ProtonMail Continues To Be The Safest, Most Secure, and Private Email Provider
Last evening I saw this article link from Steiger Legal, on a blog run by Swiss lawyer Martin Steiger, in which he published a damning allegation that my beloved ProtonMail, the end-to-end encrypted email provider, was:
Email service provider ProtonMail, based in Switzerland, offers assistance for real-time surveillance: Voluntarily!
Steiger goes on with writing a factually incorrect article about ProtonMail on his blog, alleging, among other things, that “ProtonMail voluntarily offers assistance for real-time surveillance.”
Fortunately ProtonMail responded with, in part, this clear statement:
So that there can be no ambiguity: ProtonMail does not voluntarily offer assistance as alleged. We only do so when ordered by a Swiss court or prosecutor, as we are obligated to follow the law in all criminal cases. Furthermore, ProtonMail’s end-to-end encryption means we cannot be forced by a court to provide unencrypted message contents.
That’s crystal clear in my view. Just to restate that last sentence, even if a prosecutor was able to scrape metadata about which user emailed to another person(s), the contents of the email could not be decrypted by ProtonMail and provided (and a government or intelligence service could not as well without massive computing power and a lot of time!
Unfortunately I had seen this article but not ProtonMail’s rebuttal before emailing their support and tweeting it to @ProtonMail, they responded to my tweet:
Hi Steve, these allegations are false, and have also been refuted by the Swiss public prosecutor earlier this week. We have responded on our blog here with more details: https://t.co/xdz2xfF4pu
— ProtonMail (@ProtonMail) May 31, 2019
I then responded and apologized for being rash and not investigating fully before tweeting:
Thank you for the clarification! Had not yet read the HN thread nor your post. Should have gone there first … apologies for that.
Note: With all the recent breaches and revelations that mobile apps are “phoning home” with metadata, my paranoia is accelerating. https://t.co/7XAkEEKD8B
— Steve Borsch (@sborsch) May 31, 2019
The “recent breaches” and “phoning home” items I referred to in my reply to ProtonMail were:
- Brian Krebs’ scoop that First American Title company exposed 885 million Americans home purchase documents (Note: They were my title company when we bought and closed on a new house out here in California only six months ago).
- Washington Post article about how their privacy experiment showed 5,400 hidden app trackers guzzled our data — in a single week on the reporter’s iPhone.
Is it no wonder I rushed-to-judgement for a secure email service I rely upon to keep my emails to family and friends — and the PDFs, Word docs, and Excel spreadsheets with vital data in them — secure from prying eyes?
Thank you, ProtonMail team, for helping to keep us safe and secure!
NSA Loses Control of THEIR Hacking Software and Apple’s Tim Cook Was 100% Right
Remember when Apple’s Tim Cook wouldn’t put in a backdoor to iOS so the FBI could gain access to the San Bernardino terrorist’s iPhone? THIS IS WHY!
If the NSA can’t control software as destructive as this, how can any government guarantee a compromised operating system won’t get in to the wild? (One guess: they cannot and Tim Cook was 100% right).
Read this article in The New York Times as it tells the story of the NSA’s software loss well.
We must have end-to-end encryption on our devices. Period.
Why We Should Accelerate the Use of Nuclear Power
Yesterday’s post about our solar installation got me to thinking more deeply about the overall problem of renewables and that they are unlikely to be able to keep pace with the accelerating demand for energy.
The only place I differ with many environmentalists is that, while renewables make so much sense and we need to embrace them, I believe we also need to fully utilize nuclear energy. It turns out that there are ‘safe’ alternatives — and emerging innovations — to huge nuclear power plants and the threat of nuclear accidents like Three Mile Island or Chernobyl. Doing so can ensure we have a steady, reliable, demand-meeting, nighttime using, energy grid that doesn’t spew carbon in to the atmosphere.
Heck, even Stewart Brand, a guy who helped shape environmental consciousness back in the 1960s and 1970s, began calling for nuclear energy back in the early 2000s to be rekindled and used once again:
Brand calls for the rapid deployment of a new generation of nuclear power plants to combat global warming, arguing that technological advances have made nuclear energy safer and any potential danger from nuclear waste pales compared to the damage inflicted by burning coal.
“The air pollution from coal burning is estimated to cause 30,000 deaths a year from lung disease in the United States, and 350,000 a year in China,” writes Brand. “A 1-gigawatt coal plant burns three million tons of fuel a year and produces seven million tons of CO2, all of which immediately goes into everyone’s atmosphere, where no one can control it, and no one knows what it’s really up to.”
Co-founder and former CEO of Microsoft, Bill Gates, has also called for nuclear energy and has helped drive forward the current bipartisan legislation surrounding energy research:
If dollars were votes, newly reintroduced legislation aimed at boosting nuclear energy innovation and advanced reactors would be a winner, thanks to Microsoft co-founder Bill Gates’ strong endorsement today.
The world’s second-richest person is the founder and chairman of Bellevue, Wash.-based TerraPower, a startup that’s working on next-generation nuclear fission reactors. Back in December, Gates listed nuclear energy research as one of his top policy priorities, and he reportedly followed up by promising lawmakers he’d invest $1 billion of his own money and line up another $1 billion in private capital if federal funds were approved for a TerraPower pilot project in the United States.
In the past, Gates has also tweeted this and others that are similar:
“Nuclear is ideal for dealing with climate change, because it is the only carbon-free, scalable energy source that’s available 24 hours a day.” – Bill Gates on why he believes in the potential of nuclear. https://bit.ly/2DSSXUS
WANT TO KNOW MORE ABOUT WHY NUCLEAR ENERGY NOW?
Here is a very good overview from Vox media that is worth a few minutes of your time to watch:
We are having solar installed on our new home. In less than five years our cost for electricity will be nearly zero
Solar power generation is awesome … especially when it enables a person’s electricity consumption to become nearly free within a handful of years. Solar is a smart investment for us personally in our new home and could be for you, too.
BUYING A SOLAR INSTALLATION WAS A NO-BRAINER FOR US
When we moved from Minnesota to California in June of 2018, we knew costs for everything would be higher. We expected that any new home we would buy would cost a lot more (our new home cost nearly double the value of the home we sold back in MN), but what we did not expect was the high cost of electricity!
In Minnesota we had Xcel Energy whose cost for electricity around-the-clock was 11.7 cents per kilowatt hour. Our new home here in southern California happens to be located in San Diego Gas & Electric‘s (SDGE) region, and it turns out that their electricity cost is the highest in the nation!
SDGE’s pricing plans are numerous, but the year-long average per-kilowatt hour cost — which prospective solar install companies used to calculate our solar system size — was going to be roughly 32 cents per kilowatt hour, nearly 3X what energy cost us when we were living in Minnesota.
On almost all of those SDGE plans there are off-peak, super off-peak and on-peak rates (and one plan even has a cheap car-charging rate from midnight to 6am of only $.09 per kilowatt hour). The on-peak rates are in effect during the summer months — which run from June 1 – October 31 during the 4-9pm time-frame — and what stunned us was the rate during those five hours each day can cost up to $.53 cents per kilowatt hour!
Because of that unexpectedly expensive energy, a few weeks after we closed on our new home we immediately set about learning everything we could about solar, what we needed and what it would cost. We then set about finding the four “best” solar install companies and have them propose a solar panel solution. We selected the best installer for our requirements, signed-up, and everything is in motion.
Within the next several weeks our new solar panel installation will be complete on top of our new home and, based on our projected energy use for the year, our break-even on our solar investment is expected to be 4.8 years. After that our only cost for electricity will be approximately $12 per month for the SDGE “interconnect fee,” which covers the electric meter on our house and account management by them.
Energy rates continue to accelerate and I’ve read numerous articles on the projected 20 year rates that SDGE has received agreement on with the California Public Utilities Commission (CPUC). However, this article from less than a month ago said this:
If approved by CPUC commissioners, average electricity rates in SDG&E’s service territory would increase from 26.25 cents a kilowatt-hour this year to 27.4 cents next year, a rise of 4.54 percent. For a typical residential customer living in the company’s inland climate zone and using 500 kilowatt-hours a month, a bill during a summer month would increase $5.59, according to SDG&E estimates.
I’ve seen SDGE’s own projections and 4.5% per year price accelerator is expected. So as each year passes, our investment in solar energy will pay off even faster and continue to look like a very smart move on our part. But solar (or wind) alone will help combat climate change, but even if every one of the 2,500 homes in our development went solar, it wouldn’t make a serious dent in the emission of greenhouse gases in to the atmosphere.
For our system being installed, our estimated net electricity cost savings over 25 years will be over $82,000 (assuming a 4% per year utility price escalator). That’s why it was a no-brainer for us to get solar!
Obviously our solar generation will go back in to the grid and offset all of our energy use, including at night. In fact, we’ll be adding about 30% more energy back in to the grid than we consume, just in case we end up with two electric cars at some point and need that extra amount to offset an increase in our consumption.
WHAT ABOUT ENERGY STORAGE?
We drive hybrid cars (and I’m getting a plug-in hybrid in two weeks that will cover 90% of our driving needs on electric) since both my wife and I believe in climate change and that the United States must move forward toward a clean energy future and away from carbon emitting fossil fuels. Charging my PHEV from solar will be easy and free in the near-term, but with energy demand increasing monthly in the United States and around the world, we at least considered buying battery storage to run essential systems (e.g., the refrigerator and some lights).
As such, we also looked at the addition of solar energy battery storage in our garage. Unfortunately batteries are far too expensive and not worth the investment currently (e.g., one Tesla PowerWall is $12,000 and we’d need four of them to be completely energy self-contained) so we’re holding off on storage, perhaps permanently.
As part of our analysis and reading, my wife and I also talked about large-scale battery storage, just in case renewable energy creation does reach critical mass here in California and more energy from solar goes back in to the grid. What might happen if SDGE begins to embrace battery storage for solar-produced energy?
The green energy storage problem is too expensive right now, but we’ll keep an eye on it.
TRUMP & THE GOP DENIGRATING RENEWABLES
It pisses me off that the Trump administration continues to try to gut clean energy spending with his proposed budget that does exactly that. It is clear that this current administration, and Republicans who support Trump’s position on clean energy, continue to position climate change as a “hoax” and the oil & gas industry as “the future” of energy.
Remember when one of the key talking points for the GOP (for decades) was toward less dependence on foreign oil? That wasn’t positioning for renewables, that was positioning for more drilling (and now for fracking shale to squeeze out oil and get natural gas).
Do either Trump or the GOP think that all of their own base of supporters and constituents are too stupid to think for themselves? Such idiots that they don’t believe in science? Though I don’t think President Trump is even capable of thinking deeply about any issue, Republicans should at least realize that even corporations are calling for action on climate change and they’d better stop being dumbf*cks, sucking-up to the oil & gas industry.
Also, I’m glad I’m not alone in my outrage and found this hilarious:
Don’t Be Un-American
I’m posting this since I’m becoming increasingly concerned about the growing negative attitude toward immigrants. Unless you are a native American, everyone else is an immigrant (though it could be argued that, since Columbus ‘discovered’ America, we were conquerors). Be nice, kids and adults.
According to a 2008 Hakes auction, this superhero item was released as a school book cover in 1949 and was distributed by the The Institute for American Democracy Inc.:
Trump and Big Oil: Are They Conceding Climate Change?
I came across two fascinating articles today that actually make me even more concerned about what kind of world we will be leaving to our children and future generations:
TRUMP ADMINISTRATION SEES A 7-DEGREE RISE IN GLOBAL TEMPERATURES BY 2100
“Last month, deep in a 500-page environmental impact statement, the Trump administration made a startling assumption: On its current course, the planet will warm a disastrous 7 degrees by the end of this century.”
THE OIL INDUSTRY TAKES ON CLIMATE CHANGE DESPITE TRUMP’S ROLLBACK
“A tangible shift over the last two years is sharpening among the world’s biggest oil companies, including in America, to more readily acknowledge and address climate change.
The bottom line: The trend, fueled by investor and lawsuit pressure, is underway regardless of, and partly in response to, President Trump’s retreat on the matter.”
As sea levels rise, coastal areas slowly become uninhabitable, crop yields mean food shortages, economic losses accelerate and a global refugee crisis unfolds, the climate change naysayers will surely forget their short-term denials.
It’s likely too late already to reverse the changes by the end of this century, but if we don’t continue to discover ways to stop the burning of fossil fuels we can guarantee we’ll make this planet uninhabitable itself.
For Further Reading
- NASA Global Climate Change:
- Washington Post: One of the most worrisome predictions about climate change may be coming true
- National Oceanic and Atmospheric Administration: Global Warming and Hurricanes: An Overview of Current Research Results
Dear young people: Don’t Vote
This country belongs to whomever shows up. And do you know who shows up for every election? Old people. But only 46% of people 18-34 years old voted in the last election.
Google’s Motto ‘Do The Right Thing’ is for Them and Not Us — Especially with Chrome 69
For years I’ve been a staunch supporter and trusted Google, loved their services like Google Suite, Gmail, Google Voice, and others, all while admiring their machine learning and artificial intelligence research. One thing I specifically trusted was Google’s Don’t Be Evil motto which was baked in to their Code of Conduct for the company.
Then, back in May, I became troubled when they removed Don’t Be Evil and replaced it with Do The Right Thing. At the time I joked with a friend of mine asking him, “Is ‘do the right thing’ for us, or for Google?”
It appears the motto change was focused on Google.
The biggest shift away from that “Don’t Be Evil” motto that Google has ever done just happened. Though this thread started on Hacker News a few weeks ago, a cryptographer and professor at Johns Hopkins University whose blog I follow, Matthew Green, wrote a post entitled, Why I’m Done with Chrome. In it he said:
A few weeks ago Google shipped an update to Chrome that fundamentally changes the sign-in experience. From now on, every time you log into a Google property (for example, Gmail), Chrome will automatically sign the browser into your Google account for you. It’ll do this without asking, or even explicitly notifying you.
Green also sees this move as having serious implications for privacy and trust. Do you think!?! My trust-level in Google has plummeted. So much so that I have now shifted 100% back to Mozilla’s Firefox browser and away from Chrome. I will no longer use Chrome until they change the way they infiltrate my privacy.
SO WHAT EXACTLY DID GOOGLE DO?
Google’s recent update to Chrome (browser version 69) has done something unprecedented in their history:
a) Once you login to Chrome as a user, Google can (and does) track EVERYTHING you do in the browser. Every site you view, every login. The change? If you login to any Google service in the Chrome browser, Google will log you in to that browser to give them access to everything you’re doing within Chrome.
b) As a user you can no longer delete ALL the cookies in your browser. Google’s cookies remain no matter what you do. (Hat tip to Christoph Tavan for discovering this breach)
c) Google is increasingly using “dark pattern” user interfaces in their services to hide or obfuscate what something does when you check, uncheck or choose an option. In ExtremeTech’s article Chrome 69 Is a Full-Fledged Assault on User Privacy, they describe how Google’s dark pattern user interfaces obscure their intent to get you to enable them to do the right thing for Google:
These changes are all part of what’s known as a dark pattern. If a pattern is defined as a regularity in the world (designed or naturally occurring) that repeats in a predictable manner, a dark pattern is an attempt to trick users by designing interface options that look like the options users expect to see.
I, for one, don’t want to research, study or figure out how a company I trust might be trying to trick me in to do something that is in THEIR best interest…and not mine. I’d rather pay for offerings and am growing tired of “being the product“.
- GOOGLE NEWS COVERAGE: FIND IT HERE (yes, I’m aware of the irony)
- THE VERGE: Google criticized for Chrome change that logs users in without telling them The latest version of the browser, Chrome 69, is pushing users into sharing more data, say critics
- WIRED: A Seemingly Small Change to Chrome Stirs Big Controversy
- THREAT-POST: Google’s Forced Sign-in to Chrome Raises Privacy Red Flags
- INQUIRER: Chrome 69 secretly logs you in to Chrome Sync when you visit a Google site
- SECURITY RESEARCHER S. BÁLINT: Chrome is a Google Service that happens to include a Browser Engine
Millennials Disappointed in Business & Not Prepared for Industry 4.0
Catching up on news and information this weekend I was intrigued when I came across this new 2018 Millennial Survey by the consulting giant Deloitte. It confirms many of the things about the Millennial generation that I’ve been observing, especially amongst those I know personally. Almost without exception the Millennials I know are exhibiting enormous distrust in business and bemoan the lack of ethics, morals, values and the increasing despair they feel when it comes to both business and government.
Add to that the low wage growth globally — all while the top earners accumulate most of the wealth like those here in the United States — and that adds to the despair. Who wouldn’t be angry if you had accrued huge student debt, housing prices had exploded so high that you couldn’t even afford to buy your first home, and you watched as bankers, business leaders and others raked in most of the monetary spoils in the economy?
While you can download and read the report yourself — which is focused on business and not government but is a fascinating read nonetheless — the executive summary sums up the essence of the survey and its results:
Following a troubling year, where geopolitical and social concerns gave rise to a new wave of business activism, millennials and Gen Z are sounding the alarm, according to Deloitte’s seventh annual Millennial Survey. Millennials’ opinions about business’ motivations and ethics, which had trended up the past two years, retreated dramatically this year, as did their sense of loyalty. And neither generation is particularly optimistic about their readiness for Industry 4.0. Their concerns suggest this is an ideal time for business leaders to prove themselves as agents of positive change. The findings are based on the views of more than 10,000 millennials questioned across 36 countries and more than 1,800 Gen Z respondents questioned in six countries. The survey was conducted 24 November 2017 through 15 January 2018.
Millennials recognize that we’re all in this together and that cooperation is key to our survival, growth, peace, and brings meaning to our lives.
This survey was across 36 countries but thinking just of the United States of America, democracy doesn’t work if it’s every person for his or her self. When business regulations mean it’s OK to do just about anything if it means increasing the bottom line. When our country’s leader moves in the opposite direction on climate change, the environment, while lying like a rug and disparaging our intelligence agencies, journalism, other countries, and everything else but himself.
Millennials are done with this crap (as is 50% of the country) but they are in the driver’s seat when it comes to affecting change: They’ll inherit this country and are the ones who can remake it. They will demand business puts on their big-boy pants and realizes we’re all in this together, and act like it in all dealings. I do believe this next generation will make America great again by demanding we bring back compassion, truth, ethics, values, and a vision of global cooperation.
Supreme Court Rules Police Need a Warrant to Track Our Mobile Phones
This morning the U.S. Supreme Court ruled that police must obtain a search warrant in order to get access to cellphone location information.
This is HUGE and a big win for anyone who cares about intrusive, mass, warrantless surveillance that is, by any measure, illegal searches and (data) seizures.
Chief Justice John Roberts sided with the “liberal” justices (ones I instead use the adjective “strategic” to describe). This National Public Radio (NPR) story In Major Privacy Win, Supreme Court Rules Police Need Warrant To Track Your Cellphone put it succinctly:
The majority declared that the Fourth Amendment guarantees an expectation of privacy and that allowing police to obtain moment-by-moment tracking of an individual’s cellphone location is a kind of surveillance that the framers of the Constitution did not want to occur without a search warrant.
The chief justice said that this sort of tracking information is akin to wearing an electronic ankle-bracelet monitoring device and that the citizens of the country are protected from that kind of monitoring unless police can show a judge that there is probable cause of a crime that justifies it.
After the 2014 Edward Snowden revelations about mass, warrantless surveillance of U.S. citizens — which was being performed by the signal intelligence focused National Security Agency (NSA) — was an enormous concern both domestically and internationally as the NSA’s clear mission was to focus only on foreign signal intelligence while excluding spying on American citizens. The outcry domestically and internationally reached a fever pitch…but little was revealed on what was being done to stop mass, warrantless surveillance.
Then some of Snowden’s document releases were published and it was revealed that all of this vacuumed-up data had a “Google-like search engine” that could be used to scour all data for an individual or group. Somehow the Drug Enforcement Agency (DEA) and other law enforcement agencies were being provided with data that couldn’t be challenged in court due to “national security concerns” so the extent of data being swept-up has never been completely understood.
The bottom line? The accelerating “surveillance State” was already out of control and Congress seemingly turned a blind eye toward it and extended its capability.
Though it has taken too many years for the Supreme Court to weigh in on the Constitutionality of warrantless surveillance, the explosion in law enforcement’s use of cellphone tracking devices like Stingray, meant that warrantless tracking by police agencies was low-hanging-fruit for the court to address.
In my mind it’s too little, too late…but it’s a start.