andy1011000 Proton CEO posted:
βPeople honestly seem to forget that I live in Switzerland, where Republican/Democrat doesnβt mean anything, and Trump isnβt even on our ballot to be voted forβ¦β
Onyx376. replied:
βThe point is that fighting for a more just and equal society is not just about fighting for the fundamental right to privacy but also for all other fundamental rights, including individual rights and life. When you, as the CEO of a company that starts from these principles, nod positively to whatever action a political figure like Trump, who is known for always flagrantly putting his private interests ahead of those of his own nation, makes speeches about eliminating minorities, hurting their rights as citizens and flirting with Nazi movements, it is understandable that members of the privacy community are disappointed as this reveals a little about who is being the face of a company that should follow contrary principles. But now we really know what βfreedomβ means to you.β
I'm feeling very conflicted on this overall. I love proton and I'm not even American, but this whole fiasco is making me think of moving.
They handled this very unprofessionally, and I'm not sure if I'm comfortable trusting them anymore.
Can anyone recommend me some alternatives for some proton software?
I cancelled my proton the other day, right after his post.
As alternatives:
Im still figuring out the drive, thinking of self hosting that too.
Good luck out there.
Besides the password manager (I use Bitwarden) those are strong recommendations. Thanks
Are you happy with bitwarden? Its very tempting ... I'm just concerned about it being in the US, where some agency could "request" data.
Why not just self-host vaultwarden then? Since you seem to already selfhost other managers.
Thats because I was not informed until I read your comment. I honestly didn't know that vaultwarden is what bitwarden self-hosted is called. Thanks. Guess I was ignorant.
I'll give it a try.
Oops, sorry I didn't mean it to sound condescending, my bad.
Yeah, it's pretty easy to run, I just use their docker image.
Backup and how to secure it on the other hand is a frequent discussion on Lemny selfhosted or r/selfhosted
Also see Selfh.st for other OSS apps alternatives.
We have to bring those selfhosted guys over to db0 somehow :D
Goes hand in hand with the "Yarrisms"
Unless your master password is stolen or it is just "123" it is literally impossible to crack your vault. I've been happy with BW (even if it is in the US I'm not American so they can't even use it against me)
PS there is a European server at bitwarden.eu :)
Look into Filen for storage. They are relatively new, but looks promising.
It's very blown up
While I get the sentiment, what could possibly happen to Proton that makes it unsafe and you wouldn't know? We already known they do comply with the law and hand over basic information.
But they do not give access or decrypt the actual content of your mailbox and that's not because they choose not to but because it is technically not possible, or am I wrong about that. If the plan to change that it would hopefully become obvious through some announcements.
It's moreso the trust factor for me. Proton is secure, I know; but the company behind it has been making many bad decisions lately.
They were extremely unprofessional dealing with this. I mean, who comments their own political views on a company account then doubles down??? That's just stupid to me.
I should have specified that I might not even switch off of proton, I'd like to know alternatives JIC shit hits the fan :(
The security vulnerability behind any decent VPN is the VPN provider. When they're signalling support of fascists and technocrats you need to move on because their mask slipped and their real motives have been exposed. The sheer gall it takes to pretend you can believe Trump supports privacy goals is laughable.
The question is really who is an actual alternative.
None, really.
All companies have skeletons in their closets, it's not a matter of if, it's a matter of when. I don't trust companies, but not everyone can self-host. As for your question; Mullvad seems good, but be wary.
Same. After the whole AI fiasco and the crypto fiasco, this is just adding insult to injury.
Oh shit, what did I miss?
Agree, always good to be prepared
If you complie your clients, Proton cannot decrypt your data.
But there's a lot more than Proton can do.
They could log your IP, the exact time you log in or use Proton services
They could keep a copy of every email you receive, most of them are probably unencrypted.
If you use VPN, they could log everything you do, they wont be able to decrypt the HTTPS data, but if they log all your traffic, it defeats the purpose of using a VPN.
They could potentially swap the web javascript, if you ever log in via browser.
When you send emails to another Protonmail user, Proton could potentially do a mitm and swap Proton's public key and make the other user's client think its your public key, and also give Proton's public key, and make your client think its that user's public key. Proton essentially act as a keyserver, so they could maliciously replace keys.
And most people don't compile their user clients, so if you just download the clients they compile, they could just not use the source code to compile it, sending you a malicious client.
There's just a lot of attack vectors if the company itself becomes hostile.