All Proton Drive apps are now open source | Proton
proton.me
external-link
Proton Drive’s desktop apps are open source, meaning you can review the code of any Proton Drive app for yourself.
Nihilist
link
fedilink
-11
edit-2
3M

Oh it’s open source? where are the serverside repositories then

If it is running on the server you have no way of verifying the code or the execution environment.

Theoretically you should now be able to self host proton

TC says otherwise

There is concern amongst critics that it will not always be possible to examine the hardware components on which Trusted Computing relies, the Trusted Platform Module, which is the ultimate hardware system where the core ‘root’ of trust in the platform has to reside.[10] If not implemented correctly, it presents a security risk to overall platform integrity and protected data

https://en.m.wikipedia.org/wiki/Trusted_Computing

Literally all TPM’s are proprietary. It’s basically a permanent, unauditable backdoor, that has had numerous issues, like this one (software), or this one (hardware).

We should move away from them, and other proprietary backdoors that deny users control over there own system, rather than towards them, and instead design apps that don’t need to trust the server, like end to end encryption.

Also: if software is APGL then they are legally required to give you the source code, behind the server software. Of course, they could just lie, but the problem of ensuring that a server runs certain software also has a legal solution.

I read through the docs. I’m not sure how this enables trusted computing.

The whole idea is to be able to build a secure, distributed cloud. The whole network depends on secure enclaves.

I cannot find anything related to that in their documentation, their about page, or their whitepaper.

They talk a lot about decentralized computing, but any form of secure enclave or code verification isn’t mentioned.

Compare that to this project, which is similar, but incomplete. However, quilibrium uses it’s own language instead of python or javascript, like golem does. The docs for golem do not explain how I am supposed to verify a remote server is actually running my python/javascript code.

And I call there bluff

Its not a bluff, its cryptography lol

Except you don’t control the hardware. If the execution environment is untrusted everything goes out the window

Thats literally what TC solves

Not really as you still need trust

Nope. That’s why we have cryptography. Read about TC

The title specifies that it’s the apps that are open source.

Create a post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 57 users / day
  • 383 users / week
  • 1.5K users / month
  • 5.7K users / 6 months
  • 1 subscriber
  • 3.12K Posts
  • 78K Comments
  • Modlog