Hi all, appologies for posting this, but I think it could be of interest for GnuPG users, because ProtoMail uses the OpenPGP protocol too.
Some of you may have signed up with ProtonMail and enjoy the service, due to it's ease of use and they think they are anonymous, when using this service. At least ProtonMail says so on their main page. I have a different understanding of what anonymous email is, because not only PGP usage but also the use of anonymous email services is a hobby of mine which I use since the mid 90's. O.k. lets get started with a little test (I did a while ago): Fire up Tor browser and register at the ProtonMail site for a free email account and use as a user name a string from random.org. https://www.random.org/strings/ When ProtonMail ask you for verification (...????) of your email account select SMS and use as SMS service a free one like: https://miracletele.com/sms/?fbclid=IwAR2hQ2rZ2vyyXylupj3JhJT4AWu4V4CEjX3ACvRSpryD5cMBreoW4La03qE I just choose for a new test, which I did a couple of minutes ago, Poland and received there the SMS https://miracletele.com/sms/receive/PL After entering the required verification code ProtonMail says that either the email address or the phone number is already taken and then denies the account creation. Since the user name string can't be taken already it tells me that they keep track of SMS numbers. If you choose for example the U.S. SMS number then ProtonMail says that this number was used to many times and also denies the account creation. To come to an end, I do consider this verification procedure *not* anonymous and wonder why ProtonMail does not use captchas to see if a human registers. Regards Stefan _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
