![protonmail-DDoS[1].jpg](https://i.imgur.com/hoPnR9L.jpg "protonmail-DDoS[1].jpg")
Anybody suffering for using this service that was bound to be attacked for its pro-privacy policies? I feel kind of stupid for using it for everyday use.
Also, anyone confused/mad they paid the $6000 ransom?
>buy OVH VPS
>sign up with ProtonMail email
>can't access it, pissed.
>can't change primary email without verification from ProtonMail email
>also a lot of important email conversations going on
>>51234408
Same here.
Made it my main mail provider and now can't access shit..
They look like amateurs right now.
I'm not a professional when it comes to IT security but shouldn't they be prepared for DDoS attacks AND have a backup server with another ISP?
>>51234483
Yeah, I thought they were a little more professional than this to be honest. Now they have a funding campaign for $50,000. Why do they even need people to help donate? They used all their $550,377 from IndieGoGo (which was well over their asked amount) and then ask for more once they pay a ransom? A little infuriating. How much are they paying on servers anyway? If I'm not paying for email, then who is? They just aren't looking as solid as they were before.
This is why you buy your own domain name. I registered mine for 10 years, and if I ever had issues with a mail provider (not likely since I run my own mail server) I could just change the MX records to another provider. Since I've still got a legacy Google Apps for Business account my downtime would only be limited to whatever the TTL I set on my current MX records is (six hours, which is withing the 24 hours the RFC specifies for email servers to keep retrying to deliver.)
>>51234571
You know whats funny? That is exactly what I wanted to put on my OVH VPS too. I was going to try out Mailcow and just use my own domain. So now I just sit, and wait.
>>51234571
This is actually a great idea. I was thinking about renting a VPN for a long time now and being able to run my own mailserver then seems like the final reason for me to do so.
>>51234408
its the isp that forced them to pay the ransom
>>51234666
Here's some protips:
- You must set up SPF and DKIM. It's not hard to do and your mail is going to get marked as spam if you don't.
- Use a Realtime Blackhole List (RBL) and reject emails with malformed headers. Those two things stop 99% of spam on their own. After you get those set up, you can add in SpamAssassin if you feel the need. Or if you're particularly prone to spam, you can experiment with things like greylisting as you get to know your setup a bit better.
- Register your domain with a reputable registrar, and make sure you're using 2-Factor Auth on the email you set on your registration. Your domain is your lifeblood here, and you don't want anyone to seize it maliciously. You also don't want to use a registrar that might fuck you over. Read over what happened with the guy and the @N twitter handle so you know what to avoid. For example, fuck GoDaddy.
>>51234921
Oh, and use fail2ban to monitor everything. It's fucking great and configured properly it'll stop damn near any type of automated attack against you. Except DDoS, of course.
>>51234408
>pay $5k ransom
>wonder why the criminals keep extorting you
They hit the isp guys chill out.
>>51234408
Why the fuck isn't at least their site behind mitigation services like CloudFlare?
>>51234921
>>51234942
Thanks for the tips, I will look everything up tomorrow.
Probably I should write protonmail an email about what I learn setting up my own mailserver? (That's funny because they wouldn't even get the mail)
Also, fuck Switzerland. They don't provide more security than other countries. Netherland is the place to stay safe.
ghostmail?
>>51235078
CloudFlare doesn't work like that. They're a reverse proxy that acts like a CDN your website. Such a thing doesn't exist for email. You can house your service at a location that can handle the attack, but you're going to pay out the nose for that.
>You’ve been criticized by people in the security industry for paying a ransom. How much did you pay? And why did you feel it was necessary to pay?
>By 3:30PM Geneva time on the 4th of November, the attack had taken down both the ISP and the datacenter, impacting hundreds of companies and causing hundreds of thousands of dollars of damage. Even the ability of the ISP and datacenter to remain in business was being called into doubt. At this stage, all the impacted companies forced us to pay because the collateral damage was too high. I don’t agree with the decision, but I can’t really say I blame them for that.
>>51234969
They paid 15 Bitcoins. That would be $6000.
>>51234408
Hi David Cameron
yeah i was in the process of downloading my work schedule for next week when they got hit with the 2nd ddos. Luckily it was before my shift so i could give them my other email. Totally fucked though I definitely wont be going back to protonmail.
Publicly announcing you paid ransom after a few hours of being ddosed is fucking ridiculous.
>>51235628
Fuck off, faggot. Protonmail is better off without people like you.
>>51234921
you could just install mail-in-a-box.
>>51235667
Have fun with intermittent email i guess. It takes literally nothing to dos today, you can buy those services for less than $6000.
>>51235731
you really have no idea what the problem was.
>>51235728
Yeah, blackboxes that provide a service you rely on without you understanding how are great.
>>51235790
Let's see.
>Protonmail is DDoS'd at 100Gbps, probably by some skids via a reflector attack.
>Protonmail gives them 15 Buttcoins to "Please, stahp."
>The skids do not stahp.
That about sum it up for you?
>>51236167
>still not knowing what happen
gtfo
>>51236763
They DDoS themselves and get $50k for it.
Good plan.
>>51235191
No, I understand that, I don't mean their mail service, I mean protonmail.com. CloudFlare has some pretty complex DDoS mitigation patterns and can basically defeat all (known) modern DDoS vectors. They might as well keep protonmail.com up as a base for giving information instead of forcing people to google it and look for their twitter page/etc...
>>51236988
CloudFlare beats DDoS attacks through brute force. Their infrastructure is large enough that pretty much nothing can cause them an issue. Two years ago they shrugged off a sustained 120Gbps attack, and they've got a much larger infrastructure now. They are way, way, bigger than ProtonMail can ever hope to be. There's a reason why CloudFlare Enterprise averages $5,000 a month.
>>51237116
Their business tier offers the same DDoS mitigation for $200/month. I know I'm starting to sound like a CF shill (there are others, Incapsula, etc), but $200 a month is nothing to protect a high-trafficked site that is the front of your business.
Although I will say that they seem like a pretty unlikely friggin' target. Can't believe they payed the ransom though, but I understand they were pressured to.
> all the CloudFlare shills in this thread
> buy our protection, or else
So now we know who's really behind these attacks.
Either that or some agency that has an "arrangement" with CF for MITM fun happy game.
what is a good alternative to protonmail?
>>51237182
>Their business tier offers the same DDoS mitigation for $200/month
No, it doesn't. They offer additional protection via BGP for enterprise customers. Without that you can circumvent CloudFlare entirely if you're slick enough. Also, apparently they've sustained attack up to 500Gbps, which is fucking insane.
>but $200 a month is nothing to protect a high-trafficked site that is the front of your business.
I agree, but that wont work for an email provider. Again, CloudFlare is a caching reverse proxy. That is fundamentally incompatible email. If ProtonMail began utilizing CloudFlare the most they would be able to do is provide access to your emails that have already been delivered. And they would alienate a large portion of their userbase because the same people that use ProtonMail are the same people that would be paranoid about CloudFlare being hijacked by the NSA and MITMing their service.
>>51237317
hotmail
>>51237317
Tutanota
>>51237331
I didn't realize offer additional mitigation protection via BGP, they must have stronger ties to upstream providers than I thought.
Also, like I said, these comments have nothing to do with their email service, just their website. Finding info about their outage through Twitter and some blog they just spun up and tech articles fragments the information and makes it harder to follow. That's all I'm really trying to say.
>>51237479
Half the internet is using CF, of course they have good connections.
>>51237503
I openly admit that I'm mostly retarded, and of course that makes tons of sense. For some reason I didn't assume they could push route changes to partner providers for some reason. Thanks for the info, anon.
they are back up btdubs
The King is back.
The good thing about the DDoS is, that all those hipsters who only had a Protonmail account because it was cool, will now go back to Gmail and it will be a provider just for tinfoil neckbeards again.
THEY'RE BACK
H
E
Y
R
E
B
A
C
K
>>51238643
Tinfoil neckbeards run their own mailservers.
>>51238739
Elliot uses Protonmail and he's the best hacker in the world...
https://protonmail.com/blog/protonmail-mr-robot-secure-email/
>>51238777
I'm sure there are billionaires that use AOL. I don't do things just because [Influential Person] does them.
>>51234408
>ProtonMail
they already collected $43,617
>>51239108
> Our primary datacenter is located under 1000 meters of granite rock in a heavily guarded bunker which can survive a nuclear attack.
cant dodge a 100gb/s ddos attack.
lol even my stupid website have a better ddos protection
>>51239236
>>51239236
>getting ddos'd
>someone contact them saying to pay ransom
>truth this person has nothing to do with the attack
>protonmail pays them
>attacks didn't stop
top kek
>>51237317
Gmail
Outlook.com
iCloud Mail
buy a server
>>51239281
>some kid somewhere did it for lulz
>actually got $5500
>Interpol kicks down his door next day
>>51239307
>iCloud
ayyyyyyyylmao
>>51239331
>brute force attack
retard, you had to be retarded to got hacked by it.
>2015
>not running your own email server
>>51239356
>plain text passwords
>blaming it on anyone but applel
>>51239388
you really are retarded
>>51239281
>>51239281
he must be a retarded
so easy to send a anonymous email and get paid in btc leaving no trace
>>51239356
>you had to be retarded to got hacked by it.
So, all iPhone owners then.
>>51239429
>>51239429
it was for >>51239310
>>51239444
Do you not know what a brute force attack is kiddo?
>>51239414
>eats shit from his hands
>calls someone else retarded
>They're back!
Log in to check email, just to see that I haven't had an email in days. :(
>kikestarter a scam company for $500k because you think you're important enough to need a secure email address
>they realize you people are idiots and decide to scam you again
>they pretend to be hacked and give out buttcoins to their "hacker"
>even though they're obviously lying you lap that shit up because >i need muh email to trade CP images
>you give them another $50k
>they finally come back online
Ebin. Simply ebin.
>not using your own mail server
>>51239584
While this may or may not be true...
As long as they don't stay down next time... I don't care. :/
>>51239728
>wasting time
>easy for the nsa to get to
>>51239584
>mfw i use my work email for work
>mfw i use pm for my personal mail which isn't urgent
>mfw i haven't spent a penny for either
>>51239753
Who is wasting time right now fagget?
>>51239767
still you
>>51239584
The only problem with your theory is that the DDoS took down a bunch of other sites including banks.
>>51236167
No, you dumb fuck.
They were coerced to pay by their ISP because the collateral damage to other companies using the same ISP was in hundreds of thousands of dollars.
>>51234921
What's wrong with GoDaddy?
>>51236883
DDoS could cost more at this scale.
>>51234571
Quite honestly I don't mind losing my old email and starting fresh from time to time. The lack of spam and annoyance is a great feeling. A personal domain name would lose me precious, precious plausible deniability.
I give people my work email whenever possible. I know the email expires when I leave the company or get fired, whichever comes first. Once upon a time I made the grievous mistake of giving clients my personal number, and was besieged for some years. Now I use a disposable google voice number, with a reassuring voice mail message that they can listen to over and over again while it soothes them.
>>51239388
You really don't know what the fuck you're talking about do you. Plain text had nothing to do with brute forcing techniques. Apple passwords were hashed, the forms weren't rate limited.
Fucking androne idiots.
>>51241588
>eats shit from his own hands
>calls other people idiots
>>51234692
Lolwuuuuut?
How hard would it be to setup a service like this?
I want to make one for Australia as a big fuck you to the stupid government we have here.
>>51234408
>Fuck Protonmail for being DDoSed by western governments!!1
You stupid fuck.
>>51242232
You are required by law in australia to store metadata. theres a reason why there are no services like this in australia
>>51242232
unless you feel like running the risk until you are caught for not complying with the law
>>51241798
Not forced, but they got a fuckton of complaints from other customers who went down also, so they asked the protonmail devs to pay up to stop the attacks.
In the end, it didn't matter.
and that's why i never recommend the provider i'm using anywhere. it's so good and i want it to stay small so shit like this doesn't happen. i do the same with the smaller private torrent trackers i'm part of.
stop advertising and try to keep the community as small as possibleif you are ACTUALLY concerned about the users security and privacy rather than money.
see autistici/inventati
>>51242748
>>51242733
If I have a .com.au address but keep the server in the US or Ireland, would I still have to do this?
To be honest, if I do make one and it happens, I will just do a Lavabit.
I'm thinking some one just wanted to actually thoroughly probe the datacenter network and protonmail servers, and masked it as an DDOS attack.
It just doesn't make sense for skiddies to go after measly 15 bitcoins with a target profile like this.
And if the initial attackers told the truth about stopping, it would make that theory even more plausible.
>>51242826
why would you bother? so ou can trick australians into thinking its servers are based in aus?
difference is they will actually lock you up. you realise just for not handing over encryption keys etc. they can lock you up for 6 months?
>>51242894
also, the answer is probably yes, you would have too, though im not entirely sure
>>51242894
sudo rm -rf /
what server? I have it all planned out, dont worry ;)
>>51242733
>>51242733
>>51242733
metadata is only for ISP.
nothing to do with emails service
>>51242913
well your asking silly questions on 4chan and getting advice from someone who is too fat too walk so id sayyou dont have it planned out. maybe just look at relevant legislation first so you dont end up getting ass raped kthx
>>51242926
no its not, read the legislation you cum gargling sasquatch
>>51242947
>relevant legislation
ha, like im going to read all that before starting my own 'business'
>>51242961
I can tell
>>51242971
ty /g/ senpai
>>51242961
this board is overrun by useless individuals like you. please crawl back into your mums vagina
>>51242988
yw!
>>51242955
>>51242955
it's only for ISP you retarded.. ISP is already able to see the header of an email. they are not forcing email providers to store metadata
It's up
>>51243042
im not going to argue with someone who gets second hand information. read the legislation you fucking nub virgin cunt
>>51243180
>>51243180
>>51243180
eheheh i insult on a anonymous board.. i am too cool
prove it or get fucked
>>51235126
I set up a mail server last week, so most of it is still fresh in my mind. Some tips that might help you:
- You can test your server with http://www.mail-tester.com. It will show you what you're missing, and some hints on the records you need to add. Mostly just SPF/DKIM/DMARC.
- It doesn't cover everything - so use the source view function to check your headers.
- Because of the numerous campaigns giving away .xyz domains, they've been abused by spammers. So a lot of places have just blacklisted the entire TLD. I'd suggest avoiding it, alongside tlds like .ru and .cn.
- Debian has dpkg-reconfigure exim4-config, which will let you hit the ground running. I found exim easy to tweak (adding TLS/DKIM/etc) after going through the dpkg menu. Of course, you don't need to use Exim, postfix is there too.
- Setting up SPF checking in Exim4 wasn't great. It was much easier to install Spamassasin, which checks SPF records and addresses against blacklists by default.
- If you are going to make use of those blacklists, you'll want a caching nameserver. dnsmasq will do this, you just need to set its listening address to 127.0.0.1 and put it in your resolv.conf.
- Dovecot was also quite easy to set up.
- Aliases are surprisingly easy. I expected them to be harder, but it really is just a case of adding a line to /etc/aliases.
