this post was submitted on 07 May 2024
519 points (94.4% liked)

Technology

59424 readers
2853 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 28 points 6 months ago (2 children)

In that particular case they did need to log the ip because they were compelled to do so by a Swiss court.

That was an opsec failure on the user, if they used a VPN or Tor they would not have been caught.

[–] [email protected] 7 points 6 months ago (1 children)

A VPN would've only shifted the "blame" unless it was a decent one like IVPN.

Tor would've been much better, especially considering Proton has an .onion address.

[–] [email protected] 13 points 6 months ago

Yes, by VPN I meant something decent. Not whatever spyware is top on the Play Store for circumventing geoblocks.

They were already using Proton Mail, they just were probably thinking that was enough. It would have been if the French had not been able to convince a Swiss court that their request was valid.

[–] [email protected] 2 points 6 months ago (1 children)

So couldn't a court compel the VPN to log all IPs and then use some FISA level shit to prevent the VPN from alerting users?

There's been a handful of VPN cases taken to court where they have proved, at that moment in time, that they had no logs to hand over. But why not take it that last step and compel the change then?

[–] [email protected] 3 points 6 months ago (1 children)

That's a good question. I know good vpns like mullvad do not and can not log ips/traffic without changes to their backend, I wonder if they could claim "it's impossible" or something (clearly bogus, but the argument could be "with our current infrastructure, I.e. We can't afford to redo our systems to comply")

[–] [email protected] 2 points 6 months ago

US Gov: Here's a blank cheque, make it happen.

But really, the best I can come up with given this is clearly not impossible, is it would destroy the business, but I still think FISA could somehow bypass that given how broad and secret it is.