The very first domain at the start of the spike is pass-api.proton.me. I it could have been Proton Pass to leak the list of domains and apps I have an account for. Still I find that to be quite worrying, whether it was a bug or something else..
floquant
joined 2 years ago
The US is actively pushing every ally away, what do you expect?
Please argue how. As someone from a country where credit scores aren't a thing, they really look the same.
Ah yeah, because the five eyes (of which the UK is a member) doesn't flag people and add them to watchlists for comments potentially like this one
Most dystopian "child safety" bill. Let's not legitimize the claim that these laws are made to protect children while having privacy-invading side effects - they are privacy-invading laws disguised as child protection, while failing to have any real impact on children's online safety and wellbeing
But why would they do that from an end user's device instead of their servers? And what about the unresolvable package names?
I'm leaning more towards a bug than exfiltration at this point, but it is still a somewhat serious leak. The contents of proton pass are end to end encrypted and thus supposed to be confidential, while this has caused my whole vault to be leaked to public DNS servers via unencrypted UDP. If it was intentional, it's terrible design. Maybe some intern thought to have the client grab favicons.