In an unexpected mask off “secure” email and VPN provider Proton took the stance of siding with the fascist MAGA Reps. Proton’s services are no option for me and many others any longer. Let’s collect and discuss alternatives (E2E encrypted email and VPN) here 🔐👇
Always try to provide:
-Server location (jurisdiction)
-Governance
-Integrity/trustworthiness/transparency
-User experience/ease of use (grade 1 to 10, lets take Proton as a benchmark with an 8)
-Pricing and links
If you know alternative setups, feel free to share, too.
#ProtonExodus
Background: https://lemmy.ca/comment/13913116
Edit:typo
Sigh.
Goddammit. I’m so fucking tired.
This is how they win.
Like zombies, slow and steady, dumb and hungry
Perfect
Be tired with Tuta!
Am I the only that don’t see this the same way as the rest? I am in way way endorsing or supporting MAGA, but they did take action against big tech (though for reasons of retribution) and I see Proton only acknowledging a good person being designated to lead the next antitrust efforts, apparently with a good track record.
Proton also acknowledges Lina Kahn who has done a great job, nominated under Joe Biden.
Ultimately, I feel like from a perspective of Proton, any win against Big Tech, is a good win, and I can’t disagree.
There is a longer discussion to be had around how the dems were supported by oligarchs and I think that’s what Proton is referring to, they decided to turn a blind eye under the Obama administration for instance. Bernie Sanders goes to lengths about this in this interview, illuminating: https://www.youtube.com/watch?v=MzkgWDCucNY
So all in all, maga sucks, new pick probably good, and in my view, proton not actually endorsing maga/trump but just acknowledging a good pick.
Did I miss something?
The main part of the message that pissed me off was the idea that GOP sides with the “little guy”. First, it’s demonstrably false. Second, he is a tech CEO. He wouldn’t recognise a little guy before his security crew has time to forcibly remove him.
yes, that’s a sane approach
Phew! For a moment I thought you were talking about the steam compatibility thingy.
I thought they were talking about the elementary particle—I was afraid we’d have to find some other way of manifesting our physical existence.
Truly unhinged that they decided to come out on this. Fellas, you are fucking Swiss why throw yourself under the bus for the US election
Because terrible people literally can’t help themselves. Wait for people to show you who they truly are, they will…
“Proton? Why the fuck would he be mad at a WINE fork…?”
“… OH THE MAIL-”Server locations: Riseup is in the US (Washington state), so keep that in mind. Disroot is in the Netherlands (part of the EU).
Governance: Riseup: Look at their “about us” page. Disroot: Look at their “about” page. The terms of service are more detailed. tl;dr: As far as I can tell, these are run by leftists.
Integrity/Transparency: I have no idea how to grade this.
Ease of Use: Subjective. Riseup VPN is just: install the client, turn it on or off. Disroot is much better with a mail client of some kind, so if you already use one, it’s probably a 10, otherwise, the webmail server isn’t that great. Disroot also requries manual encryption (I’m biased here because I use Kmail which makes PGP really easy to use).
Pricing and Links: Free https://riseup.net/en/vpn https://disroot.org/en/services/email
tl;dr: Use collective-run services, not corporate-run services
disroot, Holymoly they run this all on this budget??
Regarding e-mail: “riseup.net” requires that a long-time user vouch for a new user and invite them. If the new user quickly turns into a complaint magnet (there’s a coming-of-age period after which their actions are considered their own), both the user and the inviter will be held responsible (kicked off the service). I think (hope) they aren’t so strict with VPN, but they have limited people and could not administer a mess made by a big bunch of people.
Needless to say, none of my (anarchist) comrades have ever been kicked off RiseUp, but they don’t send spam or threats, they just send their cat pictures encrypted with GPG, causing the authorities endless work. :)
Just like every reasonable service, RiseUp has a few technical mechanisms to ensure they aren’t compromised (disk and inbox encryption, etc) but obviously those can’t help against a dedicated and well-resourced adversary.
So, whatever e-mail server you use - use PGP / GPG. :) Then the adversary must compromise your device. If you are hardcore, encrypt and sign on an offline device. Then the adversary must breach the air gap.
(I used to sign releases for some anonymity-related project years ago. Those were the times when I seriously took measures because others depended on me. Currently, not so much.)
P.S. As for the lack of resources at RiseUp: this can be alleviated by donating to them. Which reminds me, I should set up a small regular donation to their representative organization in the EU.
Mullvad is supposed to be a safe and secure VPN.
Unfortunately not a mail or storage provider.
If this wasn’t enough of a wakeupcall to not put all the eggs in one basket then what is? Companies are literally doing this to lock you into their service so it’s harder to switch since you then have to find X new services instead of just one.
Better go with one that’d specialized for each service you need…
Wow!
Of all companies, this is one I didn’t expect.
Damn.
the good news is this is a lesson to never trust any entity whose role in the world is to accumulate capital
What’s insane is that didn’t Proton just recently announce they were converting to a non-profit?
Yes, they did: https://proton.me/blog/proton-non-profit-foundation
Why would this be unexpected?
Proton already handed over the IP of a climate protester to authorities several years ago, while boasting that they had a no log policy.
https://therecord.media/protonmail-forced-to-collect-an-activists-ip-address-in-police-investigation
Every time, in the past few years, that I bring this up, everyone just acts like I’m setting an impossible standard and no alternative exists.
Proton has been shady for years.
I’ll still continue using proton, as I haven’t seen them staying from their goal just yet, but I’d love to see some alternatives non the less.
There are 2 kinds of companies:
- Evil companies
- Companies that are not evil YET.
What this means in this case is that only your own E-Mail server running on a Raspi in your own home can be considered private or secure in the long run. Unfortunately this is really really hard to do, which is the only reason i have not done it yet.
Personally i do not consider any E-Mail private, because E-Mail is not E2E-encrypted, and 99.9% of times one side of the conversation is going to be hosted on some shady companies servers.Of course Proton delivers a great service, because they make an insecure protocol a little less insecure, and i personally use Proton mail. Unfortunately their closed-source nature makes it impossible to switch providers without abandoning their great software.
As for services like Drive, they can actually be hosted privately and securely on your own Raspi with stuff like NextCloud/OwnCloud.
For those that can’t/don’t want to self-host, i would recommend paying for a hoster that hosts FOSS software and contributes to it either with money or code. In that case you would probably loose E2E-encryption, but gain the ability to switch providers once your provider turns on you. In that case at least some of your money would continue to offer value to you by having improved the software you are still using.Maybe not the contribution that you’re looking for, but going to tell you this story regardless.
I am Swiss, and am a former Department of Foreign Affairs (FDFA / EDA) employee. My colleagues and I had organized an evening on cybersecurity, where we showcase what Switzerland has to offer. I invited stakeholders such as:
- Dreamlab (really cool company, should look them up if you don’t know of them)
- NCSC (Swiss National Cyber Security Center)
- Some Swiss cyber regulator; and
- Proton
Firstly, when speaking to a delegate of one of the above listed (don’t feel comfortably sharing publicly which one), he ushered a statement; upon me saying I’m a huge Proton fan and subscribed to all services - “they are lying to your faces”.
I was curious, so I spoke with the regulators and NCSC delegates, they said that Proton has been involved in a handful of leaks - some that were made public, some behind the scenes.
When I spoke to Andy, having told him that I grew up in Canada, I asked him what his plan was for North America. His response: “I will gladly take their money, but never open up shop there - too many national security departments that come knocking on the door”.
Now I see that (on the Proton page), that they are looking for a few US based positions for Marketing and Growth - going against what we discussed a few years back. In all honesty, I still have a Plus subscription with them, but beginning to questions a lot more things regarding security and ethics at Proton. Guess I’ll just self-host in the future. Trust no one but yourself with your personal data.
I’ve said it in another thread: German users should consider posteo as a green, safe, and affordable (1€/M) alternative. https://posteo.de/de
- Germany (I think)
- Politically leftist
- Very nice people
- User experience 8, works fine and people put a lot of effort in
- It’s free, but you need an invite code
OK I think I will move to Posteo. Great security, privacy focussed, servers in Germany, running with 100% renewable energy. Prices are ok, too. Ticks all boxes.
If a car company in Germany complemented Hitler on his paintings, would it be still fine to buy their cars? And what if they were a really great car company and only mentioned how cool Hitler’s paintings were and nothing else?
I sort of feel like if I am cool with Proton’s statement, then I also am cool with trans people and Latino people and Gazan people being treated poorly, and I’m not actually cool with that.
It’s unfortunate, because despite Proton not accepting XMR and logging IPs when they promised they wouldn’t and doing other questionable practices, they have a lot of great services. But now, it’s like if I’m using their services, I’m sort of spitting on the grave of every trans person who ended their life out of shame, spitting on the grave of every dead Gazan who simply didn’t want to die, and being disrespectful to all the cool Latinos out there who have been degraded simply out of racism.
:-(
Unlike a car which is bought once and is mostly outside of vendor control once you have it, Proton mail is a service that requires continuous trust in the company since they offer a service. This means I no longer trust Proton as much, which makes me much less inclined to use their services.
If they think Dollar Store Hitler is going to stand up for small businesses then they’re about to have a rude awakening.
Tech bros aren’t exactly known for a nuanced understanding of whatever isn’t bleeps and blips: that’s what you get when the educational system is nothing more than a pipeline for employment
