I had a domain with them but at the time auto-pay was “auto-pay-from-acct-balance” as opposed to “auto-pay-with-the-credit-card-we-have on-file”
So i missed the renewal date, paid more to renew within grace period, and then transferred to a registrar with actual auto pay.
Otherwise they were great for that first year and i had no issues
let me ask this: what is your threat model? Don’t tell me, ask yourself that and work through it if you haven’t already.
Going full 100% and trying to become a shadow overnight if a great recipe for burning yourself out and not trying. Instead look at your specific threat model and work on the biggest things one step at a time. Make it a journey and only take a new step once you’re comfortable with the last.
Look into a static website built with Hugo. You’ll be creating pages in markdown like obsidian. You can host it locally so there’s no privacy concerns.
If you want it externally facing then there are some options but you’ll need to find a site to host your static website and who you’re comfortable with their privacy policy.
Its not any different than how it already was. Initially the GenAI models were all being trained on masses of unlicensed data including data from reddit. The problem is some companies like New York Times are suing for training an LLM off of their data. So in response companies like OpenAI are now trying to reach partnerships that basically license the use of the data (that they already had). This also means that they will be able to continue to have future access to that data as long as the partnership is in place. Whereas some companies without a partnership could start to ban scraping activity or update their terms to forbid training AI off of their data.
Overall these partnerships are a good thing. Licensed training data is good. But from a privacy standpoint, the AI models were already trained on reddit data. This is just formalizing the relationship
Few years ago they killed their killswitch . I believe it was technically still an option but they reduced it’s capabilities so that it wasn’t functionally a reliable killswitch.
They also got heat for installing root CA certs. https://www.techradar.com/news/new-research-reveals-surfshark-turbovpn-vyprvpn-are-installing-risky-root-certificates
I believe both issues are “fixed”, but they were some questionable decisions
Essentially. Police or anyone could report an account for illegal activity which is against ToS for all three of the services. From there the service would need to be able to substantiate the claim and then shut down the account. I’ve seen a few cases of proton accounts getting shut down. Proton can’t read emails but they can read headers and if you’ve posted illegal activity in public using your proton email address or if law enforcement/ someone reports you for using proton for illegal activity then proton will be able to review headers to determine if you’re violating ToS. Like a few years ago i think someone was using proton for ransomware, and proton was able to match the headers with emails that had been posted in public, and acct got shut down.
Unfortunately can’t find that specific case but that was one example I’ve seen
Here are some good rule of thumbs for work and schools:
do not connect to their networks with your personal devices, ever.
Only use work/ school devices on their own network.
Do not do anything personal on those networks. only do work/school related tasks. This means don’t log into any non school/work accounts.
If for some reason they don’t have a device for you but require you to use their network, then leave your personal devices at home claiming you don’t own one and make them accommodate you.
You cannot expect privacy in these situations, and by going to the extreme lengths to try to get it then you will ironically just paint a bigger target on your back if any network admin cares. In some cases this can cost you your job or get you in trouble with the school.