New Outlook copies user emails from other accounts to Microsoft cloud

https://cybernews.com/privacy/new-outlook-copies-user-emails-to-microsoft-cloud/

I suspect they want the data to build upon their new AI systems but what they are doing is borderline black hat hacking. If not criminal then it is most certainly unethical.

The old Opera browser used be one of the best but it has long sold out to a Chinese company and it has been completely redeveloped. With the Chinese behind it there are massive trust issues and what data they are collecting from users and what they use this data for. You can bet your life that the CCP have their hands on that data too. For some this is better than giving it to ones own political powers. Better in the hands of an enemy at times as you know the enemy wont hand anything over to your own authorities who could end up being a bigger enemy to you with legal repercussions. China is outside of the 5 eyes alliance surveillance network and even the extended 9 and 14 eyes so not necessarily all bad. It's possible that problems can arise with the potential of spyware and malicious activity but that's a potential threat with many companies and the likes (in some cases literally) of Facebook, Google, Cloudflare, Amazon, Microsoft, Apple etc are not to be completed trusted either. Everyone wants your data!

What Opera call a VPN is not a true VPN but is in fact a proxy service (much like tor) not a VPN. There are distinct differences and it's all to common for many providers to use VPN as a marketing term. A VPN or Virtual Private Network is an encrypted tunnel between you and the provider. They will either have their own network of dedicated servers in data centres around the world which is very costly or piggy back off someone else's shared servers, which is still costly but not as much. You also introduce someone else then who has control over the servers so you have to trust them with your data as well as your VPN provider. All your ISP sees is that you are connected to a VPN network somewhere. They and nobody else can Man in The Middle (MiTM), apart from your VPN provider (and possibly the NSA, GCHQ etc) can see your traffic or what sites your connecting too as it's all encrypted.

A proxy network on the other hand is unencrypted and runs the traffic through the network of users devices and jumbles up the connections and traffic so no finger can be pointed at one particular device unless one wants to trace things back through the many connections which could be like sifting out a specific strand of spaghetti out of your spaghetti bolognaise. In this case the network consists of either all Opera users online at the time and / or whatever servers and exit points the Opera developers have so your hiding amongst the masses. The more traffic flowing through from various points and jumbled up the better but it's all unencrypted.

The ultimate solution is to run a VPN through a Proxy Network so you get the best of both worlds at the sacrifice of speed and you can even multi-hop through different VPN servers and / or providers.

Saying that....as things stand most traffic nowadays is encrypted using TLS the Transport Layer Security (https) over the slower Transport Control Protocol (TCP Port 443) but this differs very much from a VPN and is only as secure as the certificate provider and ciphers used. You then have to trust those certificate providers along with OCSP the Online Certificate Status Protocol and Stapling and that the websites that you visit have not only chosen a strong provider but have implemented the certificate correctly.

The weakest point is your DNS or Domain Name System provider as everything runs through them first over the faster but unencrypted User Datagram Protocol (UDP Port 53). This is the Internet's phone-book (yellow pages) where IP addresses are converted into names and visa-versa to allow devices to communicate with each other and for us the user to see a more comprehensible and memorable name. VPN providers will often supply their own DNS records on their servers so all encrypted. Otherwise you can either encrypt DNS traffic over HTTPS (DoH) at the Application Layer or the better option is lower down the network stack and out the hands of your browser developer with DNS over TLS (DoT) along with the Domain Name System Security Extensions (DNSSEC) at the Transport Layer via your router. Browsers are currently fighting over the DNS data and it wont be long before the likes of Microsoft and Apple jump onboard and build some kind of DoH into the operating system....again this is at the Application Layer as is within the reins and control of your operating system.

Sadly the term cybersecurity is being thrown around and openly abused and it comes down to trust at the end of the day and limiting who gets their hands on what. That's the basics of it and I have tried to explain it in layman's terms as best I can. I hope it makes some sense.

Welcome to my world