllocally all your messages periodically (e.g. via POP3) and encrypt themyourself on your local device.

Link to their site: https://www.migadu.com/procon/

While you can argue otherwise, I think if you want E2EE with every participant of yours and not just a select few and also want an open protocol (ProtonMail isn't that, you've to use their clients), you should be looking at something else entirely, not email.

Should India ban ProtonMail because of encryption issues? Definitely not, that's just unethical.
Should you depend on ProtonMail entirely? I'd say no.

The most 'future-proof' solution is either to use what everyone else loves, Gmail or Outlook, or have email at your own domain. For the latter, I suggest looking at Fastmail or Migadu, or other services that provide different things. Email is a pretty wide and amazing space. I've used both, and Migadu's offering is more in-line for me, and I love their alps webclient for self-hosting, but Fastmail is likely to be much more user-friendly. Worst case, you can self-host email yourself, too. It's not as bad as it was a few years ago, but you've to deal with a shit ton of things still. For that option, two things come to my mind: Maddy and Mailinabox
or look here



NOTE: I'm not saying ProtonMail is bad or that you should stop using it, I'm just listing alternatives to it as long as you're okay with giving up on the 'email encryption' part of your email life. You can still have encryption using PGP, though. So it's not gone, but has become client-specific.
 
Did it got banned in the end?
It didn't. It never got banned to begin with. Some govt. officials had only brought up ban as a suggestion which was rightly countered by many, within the Government. Since the banning never got materialised, this entire thing is a hoax.

 
Last edited:
all this banning/tracking etc. makes entire India Bomb Proof (99%), otherwise 10 years back every day morning/afternoon/evening/night 24x7 bomb blast news was keep coming.

Now please do not start arguing on my above post, as i know you all are very good in arguing seating in AC room but common Indian who keep moving to earn in public transportations get relief from that deadly bomb blasts is true ... no matter if you agree or not
 
Unfortunate situation indeed, but if looked from law enforcement side in certain situations, it may be real trouble.
Not at all supporting such moves, but individual situations may warrant tough measures.
 
Back
Top