Author

Topic: Protonmail Disaster Problem (Read 300 times)

legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
April 27, 2021, 03:39:49 AM
#19
While that blog site may not be credible, I would not necessarily trust Protonmail if you have something to hide, such as being a dissident in an oppressive country. You can use Protonmail, but you should not rely on it to guarantee your privacy. Many oppressive countries have extensive hacking programs, and there is always the risk that there is a vulnerability, or that one of their engineers gets compromised.

I'll keep that in mind, but for now ProtonMail (and similar mail provider such as Tutanota) is good enough for regular people like me.

I am not going to recommend a specific security setup for dissidents, however, it should probably involve using PGP encryption for every message sent/received, along with the use of a Web of Trust.

I agree.
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
April 28, 2021, 11:32:10 AM
#18
It is no secret that I have a Chase credit card, that I shop at Macy's, or that I like to eat Jimmy Johns. I am not hiding any of this information, and I don't mind seeing ads I might be interested in.
This is where we disagree then, it seems. My email provider has absolutely no need to know which phone carrier I am with, where I am using my credit card, or what I am buying from Amazon. They certainly have no need to use that to build a profile on me which they can monetize by selling to any number of third parties and share around the world. I have all ads aggressive blocked everywhere (except bitcointalk, funnily enough), but it's not just marketing agencies who are interested in this data. This data is also very valuable to government agencies and companies such as Cambridge Analytica.
That is fair enough of an opinion. The government has access to where you are using your credit card, and what you are buying at Amazon. Companies with significant resources will also have access to the above information, and companies with fewer resources can determine where you are using your credit card.

As I mentioned, allowing Google, for example, to know a little bit of information about me that is more or less already public, allows them to serve me ads that are relevant to me. Bitcointalk keeps detailed information about your browsing history, which is probably similar to what other social media sites keep. Bitcointalk does not monetize it's data the same way that most other social media sites do.
legendary
Activity: 2268
Merit: 18771
April 28, 2021, 08:18:13 AM
#17
There is an option around this called encrypt for outside though.
It is an imperfect solution and it would be far better to simply use PGP, although I concede that convincing everyone to start using PGP is an impossible task. The difficulty obviously arises in securely communicating the password to the intended recipient. If you have a method to completely securely communicate with them, then why would you not just communicate your message via this method, rather than the password to an encrypted email? It might prevent Google from blanket reading and analyzing all of your emails (which they do), but it isn't really a secure replacement for PGP.

It is no secret that I have a Chase credit card, that I shop at Macy's, or that I like to eat Jimmy Johns. I am not hiding any of this information, and I don't mind seeing ads I might be interested in.
This is where we disagree then, it seems. My email provider has absolutely no need to know which phone carrier I am with, where I am using my credit card, or what I am buying from Amazon. They certainly have no need to use that to build a profile on me which they can monetize by selling to any number of third parties and share around the world. I have all ads aggressive blocked everywhere (except bitcointalk, funnily enough), but it's not just marketing agencies who are interested in this data. This data is also very valuable to government agencies and companies such as Cambridge Analytica.
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
April 28, 2021, 02:57:13 AM
#16
You can use Protonmail, but you should not rely on it to guarantee your privacy.
Absolutely agree. I'm happy using ProtonMail over a product from the likes of Google, Microsoft, or Apple, for simple things like online shopping and paying bills where you cannot use PGP encryption for all your emails. I am fairly confident ProtonMail aren't reading the contents of my emails and selling this information to advertisers and a variety of other third parties like the big tech companies do.

However, for any sensitive communication (or even better, at all times it is possible to do so) then PGP encryption is a must.
I would be comfortable using a major tech company's advertising-based email service for things such as bill pay or generic retail business correspondence. It is no secret that I have a Chase credit card, that I shop at Macy's, or that I like to eat Jimmy Johns. I am not hiding any of this information, and I don't mind seeing ads I might be interested in. Personal correspondence however is different. I would generally prefer more privacy when having more personal conversations. Ultimately, if I am using any 3rd party to host my email, I am trusting them to not read what I am saying and what is being said to me (if I am not using some kind of encryption outside of the email provider).

legendary
Activity: 3472
Merit: 10611
April 28, 2021, 01:41:18 AM
#15
I am fairly confident ProtonMail aren't reading the contents of my emails and selling this information to advertisers and a variety of other third parties like the big tech companies do.
It depends on whether you are sending an Email from your ProtonMail account to another ProtonMail Email or another Email like a gmail account. In the former scenario your Emails are end-to-end encrypted which means nobody including the ProtonMail company can read your Emails but in the later scenario the TLS encryption provided by the other Email provider (eg Gmail) is used which means they can read your Emails. There is an option around this called encrypt for outside though.

You can read more about encryption here: https://protonmail.com/support/knowledge-base/what-is-encrypted/

However, for any sensitive communication (or even better, at all times it is possible to do so) then PGP encryption is a must.
Totally agree.
legendary
Activity: 2268
Merit: 18771
April 27, 2021, 03:32:24 AM
#14
You can use Protonmail, but you should not rely on it to guarantee your privacy.
Absolutely agree. I'm happy using ProtonMail over a product from the likes of Google, Microsoft, or Apple, for simple things like online shopping and paying bills where you cannot use PGP encryption for all your emails. I am fairly confident ProtonMail aren't reading the contents of my emails and selling this information to advertisers and a variety of other third parties like the big tech companies do.

However, for any sensitive communication (or even better, at all times it is possible to do so) then PGP encryption is a must.
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
April 26, 2021, 05:59:35 PM
#13
Can you share source of this information?
There is an individual/group with an interest in discrediting ProtonMail (for reasons unclear), who started this site - https://privacy-watchdog.io/ - which is basically just a bunch of poorly written blog posts attacking ProtonMail without any sources or verification for his claims. This is the only source I am aware of which suggests that ProtonMail is working with US agencies.

There is a good discussion about why most of this site is nonsense here - https://www.reddit.com/r/ProtonMail/comments/jew9hv/i_want_to_switch_from_gmail_to_protonmail_but/.
There is also a discussion between the owner(s) of this site and the ProtonMail devs here - https://www.reddit.com/r/ProtonMail/comments/d58cq1/protonmail_questions_and_concerns/

Feel free to draw your own conclusions. But if Kakmakr is aware of some other evidence, I'd also be very keen to examine it.
While that blog site may not be credible, I would not necessarily trust Protonmail if you have something to hide, such as being a dissident in an oppressive country. You can use Protonmail, but you should not rely on it to guarantee your privacy. Many oppressive countries have extensive hacking programs, and there is always the risk that there is a vulnerability, or that one of their engineers gets compromised.

I am not going to recommend a specific security setup for dissidents, however, it should probably involve using PGP encryption for every message sent/received, along with the use of a Web of Trust.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
April 26, 2021, 02:13:56 PM
#12
I am extremely disapointed on how protonmail has handled this. Ive been a paying member for many years but i am really questioning my decision after this nightmare
Yeah, this is why you should really use your own domain for important matters, although this is usually a bit harder to do fully anonymously, and to correctly set up.

You can't do that without connecting the domain to a mailer service by adding TXT records to the domain.

My domain's email routing comes from Proton (I have their Plus plan with 10 addresses + 2 domains, so similar to the amount OP pays per month), and it's benevolent for them to offer such a service even if it's paid. They're the only ones I know who do this for BTC payments, and the only other way you can route emails is if you use some company like SendInBlue or SMTP.com which doesn't have the same privacy guarantees as Proton and of course you need a credit card for them.

Attempting to self-host a mailer puts your mail at major risk of not being relayed because email providers at the recipient's end don't trust you (you're not one of the "Big 3" mail providers gmail/yahoo/outlook or any of the smaller players, therefore they think you're a spammer because nobody self-hosts email servers) so they drop your mail or send it to spam.
legendary
Activity: 1946
Merit: 1427
April 25, 2021, 10:20:36 AM
#11
Not the exact scenario described by OP, but I've personally had multiple (free) Protonmail accounts randomly closed due to "abuse" (they were registered using throwaway emails + TOR), and after sending an email to their support in each instance they have unblocked the account.

I am extremely disapointed on how protonmail has handled this. Ive been a paying member for many years but i am really questioning my decision after this nightmare
Yeah, this is why you should really use your own domain for important matters, although this is usually a bit harder to do fully anonymously, and to correctly set up.


Yep, sucks, but terms are terms. Once you sign up, it means you agreed to them. They may look long and so boring to read, but they could turn out to be used against you in case of any breach.

What you did was really wrong right from registering for each of your members, especially when you are planning to introduce someone into crypto.  There's no way they are going to learn about how to secure their accounts if everything is spoon-fed to them. You could have chosen to guide them but all the registration part but should have been done by them on different devices

Lol, no shot, bucko. This is just protonmail unnecessarily being a complete pain in the ass. It's not like these terms are set in stone, they're just there to cover themselves legally. This does not mean they are morally righteous in blocking everyone who treads these rules even in the slightest, especially paying customers -- that's called being a douchy service provider, and those deserve to be called out and subsequently avoided.
(Note that we only have one side of the story here though.)

Suddenly closing your mail accounts for abuse without even allowing you to export your existing emails (AFAIK)? That's just stupid.
legendary
Activity: 2268
Merit: 18771
April 25, 2021, 04:39:09 AM
#10
Can you share source of this information?
There is an individual/group with an interest in discrediting ProtonMail (for reasons unclear), who started this site - https://privacy-watchdog.io/ - which is basically just a bunch of poorly written blog posts attacking ProtonMail without any sources or verification for his claims. This is the only source I am aware of which suggests that ProtonMail is working with US agencies.

There is a good discussion about why most of this site is nonsense here - https://www.reddit.com/r/ProtonMail/comments/jew9hv/i_want_to_switch_from_gmail_to_protonmail_but/.
There is also a discussion between the owner(s) of this site and the ProtonMail devs here - https://www.reddit.com/r/ProtonMail/comments/d58cq1/protonmail_questions_and_concerns/

Feel free to draw your own conclusions. But if Kakmakr is aware of some other evidence, I'd also be very keen to examine it.
legendary
Activity: 3542
Merit: 1965
Leading Crypto Sports Betting & Casino Platform
April 25, 2021, 04:01:29 AM
#9
I think your best defense would be to tell them that you did this to get more users for them to sign on to their site. (You actually helped them to increase their users to their site)

Also tell them that most new users find it very difficult to "register" on their site (It is more difficult than other webmail services) ....so you reduced cost to them, because less people had to be supported by their support.

Protonmail has sold out to the US a few years ago, when they started collaborating with the US 3letter agencies. (Everyone still think they are a SWISS company and they are sovereign nation)  Roll Eyes 
legendary
Activity: 2702
Merit: 4002
April 16, 2021, 09:17:27 AM
#8
The first step when they want to get into crypto currency is i advise them to make a email at protonmail since its known to be the safest. I made a lot of these accounts myself and would give them username and passwords. I did this with 10 friends and family.
The problem will lie in how you can create these accounts. If you create many free accounts, they will be suspended because you violated the terms of use and your use of a paid account will not give you a preference for that.

I don't know how the support team will deal with you, but you may not be able to access those accounts again. Try to reach out to them to see what you can do.

I thought you were using your paid subscription and create at least 5 email addresses ([email protected], [email protected], [email protected],...etc) and manage them from your main inbox.

Expect to have to complete a lot of KYC.

AFAIK, If you lose your mail email address that you used to register to your account even KYC will not enable you to regain access.
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
April 16, 2021, 09:04:25 AM
#7
If not, you will have to go through each exchange's process for recovering your accounts if you have lost access to your email address. Expect to have to complete a lot of KYC.
For each family member who cannot access their email, they will have to go to each exchange account they have and go through the exchange's process of recovering access to an account without access to the associated email address. Many exchanges will require KYC in such a scenario in order to verify ownership of the account.
If the person has already completed KYC with the exchange, this is nothing more than an inconvenience. If they have not completed KYC, I see no reason why the exchange would need to verify the person's identity, as doing so would prove nothing to anyone. If I gave an exchange proof that I am "Phil Nolan", they might know who I am but would have no way to connecting that name to the account.

IMO, any exchange should have the user sign a message from an address used to deposit coin to the exchange, or a receiving address a withdrawal was sent to, along with information about the user's "fingerprint" the exchange would have, such as ISP (or VPN provider), operating system, and browser type.
legendary
Activity: 2268
Merit: 18771
April 16, 2021, 04:06:28 AM
#6
That is for free accounts, he had the top plan, he was allowed up to 5 users and 50 aliases, and yeah on that plan you create the password on sub-account creation, the user then can change the address to whatever he likes but as far as I remember you can still reset it from your main account (I might be mistaken about the last part).
OP said he is paying $24 a month. This means he either has a Visionary account which allows him to create 5 sub-accounts on top of his own, or he has paid for 4 Professional accounts which would allow him to have 3 additional accounts on top of his own. He said he had created 10 accounts, so either way he is creating multiple free accounts and therefore in breach of the Terms and Conditions.

IIRC KYC is optional, i've seen few users who register anonymously (use Tor/VPN and don't give phone number) decide to pay "Plus" tier for a month.
I was referring to exchanges here, not ProtonMail themselves:

If not, you will have to go through each exchange's process for recovering your accounts if you have lost access to your email address. Expect to have to complete a lot of KYC.
For each family member who cannot access their email, they will have to go to each exchange account they have and go through the exchange's process of recovering access to an account without access to the associated email address. Many exchanges will require KYC in such a scenario in order to verify ownership of the account.
legendary
Activity: 3808
Merit: 4603
Contact @yahoo62278 on telegram for marketing
April 15, 2021, 11:03:07 PM
#5
Hi

I am a professional protonmail user that pays $24 euro a month.

I am a long time crypto currency advocate and I often help onboard friends and family. The first step when they want to get into crypto currency is i advise them to make a email at protonmail since its known to be the safest. I made a lot of these accounts myself and would give them username and passwords. I did this with 10 friends and family.



All of a sudden yesterday, without warning ,everybody was unable to log into there accounts. THey had a msg that the accounts were disabled due to abuse. As you must know this is a disaster since in crypto if u lose access to your email you lose access to your account. We are talking about quite a bit of money. As a pro user i thought I would get quick support and the accounts would be open within an hour. We are on day 3 now support answers 1 email every 24 hours and all the accounts are still closed. The last email i received from support was that It was against TOS would it be ok to only open 1 of the account. I am in total shock. I dont mind paying for vision for all the accounts if that is what is needed. I am extremely disapointed on how protonmail has handled this. Ive been a paying member for many years but i am really questioning my decision after this nightmare
Why wouldn't you have them create their own account since they have a free option? Makes no sense for you to risk your account and theirs by making accounts for people.

Take the advice of stompix and see if an agreement can be reached where you can at least help users to recover their money 1 by 1.
copper member
Activity: 2198
Merit: 1837
🌀 Cosmic Casino
April 15, 2021, 06:10:58 PM
#4
Yep, sucks, but terms are terms. Once you sign up, it means you agreed to them. They may look long and so boring to read, but they could turn out to be used against you in case of any breach.

What you did was really wrong right from registering for each of your members, especially when you are planning to introduce someone into crypto.  There's no way they are going to learn about how to secure their accounts if everything is spoon-fed to them. You could have chosen to guide them but all the registration part but should have been done by them on different devices
legendary
Activity: 2912
Merit: 6403
Blackjack.fun
April 15, 2021, 05:11:56 PM
#3
Oh, these titles will give me a heart attack someday, probably protonmail is the only service that would really really affect me if it goes down but as it happens it's more of a user problem

Your breached their Terms and Conditions, which you agree to when you sign up to their service. They are well within their rights to close all your accounts.
~
Not to mention creating a username and password for someone else and then giving them the details is absolutely horrendous security.

That is for free accounts, he had the top plan, he was allowed up to 5 users and 50 aliases, and yeah on that plan you create the password on sub-account creation, the user then can change the address to whatever he likes but as far as I remember you can still reset it from your main account (I might be mistaken about the last part).

I assume OP simply created email addresses and handed them over, and this triggered the security.

I dont mind paying for vision for all the accounts if that is what is needed.

If they are indeed normal users without tens of daily in and out emails and only use them for their security then a simple plan for each of them would suffice, if you want to manage them all by yourself which I don't think is a good idea you can ask them to upgrade you to a business plan and request a price tag for how many users you want.
Why old anyone the headache of being in charge of other people's emails?

Try to reach an agreement with them, plead guilty and offer to upgrade all of them to plus, it will be 40 euros, not 240.





legendary
Activity: 2268
Merit: 18771
April 15, 2021, 05:55:23 AM
#2
Your breached their Terms and Conditions, which you agree to when you sign up to their service. They are well within their rights to close all your accounts.

Having multiple free accounts is not considered an acceptable use of our service (e.g. bulk-signups, large number of free accounts created by a single organization or individual). Free accounts can also only be created and maintained by their effective users (e.g. it is not acceptable to create accounts in anyone else’s name and later transfer credentials to that third party).

Not to mention creating a username and password for someone else and then giving them the details is absolutely horrendous security. Honestly, if all your friends and family members are fine using a username and password that someone else has created for sensitive information and financial transactions, then it was only a matter of time before they lost their coins.

There is nothing anyone here can do to help. Your only option is to explain the situation to ProtonMail and hope they unlock your accounts. If not, you will have to go through each exchange's process for recovering your accounts if you have lost access to your email address. Expect to have to complete a lot of KYC.
newbie
Activity: 2
Merit: 4
April 14, 2021, 10:43:11 PM
#1
Hi

I am a professional protonmail user that pays $24 euro a month.

I am a long time crypto currency advocate and I often help onboard friends and family. The first step when they want to get into crypto currency is i advise them to make a email at protonmail since its known to be the safest. I made a lot of these accounts myself and would give them username and passwords. I did this with 10 friends and family.



All of a sudden yesterday, without warning ,everybody was unable to log into there accounts. THey had a msg that the accounts were disabled due to abuse. As you must know this is a disaster since in crypto if u lose access to your email you lose access to your account. We are talking about quite a bit of money. As a pro user i thought I would get quick support and the accounts would be open within an hour. We are on day 3 now support answers 1 email every 24 hours and all the accounts are still closed. The last email i received from support was that It was against TOS would it be ok to only open 1 of the account. I am in total shock. I dont mind paying for vision for all the accounts if that is what is needed. I am extremely disapointed on how protonmail has handled this. Ive been a paying member for many years but i am really questioning my decision after this nightmare
Jump to: