In just so many countries (including those many people never know are in too) the state-led war on privacy and communication freedom is getting hotter and hotter. Some countries do it openly, some manage to look liberal until you look closer. Just try to start marketing a proprietary privacy-oriented messenger app or something like that and the intelligence guys will emerge promptly at your doorstep, demanding you to bake a backdoor in. Sad but true. I don't really know how are we (the people, who value privacy of themselves and of the others) going to win this war while keeping legal, it's an open challenge so far...
"the intelligence guys will emerge promptly at your doorstep" - for the US, I'm emotionally inclined to agree with you.
ProtonMail was developed in Geneva, where I grew up. It was a spin-off from people who worked at CERN, like the World Wide Web itself.
Geneva is also a United Nations base, and many other NGOs are headquartered/have offices in the area for that reason (the Red Cross, WWF, Amnesty, Greenpeace). There's a lot of local community support for the operators of ProtonMail.
Switzerland is not EU, although it is Schengen. International incidents occur all the time, such as the time I forgot to take my passport when going to school (my parents live in France, but I went to the International School of Geneva in Switzerland). Because people don't need a visa to cross the border, it would be easy for an intimidated web developer to flee the country. Attempting to get an extradition would then require an arrest warrant, which would require a criminal case to be brought against that person in absentia. Although intelligence services can try to threaten ProtonMail (and probably already have), there are a lot of options available in that area to keep individual staff safe.
"Just try to start marketing a proprietary privacy-oriented messenger app or something like that and the intelligence guys will emerge promptly at your doorstep, demanding you to bake a backdoor in"
Nope...Been making one for 3+ years, worked on high risk human rights type stuff for over a decade and never happened.
Surprisingly most people doing things in this space don't have g-men kicking in the door. Live in UK, Ireland and many other countries and hasn't been an issue.
Might not seem real to a lot of people who are affected by certain biases but most Western government type people we meet at conferences etc are actually quietly supportive and respectly agree/disagree with what we are all trying to do. Not eveything is a black or white echo chamber - we are all citizens who understand nuance (for those of us fortunate to live on free countries - of course Turkey is no longer anything near that.)
FWIW Protonmail is very useful for a large chunk of threat models were security is pretty high but implementing PGP in all its various forms is a pain the ass.
Protonmail routinely hands over information to the authorities. They also determine themselves what cases should be allowed to bypass the requirements for a search warrant.
"We rendered assistance to Swiss law enforcement working on this case without having yet received a court order, but with the understanding that an approved court was on its way to us."
Conveniently the page is never update to say whether these court orders were actually delivered.
> Technolgoists need to remember that tech is nothing without law.
It works both ways. A law can be almost nothing without technical means to enforce it efficiently. There can be cases that make a law [almost] futile so the governments give it up. E.g. many governments tried to ban alcohol but it's so easy (yet dangerous as it can blow up and set the house on fire, especially if the cook is drunk and/or the hardware is amateur) to produce at home that fighting it seriously just doesn't seem to make any sense. Some governments have tried to ban the phalaris grass as it may contain tiny amounts of dimethyltryptamines but it just grows all over everywhere so they have given up the ban as it was almost as ridiculous as it would be to ban sand, flies or whatever this common. The problem is to invent a medium for exchanging messages that is easy to establish independently (no need for uncommon devices, no special requirements to the underlying ISP) yet very hard to detect, compromise or disrupt. This sounds like a serious challenge yet not like an entirely impossible thing provided breakthroughs in mathematics/cryptography, physics and the telecom tech still happen from time to time. Some political/economical factors may also play on our side occasionally. My hope is for the whole Internet to morph into a fully-decentralized distributed network employing DIY P2P links as its organic and vital part. Perhaps this may happen once if something is going to make classic ISPs unprofitable and stimulate growth of MESH networks with something like i2P serving as a layer connecting them in one secure and reliable global network.
They can hardly run around sticking everyone for having what everybody can have easily and what is not easily visible unless too many people start collaborating and reporting each other.
Enforcement will never be completely universal and the more "free" the society is in general the harder it would be to enforce it via draconian means.
So the dry laws in the US and in other western (primarily Nordic) countries isn't that great of an example as these were still mainly liberal democracies despite the restrictions.
The similar laws in more authoritarian regimes would work quite differently.
And unfortunately we have too many modern examples of how effective governments can be at suppressing various behaviors and or ideas.
It's not entirely nothing. Even if gov. thugs are there to beat you, if you communicated with others safely, at least those people are still protected as long as you will not reveal their identity or whatever you've communicated about.
If the gov. just murders you and gets to your stuff, they can't analyze it to get at more people in your circle.
It just doesn't solve the problem of violent government. But there are still benefits.
Politicians need to remember that The Law is nothing in the face of technology. (You can't block fundamental math, you can't block decentralized apps that hide their traffic as something else, you can't prevent knowledge from leaking out, from anywhere, etc.)
You are thinking in absolutes. The politicians don't. They're fine with 99% solutions that cover the general population. The remaining 1% of dissidents will be dealt with by throwing them in jail, not by making the technology impossible to access so that they are forced to give up their efforts. Look at north korea or china for examples.
Turn the screws too tight though and the talented will leave for greener pastures. This is definitely happening in Turkey (http://www.bbc.com/news/world-europe-42433668). This has happened in the past too, many times. You describe more the politicians that care more about their power then the general welfare of their nation. North Korea is a great example here.
China's an interesting case, as Xi Jinping is indeed turning the screws tighter as well, so far seemingly without any sort of harm. The historical record on this however suggests this is unwise. Time will tell, I guess. As I see it, at some point, censorship will end up conflicting with the type of knowledge / information needed to allow an economy to prosper.
On encryption, what "law and order" people need to recognize is that any crude tool "designed for law enforcement" will eventually be misused by criminals. Think if there was an enforced national house lock standard that includes a "police master key" that the police could use to open doors. I think most people would instinctively recognize the flaw, that in no short order a "police master key" would easily appear on the black market, making breaking-and-entering very easy (and consequently quite attractive to execute). Not sure why there are blinders on encryption, frankly the Internet needs way more security, not less.
Ok so, let's assume europe and the US will not be like N Korea and China. How is a politician going to stop me from developing an encryption algorithm and using it to send my friends a message? This sounds completely 1984, thought police level insane.
Lots of our technology cannot work without the support of a complex society and I think you can't have that without court and some kind of rules. We are interdependent.
> the people, who value privacy of themselves and of the others
The problem is that privacy is not the only thing we care about, and the balance between different needs is a complicated political problem - which is exactly the kind of "soft", people problem which complexity a typical software engineer would underestimate.
Turkey is becoming more and more authoritatian, indeed. However, they're also sharing a border with ISIS and there's a lot of terror activities in the region. Fighting such threats always leads to increasing influence of the military and secret services, and their new capabilities will be used both to fight terror and suppress citizens.
These things are a double-edged sword; any simplistic view on this is inadequate, regardless of whether it's positive or negative.
(x) Don't use public DNS such as google (or the DNS provided by your ISP such as Vodafone). Look for an anonymous non-logging service preferably outside Turkey
(x) Tor is is one of many layers for anonymity to circumvent blocking. Don't "just" install the tor-browser or tor-proxy on your system but run tails from a clean machine. If you know what you're doing you might want to help others by isolating whole networks using PORTALofPi to guarantee no DNS-leaks. Pro-Tip: build a LEDE based device and share your design with the community so others can benefit and give you input (because you will make mistakes).
(x) Don't use mobile internet if you don't know what you're doing (those who know what they're doing don't use mobile phones for critical comms)
(x) Use burner phones with anonymous SIM cards and aggressive hardware based compartmentalization. Check this article for good OpSec/compartmentalization tips (second half of the article after the discussion on browsers that looks dated).
(x) Despite popular claim VPNs don't give you anonymity. They shift the trust from your ISP to the VPN. If you pay for a VPN service by credit card consider what the payment provider knows about you.
A totalitarian government blocking a service is a good sign they are unable to break its security and thus use it as a surveillance tool. It's a great advertisement for ProtonMail.
Vizzini: ... they block it because they can break it and want all of their adversaries to think it's unbreakable... Now, a clever man would put the poison into his own goblet, because he would know that only a great fool would reach for what he was given. I’m not a great fool, so I can clearly not choose the wine in front of you.
A small note (though it may be unrelated), some ip address ranges are not accessible from Vodafone TR (3G/4G) connections.
216.239.36.219 <- For example this address returns "HTTP 504" from Vodafone. There are some other addresses like this which happen to be around, randomly.
So it may be a misconfiguration on Vodafone TR Network, routers or such thing. Sample curl output below.
$ time curl -vki 216.239.36.219
* rebuilt url to: 216.239.36.219/
* trying 216.239.36.219...
* connected to 216.239.36.219 (216.239.36.219) port 80 (#0)
> get / http/1.1
> host: 216.239.36.219
> user-agent: curl/7.47.0
> accept: */*
>
< http/1.1 504 gateway time-out
http/1.1 504 gateway time-out
< server: webproxy/1.0 pre-alpha
server: webproxy/1.0 pre-alpha
< date: mon, 08 may 2017 07:04:23 gmt
date: mon, 08 may 2017 07:04:23 gmt
< content-length: 0
content-length: 0
< connection: keep-alive
connection: keep-alive
<
* connection #0 to host 216.239.36.219 left intact
real 0m10.909s
user 0m0.012s
sys 0m0.004s
$ curl -vki http://84.19.190.203/
* trying 84.19.190.203...
* connected to 84.19.190.203 (84.19.190.203) port 80 (#0)
> get / http/1.1
> host: 84.19.190.203
> user-agent: curl/7.47.0
> accept: */*
>
< http/1.1 504 gateway time-out
http/1.1 504 gateway time-out
< server: webproxy/1.0 pre-alpha
server: webproxy/1.0 pre-alpha
< date: mon, 08 may 2017 07:56:58 gmt
date: mon, 08 may 2017 07:56:58 gmt
< content-length: 0
content-length: 0
< connection: keep-alive
connection: keep-alive
<
* connection #0 to host 84.19.190.203 left intact
$
They recommend ProtonVPN. Does anyone know the legal ramifications of using a vpn with shared exit nodes? EG: A 'crack' squad of computer crime investigators in Jackson Mississippi track illegally uploaded content to a forum originating from ip address [39.21.2.32] (which is a VPN exit node). Unbeknownst to you that is YOUR exit node now.
Why would that be any different to getting assigned somebody's previous IP address by DHCP? It's non-incriminating because it can be demonstrated you didn't control that IP during the time illegal content was uploaded.
True. But my general ISP dhcp'ed ip address doesn't change much AND when it does I have decent odds someone (who would do illegal uploads) wouldn't be dumb enough to do it over a non-VPNed line.
In these cases, a request for the identity of the account associated with $IP at $timestamp would typically receive a response such as "$IP is a shared IP address used by many different accounts simultaneously. As we do not log individual sessions at layer 4, it is impossible for us to provide you with this account information."
I lived in Izmir in the 90's, and the vibe was actually fairly liberal. The locals seemed to feel pretty free, optimistic, and not overly worried about their government. Sad to see things regressing so much.
This is why the rest of Turkey calls İzmir "kâfir". They are the most secular bunch. They are also very pro-ataturk. AKP's projects for that region include bringing migrants to dilute the voter population.
This is nothing to do with the current issue at hand. Istanbul was just as liberal and nice of a city as anywhere else, but then the last decade happened.
Maybe if as a people we stopped thinking in terms of funny plots like "they are trying to dilute the peeps" and opened our eyes to the facts before our eyes, we'd be in a better shape.
Everywhere is regressing at the moment. Brexit, US protectionism, China's a dictatorship again.
It's like none of the 'leaders of the world' have read any history. Or they have, and are arrogant enough to think 'that won't happen now that I'M in charge'.
Turkey is special. They openly arrest Journalists opposing the government. Prisons in Turkey currently have the highest literacy rates in the country. People outside of Turkey who oppose Erdogan are threatened by either turkish accounts or even locals (I've seen this happening in a private whatsapp group from a school class I graduate a while ago where someone was threatened bodily harm if they did not retract statements about Erdogan)
It is an authoritarian, Orwellian government out of the book.
Sure, but Turkey is a little different. It's going from, for some people "no issues, I'm influential and popular, if perhaps a little controversial", to suddenly "I'm in jail now, for probably months".
>"No tracking and logging Google records literally every action done by its users. This includes your IP address, every search that you do, which emails you open, which websites you visit, and much more. ProtonMail takes the opposite approach and by default, does not monitor or record user activity, not even IP addresses."
Has this been verified by an independent third party?
Also how do you determine there's an issue with with IP prefixes in AS 15897 Vodaphone Turkey[1], if you don't log IP addresses?
> Has this been verified by an independent third party?
Which would that be? ;-)
I use ProtonMail myself. I kind of doubt that all their promises are true. But at least it's an entity separate from Google. A few years ago my whole Internet life somehow went through Google, from Search over Mail up to News, Discussions, Drive, YouTube... I find it creepy that when I click an article in an online shop, not even buying it, a stupid ad of it might appear for a week. Even if you agree that ads have a purpose, there is no purpose for showing me an ad for a thing that I looked at myself already!
I have no indication of ProtonMail doing anything in this direction (I see their ads only on protonmail.com), that's reason enough for me already. Also I trust them that their servers are not going to be hacked so that those contents will land on troyhunt.com.
They might be using some service that tries to access an endpoint of theirs from multiple AS across the world. Not sure if Catchpoint has a Vodafone TR endpoint.
I am neither a ProtonMail nor a Gmail user so this might be completely wrong, but as far as I understand it, the short answer to your question is:
ProtonMail offers an easy access to a client which supports End-To-End encryption for your emails.
So nobody besides the sender and the receiver can read the content of the email. Traditional emails are more or less plain text files which (usually) get encrypted for transfers between mail servers, but every mail server involved in the transmission can read the content.
Encryption between protonmail accounts and when sending to non proton mail accounts:
When you send an encrypted message to a non-ProtonMail user, they receive a link which loads the encrypted message onto their browser, which they can decrypt using a passphrase that you have shared with them. You can also send unencrypted messages to Gmail, Yahoo, Outlook and others, just like regular email.
Well, my server runs for 19 years now without a major secuirty breach... so do I know.
But to answer OP: you cannot ever delete gmail message. Even spam is kept forever to comply with LE, since some of your real messages could by accodent go to junk. With Proton once I delete a message, its gone forever since it was part of my internal encrypted blob of messages. once I logged off deleted message is gone.
> Do you really believe Gmail and your personal server possess the same value as targets?
That's also the point. :) Why put your data into a service that has higher chance of being targetted (and you may never know if it was). Also if you're in control of the device, you'll be the one receiving the subpoena/search warrant (or a swat team), so you'll know if it was targetted.
Except they didn't "own" Google's data centers at all. They tapped a fiber optic cable outside any data centers. Every other wavelength and individual strand in that cable would have also been susceptible. Fiber optic cables aren't some secret, they're quite visible(orange) and accessible in public rightaways. So yeah Protonmail is not much safer from that level of hostility is it?
Lastly for all Protonmail's righteous talk about governments. They're own /24 is announced by an Israeli company that does defense contracting[1] and has their own hardware division - the RAD Bynet Group who makes lots of network hardware including hardware that does deep packet and SSL inspection[2]. Proton mails seems to like to brush this off but for a company that wants to position itself as a player in the fight against government intrusion into privacy, it has a pretty bad smell.
Because I acknowledged that they've responded to it with:
"Proton mails seems to like to brush this off ..."
And I don't find they're explanation particularly cogent. And for a company that makes such a big deal about their Swiss affiliation this seems to big a particularly glaring detail.
From your link:
>"Recently, malicious rumors have surfaced that our partnership with Radware means Israel has compromised ProtonMail email privacy (since Radware’s international headquarters is in Israel). These rumors have mostly been spread by conspiracy theorists who don’t at all understand ProtonMail’s technology."
Do you think that Protonamil is privy to what goes on in the hardware of either Binat-Rad Group Ltd's Radware DPI asics or the network topology in Binat-Rad Group's data centers?
And Binat-Rad does have a relationship with the Israeli government:
"In our opinion, the Company’s working capital is sufficient for the Company’s present requirements. Since our inception, we have financed our operations through a combination of issuing debt and/or equity securities, including two public offerings, research and development and/or marketing grants from the Government of Israel and cash generated by operations."[1]
And if you think that Binat-Rad is not involved in politics, see:
Seemingly this is nothing to do with the government, as controlling through the website of the insitution where there's a form to check if a given domain is blocked [1], it tells me that there are "no blocks on this domain", i.e. protonmail.com. You can try instead wikipedia.org to see what it looks like when a domain is blocked.
Another public DNS is available from the IPredator.se guys as well. Forgot what page on their site they had it under though. They also run some tor nodes. They're one of my favorite VPN services. The staff is very welcoming on their IRC server too.
>"Our support team first became aware of connectivity problems for Turkish ProtonMail users starting on Tuesday. After further investigation, we determined that protonmail.com was unreachable for both Vodafone Turkey mobile and fixed line users. Since then, we have also received some sporadic reports from users of other Turkish ISPs. At one point, the issue was prevalent in every single major city in Turkey. After investigating the issue along with members of the ProtonMail community in Turkey, we have confirmed this is a government-ordered block rather than a technical glitch. Internet censorship in Turkey tends to be fluid so the situation is constantly evolving"
Vodaphone like every major ISP has a NOC. Did Prontomail reach out to the ISP to see if it was a routing issue?
I don't see that mentioned above anywhere in the investigation methodology. How did you confirm that it was a "government-ordered block" if you only worked with "members of the ProtonMail community'?
ProtonMail is quite prevalent in Turkey and there are actually ProtonMail users who work within Vodafone Turkey, and that is how we got the confirmation.
I disagree. I’ve recommended ProtonMail to many novice users and helped them get setup. It is so simple that I suspect many less technical users are using it in countries with oppressive regimes.
No, he's saying that some (possibly many) users know how to use the service, but not VPNs or TOR. Therefore, they are easily blocked, compared to advanced users.
It's time. Browser should integrate hardened-DNS features. TLS 1.3 is just a stepping stone. Local DNS resolver, DNSSEC, DNS over DTLS/HTTPS/QUIC (pick one) and of course, Tor.
The picture of the monitor displaying traceroute with dirt clinging to the screen and some finger smudges and the reflection of the photographer is pretty hilarious.
To get the Tor Browser try to download it from the official Github repository: https://github.com/thetorproject/gettorbrowser Then use meek-amazon as a pluggable transport which should work.
AFAIK the fact of TOR usage is rather easy to detect. AFAIK (from some news here on HN) you can get SWATed and arrested for a mere suspicion (e.g a false positive by an automated traffic analysis system) of using an end-to-end encrypting messenger or even Twitter in Turkey. I doubt it is legal and safe to use TOR in such countries. We need something that is harder to detect on the client ISP side.
When I visited Egypt a three years ago I was using Vodafone to connect to my mail server. They performed a MITM attack and stripped the STARTTLS from the SMTP dialogue.
I had to switch to the legacy SSL port 465 for SMTP to use encryption.
TBH vodafone blocks just about anything in italy. i have to click thre warnings to download binaries from bitbucket for example. Their secure browsing "service" is half a scam.
Because they would have to maintain their own key pair which could easily be taken by chance, unlike a trusted third party who is in another country's jurisdiction and is unwilling to just hand them over. Not everything is software.
If I have to explain it, it's already a lost cause. If you want any hope of PGP being widespread, or any cryptosystem for that matter, you need to have it being self-explanatory.
Someone at the age of 90 should be able to download the software, click a "yes" button and secure their mail.
Just a note to anybody who wants to try their free tier, they add a tapatalk-like message in every e-mail you send ('this email was sent via protonmail' or something in that nature), unless you pay.
It's not like the e-mail receivers couldn't already see the host, but I was unaware of that when I was registering an account, so I'm calling that a dark pattern.
At least it was easy to self-delete it afterwards.
It is. They add it automatically on mobile but you can delete it. And it's never on desktop. Just tried to send from both clients and didn't have any extra added to the message.
When was your account created? Mine was created in the previous 30 days.
I even had brought up the browser's dev tools and tried to disable that setting but with no luck. It might had been a A/B test, or specific only to my country, but the point remains that it was a separate setting than the signature and it was impossible to disable it without paying. On desktop.
Turkey is the largest prison for journalists they recently started a genocide on Kurdish population in Syria in city of afrin and they are hugely cracking down on anyone who is criticisizing their war on kurdish civilians. Unfortunately they have extended their censorship outside turkey and even in United States to get Kurdish accounts banned for criticizing erdogan's government
For the love of everything, I can`t remember the name and can`t find/google it, of a private mail service also from Switzerland. It had simpler marketing and UX, maybe not even web clients and had some affiliate program and I think the name started with "m". Help?
What I don't understand is if it is a "government-ordered block", which wouldn't be surprising, why is it limited to Vodafone users? I would expect half-government hold TTNet and even Turkcell to block as well.
I did read the article before answering you. I referred you to the original headline because it better fits the article's contents, not because I stopped reading there.
In the article they are stating that Vodafone users can not access to proton services. They have written they have seen some complaints from other ISP users as well but there is neither a statement nor a clue that it is blocked by other ISPs as well. After all, the fact is that it is not blocked by other ISPs only by Vodafone.
the suggestions that are proposed are:
- use a vpn >> when protonmail is unreachable, protonvpn is unreachable, too. so not so useful.
- switch dns >> till when? till it`s not only a dns problem anymore. by the looks of it, it`s not gonna take much time.
- use tor >> tor is blocked, too. so... yeah.
i guess when people in the us or europe think about censorship, then think of this romantic blocking of some services, and if you`re tech-savvy enough, you can bypass anything.
no you can`t (at least i can`t). it`s turkey now, it`s gonna be universal tomorrow.
It should be blocked by all public mailing lists too, quite frankly. Its users cannot be bothered configure the webmail properly and often send atrociously formatted replies to threads.
You can't just choose your onion url, since it's directly derived from your key, and that's probably the best they found (if you want to have any choice at all, you have to bruteforce try keys until you find one matching the pattern, so everything more than choosing a few letters gets difficult/expensive)
Actually, I am not sure if it wise to circumvent that block. I mean its probably as easy as typing
echo "8.8.8.8" > /etc/hosts
to a root shell, but since we know that in the past people have been send to prison, just because some app on their phone requested an URL from the wrong domain, I suspect that something similarly can happen to the people who try to use Proton mail.
On the other hand, if everybody stops using those services, the surveillance tyrants have won...
It wasn't one big event that someone got arrested for using the app. It was, civil polices were arresting anyone who uses crypto-message apps like ByLock.
We've seen cases where people sent to prison because they are wearing certain T-short. Really.
Here in Lithuania (EU) you can also get in trouble for wearing the wrong t-shirt.
Nazi and Soviet symbols are banned from being shown in public, and you will end up with a fine if caught with a t-shirt or bumper sticker. I believe it’s the case in a few other post-Soviet countries as well.
I sometimes wonder, wether paranoid dictatorships could not be fooled, by automatically creating fake users in fake relationships, sending each other conspiring comments and information. That way all those secret service snoops could be kept busy chasing wild gooses, leaving the normal people they usually harass into oppossition, to go on about there lives.
So long as you're covering your tracks when creating these and using these fake accounts. Covering your tracks by using all the tools that are outlawed and detectable, thus putting a bigger target on your back.
If you're going to tickle the toes of dictatorially-run law enforcement, your security had better be watertight.
It sounds like a lot of work but if you performed it from outside of the jurisdiction you'd be safe. Not your friends and family inside, though, so still better not to be identified.
> it's not blocked in Turkey, but by one provider - Vodafone Turkey.
But it has been blocked at the request of the Turkish government. So it has been blocked in Turkey (a large portion of people in Turkey cannot access it -- given how popular it is), and also blocked by Turkey (since it was government ordered).
I'm not sure what your requirement is to say that something is blocked in a country, but far more than 30% of users not being able to access a site due to a government order sounds an awful lot like a "block" to me.
> And for full disclosure you should mention that you work for Protonmail when you post here.
The post comes from protonmail.com, so it's already clear that it's from a representative of the company. I don't know what additional steps you feel should've been taken.
>"But it has been blocked at the request of the Turkish government."
Where is the proof of this? Where is the layer 3 evidence of showing that users in this AS can not route to Protonmail? These are things that are quite easy to demonstrate.
Yeah I did. It's a bit hand-wavey on technical details and actual time frames. It mostly reads more like a press release and I believe that's the point of it.
There's another very real possibility which is that Vodaphone's NOC will get back to you within 24 hours and help you resolve the problem. Such a time frame is quite common with large ISPs. The reality is that you are a small potato to them.
But I'm guessing that considering this possibility would stand in the way or using this as an opportunity to generate publicity.
So I posted a comment criticizing the fact that the mods revoked my upvoting privs. That prompted a HN user to reach out to me via Keybase, who shared some of my experiences. Apparently his voting privs were revoked back in 2014 or so.
My other comment got flagged, so if I want other people to also reach out and submit stories, I have no choice but to repost yet another comment. This will be the last one for awhile.
If you have similar stories of abuse by the HN moderators, I encourage you to reach out and share them with me. Unlike pretty much anyone else, I happen to care a lot about this. This feels unethical, since there's nowhere else for us to go. We all helped shape this community into what it is today.
I'll be collating the experiences and posting them somewhere. At least people will know what's happening to those who participate on HN.
The mods' standard defense is always the same: We have more data. We know better than you. It's our job. You can't possibly understand and we certainly don't have time to explain it.
And the front page appears to work and the comments appear to be good on HN, so nobody sticks up or tries to change anything.
But that's little consolation to those who have to suffer the gaslighting effect of having their privileges passive-aggressively yanked from them without explanation, with no choice other than to grovel to hn@ycombinator.com or switch accounts.
I'm up to four others who have contacted me so far. It's taken months of effort to even get those few. But I'm convinced there are very many people in similar situations. We just never hear about it because you're not allowed to talk about it.
Huh. I've had my original handle here shadow-banned for upvoting a low-effort/joke comment (I hadn't posting anything since months). I think yours would've been a more appropriate punishment for me if I was so bad at upvoting lol.
It's very annoying that I'm no longer allowed to upvote. Providing sources is something that should not be downvoted.
Also mods, if you're reading, fuck you for revoking my upvoting privileges. I did nothing to deserve that. Especially not for three months and counting.
EDIT: Just got a very interesting keybase message from a user who shares my experience. His voting privs have been revoked since 2014. Apparently I get to look forward to years of this, for reasons that were never explained at all. (I tried asking.)
If you have similar stories of abuse, I encourage you to send them over to me. I've been collecting them and will hopefully write ... something. I'm not sure what, yet. All I know is that we all helped make this community what it is today, and there's nowhere else to go.
