Latest news with #AndyYen
Tom's Guide
6 days ago
- Business
- Tom's Guide
Infomaniak breaks rank and comes out in support of controversial Swiss encryption law
In Switzerland, some of the best VPNs are in the firing line as a result of the country's proposed changes to encryption laws. The law's revision would extend surveillance obligations and require companies to collect information and identification on their users – a move that would significantly impact online privacy. Swiss-based VPNs Proton VPN and NymVPN would be affected, and Proton CEO Andy Yen said the privacy-focused company would rather leave its Swiss base than risk the privacy of its users. The most private VPNs uphold strict no-logs policies and collect very little information about users. This law would see these policies undermined. Despite widespread opposition from across the country, Swiss cloud security company Infomaniak is supporting the law. Infomaniak describes itself as an "ethical cloud" company and one that doesn't compromise on "ecology, privacy, or people." It's surprising, then, that they are seemingly the only privacy-focused company in Switzerland supporting the law change. In a debate on Radio Télévision Suisse (RTS), and reported in Clubic, Infomaniak spokesperson Thomas Jacobsen addressed Andy Yen's comments on the law. Jacobsen believed Yen showed a "lack of knowledge of Swiss political institutions" and called for finding the right balance, not looking for extremes. Infomaniak argued that anonymity prevents justice, saying there must be a "happy medium" to prevent the digital landscape becoming a "Wild West." Proton was cited as a company that advocates for anonymity, but this isn't technically the case. Proton, and Proton VPN, advocates for privacy – and there is a subtle but important difference between the two. Confusing privacy and anonymity is common – a Tom's Guide VPN survey found that 29% of readers think VPNs make you anonymous – but they don't mean the same thing. Anonymity is when your identity isn't known and no trace of your activity is left behind, with the Tor Network being an example. VPNs protect your data and your privacy. Many can still see some identifiable information and most don't claim to offer anonymity. Although your data is encrypted and reputable VPN providers can't see your internet activity, they can still see your connecting IP address and your payment information. The key point is that they never log or share it. Hackers, third-parties, or your ISP can't see what you're doing, and that is the privacy VPNs offer. Infomaniak is incorrect in saying Proton advocates for anonymity. Infomaniak also took issue with free services, such as free VPNs. In the debate, Jacobsen said how these free services allow anyone to hide from the law by enabling anonymity. While VPNs can be misused by bad actors for criminal endeavours, something all reputable VPNs and Tom's Guide opposes, this doesn't mean they should be taken away or targeted. Almost every kind of technology and device can be used for illicit purposes. We have to accept that not everything can, or should, be controlled in order to target a small minority. This trade-off would take away the right to privacy of millions of genuine users. VPNs, and especially the best free VPNs, are a lifeline for people living under censorship and internet restrictions. Without them, they would be unable to access a free and open internet and would suffer at the hands of authoritarian regimes. Proton VPN has a host of dedicated anti-censorship features, aimed at protecting the privacy of those who need it most – including the free service Proton VPN Free. Many VPNs also offer free emergency VPNs for journalists or activists. VPNs cannot just be for those who can afford them, so Infomaniak's targeting of free privacy services fails to consider the appropriate repercussions. The article quotes Infomaniak's founder, Boris Siegenthaler, as saying "the answer is clear: the day activists for important climate, humanitarian, or democratic causes are in the crosshairs, we will oppose this request." However, many argue that the Swiss government's request would put those people in the crosshairs, and they wouldn't be protected. Infomaniak doesn't advocate for widespread surveillance, but that would not be needed under these plans. Metadata collection could form a large part of the new surveillance law, and it's seemingly something Infomaniak supports. In a separate interview with RTS, Jacobsen argues that metadata collection is acceptable in order to help prosecute individuals who "carry out illicit activities" anonymously. He says how in other aspects of life, we don't accept that, saying you need ID for taking out a phone number and SIM card. "The outside of the package is enough to bring justice," he said – referring to metadata. The contents of messages or communications will remain encrypted, but the metadata will be seen and collected. Metadata can include geolocation, date and time, IP addresses, file size, device identifiers, plus who sent and received the message. So, even though the actual content of the message remains encrypted and hidden, you can identify and subsequently prosecute individuals based on analysis of metadata. The opposition claims this is a fundamental privacy risk if handled in the wrong way, and something that should be opposed, not lauded. Infomaniak's approach to metadata has also received backlash from others in the industry. A LinkedIn post by founder Boris Siegenthaler saw disagreement with Infomaniak's position in the comments. A journalist said he was concerned about metadata, should it be collected, falling into the wrong hands. He claimed certain people and sources would be at risk and communication methods must preserve their safety. One comment argued that "metadata protection is important to avoid profiling," and another said a middle ground between Proton and Infomaniak's position was needed. Infomanaik has said it's moving to an encrypted email service. Jacobsen said the content of emails will be protected, "but without anonymity." Infomaniak's own service would therefore appear to be affected by the law change and they'd be required to collect and store the metadata of its users and their emails. The Swiss government's consultation on the proposed law change ended on May 6 2025. Its findings are still not known, but we will monitor its progress closely. We test and review VPN services in the context of legal recreational uses. For example: 1. Accessing a service from another country (subject to the terms and conditions of that service). 2. Protecting your online security and strengthening your online privacy when abroad. We do not support or condone the illegal or malicious use of VPN services. Consuming pirated content that is paid-for is neither endorsed nor approved by Future Publishing.
Tom's Guide
20-05-2025
- Business
- Tom's Guide
Proton VPN boss compares Switzerland to Russia and claims it could leave the country over proposed law
Proton boss Andy Yen has said the company will leave Switzerland if the country's new surveillance legislation becomes law. Switzerland is known for its strong privacy laws and is home to one of the best VPNs, Proton VPN. The law change would impact Proton VPN's credentials as one of the most private VPNs and would have a monumental effect on the wider VPN industry. Switzerland's current surveillance law instructs mobile networks and internet service providers (ISPs) to collect and store user data. The proposed change would extend this to VPNs, messaging apps, and social media companies. Having a strict no-logs policy is very important and a must-have to be considered a quality VPN provider. Collecting user information would severely breach these policies and undermine user privacy. Proton VPN would rather leave its Swiss home than risk the privacy of its users. The Swiss government's consultation on the proposals closed on May 6 2025, and we are awaiting its findings. Andy Yen spoke to Radio Télévision Suisse (RTS) on May 13, and launched a scathing attack on the proposed legislative amendment. Yen described it as a "major violation of the right to privacy" – something that directly contradicts Proton's "privacy by default" tagline. "This revision attempts to implement something that has been deemed illegal in the EU and the United States," Yen claimed. "The only country in Europe with a roughly equivalent law is Russia." This is a damning comparison. Russia has some of the world's strictest VPN laws, has banned multiple VPNs from its app stores, and has a long history of internet censorship. In December 2024, it disrupted the internet across several regions in a rumoured test of its "sovereign internet structure." The only country in Europe with a roughly equivalent law is Russia The amendment's consultation phase ended on May 6. At the time of writing the findings aren't known. If the law is changed, Yen said "we would have no choice but to leave Switzerland." "The law would become almost identical to the one in force today in Russia. It's an untenable situation. We would be less confidential as a company in Switzerland than Google, based in the United States. So it's impossible for our business model." The law requires changes to encryption, as well as user data collection. An encryption backdoor would be demanded and new types of information and monitoring created. Proton's users exceed 100 million, with Proton VPN, Proton Mail, and the wider Proton ecosystem at risk. But other Swiss based companies who provide encrypted services would also be impacted – including the encrypted messaging app, Threema, and the newly launched VPN, NymVPN. NymVPN has been a vocal critic of the proposed amendment, with its Chief Operating Officer Alexis Roussel releasing a detailed statement. We test and review VPN services in the context of legal recreational uses. For example: 1. Accessing a service from another country (subject to the terms and conditions of that service). 2. Protecting your online security and strengthening your online privacy when abroad. We do not support or condone the illegal or malicious use of VPN services. Consuming pirated content that is paid-for is neither endorsed nor approved by Future Publishing.
Arab Times
27-03-2025
- Arab Times
Tech tip: Avoid sharing your email with strangers; use a decoy
LONDON, March 27, (AP): You've heard of burner phones. What about burner email? So much of the internet now requires that you hand over your email address before you're able to use any services - from an app you've downloaded to signing up for a newsletter or redeeming a special offer online. But who says you have to give your real email address? Next time you're asked, consider using an email mask. There are a growing number of services that give out disguised email addresses and relay any messages to your actual address. Experts say this can be a powerful tool to safeguard privacy and security. Here are some pointers on the whys and hows of email masking: The idea behind email masking is simple. The masking service gives you a randomized address you can use as a decoy instead of your actual email. It can be a series of unrelated words, or a string of letters and numbers. When someone sends a message to the burner email, it will be automatically routed to your address without anyone knowing. Providers include privacy-focused search engine DuckDuckGo's Email Protection service, Firefox Relay from browser maker Mozilla, email service FastMail and independent services like The encrypted service Proton Mail offers email masking with its password manager and standalone SimpleLogin service. There are many others. It's one of the features Apple offers users subscribing to its iCloud+ or Apple One services. When you're using the Safari browser app on your iPhone and need to input your email, you can tap the field above the onscreen keyboard to "Hide My Email,' which then creates a random address as a substitute. It's also available on Mac computers with the desktop Safari browser or Mail app. If you're using a different browser or app, you can still manually create a random email address by going into your iCloud settings. Most services have a free version with basic options and a premium tier with more features. Some free services can only receive emails but not reply to them. However, an important feature users should look for is the ability to do both, said Proton CEO Andy Yen. "Maybe you never reply to a newsletter and that's fine,' said Yen. But it's a problem if, for example, you used your email alias to buy something online and there's an issue with your order that the site needs to ask you about. "Then the ability to reply is actually pretty important,' he said. Most masking services have a dashboard control panel where you can view the various alias addresses you've activated. If you notice one starting to get a lot of spam, just turn it off. Mask your email when you want to add an extra layer of privacy or protect yourself from data leaks or unauthorized information sharing. An email mask is a "general-purpose tool that can be used in any context,' says Santiago Andrigo, principal product manager at Mozilla. However, he recommends using it in two key situations. The first is when you're unsure what a website will do with your email address. "Masking your email gives you control - if you start receiving unwanted messages, you can easily block any emails coming to that email mask,' Andrigo said. The second scenario is "when your association with a service could reveal sensitive personal information,' he said. For example, if you join an online community for a specific medical condition or a minority group, a data breach could expose your participation. There are myriad reasons not to give out your email address to anyone who wants it. It could be sold to marketers or shady data brokers, eroding your privacy by helping them build a profile of you for legitimate or nefarious purposes. If your address ends up on the wrong mailing list, it could result in more junk or phishing emails. And if an online service is hacked, attackers could make off with logins, passwords, and other personal information. Using unique passwords for all your online accounts - typically with the help of a password manager - is good cybersecurity practice. "But the real pain point for any user is actually not the password getting leaked, but actually the email getting leaked,' said Yen. Changing your password after a data breach is standard practice but it's a lot harder to change another piece of sensitive information, your email address - unless you're using a mask. There are other so-called hacks that you might have heard about. You could set up a throwaway account with a free email service like Gmail or Yahoo. But it's tedious to do this. Some Gmail users add a plus sign and an extra phrase or combination of characters between their username and the @ sign. It helps track who's sharing your address as well as filter messages. But "from a privacy standpoint, that does nothing,' said Yen. "Because people can just simply take away the plus and get your original address.' Email masks use their servers to relay message traffic between the sender and the recipient. So how can you be sure those servers are private? Look for reputable providers that promise not to keep your messages. If you're shopping around for an email masking service, Yen advises checking if it has "proper terms and conditions,' a privacy policy, and is based in a jurisdiction where it could be legally held accountable. "We state very clearly we're not keeping a copy of anything that passes through our servers," Yen said. Firefox Relay says in its FAQs that it does not "read or store any of your messages.' "In the event that an email cannot be delivered to you, we will keep it on our servers and delete it after it has been delivered (in no event will we hold onto it for more than three days),' it says. Apple says it "doesn't read or process any of the content" in email messages that pass through Hide My Email except for standard spam filtering.
The Independent
27-03-2025
- The Independent
One Tech Tip: Don't give your email to strangers, use a decoy address instead
You've heard of burner phones. What about burner email? So much of the internet now requires that you hand over your email address before you're able to use any services — from an app you've downloaded to signing up for a newsletter or redeeming a special offer online. But who says you have to give your real email address? Next time you're asked, consider using an email mask. There are a growing number of services that give out disguised email addresses and relay any messages to your actual address. Experts say this can be a powerful tool to safeguard privacy and security. Here are some pointers on the whys and hows of email masking: Mask on The idea behind email masking is simple. The masking service gives you a randomized address you can use as a decoy instead of your actual email. It can be a series of unrelated words, or a string of letters and numbers. When someone sends a message to the burner email, it will be automatically routed to your address without anyone knowing. Providers include privacy-focused search engine DuckDuckGo's Email Protection service, Firefox Relay from browser maker Mozilla, email service FastMail and independent services like The encrypted service Proton Mail offers email masking with its password manager and standalone SimpleLogin service. There are many others. It's one of the features Apple offers users subscribing to its iCloud+ or Apple One services. When you're using the Safari browser app on your iPhone and need to input your email, you can tap the field above the onscreen keyboard to 'Hide My Email,' which then creates a random address as a substitute. It's also available on Mac computers with the desktop Safari browser or Mail app. If you're using a different browser or app, you can still manually create a random email address by going into your iCloud settings. A Key Feature Most services have a free version with basic options and a premium tier with more features. Some free services can only receive emails but not reply to them. However, an important feature users should look for is the ability to do both, said Proton CEO Andy Yen. 'Maybe you never reply to a newsletter and that's fine,' said Yen. But it's a problem if, for example, you used your email alias to buy something online and there's an issue with your order that the site needs to ask you about. 'Then the ability to reply is actually pretty important,' he said. Most masking services have a dashboard control panel where you can view the various alias addresses you've activated. If you notice one starting to get a lot of spam, just turn it off. When should I use it? Mask your email when you want to add an extra layer of privacy or protect yourself from data leaks or unauthorized information sharing. An email mask is a 'general-purpose tool that can be used in any context,' says Santiago Andrigo, principal product manager at Mozilla. However, he recommends using it in two key situations. The first is when you're unsure what a website will do with your email address. 'Masking your email gives you control — if you start receiving unwanted messages, you can easily block any emails coming to that email mask,' Andrigo said. The second scenario is 'when your association with a service could reveal sensitive personal information,' he said. For example, if you join an online community for a specific medical condition or a minority group, a data breach could expose your participation. Email fail There are myriad reasons not to give out your email address to anyone who wants it. It could be sold to marketers or shady data brokers, eroding your privacy by helping them build a profile of you for legitimate or nefarious purposes. If your address ends up on the wrong mailing list, it could result in more junk or phishing emails. And if an online service is hacked, attackers could make off with logins, passwords and other personal information. Using unique passwords for all your online accounts — typically with the help of a password manager — is good cybersecurity practice. "But the real pain point for any user is actually not the password getting leaked, but actually the email getting leaked,' said Yen. Changing your password after a data breach is standard practice but it's a lot harder to change another piece of sensitive information, your email address — unless you're using a mask. False solutions There are other so-called hacks that you might have heard about. You could set up a throwaway account with a free email service like Gmail or Yahoo. But it's tedious to do this. Some Gmail users add a plus sign and an extra phrase or combination of characters between their username and the @ sign. It helps track who's sharing your address as well as filter messages. But 'from a privacy standpoint, that does nothing,' said Yen. 'Because people can just simply take away the plus and get your original address.' What about the man in the middle? Email masks use their servers to relay message traffic between the sender and the recipient. So how can you be sure those servers are private? Look for reputable providers that promise not to keep your messages. If you're shopping around for an email masking service, Yen advises checking if it has 'proper terms and conditions,' a privacy policy and is based in a jurisdiction where it could be legally held accountable. 'We state very clearly we're not keeping a copy of anything that passes through our servers," Yen said. Firefox Relay says in its FAQs that it does not 'read or store any of your messages.' 'In the event that an email cannot be delivered to you, we will keep it on our servers and delete it after it has been delivered (in no event will we hold onto it for more than three days),' it says. Apple says it 'doesn't read or process any of the content" in email messages that pass through Hide My Email except for standard spam filtering. 'All email messages are deleted from our relay servers after they're delivered to you, usually within seconds," the iPhone maker says. ___ AP Technology Writer Barbara Ortutay in Oakland, Calif. contributed to this report. ___ Is there a tech topic that you think needs explaining? Write to us at onetechtip@ with your suggestions for future editions of One Tech Tip.
Associated Press
27-03-2025
- Associated Press
One Tech Tip: Don't give your email to strangers, use a decoy address instead
LONDON (AP) — You've heard of burner phones. What about burner email? So much of the internet now requires that you hand over your email address before you're able to use any services — from an app you've downloaded to signing up for a newsletter or redeeming a special offer online. But who says you have to give your real email address? Next time you're asked, consider using an email mask. There are a growing number of services that give out disguised email addresses and relay any messages to your actual address. Experts say this can be a powerful tool to safeguard privacy and security. Here are some pointers on the whys and hows of email masking: Mask on The idea behind email masking is simple. The masking service gives you a randomized address you can use as a decoy instead of your actual email. It can be a series of unrelated words, or a string of letters and numbers. When someone sends a message to the burner email, it will be automatically routed to your address without anyone knowing. Providers include privacy-focused search engine DuckDuckGo's Email Protection service, Firefox Relay from browser maker Mozilla, email service FastMail and independent services like The encrypted service Proton Mail offers email masking with its password manager and standalone SimpleLogin service. There are many others. It's one of the features Apple offers users subscribing to its iCloud+ or Apple One services. When you're using the Safari browser app on your iPhone and need to input your email, you can tap the field above the onscreen keyboard to 'Hide My Email,' which then creates a random address as a substitute. It's also available on Mac computers with the desktop Safari browser or Mail app. If you're using a different browser or app, you can still manually create a random email address by going into your iCloud settings. A Key Feature Most services have a free version with basic options and a premium tier with more features. Some free services can only receive emails but not reply to them. However, an important feature users should look for is the ability to do both, said Proton CEO Andy Yen. 'Maybe you never reply to a newsletter and that's fine,' said Yen. But it's a problem if, for example, you used your email alias to buy something online and there's an issue with your order that the site needs to ask you about. 'Then the ability to reply is actually pretty important,' he said. Most masking services have a dashboard control panel where you can view the various alias addresses you've activated. If you notice one starting to get a lot of spam, just turn it off. When should I use it? Mask your email when you want to add an extra layer of privacy or protect yourself from data leaks or unauthorized information sharing. An email mask is a 'general-purpose tool that can be used in any context,' says Santiago Andrigo, principal product manager at Mozilla. However, he recommends using it in two key situations. The first is when you're unsure what a website will do with your email address. 'Masking your email gives you control — if you start receiving unwanted messages, you can easily block any emails coming to that email mask,' Andrigo said. The second scenario is 'when your association with a service could reveal sensitive personal information,' he said. For example, if you join an online community for a specific medical condition or a minority group, a data breach could expose your participation. Email fail There are myriad reasons not to give out your email address to anyone who wants it. It could be sold to marketers or shady data brokers, eroding your privacy by helping them build a profile of you for legitimate or nefarious purposes. If your address ends up on the wrong mailing list, it could result in more junk or phishing emails. And if an online service is hacked, attackers could make off with logins, passwords and other personal information. Using unique passwords for all your online accounts — typically with the help of a password manager — is good cybersecurity practice. 'But the real pain point for any user is actually not the password getting leaked, but actually the email getting leaked,' said Yen. Changing your password after a data breach is standard practice but it's a lot harder to change another piece of sensitive information, your email address — unless you're using a mask. False solutions There are other so-called hacks that you might have heard about. You could set up a throwaway account with a free email service like Gmail or Yahoo. But it's tedious to do this. Some Gmail users add a plus sign and an extra phrase or combination of characters between their username and the @ sign. It helps track who's sharing your address as well as filter messages. But 'from a privacy standpoint, that does nothing,' said Yen. 'Because people can just simply take away the plus and get your original address.' What about the man in the middle? Email masks use their servers to relay message traffic between the sender and the recipient. So how can you be sure those servers are private? Look for reputable providers that promise not to keep your messages. If you're shopping around for an email masking service, Yen advises checking if it has 'proper terms and conditions,' a privacy policy and is based in a jurisdiction where it could be legally held accountable. 'We state very clearly we're not keeping a copy of anything that passes through our servers,' Yen said. Firefox Relay says in its FAQs that it does not 'read or store any of your messages.' 'In the event that an email cannot be delivered to you, we will keep it on our servers and delete it after it has been delivered (in no event will we hold onto it for more than three days),' it says. Apple says it 'doesn't read or process any of the content' in email messages that pass through Hide My Email except for standard spam filtering. 'All email messages are deleted from our relay servers after they're delivered to you, usually within seconds,' the iPhone maker says. ___
