A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 57 users / day
- 383 users / week
- 1.5K users / month
- 5.7K users / 6 months
- 1 subscriber
- 3.13K Posts
- 78.3K Comments
- Modlog
Not to rain on the parade, but as long as we allow the reality-sized hole that is non-profits owning for-profits, this isn’t something I can get terribly excited about.
It is a nice PR but for me I am not impressed. Rolex is also a non profit organization in Switzerland and and mostly help hiding there finance.
Correct me if I am wrong but all I see is words and promises. I would trust them if they release the yearly finance transparently.
For now the only act I can judge them on is their collaboration with police to give ecologist activists IP.
You mean because they were forced to? Like every other Swiss organization under the exact same order? I always find this type of “argument” so purposefully obtuse.
Okay but Rolex is Rolex. There are uncountably many non-profits, and many (most?) do good work. I don’t think Rolex is representative of your usual non profit.
Can you elaborate on that? They turned over an ecologist activists IP?
“Crucially, the order did not provide the contents of the activist’s email, which are encrypted and cannot be accessed by Proton. Yen said a similar order would also not be able to provide ProtonVPN metadata, as VPNs are subject to different requirements under Swiss law.”
From the verge article
You can search it online : I don’t know any good media so here’s the first result on DuckDuckGo https://www.theverge.com/2021/9/6/22659861/protonmail-swiss-court-order-french-climate-activist-arrest-identification
Damn that’s so fucking sad.
Just because it’s still in my clipboard from another post:
https://proton.me/blog/climate-activist-arrest
Long story short, they got ordered to do so by a court, which is legally binding and they won’t go to jail for you.
They won’t go to jail, period. No company owners never go to jail, kinda ever. This phrase is out of proportion. At worse they would have a fine.
Also still in the blog everything is words and very opaque like " We do this not only through technology and advocacy (Proton has contributed over $500,000 toward defending these values around the world)" : like where, what, when?
“There was no legal possibility to resist or fight this particular request.” : I doubt very much unless Switzerland is a dictatorship in disguise.
“Switzerland generally will not assist prosecutions from countries without fair justice systems.” : clearly not.
Every webprovider or server in the EU is forced to reveal datas of an user because an court order in a criminal investigation, with even the risk that the service will be closed, apart of high fines if they don’t. If you are an criminal, it’s better to message with paper and pen, otherwise they’ll find you, independent which online service you use.
Should they always go into a downward spiral and explain everything they did? Check out the Proton Christmas fundraisers, that’s what they are talking about
No legal system in the world allows you to fight everything all the time. Get to reality.
Wasn’t that case in France? Don’t remember exactly. Not sure if you’re calling France to have unfair justice systems, but then you should probably look for a new planet, because nothing is 100% fair unfortunately.
You can still distinguish between very bad, kind of bad, okayish, and mostly good.
That’s absolutely not true. Sure, there are lots of cases where individuals have limited personal liability under their company, but this doesn’t mean no-one goes to jail for illegal business activity. In fact it happens all the time.
I was sketched out by their move to get rid of inactive free accounts, but this is nice to see. Really hate the idea that if I’m unplugged just for a bit I lose a ton of contacts.
You need to be unplugged for 12 consecutive months for Proton to delete your account because of inactivity though, which seems fair for free tier accounts. A simple login is enough to prevent this, you do not need to send an email or whatever, simply log in once a year. You also get reminders sent to your recovery email before this happens. Data storage for inactive free tier accounts isn’t free for Proton.
We recently purchased the family plan even if it is quite expensive for a couple. Reading this of course made me feel better about it.
Honestly, a very impressive move. Makes me way more confident in the trajectory of the company and I’m happy to have been a visionary user for multiple years.
I wonder, though, just how much of Proton A.G. does the foundation now own? They say it’s the largest shareholder, but they didn’t say “majority shareholder”.
Man, I wish I could afford their rates. They’re just a little bit higher than I can justify compared to other options for a given service.
Non-profit and all this stuff is nice, but where is the dark secret?
No dark secret, Proton products are OpenSource, made by cientifics of the CERN in Swiss. They make its incommings with the premium products, serving the free ones without ads and trackings or loggings.
Makes me even more suspicious, I have to comprehend this.
More suspicious than an American commercial company offering the services? Proton is not a commercial company, they really do not need to make money with their services, all they charge you is the use of servers and hosts based on a certain amount of data that you claim, in the VPN they are one of the few that offer you a use of unlimited data with a more than acceptable speed in the free version, without ads, logs and military-level encryption, the only thing is a limited number of countries in the free version (23 server in three countries).
The same with Mail or the cloud service, where space is naturally limited in the free account, but privacy is the same as in the premium account at a very high level. If you don’t trust it, you are also free to host the services yourself, since they are all OpenSource.
Sounds like a gigantic honeypot. To good to be true, it can’t be that I finally found someone I can trust, or can it?
You can, every product of a company which are not profit centered apart being OpenSource, by definition is way more trustworth than proprietary soft of big US companies. Proton services made it’s fame because of its known reliability since a lot of years.
As if Gmail or Outlook were any better?
I’m pretty sure they were being sarcastic.
Protonmail, their flagship product, actually treats 99.9% of emails in clear-text. You can’t have end-to-end encryption if the other person at the end doesn’t support it. There have been (unverified) rumors that Proton could be a giant honeypot. They did help authorities in the past. Maybe we will understand better who they are in the future
Proton serves privacy, not anonymity. They will not collect, harvest, analyse or sell your data. If you however use their services for illegal things they will forward whatever - usually little - unencrypted information they have about you.
I’m surprised people would expect them to behave differently. Do they expect Proton to not comply with lawful warrants?
They did cooperate with authorities, but they also took their time in disclosures to explain precisely what the user did wrong, and how you can avoid making the same mistakes. At the end of the day, Proton only has the information you provide them. And if you don’t encrypt your stuff, it’s not safe.
For profit companies are horribly inefficient and there’s better ways to organize human labour, despite capitalist propaganda.
Support the apps that protect you. I recommend Signal and Proton VPN.
I recommend mullvad
I hear Mullvad is great but my problem with it is it doesn’t support port forwarding (ProtonVPN is pretty much the only one in the market AFAIK that does).
Not so much a problem if you have high up speeds (like with fiber) or don’t do a lot of torrenting (or are an asshole and torrent without seeding), but I don’t have fiber and have a max up speed of like 15–20 Mb/s.
This was literally the one thing that made me pick proton over mullvad. I know I’m not exactly alone in this, but inbound traffic does matter.
Same. If it wasn’t for this, I would be switching to Mullvad personally. Especially after Proton getting rid of profiles for their Android app. That bullshit really pissed me off, as the app is actually less functional now.
At my school, mullvad is one of the only VPNs that work since basically every port is blocked except ports 80 and 443 using TCP. Mullvad can use wireguard over TCP on 443, which is very useful.
My use case as well!
The opposite of the OpenAI.
Welp, that’s one more reason not to use proton
Are you a bot?
You….want them to be able to sell out in the future?
I want them to have the clear objective of making money. That gives they consumer some control as you can just not give them money. That still can be true for non profits but it isn’t as powerful.
Have you never heard of enshitifcation that is driven by profit seeking?
You say that as if companies haven’t been imposing greedflation/shitflation on everyone for many years.
Voting with your wallet isn’t an effective means by which to motivate a company to do anything. You’re just a drop in the bucket, so your distaste for a company will never influence their behavior. You know what does? Shareholders.
Thankfully, Proton is moving away from that harmful influence by becoming a non-profit, so that will be less of an issue for them and they can focus on delivering services that users actually want instead of shoveling in anti-features and forcing arbitrary price-hikes on their customers like most for-profit companies do.
Did we read the same blog announcement?
Proton AG will still need to be financially feasible. That is not changing. You can still not give them money if youd wish. They just have backed up their mission statement with actions instead of just words.
Haha okay
Wow. What a remarkably silly thing to say.
?
~
&
What? Why?
Because non profits are not universally good. With a company the objective is clear.
I don’t terribly care for proton or any other “secure and private” email. I think it is mostly snake oil.
Could you clarify what you mean by snake oil?
Email is insecure by default. These companies play on wishful thinking to make people feel better about using it.
My admin friend told me that all email is now secure and encrypted by default.
Of course you have to trust whoever is hosting your email though. Don’t trust Gmail, yahoo, hotmail etc
Fun fact, it isn’t. Not compared to Signal Simplex or any other massager with strong encryption
deleted by creator
This. The best you can do is encrypt your messages locally before sending. But then your email service provider still knows where you are, when and to whom you are sending the message to, and how long is it. And so does the recepient’s email provider and anyone in between. Best they can do is to promise not to keep that data. But it’s just that - a promise, which there is no way to verify.
Proton and Mullvad leading the way
Except Mullvad VPN is better for privacy.
Can you explain how or why is the Mullvad VPN better for privacy than Proton’s?
Mullvad is proven. Not that proton is not, but there were a few controversies about their operations.
Mullvad is accepting payments with actual private crypto currencies. Mullvad had authorities visit their operations site, demanding data and left empty handed as they did not have anything to offer. The same cannot be said for proton. I personally like that they do not offer free services and that they are advocating for privacy through ads and foss projects like the mullvad browser.
Proton is only publishing on f-droid, their vpn and recently their pass application. They have yet to provide notification services for de-googled devices after years of community demands. They have opt out telemetry.(except the proton pass through f-droid.) while mullvad does not, correct me if I am wrong on this.
Since you asked about the VPN, everything mullvad is running is on ram so nothing is saved. (I think this is only for their owned servers though not all of them.)
That being said, I use the proton suite as there is no other alternative right now and the casual user in me is satisfied. :)
Proton requires an account, which gives them some of your info, while Mullvad does not, giving you an anonymous account number instead.
If Proton really doesn’t log VPN traffic, then it doesn’t really matter. But since Mullvad does not have that same personal info, they would be unable to provide law enforcement or 3rd party data brokers any hard data aside from your IP if they wanted to.
They support both bitcoin and mailed envelopes of cash. Proton only has the info you give them.
In this world of enshittification and organizations becoming more and more aggressive, it’s so nice and refreshing to see proton doing the opposite and moving to a better model :)
I think proton was never going to function as a profit-first business. Too many enshittified rival businesses. Kinda the natural outcome.
I was this close to upgrade to the paid plan, and this is the final push I needed
@retiolus
Nice !
Maybe that will allow them to get rid of their marketing habits !
Would be very nice, that’s one reason I use Tuta and not Proton
This makes me want to upgrade my plan.
Same. I’m admittedly mostly a freeloader right now but this definitely will convince me to buy in.
I upgraded mine but haven’t talked to the wife about including her yet because the family plan is for up to 6 so it’d be cheaper to just buy two individual subscriptions, she doesn’t really care enough to justify that much extra cost. Hopefully Proton adds another plan or two for groups!
I’ve got the unlimited plan and it’s well worth the money. Simplelogin integration is great.
I don’t use proton but I feel like when people email me from simple login alias emails, it breaks encryption.
Why is that? Genuinely asking, you clearly know more about this than I do.
Probably because the uid on their key must match their email address
I wish the forwarding with email aliases would function a bit differently. Right now the alias is set as the recipient in the email and I wish you could set the recipient email to whatever email you want (like one of the additional emails you can set in Proton Mail) because the way it is now it makes my general filters useless and I would have to add even more filters.
Edit: I created a suggestions on their feedback site here: https://protonmail.uservoice.com/forums/953584-proton-pass/suggestions/48496442-show-use-forwards-to-email-as-recipient-in-forwa if anyone cares to vote for it.
Just voted and left a comment. Spot on suggestion.
That’s a good point - voting for it!
For my purposes I have a second proton email for things I may want to keep credentials for which I filter out, and the simple logins are almost always complete burners so I end up deleting half of them anyway. The moment I start getting unwanted spam I touch the simple login accounts and start making new ones.
As someone with many hobbies I get things from all sorts of sites so it’s just kind of necessary if I don’t want to drown in spam lol