hancas.blogg.se - Do scammers use proton email to hide emails

We, and other services, face unrelenting brute force attacks on our login endpoints. A few comments about this.Ī very small fraction of logins get the CAPTCHA challenge. This was a false positive in classifications by IPv4 (as I have an ISP that shares their IPv4, as all customer hardware uses IPv6 primarily) (read below to what I think can be done to help mitigate this problem). This was no anti-credentials-stuffing measurement. After clicking through three almost unsolvable captchas, I was led straight to the Inbox view. This Captcha appeared AFTER I entered the correct password for my login, and AFTER I entered the correct password for mailbox decryption.

Browser is Ungoogled Chromium (latest) with uBlock Origin and Cookie Autodelete.Įdit: I wanted to clarify the narrative that ProtonMail tries to make.

But this web traffic was received by ProtonMail without any Proxy in between, from my ISP's geo-ip-confirmable IP.Ĭurrently, if ProtonMail continues to deanonymize its users by including Google's Recaptcha code, I cannot recommend ProtonMail as a service to anyone anymore. I also understand that other Recaptcha using services are necessary when ProtonMail would face lots of TOR traffic (which actually would also endanger journalists abroad btw). I'm a European citizen (from Germany) and I never agreed to share any information with Google. To be honest, this issue is for me a reason to change services and I feel betrayed in the sense that I as a crowdfunding campaign sponsoring user think that this is a serious breach of GDPR law.

And especially not with an unethical service such as Google that seem to not respect any privacy laws that are applicaple in the European Union.

But reoccuring users that have -TWO- passwords to identify themselves with should not need to re-identify themselves as a human. I understand that there's intention to lower the rate of spammer accounts in the Registration process. Find out ProtonMail is using Google Recaptcha, compromising privacy of all its already registered users.Īs a project/company that was founded as an immediate response to the Snowden Leaks, which revealed that the Google PREFs cookie is literally how the NSA tracks users across the planet, I find this very absurd to see.Recaptcha is now injected and compromising a machine's identity on every single login especially so if cookies are deleted afterwards to preserve user privacy.

A recent change over the course of the last two weeks led to re-visiting, re-logging-in users.