"ProtonMail maintains and owns its server hardware and network in order to avoid trusting a third party. It maintains two data centres in Lausanne and Attinghausen (in the former K7 military bunker under 1,000 meters of granite rock) for redundancy. Since the data centres are located in Switzerland, they are legally outside of US and EU jurisdiction. Under Swiss law, all surveillance requests from foreign countries must go through a Swiss court and are subject to international treaties. Prospective surveillance targets are notified and can appeal the request in court."
"As of December 2018, FastMail and all other Australian companies are subject to the Assistance and Access Bill, which compells them to provide backdoors for accessing encrypted communications if warranted by law enforcement. The company stated that concerns over the bill has affected their business."
"The attacks exploited CVE-2019-5786, a security flaw and the only patch included in the Chrome 72.0.3626.121 version, released last Friday, March 1, 2019."