Encrypted webmail provider, ProtonMail, has been fighting a wave of DDoS attacks since November 3 that, by last Friday, had taken its service offline for more than 24 hours. At the time of writing the attacks are still coming.
They have included what ProtonMail co-founder Andy Yen described as a “co-ordinated assault” on its ISP that exceeded 100Gbps and attacked not only the Swiss datacenter but routers in various locations where the ISP has nodes — taking multiple services offline, not just ProtonMail’s email.
“We’re under renewed attack again, given the scope of the attack, proper protection can’t be put in overnight so even though we have already started the process, it could take a few days to finish implementation. It’s complicated because it also involves our datacenter and ISP since they are being hit too,” said Yen in an email to TechCrunch on Friday.
The Swiss startup took in $2 million in seed funding earlier this year to scale its zero access email product, following a crowdfunding campaign that raised around $550,000 from some 10,000 backers. As of August it had invited 500,000 beta signs up. Its mission: “to guard against mass surveillance”, as Yen put it back in mid 2014, by making PGP encryption accessible to anybody and everybody.
But that goal puts ProtonMail at odds with powerful forces. End-to-end encryption has been under sustained rhetorical assault from government intelligence agencies in countries such as the U.S. and the U.K. ever since NSA whistleblower Edward Snowden disclosed the extent and scope of their mass surveillance programs — including efforts to compromise or circumvent encryption.
full story at TechCrunch