The Guardian and University of Cambridge developed CoverDrop, a steganographic messaging system embedded in a news app that hides the fact that secure communication is occurring by mixing real encrypted messages with cover traffic, preventing adversaries from distinguishing legitimate submissions from dummy data through traffic analysis.
A critical audit of Proton AG's infrastructure revealing that despite marketing as 'Swiss privacy,' user traffic is routed through US-controlled Cloudflare CDN nodes (AS13335) placing it under CLOUD Act/Patriot Act jurisdiction, while their Terms of Service embed US Federal Arbitration Act clauses—contradicting claims of Swiss legal protection and demonstrating a disconnect between marketing claims and actual operational security.