A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!
Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration)
After Andy Yen's endorsement of the orange utan, I would seriously reconsider using any Proton product.
Yen tried to backpedal meekly several times since then, to get out of the pickle he got himself into with his definitely-not-impressed customers, but it's a bit late for that: either he's pro-Trump or he's naive. Either way, he makes Proton sketchy.
Idc if I likes Trump or not (even though Trump is garbage); but I do care that he says the Republicans - the party that has spent years attacking encryption and privacy, who has sued to obtain private medical records of women and trans people who see doctors, and who is funded by billionaire big tech moguls - is the better option for privacy.
Also just taking ANY position for a leader of the US - one of the biggest parties to the Five Eyes agreement - just leaves a bad taste.
Do you have any recommendations for someone who just uses them for email?
I've been using Tuta for more than 8 years now and had one serious issue with their service during this time (longer outage, pretty early on). Other than that I have nothing but positive experience with them.
They're also based in Germany if that makes any difference.
Lately, their posts on Mastodon became full of comments questioning their CEO political views. I guess, this is the answer to those, a clear one.
Proton is really just trashing their rep.
Not even Bluesky, they went straight to Reddit. Shame.
It's a sad day when "you can find us over on Discord" is a better option.
At least reddits getting selfaware enough that every other post is ppl getting mad at ppl telling them to google since those posts are what they find off google, or they've already googled and found nothing.
The immediate assumption that everyone is an idiot who hasnt tried to google is annoying but used to be valid, ppl got lazy there (including me) and would just ask questions that were easily googleable, the issue is those posts are now first on google and none of them have answers lol
techlore talked about this is their weekly livestream
to summarize he thinks it's got something to do with people on mastdodon bashing hate to the proton account there.
One wonders why the rest of the Proton Foundation hasn't stepped in and gotten rid of Andy; I assume it's just because they don't actually care about privacy, they're just cryptonerds.
I suggest you give a read to "Privacy is power" by Carissa Veliz (on the board). She also gave a very good interview on the podcast "firewalls don't stop dragons".
I also don't think "cryptonerds" applies to people like Tim Berners Lee.
The problem is they continue to allow Andy Yen, the CEO of Proton, to remain on the board.
Yes that's true, and that seems quite natural. His poor communication in a tweet is not a reason to fire someone from a board, in my opinion. Especially since at the best of my knowledge he didn't do anything that harmed the privacy of anybody, nor he showed inclination to do so.
In any case, if you find yourself "assuming" that people that have years of track record caring about privacy and similar issue "don't care about privacy" or "are cryptonerds", maybe you should reflect a second. This is why I said to go listen to her interview or read her pieces.
Three years ago I made an issue on their feedback page because the android app doesn't really work on degoogled phones, it requires gms for notifications. Still not fixed.
Nice privacy focused App that can't fully be used if you take privacy seriously.
FYI i use a degoogled FP3 with microG and I don't have any problem.
I cancelled my subscription because of technical reasons, but now I can add political reasons on top.
Ouch! They really are working hard on getting any privacy oriented person to leave them.
I'm glad I have moved away from them.
Pointing people to reddit, as if that's an alternative. When a VPN provider makes such bad choices it's tempting to imagine that the decision was influenced by somebody who wants to secretly get the message out that the company is no longer to be trusted, because it's hard to see any other logic in it.
We have to wait and see what the next audit is going to find, that will give us more security than any kind of information provided from Proton themselves.
The Swiss laws are also helping to make it so they keep the privacy standards high.
But I would definitely use your own domain for your Proton mail currently
I’d say this move seems too dumb even for fiction, if that wasn’t the SOP for the entire country I live in.
Given the context though, I’m curious if one of you privacy experts can change my mind on how I approach email.
I don’t use email for any meaningful communication where I expect privacy. It is essentially the way for companies and a few other organizations to send me low priority information and/or confirm my identity to reset a password or whatever. Because of that, the only attributes of an email service I really care about are reliability and availability, including not having emails silently blocked for not coming from a “trusted” provider.
So what is the practical risk of just using a Gmail address for that stuff, equivalent to hiding in plain sight? Yeah it helps Google fine tune their advertising model for me, while I’m running Linux on all my machines and blocking ads on any device I touch. My social media is Lemmy and my streaming service is Jellyfin.
Am I risking too much if I use it as the corporate contact point that it is? Am I just letting my white/straight/cis/male privilege show through?
I don’t use email for any meaningful communication where I expect privacy. It is essentially the way for companies and a few other organizations to send me low priority information and/or confirm my identity to reset a password or whatever.
As a privacy enthusiast (expert seems too much), this immediately stood out. Privacy is the context of emails means that all my data which includes the content of the messages but also the metadata (who I talk to, which services I use - like in your example -, when I communicate, how often, etc.) is kept private, meaning not used for anything else than providing me the service (i.e., let me send and receive emails). From this point of view, even if you consider the content of your emails not sensitive, already the fact that you do use company X (because they sent you a password reset email) is data about you, and as such can and will be mined by Google to profile you or to sell it.
Am I risking too much if I use it as the corporate contact point that it is? Am I just letting my white/straight/cis/male privilege show through?
Nobody can tell you this, because risk in this context is purely a subjective estimation, and you are free to do what you please. However, I do care about my privacy, which means that I want to minimize the amount of data about me available for sale or to others in general. For me the motivation is quite simple, while I do block ads everywhere too and I generally don't have an impact in terms of getting personalized ads, once the data is collected I have no idea what will be used for, by whom and for what purpose. It doesn't even matter if the data actually allows to infer accurate things about me, it's enough that someone (e.g., insurance company, employer, bank, government, etc.) is gullible enough to believe that inference is correct. In the book "Privacy is power" (written by Carissa Veliz) she also develops a very interesting argument about the fact that violating your privacy usually means also violating the privacy of the people near you (the people with whom you share demographic, the people you communicate with etc.). This could be another point of view to consider.
Anyway, if for you the above is fine, there is no other significant risk you are taking, and you should keep using Gmail if that suits you.
A technical note. Secure email providers generally can have technical controls (i.e., encryption) to protect the body (content) of the email, and in some cases some small amount of metadata (e.g., Tuta encrypts also the subject). Generally though, you are still trusting the provider to perform that encryption (especially because a mail from Gmail -> Proton/Tuta would be encrypted by Proton/Tuta) and to not use metadata for any purpose besides delivering the emails. So privacy here doesn't mean absolutely removing the data from a third party, but it means giving it to a third party who uses it (due to contractual obligation, business incentives etc.) only for the intended purpose in a privacy-preserving way.
Good stuff to think about. Thanks! I think I’ll keep the email issue on my mental list of things to address as I keep FOSSifying and self hosting things.
What kind of expensive resources you need to just post on Mastodon?
ability to silence, and censor or criticism,?-proton probably
A human being.
Whoever posts on reddit can copy paste to other platforms, if they are to lazy to use a software that consolidates it for them.
So first taking Trump's side and now that...
Agreeing with one statement doesn’t mean you side with all the points of a person/party.
Andy Yen is an idiot though, not going to lie about that one
Gross. I’m slowly moving from ProtonMail to Port87, which is kind of embarrassing because I made Port87 and launched it almost two years ago. Switching email providers is hard though. You have to update everything.
Unless you use a custom domain. That way you only need to update everything once.
Yep. Definitely worth the ten bucks a year. Also it lets you get your own DMARC reports, which can be useful sometimes.
Do they really need a team of people to post the same thing to X, Mastodon, BkueSky, etc? I'm honestly surprised they don't have some bot to make all the posts for them to those services. Sounds like a cop out to me.
