The real news here is the crumbling facade of neutrality and trust that the Swiss have for a while now been allowing to crumble and run right through their fingers. They are playing with fire in many ways, especially since much of their soft defences have also eroded.
> The real news here is the crumbling facade of neutrality and trust that the Swiss have for a while now been allowing to crumble and run right through their fingers.
What else except the Crypto AG case is there? And if it is just Crypto AG it seems folish to assume that a company is good just because it originated in a certain country. But Switzerland still seems like a fairly easy country to deal with.
Rather than rehash all this here, there are a lot of posts about ProtonMail and the foundational claims they make about being a company operated out of Switzerland. I'd suggest reading those critiques. The process of becoming a surveillance state is a slow one, you don't just wake up with government operated/connected cameras on every corner.
Apparently rehashing is what we want to do. Here's some links:
Switzerland's laws are the foundation of ProtonMail: https://protonmail.com/blog/switzerland/
ProtonMail must comply with Swiss law, regardless of what people think, and as Switzerland progressively becomes surveillance state it will have to comply more: https://www.securityweek.com/protonmail-accused-voluntarily-...
This post on Reddit sums up, fairly well, what I usually hear from privacy interested users of ProtonMail: https://www.reddit.com/r/ProtonMail/comments/49u8vy/protonma...
For some more direct points: https://privacy-watchdog.io/truth-about-protonmail/
While it may not be immediately obvious, if you follow each of these points they connect back to compliance in some way
> Rather than rehash all this here, there are a lot of posts about ProtonMail and the foundational claims they make about being a company operated out of Switzerland. I'd suggest reading those critiques.
Looking at the top ten posts on HN about ProtonMail does not give any such articles or top comments. So at least a link would be nice.
> The process of becoming a surveillance state is a slow one, you don't just wake up with government operated/connected cameras on every corner.
Can you give any indication that this is more of an issue in Switzerland compared to other countries?
This is very vague and looks like it is more of a critique of ProtonMail instead of Switzerland as a whole.
I would need more credible evidence. For example,
> https://privacy-watchdog.io/truth-about-protonmail/
Skimming through it, it displays a lot of ignorance which undermines its credibility for me, and the credibility of the other evidence. As examples, these statements seem to lack understanding of the technology:
> Protonmail even has an SSL cert for that onion address even though itâs completely unnecessary.
> Leaked documents at Wikileaks show that the CIA requires emails to be stored as an EML filetype. There are several ways to store emails, and Protonmail has selected the format that the CIA requires.
> Subject and metadata encryption are not difficult to provide.
Banking secrecy
Switzerland has long been something of a playground for spies because of it's neutrality. Their intelligence agency basically ignoring what US and German spies were doing won't change the opinion of those in power, and the public opinion of their neutrality has already been tainted by Nazi gold.
> public opinion of their neutrality has already been tainted by Nazi gold.
For someone looking for a jurisdiction to turn a blind-eye, Switzerland's complicity wrt Nazi plunder is a definite pro, not a con. As far public sentiment is concerned, that's what "neutrality" implies, not the legalist meaning that often requires a neutral party to affirmatively reject such dealings.
This is a very old and well-known case https://en.wikipedia.org/wiki/Crypto_AG
The story was broken in 2015, though only the bare outlines were disclosed then. A much fuller disclosure came a year ago. I would doubt that the general public is aware of it at all.
Dismissing this as "old" and "well known" seems highly inaccurate.
Oh, it's way older than that. Here's a story from 1996: https://www.spiegel.de/politik/wer-ist-der-befugte-vierte-a-...
Way, way older. At least 10 years.
See https://en.wikipedia.org/wiki/Crypto_AG#Compromised_machines
Excerpt:
Crypto AG had already earlier been accused of rigging its machines in collusion with intelligence agencies ((...)) Suspicions of this collusion were aroused in 1986
Suspected, as early as 1986. Confirmed via memo in 2015, exposed in 2020.
Degrees of proof and documentation differ among these.
And this still fails to establish the "well-known" aspect.
Yes, I was surprised when it resurfaced as news recently, having learned about it last millennium. I'm still not clear about what's new here (apart from the Swiss politics angle).
The political angle is pretty significant, it's basically stating the Swiss intelligence agencies were more loyal to the CIA and BND than their own government.
Yeah, sure, but why is it coming up 25 years later?
There is no jail time for such a âcrimeâ.
What's new is that (amongst other things) evidence has come to light proving that they were literally owned by the CIA for most of their operational lifetime
"Oh the consequences of my own actions!" -- Jean-Philippe Gaudin, most likely.
I am proud that he has been removed from his position. The initial reaction of my beloved government to this case was not so strong and open as I had hoped, but this is at least a "clear" statement that his betrayal is not tolerated / swept under the carpet.
Now let's hope that this is the end of the drama that "Swiss encryption" has been exposed to and the brand "Swiss neutrality" does not suffer more.
How are the Swiss neutral? Chaotic neutral? They are some of the biggest, corrupt money launderers known the world over?
It is crazy that the only consequence for I'm is to by fired.
I would have hoped that he be sent to justice for treason charges or at least for "nefarious incompetence".
The government does not persecute itself. That is how it is able to continuously break the law.
Government persecuting former officials is a tricky problem, because itâs hard to strike a balance between
* government officials should be held accountable for legitimate issues of legality
* government officials should not be totally paralyzed by fear of being on the wrong side of the law
* government officials should not be targeted for prosecution by vindictive successors just based on disagreement
Government prosecuting citizens is a tricky problem because:
* citizens should be held accountable for legitimate issues of legality
* citizens should not be totally paralyzed by fear of being on the wrong side of the law
* citizens should not be targeted for prosecution by vindictive bureaucrats just based on disagreement
None of these issues, however, are particular to citizens who happen to also be government officials at the time of the alleged incident provoking the prosecution.
> The government does not persecute itself
Government isnât supposed to persecute anybody.
(Prosecute is a different issue.)
"According to a Swiss parliamentary investigation, "Swiss intelligence service were aware of and benefited from the Zug-based firm Crypto AGâs involvement in the US-led spying""
I would guess that for CIA operations, it's pretty non-trivial to prove something. On paper everything probably looked neat, and they likely have some basic set of rules that prevents stuff like discussing treason on twitter from happening. But I agree and NBD should be clever too.
Guess it's sort of post cold war operation gladio
Gladio and Echelon are almost forgotten, even Snowden's revelations lose effect.
I guess intelligence and military intelligence live in their own worlds and are above the laymen's world. Back in the 70s and 80s even most politicians didn't know about Gladio, regardless of their political stand (left or right). If you are not proved to be one of them, you won't even hear about it.
This is bad for the image of Switzerland. How can you trust them with security sensitive issues ever again?
I think you're overreacting. If the Snowden leaks thought us anything, is that countries can spy on other countries and their own citizens and eventually most people will forget about it.
Same with this story. Eventually, people will forget about it ever happening, and everyone will have the same view of Switzerland as they had before.
Why would you have trusted them before?
Why trust anyone ever?
I was surprised to learn Switzerland even had a spy agency.
Oh somehow I expected it to be Threema GmbH but it's still just old, plain Crypto AG.
I'm not sure if this is a joke or a legitimate concern about Threema. Care to elaborate?
from Threema own homepage:
"100% Swiss Made"
"Threema is a true Swiss company hosting its own servers in Switzerland."
After Omnisec AG and Crypto AG, how is anyone falling for that cliché again...
In contrast to Omnisec and Crypto AG with their security by obscurity, the Threema apps are fully open source with reproducible builds: https://threema.ch/en/open-source/
This looks more like it is supposed to mean not Silicon Valley, which is on point with the rest of their marketing and what is written about them.
> Threema, die «Antithese des Silicon Valley-Modells»
https://www.srf.ch/news/wirtschaft/whatsapp-alternative-thre...
Reminds me of protonmail too huh
Get a daily email with the the top stories from Hacker News. No spam, unsubscribe at any time.