this post was submitted on 28 Aug 2024
608 points (97.9% liked)

Technology

59038 readers
3747 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 22 points 2 months ago (2 children)

Signal yes, Proton I have my doubts

[–] [email protected] 43 points 2 months ago (6 children)

I think yours is the first comment I've read that has Proton hesitancy. I'm curious what your reservations are.

[–] [email protected] 11 points 2 months ago (1 children)

Not OP, I've heard criticism of their recent Duo subscription and their bitcoin wallet.

I use Proton services and my biggest gripe is their mediocre Linux VPN app. No binaries to download/Flatpak, advertised port-forwarding isn't fully implemented and requires playing around in a terminal, and UI feels less polished than it's Windows counterpart.

There's a community made Flatpak of ProtonVPN though, in case it helps anyone

[–] [email protected] 5 points 2 months ago

Honestly, I just use wg-quick to connect to VPNs, and I tested out ProtonVPN and it worked fine with it. I even set up my router to connect to ProtonVPN, so I could have a wifi network that's always connected to their VPN.

But I'd really rather not have the same company host my VPN, email, and other stuff, I'd prefer to separate them a bit so no one company has a lot of my data. And something like a VPN really doesn't benefit from bundling anyway, unless it's bundled with a browser or something a la Mozilla VPN.

[–] [email protected] 5 points 2 months ago (4 children)

I actually don't know what people's hesitancy is, but I've seen numerous people say proton is not good, we'll see if anybody chimes in with a reason.

[–] [email protected] 12 points 2 months ago (1 children)

I've seen doubt of it's push to pack products into it's offering ala Google - however I don't see that as enough to call it not good.

It's also very easy (and suspicious imo) for anyone to call a service not good without any reason to back it up.

[–] [email protected] 4 points 2 months ago

I see that as offering services that people clearly use and value, and that the bills have to be paid somehow. So as long as proton can deliver the privacy and security features it promises, I personally don’t see anything wrong with providing an alternative when the only other options are built on monetizing your data.

[–] [email protected] 2 points 2 months ago* (last edited 2 months ago)

The email service says it was unable to appeal a Swiss court’s demand to log the IP address of a French climate advocate.

This weekend, news broke that the anonymous email service ProtonMail turned over a French climate activist’s IP address and browser fingerprint to Swiss authorities. The move seemed to contradict the company's own privacy-focused policies, which as recently as last week stated, "By default, we do not keep any IP logs which can be linked to your anonymous email account."

Edit: formatting

[–] [email protected] 0 points 2 months ago

I often figure it's google bias and / or people trying to impose their threat models on other people.

Been using proton for quite a while with a few custom domains and am impressed with the service to price of their offerings.

We can one off use cases with any vendor, but at the end of the day, they offer a more secure out of the box experience than just about any other platform out there. If someone is doing illicit shit and gets popped, it's not on the service provider to provide air cover for them. Improve your opsec or self host.

[–] [email protected] 5 points 2 months ago (2 children)

Not OP

There's not a lot of negative press about them.

They complied with Swiss government requests to out the IP of a French activist.

It looks like they're really doing the best they can.

[–] [email protected] 19 points 2 months ago (1 children)

Correct. They comply with court orders, its a business. People still need to be secure in how they use it, which that guy wasnt. So if you're attempting to evade the government, use a vpn. All your data is encrypted, where you access it from and your billing information cannot be.

[–] [email protected] 4 points 2 months ago (1 children)

Do keep in mind proton also runs a VPN he may have been running their VPN and they complied.

[–] [email protected] 8 points 2 months ago (1 children)

If he was using their VPN, they wouldn't have been able to turn that over according to their own site: https://protonvpn.com/features/no-logs-policy#:~:text=No%2Dlogs%20VPN,lengths%2C%20or%20location.

[–] [email protected] -1 points 2 months ago (1 children)

They do have technical capability to do so. I just thing that is stopping then is "our trust"

[–] [email protected] -1 points 2 months ago

They do have the capability to not have the data requested. If they are not required by law(and it seems they aren't), why store any data? They may have to provide data of the sessions that are active right now but it's unlikely.

[–] [email protected] 4 points 2 months ago* (last edited 2 months ago) (1 children)

Swiss laws aren't as tight as a lot of people think.

I'd like for them to lean more heavily into open source

[–] [email protected] 6 points 2 months ago (3 children)

It's probably tight enough for your needs. Unless you live in Switzerland or are breaking Swiss law, they'd need a really good reason to send your data anywhere.

That said, I use Tuta. They have a similar source model (open client, closed server) and are based in Germany, but since they're an underdog, they have a bit more value and lower costs. I pay €3 and get 3 custom domains and 15 aliases, whereas w/ Proton I pay $4 and get just 1 custom domain and 10 aliases; I can also add people to my plan for €3, instead of upgrading to a Duo for $15 or family for $24. If Proton matched Tuta's features, I'd probably pay slightly more for the better UX, but I use those features so I'm very hesitant to give that up. I don't intend to use their VPN or other products, so I'm very much not interested in their higher tiers.

I do wish their server code was open source and self-hostable. I'd love to use my own storage, but still use their spam filtering and whatnot.

[–] [email protected] 2 points 2 months ago

you might want to look at mailcow if you want to self-host your email server

[–] [email protected] 2 points 2 months ago (1 children)

It's probably tight enough for your needs. Unless you live in Switzerland or are breaking Swiss law, they'd need a really good reason to send your data anywhere.

Unless you're a climate activist in France:

"The email service says it was unable to appeal a Swiss court’s demand to log the IP address of a French climate advocate."

[–] [email protected] 1 points 2 months ago

My understanding is that they broke Swiss law. Don't do that if you're hosting your evidence in Switzerland...

[–] [email protected] 2 points 2 months ago

Unless you live in Switzerland or are breaking Swiss law

That's the thing though, governments tend to make everything illegal so they can selectively enforce.

[–] [email protected] -2 points 2 months ago* (last edited 2 months ago)

Yeah, I don't trust proton mail.

First off, email is inherently insecure, trying to secure it is largely a waste of time.

Secondly, proton has complied with subpoenas in the past, revealing user messages to authorities/governments.

Finally, it's just too centralized, with a single point of failure, why would you trust it?

[–] [email protected] -2 points 2 months ago

I keep hearing they are CIA lmao.

[–] [email protected] 6 points 2 months ago (1 children)
[–] [email protected] 8 points 2 months ago* (last edited 2 months ago) (3 children)

like them embracing Bitcoin and "AI"

[–] [email protected] 9 points 2 months ago

Embracing is a strong statement... Their core product are their core products.

[–] [email protected] 3 points 2 months ago

Having a Wallet and calling that embracing Bitcoin is like saying they embrace spam because they have an email client