Protonmail – The Worlds Most Secure Email – 12/14/17

End-to-End Encryption

Messages are encrypted at all times

Messages are stored on ProtonMail servers in encrypted format. They are also transmitted in encrypted format between our servers and user devices. Messages between ProtonMail users are also transmitted in encrypted form within our secure server network. Because data is encrypted at all steps, the risk of message interception is largely eliminated.

 

Zero Access to User Data

Your encrypted data is not accessible to us

ProtonMail’s zero access architecture means that your data is encrypted in a way that makes it inaccessible to us. Data is encrypted on the client side using an encryption key that we do not have access to. This means we don’t have the technical ability to decrypt your messages, and as a result, we are unable to hand your data over to third parties. With ProtonMail, privacy isn’t just a promise, it is mathematically ensured. For this reason, we are also unable to do data recovery. If you forget your password, we cannot recover your data.

Demo showing email cryptography End-to-end encryption means that no one but the intended recipient can read the message

 

Open Source Cryptography

Time-tested and trusted encryption algorithms

We use only secure implementations of AES, RSA, along with OpenPGP. Furthermore, all of the cryptographic libraries we use are open source. By using open source libraries, we can guarantee that the encryption algorithms we are using do not have clandestinely built in back doors. ProtonMail’s open source software has been thoroughly vetted by security experts from around the world to ensure the highest levels of protection.

Learn about ProtonMail and Open Source

By using open source encryption libraries, we can help guard against back doors designed to compromise your privacy.

 

Swiss Based

Incorporated in Switzerland

All user data is protected by the Swiss Federal Data Protection Act (DPA) and the Swiss Federal Data Protection Ordinance (DPO) which offers some of the strongest privacy protection in the world for both individuals and corporations. As ProtonMail is outside of US and EU jurisdiction, only a court order from the Cantonal Court of Geneva or the Swiss Federal Supreme Court can compel us to release the extremely limited user information we have.

Learn more

 

Hardware Level Security

Full disk encryption and storage in secured datacenters

We have invested heavily in owning and controlling our own server hardware at several locations within Switzerland so your data never goes to the cloud. Our primary datacenter is located under 1000 meters of granite rock in a heavily guarded bunker which can survive a nuclear attack. This provides an extra layer of protection by ensuring your encrypted emails are not easily accessible to any third parties. On a system level, our servers utilize fully encrypted hard disks with multiple password layers so data security is preserved even if our hardware is seized.

 

All ProtonMail servers and network traffic are encrypted

Anonymous

No tracking or logging of personally identifiable information

Unlike competing services, we do not save any tracking information. By default, we do not record metadata such as the IP addresses used to log into accounts. As we have no way to read encrypted emails, we do not serve targeted advertisements. To protect user privacy, ProtonMail does not require any personally identifiable information to register.

 

Self Destructing Messages

With ProtonMail, emails are no longer permanent

You can set an optional expiration time on ProtonMail’s encrypted emails, so they will be automatically deleted from the recipient’s inbox once they have expired. This technology works for both emails sent to other ProtonMail users, and encrypted emails sent to non-ProtonMail email addresses. Similar to SnapChat, we’ve added a way for you to have ephemeral communication.

SSL Secured Connections

Swiss SSL to secure your connection

We use SSL to secure communication between our server and your computer. Message data between our server and your computer is already sent encrypted, but we use SSL to add another layer of protection and to ensure that the web page your browser loads is not tampered with by a third party intercepting your traffic in a MITM (Man in the Middle) attack.

Our SSL certificate authority (CA) is QuoVadis Trustlink Schweiz AG, a leading Swiss SSL certificate issuer. Using a Swiss based CA ensures that our CA’s SSL infrastructure is not under the control of US or EU government agencies. To allow extremely security conscious users to further verify that they are in fact connecting to our server, we have also released the SHA1 and SHA-256 hash for our SSL public key.

Securely communicate with other email providers

Even your communication with non-ProtonMail users can be secure

We support sending encrypted communication to non-ProtonMail users via symmetric encryption. When you send an encrypted message to a non-ProtonMail user, they receive a link which loads the encrypted message onto their browser, which they can decrypt using a passphrase that you have shared with them. You can also send unencrypted messages to Gmail, Yahoo, Outlook and others, just like regular email.

Easy to Use

Comprehensive Security for Everyone

We created ProtonMail because we found that none of the existing secure email services available today are sufficiently secure. However, a secure service like ProtonMail cannot improve the security landscape if it is so difficult to use, nobody can use it. From the start, we designed ProtonMail with a strong emphasis on usability. As a result, ProtonMail is very easy to use. There is nothing to install, and no encryption keys to manage, if you can use Gmail, Thunderbird, or Outlook, you can use ProtonMail.

 

Share on FacebookTweet about this on TwitterShare on Google+Share on RedditPin on PinterestShare on LinkedInDigg thisemail hidden; JavaScript is required
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Beartooth Technology Released – September 2017 – Overview

What is Beartooth?

Beartooth is a handheld device that works with your smartphone to keep you connected when there is no cell service.

How does Beartooth work?

Beartooth works as a long range link between you and other Beartooth users. Your phone connects to your Beartooth using Bluetooth, and your Beartooth connects to other Beartooth devices up to 10 miles away over the 900 MHz ISM band.

  • Voice

    Speak to one person or broadcast to the whole group, instantly. Push-to-talk voice means quick communication with no waiting for calls to be picked up.

  • Text

    One-on-one texting or set up a group chat. You can even send emojis!

  • Maps and Location

    High-res offline topographic maps means you can leave your breadcrumbs at home. Pinpoint the exact location of everyone in your group. Locations refresh automatically with each message sent.

  • Mesh Networking

    Multiple hops extend your range as you create an advanced on-the-go network to stay in touch with all members of your group.

  • Security

    256-bit AES symmetric key encryption keeps your messages just between you and your friends.

  • Charging

    Recharge your phone on the go. The 3000mAh lithium ion battery has enough energy to fully charge your iPhone 7 1.5 times. That’s a lot of juice.

     

     

     

    Technical Specs:

  • iOS and Android Compatible
  • LOS Range: 5 Miles for Voice, 10 Miles for Text
  • NLOS Range: 2 Miles for Voice, 4 Miles for Text
  • 900 MHz Digital Transceiver (US Spec: 902MHz – 928MHz)
  • 1W Transmit Power (30dBm)
  • Up to -148dBm Receiver Sensitivity, 178dB Link Budget
  • Mesh Networking for Extended Range
  • FSK and LoRa Modulation with Frequency Hopping
  • AES 256-Bit Encryption
  • Bluetooth 2.0 Connection to Smartphone
  • 4 Day Battery Life (5/5/90 Duty Cycle)
  • 3000mAh Battery (1.5x iPhone 7 Battery Capacity)
  • USB Micro Port With Fast Bi-Directional Charging (2.1A)
  • 2.44″ x 4.0″ x 0.49″ and 4.5oz

Share on FacebookTweet about this on TwitterShare on Google+Share on RedditPin on PinterestShare on LinkedInDigg thisemail hidden; JavaScript is required
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Vault 7 – CouchPotato and Dumbo – Wikileaks – August 2017

CouchPotato

10 August, 2017

Today, August 10th 2017, WikiLeaks publishes the the User Guide for the CoachPotato project of the CIA. CouchPotato is a remote tool for collection against RTSP/H.264 video streams. It provides the ability to collect either the stream as a video file (AVI) or capture still images (JPG) of frames from the stream that are of significant change from a previously captured frame. It utilizes ffmpeg for video and image encoding and decoding as well as RTSP connectivity. CouchPotato relies on being launched in an ICE v3 Fire and Collect compatible loader.

Dumbo

3 August, 2017

Today, August 3rd 2017 WikiLeaks publishes documents from the Dumbo project of the CIA. Dumbo is a capability to suspend processes utilizing webcams and corrupt any video recordings that could compromise a PAG deployment. The PAG (Physical Access Group) is a special branch within the CCI (Center for Cyber Intelligence); its task is to gain and exploit physical access to target computers in CIA field operations.

Dumbo can identify, control and manipulate monitoring and detection systems on a target computer running the Microsoft Windows operating sytem. It identifies installed devices like webcams and microphones, either locally or connected by wireless (Bluetooth, WiFi) or wired networks. All processes related to the detected devices (usually recording, monitoring or detection of video/audio/network streams) are also identified and can be stopped by the operator. By deleting or manipulating recordings the operator is aided in creating fake or destroying actual evidence of the intrusion operation.

Dumbo is run by the field agent directly from an USB stick; it requires administrator privileges to perform its task. It supports 32bit Windows XP, Windows Vista, and newer versions of Windows operating system. 64bit Windows XP, or Windows versions prior to XP are not supported.

Share on FacebookTweet about this on TwitterShare on Google+Share on RedditPin on PinterestShare on LinkedInDigg thisemail hidden; JavaScript is required
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •