ProtonMail is in talks with Huawei about including its encrypted email service in future mobile devices, part of the Chinese phone maker's plan to develop an alternative to Google ecosystem. From a report: The Swiss company's service could come preloaded on future Huawei mobile devices or be offered inside its app store, AppGallery, said Andy Yen, ProtonMail's chief executive officer. The company hasn't made a final decision about offering its service on Huawei's channel, he said. Huawei may lose access to Google's programs after the U.S. added it to a trade blacklist in May, meaning American businesses need a special license to do business with the Chinese company. The restrictions also affect updates for the Google Android operating system that powers all its smartphones abroad, and without which Huawei can't offer critical apps like Gmail. As a result, Huawei has been racing to build out its own mobile operating system, HarmonyOS, and enlisting developers to offer services on its app store. "What they see from us is having an alternative to Google in case they can't offer Google anymore," Yen said in an interview.

Even though Google launched confidential mode over a year ago, people are still confused about what it does. Is it actually secure or private? Is it encrypted? From a report: When you turn it on, does it prevent Google from reading your messages? The answer to these questions is 'no.' In fact, the decision to call it "confidential" suggests a level of security and privacy that doesn't exist in Gmail confidential mode. Gmail's confidential mode does not mean your messages are end-to-end encrypted. Google can still read them. Expiring messages aren't erased for good, and the recipient can always take a screenshot of your message.

Gmail's confidential mode does not make emails private because Google can always read them. When you send an email with confidential mode turned on, Google keeps the email contents on its servers. Other Gmail users can read the email in their inbox, but outside users only receive an email notifying them that a sender "has sent you an email via Gmail confidential mode" along with a link to a page on google.com.

An anonymous reader quotes a report from TechCrunch: Russia has told internet providers to enforce a block against encrypted email provider ProtonMail, the company's chief has confirmed. The block was ordered by the state Federal Security Service, formerly the KGB, according to a Russian-language blog, which obtained and published the order after the agency accused the company and several other email providers of facilitating bomb threats. Several anonymous bomb threats were sent by email to police in late January, forcing several schools and government buildings to evacuate.

In all, 26 internet addresses were blocked by the order, including several servers used to scramble the final connection for users of Tor, an anonymity network popular for circumventing censorship. Internet providers were told to implement the block "immediately," using a technique known as BGP blackholing, a way that tells internet routers to simply throw away internet traffic rather than routing it to its destination. But the company says while the site still loads, users cannot send or receive email. The way the KGB blocked ProtonMail is "particularly sneaky," ProtonMail chief executive Andy Yen said. "ProtonMail is not blocked in the normal way, it's actually a bit more subtle. They are blocking access to ProtonMail mail servers. So Mail.ru -- and most other Russian mail servers -- for example, is no longer able to deliver email to ProtonMail, but a Russian user has no problem getting to their inbox."

"That's because the two ProtonMail servers listed by the order are its back-end mail delivery servers, rather than the front-end website that runs on a different system," adds TechCrunch.

A new penetration testing tool published at the start of the year by a security researcher can automate phishing attacks with an ease never seen before and can even blow through login operations for accounts protected by two-factor authentication (2FA). From a report: Named Modlishka --the English pronunciation of the Polish word for mantis -- this new tool was created by Polish researcher Piotr Duszynski. Modlishka is what IT professionals call a reverse proxy, but modified for handling traffic meant for login pages and phishing operations. It sits between a user and a target website -- like Gmail, Yahoo, or ProtonMail. Phishing victims connect to the Modlishka server (hosting a phishing domain), and the reverse proxy component behind it makes requests to the site it wants to impersonate. The victim receives authentic content from the legitimate site --let's say for example Google -- but all traffic and all the victim's interactions with the legitimate site passes through and is recorded on the Modlishka server.

A hacker going by the name AmFearLiathMor is claiming to have hacked ProtonMail and stolen "significant" amounts of data. They have posted a ransom demand to an anonymous Pastebin but it reads like a prank, as it states that the alleged hackers have access to underwater drone activity and treaty violations in Antarctica. Lawrence Abrams writes via BleepingComputer: According to the message, a hacker going by the name AmFearLiathMor makes quite a few interesting claims such as hacking ProtonMail's services and stealing user's email, that ProtonMail is sending their user's decrypted data to American servers, and that ProtonMail is abusing the lack of Subresource Integrity (SRI) use to purposely and maliciously steal their user's passwords. After reading the Pastebin message (archive.is link), which is shown in its entirety below minus some alleged keys, and seeing the amount of claims, the first thing that came to mind was a corporate version of the sextortion scams that have been running rampant lately. As I kept reading it, though, it just felt like a joke. ProtonMail posted on Twitter that this is a hoax and that there is no evidence that anything states is true. The encrypted email service provided a statement to BleepingComputer: "We believe this extortion attempt is a hoax, and we have seen zero evidence to suggest otherwise. Not a single claim made is true and many of the claims are unsound from a technical standpoint. We are aware of a small number of ProtonMail accounts that have been compromised as a result of those individual users falling for phishing attempts. However, there is zero evidence of a breach of our infrastructure."

Encrypted email service provider ProtonMail has launched its standalone VPN app for iOS devices. From a report: The announcement comes more than a year after ProtonVPN launched globally for desktop users and 10 months after it landed on Android, so the iOS launch has been a long time coming. There is, of course, no shortage of VPN apps out there already, but ProtonMail has built a solid reputation in the encrypted communications realm since it was founded out of CERN in 2013. Following the launch of its privacy-focused email service nearly three years ago, the company subsequently added two-factor authentication (2FA), Tor support, an encrypted contacts manager, and of course a VPN service.

ProtonMail offers various pricing tiers for ProtonVPN, ranging from free to $24 per month. Those who choose not to pay can access three countries' servers, with access on one device, but will have slower speeds, while the top $24/month tier offers access on 10 devices with server access in all available countries. In related news, ProtonMail said that ProtonVPN now has 1 million users globally.

ProtonMail, a secure email service provider used by more than two million users and references of which has been made in shows like Mr. Robot, has been facing outages for the last two days as it fights numerous DDoS attacks. "The attacks went on for several hours, although the outages were far more brief, usually several minutes at a time with the longest outage on the order of 10 minutes," a ProtonMail spokesperson told BleepingComputer, adding that it has tracked the attack to a group that claims to have ties to Russia. But things are more complicated than that, and it appears ProtonMail users, who are already annoyed at the frequent outages over the last few days, are up for more such downtimes in the coming days. BleepingComputer: But in reality, the DDoS attacks have no ties to Russia, weren't even planned to in the first place, and the group behind the attacks denounced being Russian, to begin with. Responsible for the attacks is a hacker group named Apophis Squad. In a private conversation with Bleeping Computer today, one of the group's members detailed yesterday's chain of events. The Apophis member says they targeted ProtonMail at random while testing a beta version of a DDoS booter service the group is developing and preparing to launch.

The group didn't cite any reason outside "testing" for the initial and uncalled for attack on ProtonMail, which they later revealed to have been a 200 Gbps SSDP flood, according to one of their tweets. "After we sent the first attack, we downed it for 60 seconds," an Apophis Squad member told us. He said the group didn't intend to harass ProtonMail all day yesterday or today but decided to do so after ProtonMail's CTO, Bart Butler, responded to one of their tweets calling the group "clowns."

This was a questionable response on the part of the ProtonMail CTO, as it set the hackers against his company even more. "So we then downed them for a few hours," the Apophis Squad said. Subsequent attacks included a whopping TCP-SYN flood estimated at 500 Gbps, as claimed by the group.

The creators of popular encrypted email service ProtonMail have released a free version of their ProtonVPN software for macOS. From a report: Even though the free version does not contain the full features that you would come to expect from a paid VPN service it is more than capable of obfuscating IP addresses and your location. While ProtonVPN has already released Windows and Android versions, according to Dr. Andy Yen, CEO of ProtonMail, their reason for releasing the free macOS version "is to make the world a safer place by ensuring that citizens around the world have access to an Internet free of spying and censorship. Releasing a free VPN service for macOS is another important step in that direction."

The upcoming update to Gmail might include a feature which would allow users to send emails that expire after a user-defined period of time. From a report: Working on an email service is hard as you have to be compatible with all sorts of email providers and email clients. But it doesn't seem to be stopping Google as the company is now evolving beyond the simple POP3/IMAP/SMTP protocols. Based on those screenshots, expiring emails work pretty much like expiring emails in ProtonMail. After some time, the email becomes unreadable. In the compose screen, there's a tiny lock icon called "confidential mode." It says that the recipient won't be able to forward email content, copy and paste, download or print the email.

ProtonMail: We have confirmed that Internet service providers in Turkey have been blocking ProtonMail this week. Our support team first became aware of connectivity problems for Turkish ProtonMail users starting on Tuesday. After further investigation, we determined that protonmail.com was unreachable for both Vodafone Turkey mobile and fixed line users. Since then, we have also received some sporadic reports from users of other Turkish ISPs. At one point, the issue was prevalent in every single major city in Turkey. After investigating the issue along with members of the ProtonMail community in Turkey, we have confirmed this is a government-ordered block rather than a technical glitch. Internet censorship in Turkey tends to be fluid so the situation is constantly evolving. Sometimes ProtonMail is accessible, and sometimes it is unreachable. For the first time ever though, we have confirmed that ProtonMail was subject to a block, and could face further issues in the future. In the post, ProtonMail has also outlined ways to bypass the block.

An anonymous reader shares a report: On Wednesday, encrypted email provider ProtonMail claimed it had hacked someone who was impersonating its service in phishing emails, and the company then swiftly deleted the tweet. Early Wednesday morning, the security researcher known as x0rz tweeted out a series of screenshots allegedly showing someone sending emails that directed targets to a fake ProtonMail login screen. "You have an overdue invoice," the message read. In response, ProtonMail said it had taken action. "We also hacked the phishing site so the link is down now," ProtonMail tweeted. Depending on the context and what exactly the retaliating organization did, hacking back can be illegal. Hacking could violate the Computer Fraud and Abuse Act, or perhaps even wiretapping legislation. A recently proposed bill would attempt to legalize the practice. ProtonMail swiftly deleted its tweet, but not before x0rz could grab and subsequently tweet a screenshot. x0rz then deleted his own tweet at the request of ProtonMail.

An anonymous reader writes: River City Media, the company accused of running a huge spam operation, has filed a lawsuit against the security researcher and the journalist who exposed their activities. In a ludicrous lawsuit complaint, the company claims the security researcher didn't just stumble upon its unprotected Rsync server, but "perpetrated a coordinated, months-long cyberattack," during which it skirted firewall rules to access its server, used a VPN to disguise his identity, deleted critical files, and published his findings to make a name for himself as an elite security researcher. The company claims the researcher accessed Dropbox and HipChat logs, and even its PayPal account, from where it used funds to purchase various domains. The only evidence the company has is that the person who purchased the domains used a ProtonMail email, just like the researcher, who also uses a ProtonMail email. Remind you, this is the same security researcher, Chris Vickery, who discovered a Reuters database of supposed terrorism suspects, national voter databases for various U.S. states and Mexico, and various other companies.

ProtonMail now has a home on the dark web. The encrypted email provider announced Thursday it will allow its users to access the site through the Tor anonymity service. From a report: Swiss-based PGP end-to-end encrypted email provider, ProtonMail, now has an onion address, allowing users to access its service via a direct connection to the Tor anonymizing network -- in what it describes as an active measure aimed at defending against state-sponsored censorship. The startup, which has amassed more than two million users for its e2e encrypted email service so far, launching out of beta just over a year ago, says it's worried about an increased risk of state-level blocking of pro-privacy tools -- pointing to recent moves such as encryption messaging app Signal being blocked in Egypt, and the UK passing expansive surveillance legislation that mandates tracking of web activity and can also require companies to eschew e2e encryption and backdoor products. The service also saw a bump in sign ups after the election of Donald Trump as US president, last fall -- with web users apparently seeking a non-US based secure email provider in light of the incoming commander-in-chief's expansive digital surveillance powers.

On September 1, "GhostMail will no longer provide secure email services unless you are an enterprise client," reports ZDNet. "According to the company, it is 'simply not worth the risk.'" GhostMail provided a free and anonymous "military encrypted" e-mail service based in Switzerland, and collected "as little metadata" as possible. But this week on its home page, GhostMail told its users "Since we started our project, the world has changed for the worse and we do not want to take the risk of supplying our extremely secure service to the wrong people... In general, we believe strongly in the right to privacy, but we have taken a strategic decision to only supply our platform and services to the enterprise segment."

GhostMail is referring their users to other free services like Protonmail as an alternative, but an anonymous Slashdot reader asks: What options does an average person have for non-NSA-spied-on email? I am sure there are still some Ghostmail competitors out there but I'm wondering if it's better to coax friends and family to use encryption within their given client (Gmail, Yahoo, Outlook, whatever...) And are there any options for hosting a "private" email service: inviting friends and family to use it and have it kind of hosted locally. Ghostmail-in-a-box or some such?

An anonymous reader shares an interesting article on Daily Dot which lists a number of reasons why Switzerland should be deemed as the nation for storing all of your data. The article reads: As United States and European Union regulators debate a sweeping new data-privacy agreement, Switzerland is presenting itself as a viable neutral location for storing the world's data thanks to strict privacy laws and ideal infrastructure. The Swiss constitution guarantees data privacy under Article 13. The country's laws protecting privacy are similar to those enacted by the E.U. Swiss data protections are also, in some cases, much stricter than those of the E.U., according to Nicola Benz, attorney at Swiss law firm Froriep. And since Switzerland is not part of the E.U., data stored there remains outside the reach of the union's authorities. [...] The country's tight privacy laws could make the small nation more attractive to privacy-focused start-ups. And it already has that momentum. After the former NSA contractor Edward Snowden 2013 revelations about the National Security Agency's secret surveillance activities, Switzerland witnessed something of a boom in its data-center business. Phil Zimmermann, creator of the popular PGP encryption protocol and founder of Silent Circle, even left the U.S. for Switzerland last year, citing the overreach of American authorities. Andy Yen, CEO of Swiss-based encrypted email service Protonmail, said that the country has robust processes in how it carries out data requests from authorities. Data requests have to go through a court like in most countries, said Yen, but "the person that's having their data requested needs to be notified eventually about the request happening and there's an opportunity to fight it in an open court. This is quite different than the U.S., where things can go through a so-called FISA court."

An anonymous reader writes: A few days ago, privacy-oriented webmail service ProtonMail was hit by a massive DDoS attack, which was accompanied by extortion. It turns out they're not the only ones. FastMail has warned that similar attacks could lead to service disruptions this week. They have refused extortion demands, and have been hit with a couple brief attacks already. This follows attacks over the last week on Runbox, Zoho, and Hushmail. Each service has been working with data centers and network providers to mitigate the attacks as well as possible, but they're still struggling with intermittent service disruptions.

An anonymous reader writes: After several days of intense work, Switzerland-based end-to-end encrypted e-mail provider ProtonMail has largely mitigated the DDoS attacks that made it unavailable for hours on end in the last week. The attacks exceeded 100Gbps, and are still going on, but they are no longer capable of knocking ProtonMail offline for extended periods of time. The ProtonMail community of users proved to be invaluable for the company. In fact, in just a few days, they donated over $50,000 to the company's "defense fund," providing the resources to resist further attacks against email privacy.

An anonymous reader writes: The new pro-privacy, pro-encryption webmail service ProtonMail has been under a sustained DDoS attack since November 3. They received a ransom demand a few days ago, along with a brief demonstration of how effective the DDoS attack was. They were advised to pay the ransom, and they complied. Unfortunately, the attackers launched the DDoS anyway. Here's a quote from their press release:

"Through MELANI (a division of the Swiss federal government), we exchanged information with other companies who have also been attacked and made a few discoveries. First, the attack against ProtonMail can be divided into two stages. The first stage is the volumetric attack which was targeting just our IP addresses. The second stage is the more complex attack which targeted weak points in the infrastructure of our ISPs. This second phase has not been observed in any other recent attacks on Swiss companies and was technically much more sophisticated. This means that ProtonMail is likely under attack by two separate groups, with the second attackers exhibiting capabilities more commonly possessed by state-sponsored actors. It also shows that the second attackers were not afraid of causing massive collateral damage in order to get at us."