"Links to" is doing a lot of work in that sentence. ProtonVPN is owned by Proton, which has no legal ownership ties with Tesonet. During Proton's expansion into Eastern Europe, Tesonet initially assisted Proton with HR, payroll, and local regulation, so for a period of time, people working for Proton were employed by Tesonet, since Proton had no local subsidiary that could hire them. These were not "shared employees", they worked exclusively for Proton.
In 2016, Proton created its own subsidiary, and these people are now employed by Proton. But for this historical reason, the ProtonVPN keystore on Android still lists Tesonet as the organization name, even though it is fully controlled by Proton.
None of this is "debunking"; these are just the facts. You can make of them what you will, but you should be honest about what actually happened when you talk about it.
I've been part of a European startup that added offices in Asia and the US, and we initially always partnered with local companies to do this. It's mutually beneficial. It allowed us to grow more quickly, and it allowed them to make relatively easy money (and, in our case, to dump some of their shittier employees on us without us knowing).
In Proton's case, they already knew each other because Tesonet had previously offered to provide infrastructure during a DDoS attack against Proton.
So maybe it's a conspiracy, or maybe it's just how things go. You can make up your own mind, but you should provide the facts when you make sinister insinuations.
I would assume that if they were astroturfing, they would be smart enough to use more than one account. Given that, I'm inclined to believe that you are part of an astroturfing campaign.
The summary is: if you use someone’s VPN, Tor, etc. you’re just setting yourself up. There is no privacy, and if you act like you want privacy, they’re going to pay more attention to you.
> "Links to" is doing a lot of work in that sentence.
How? it is obvious.
> During Proton's expansion into Eastern Europe, Tesonet initially assisted Proton with HR, payroll, and local regulation, so for a period of time, people working for Proton were employed by Tesonet, since Proton had no local subsidiary that could hire them. These were not "shared employees", they worked exclusively for Proton.
So basically same people managed teams, same people paid the employes, but my "Links to" is doing heavy lifting and in the previous sentence you say "ProtonVPN is owned by Proton, which has no legal ownership ties with Tesonet."? Who is doing the heavy lifting here?
How much is Tesonet or Proton paying you to post in here?
> How much is Tesonet or Proton paying you to post in here?
Sadly, they're not paying me anything, but I would suggest that any belief system in which information contradictory to your belief reinforces your belief is inherently problematic.
> so for a period of time, people working for Proton were employed by Tesonet, since Proton had no local subsidiary that could hire them. These were not "shared employees", they worked exclusively for Proton.
In 2016, Proton created its own subsidiary, and these people are now employed by Proton. But for this historical reason, the ProtonVPN keystore on Android still lists Tesonet as the organization name, even though it is fully controlled by Proton.
So either:
1. Tesonet/Nord are loose with their private keys.
2. Proton isn’t being truthful.
Anyone who understands crypto and key management knows “not your keys, not your _____.”
If those staffers worked for Proton and not Nord, why did they have Nord’s key?
This level of negligence with private key management really can’t be explained away.
I suppose you're free not to believe them, but I'm unsure what exactly you believe is happening here and what exactly Proton is lying about. Tesonet secretly owns them and has been running a decades-long misinformation campaign to trick you into thinking they don't? To what end? It's not like Tesonet is some nefarious company we should all be afraid of. What would they gain from lying about this if it were true?
And how can they make such an obvious mistake with their certs and then not make another one for the next decade? It's just not plausible.
At some point, you've gotta use some common sense.
My comment still applies regardless of any level of “explaining” [1]:
1. Either Nord/Teso are loose with keys (horrible)
Or
2. Proton isn’t being truthful.
I don’t think it’s a conspiracy or anything that it is Tesonet/Nord. Rather, the problem is you cannot trust someone with your privacy if they can’t even manage their own keys.
[1] The explanation is poor at best and doesn’t explain why they worked so hard to try to delete all of the evidence (all of which was archived already). Additionally, nothing can explain away the lack of security with key management across these two orgs.
They worked pretty hard as detailed in an archived article changing names and any records they could [1], but you're right - not good enough [2].
As pointed out on this reddit post [3], Proton's appears to contradict itself a number of times.
It's a good thing trust based VPN's are obsolete. After all, trust isn't constant [4] as seen in this article showing how Proton supplied IP addresses to "authorities."
You're on the Internet. How are you surprised that someone is repeatedly responding in a thread about a very obscure topic, especially when people are posting conspiracy theories?
It's interesting to have these discussions. But it is funny that people's conspiratorial thinking now makes me a part of the conspiracy merely for pointing out easily verifiable facts.
>What is your relationship to either company?
I subscribe to Proton's services, so I was originally interested in finding out what actually happened. Now I'm interested in pointing out people's flawed reasoning because I think Proton is doing something valuable, and I don't want these attacks against them to go unanswered.
Since we're now part of this thread, as the attack on Proton was orchestrated initially by a competitor and seemed to use bot accounts on Twitter, how much do they pay you to try to discredit me?
Just kidding, see above. You and I, we are the same. We do it because it is interesting.
In 2016, Proton created its own subsidiary, and these people are now employed by Proton. But for this historical reason, the ProtonVPN keystore on Android still lists Tesonet as the organization name, even though it is fully controlled by Proton.
None of this is "debunking"; these are just the facts. You can make of them what you will, but you should be honest about what actually happened when you talk about it.