explicitClick to confirm you are 18+

Anonymity & Email #MindsGaming

#MindsGamingJan 13, 2020, 4:56:15 PM
thumb_up48thumb_downmore_vert


Let me start by saying that security and anonymity on the web is a users responsibility not a websites. You should read all sites terms of service and make your own informed choices on what sites you use, and how you communicate on the web.

Here we will be doing some simple debunking, and providing users with valuable information that may or may not come in handy in the near future, as when email verification comes to Minds fully you may want to remain as private as possible while using the network.

As I talked about in my last blog “Cargo Head” Minds will be starting email verification for users, we still do not know if current users will be grandfathered into the system, making it so they have no need to verify an email (I’d place my bet here) or have to verify and set up and email once this is implemented. In case older users are not grandfathered into the system we want to provide you will information on how you can remain as “anonymous” as possible.


Options


- Basic

The most basic way that the majority of users would feel comfortable with would be to use a VPN to sign up for your email service, and not to use email services that require personal information like your phone number for example.

- More Secure

Using a an encrypted browser along side VPN makes your masking top notch, but may come with issues on the server as they are not a supported browser for the network. TOR or a DAT protocol browser like beaker browser  along side a VPN may be for you.

-Most Secure

The most secure way to remain anonymous on the web is to not use the internet. The interweb by design is not an anonymous entity and retaining and accomplishing anonymity is something I would compare to a game achievement.


Email Providers


- Proton Mail

Proton Mail is a Swiss based mail server that promises you privacy and security with encryption, and backed by Swiss privacy laws.

Data Collection

Our company’s overriding policy is to collect as little user information as possible to ensure a completely private and anonymous user experience when using the Service. We also have no technical means to access your encrypted message contents.

Service's user data collection is limited to the following:

Visiting our website: We employ a local installation of Matomo, an open source analytics tool. Analytics are anonymized whenever possible and stored locally (and not on the cloud).

Account creation: It is not necessary to provide personal information in order to create an account, but you may provide an external email address for notification or password recovery purposes. Should you choose to provide it, we do associate another email address with your account (for password recovery, or notifications). The legal basis for processing is consent and you are free to remove that data in the account panel of your ProtonMail account.

Account activity: Due to limitations of the SMTP protocol, we have access to the following email meta sender and recipient email addresses, the IP address incoming messages originated from, message subject, and message sent and received times. We do NOT have access to encrypted message content but unencrypted messages sent from external providers to ProtonMail are scanned for Spam and Viruses to pursue the legitimate interest of the protection of our users. We also have access to the following records of account activity: number of messages sent, amount of storage space used, total number of messages, last login time.

Communicating with ProtonMail: Your communications with the Company, such as support requests, bug reports, or feature requests may be saved by our staff. The legal basis for processing is our legitimate interest to troubleshoot more efficiently and improve the quality of the ProtonMail service.

IP Logging: By default, ProtonMail does not keep permanent IP logs. However, IP logs may be kept temporarily to combat abuse and fraud, and your IP address may be retained permanently if you are engaged in activities that breach our terms and conditions (spamming, DDoS attacks against ProtonMail infrastructure, brute force attacks, etc). The legal basis of this processing is our legitimate interest to protect our service against nefarious activities.

Your login IP address is also kept permanently (until you delete it) if you enable authentication logging for your account (by default this is off). The legal basis of this processing is consent, and you are free to opt-in or opt-out at any time in the security panel of your ProtonMail account.

Find More On: https://protonmail.com/privacy-policy

Start an account: https://protonmail.com/signup


- RISEUP.net

RiseUp also offers users encryption and provides users with an email that has no retained I.P address. The service can be used inline with TOR as well and they keep their community informed on network security using a canary statement. You may need a referral code to use the network however.

Information we choose to not retain

IP addresses

No IP addresses of any user for any service are retained.

Browser fingerprint

Your web browser communicates uniquely identifying information to all web servers it visits by allowing the site to know details about your operating system, browser information, plugins installed, fonts installed, screen resolution, and much more. We do not retain any of this information.

Message metadata

Even when using end-to-end OpenPGP encryption for email messages, the email “subject” and routing information regarding the message “from” and “to” are seen by our servers in the clear when the email initially arrives. This is due to inherent limitations in the email protocol and in OpenPGP.

How we store and share collected information

Encryption

All of your data is stored in an encrypted format, and only Riseup has the keys to decrypt the data. Additionally, as of March 2017, the storage for all new accounts is personally encrypted. Riseup is unable to read any of the stored content for these accounts. Any user with an account created prior to March 2017 may opt-in to personally encrypted storage.

Find Out More: https://riseup.net/en/privacy-policy

Create An Account: https://account.riseup.net/user/new


Myths


Some may say that Minds can obtain your I.P breaking your anonymity on the site if you provide them with your email, to this I’d have to remind you that Minds could already have your I.P if you are not using a secure way to access the site (VPN, TOR, DAT). Minds would require a warrant to obtain your I.P address from your email host and maybe a lengthy battle depending on your provider.

Currently Minds hashes and salts all users I.P addresses while they are logged into a session and does not save these hashes on the server when you are not logged into the network (or so we are told ;).

So looping back around to “Cargo Head” I do not think that providing an email breaks your anonymity on a network unless you have created an email that requires this information, on an email provider that gives out this information (or sells it).

Thanks as always for reading please share this with your subscribers and feel free to comment in A thread below on the topic at hand, we hope to see you for our next one and hope this helps users that may be iffy about providing A personal email to the network (If it even requires current users to do this).


Related Blogs:

Minds Wants I.P Now? [Users beg for breach of privacy #Op #openMinds] - Updated