Na Severu ... a Czech web full of SOTT

Mikkael

Jedi Master
FOTCM Member

I was thinking even if things are just about to start to be more 'interesting' in Czechia we are not likely attract Sauron eye. There could come article which might though, but it never happened so far and probably never will until perhaps some heavy crackdown on alternative news. I was bit worried that I would loose freedom of what material to choose for publishing, not only from one category, but that's cleared now. So yes, let's find cheaper hosting.
 

Mikkael

Jedi Master
FOTCM Member
@rylek I was glad to discover your newest translation from C.J. Hopkins, so I've began to read and almost choked on coffee with the first sentence. He is master how to dish you frightening news with flavor of comedia. Nice work man.
 

rylek

The Living Force
FOTCM Member
Hi guys, sorry for chiming in late.

I do agree with the suggestion to move our hosting to a CZ company. As anka pointed out, based on our publishing profile it's unlikely we're on anyone's 'take-down' list. This is not likely to change in he near future either. So yes, let's save some pennies and support the CZ private sector with moving to a local hosting company.
 

Mikkael

Jedi Master
FOTCM Member
I came across an article where author argues that proton mail has ties to intelligence circles and lists its various weaknesses and a major flaw in its design in some detail:

The Flaw​

The inherent security flaw is introduced with the ProtonMail WebMail portal, the normal web application that we’ve all visited in the browser.

And the flaw is that it is relatively simple for ProtonMail to serve you a modified version of their web application or the underlying PGP implementation. There is no way to cryptographically verify that you are getting the official version of the web client as stored in their repository.

If PM decides to act maliciously, they can do so undetected. Unlike the mobile application who’s binaries get cryptographically signed to match the official codebase, there is no method to verify a web application.

Once they have your password, they can use it with the private key that they have stored for you to decrypt any communication you’ve ever made through ProtonMail.

Additionally, they can spoof email messages to others on your behalf.

PM also has a Encrypt-To-Outside feature, which allows you to send encrypted email to other email providers.

Not only are PM servers involved in this, but a third party, like Microsoft Outlook.

It works by redirecting the recipient to a PM page in which they type a encryption key that they should have previous outside knowledge of, and this key decrypts the message. They also receive the PM sender’s public key so that they can write a reply back.

This leaves many open attacks:
1. PM can once again replace the web application or PGP software to recover the original message and passcode.
2. PM can also give the recipient a different public key, one that they have the private key to, retrieving the reply for themselves, which they can once again reencrypt with the sender’s public key – completely undetected.
3. The third party mail server is free to do the same, sending their own URL, pretending to be PM, allowing them to harvest the encryption key, which allows them to get the original message. Once they have the original message, they can use it to derive the private key. Then they are able to encrypt the reply back to the sender using their public key.
full article>
 

rylek

The Living Force
FOTCM Member
Speaking of ProtonMail, I wanted ask if we need to keep the professional package we're currently on, or if we could downgrade to the 'Plus' version? Or if we're going to make ProtonMail a secondary email we could just keep the free version.
 

anka

The Living Force
FOTCM Member
Speaking of ProtonMail, I wanted ask if we need to keep the professional package we're currently on, or if we could downgrade to the 'Plus' version? Or if we're going to make ProtonMail a secondary email we could just keep the free version.
Good point. I think we can downgrade and keep the free version.
 

anka

The Living Force
FOTCM Member
During our chat I forgot to mention that the transfer of our website is in full swing. There is a waiting period which ends tonight and tomorrow the domain name will be registered under Wedos. Then I will arrange the database transfer and will let you know when that happens because it won't be possible to edit anything. After that we will have new access details which I will send you by email. Stay tuned... :cool2:
 

rylek

The Living Force
FOTCM Member
@anka The Corbett biosecurity article is ready for PR when you get a chance. Thanks! ;-)
 
Top Bottom