35 points

I see that Proton’s very hard at work convincing me to migrate.

permalink
report
reply
16 points

look pal do you hate progress

permalink
report
parent
reply
23 points

I haven’t always been actively enthused about some of the things Proton has decided to build out, but this may be the first time I’ve been legitimately disappointed.

permalink
report
reply
8 points

At this point I’m kind of glad I accidentally renewed my other VPN service and didn’t switch to Proton.

permalink
report
parent
reply
18 points

Screams incoherently I just managed to switch my 2FA, passwords, and important email accounts to Proton. Then they go pull this bullshit over time! This is quite cursed; if it gets any worse, I don’t know what I’ll do. They were not shitty and the competition is so much worse.

permalink
report
reply
8 points
*

I was this close to switching to Proton… Dodged a bullet? I’m slowly degoogling, but I guess my new goal is to switch to a bunch of separate individual services to make it easier to switch just photos/email/calendar/drive/etc in the future when a service enshittifies.

permalink
report
parent
reply
6 points

Yeah, that would be best. I still keep certain things separate because of enshittification can strike at any time! However, I don’t think that Proton will ever get that deep into the becoming shittier train; I could be 1000% wrong about it, as I’m aggressively huffing copium right now. I’ve pretty much made Google one of my throwaway accounts that stays isolated from anything important. So I can dump that terrible company at a moment’s notice without worry.

permalink
report
parent
reply
6 points

I don’t really understand how it’s possible to both not store data in plaintext, but also be able to siphon off some of it in plaintext. Like is this technically possible in the way they suggest it? We shoot off the plaintext before it gets to our storage servers?

Like at some point that means the communication is not encrypted right? But if you’re using https and all good normal security standards that should never be the case from the moment it departs your terminal?

I have a small amount of knowledge about this but it’s the dangerously small type so any illumination would be appreciated.

permalink
report
reply
11 points

Email is never stored unencrypted at rest on Proton’s servers. But AI prompts, which are likely your entire draft email, do exist unencrypted at rest on their servers. That’s what has the privacy nerds screaming.

permalink
report
parent
reply
10 points

yep! and the important thing to understand about proton is, the end to end encryption (where one end is the sender of a message and the other is the receiver — Proton never handles plaintext at all, beyond a tiny and clearly called out amount of metadata stored as plaintext on their servers for stuff like Calendars) is the whole point of the thing, there’s no reason to use Proton without it. with this LLM garbage, Proton’s threat model has shifted such that you can’t trust that the other end’s plaintext didn’t get transmitted to Proton’s servers (there’s no way for you, the receiver, to tell that the sender didn’t use the cloud LLM features), which makes Proton a lot less useful for some of the most vulnerable people who use it, such as activists and journalists who might be under legal threat. this plaintext leak allows some of the messages you’ve received to be subpoenaed, and it’s very easy for that to be used in a criminal case against you.

also, Proton’s published security model for their LLM feature (which is ultra-thin and resembles a PR puff piece more than any other model they published before this) states that their no-log policy is what makes the cloud version of the LLM secure, but their no-log policy has gigantic holes in it, and Proton’s response to these concerns is utterly unbefitting of a privacy/security software company

permalink
report
parent
reply
4 points

Ah OK, so it’s sending the email draft in process not sending off the content of incoming messages or your final sent messages. Now I understand. Also, that’s still bad…

permalink
report
parent
reply
5 points

I’d personally consider that sufficient grounds to accuse Proton of stealing its customers’ data.

At the (miniscule) risk of sounding unnecessarily harsh on tech, any customer data that gets sent to company servers without the customer’s explicit, uncoerced permission should be considered stolen.

permalink
report
parent
reply
5 points
*

i don’t understand, what’s stopping you from just not using it if you don’t want it? am i missing something?

edit: lol i was open to learning but nvm i guess

permalink
report
reply
9 points

i don’t understand, what’s stopping you from just not posting if you don’t have a contribution? am i missing something?

permalink
report
parent
reply
9 points

i don’t understand, what’s stopping you from just not stepping in the broken glass I left on the floor? am i missing something?

permalink
report
parent
reply
3 points
Deleted by creator
permalink
report
parent
reply
3 points

thank you

permalink
report
parent
reply
6 points

edit: lol i was open to learning but nvm i guess

and this is where your bullshit became bannable

permalink
report
parent
reply
8 points

My frustration at least is blended between 2 related thoughts that seem to generally be shared with a large group of people, if not the majority. 1) IMO crypto is BS. 2) Building on that base, they are diverting dev resources away from improving their existing systems or developing a new product with broader appeal to instead service said BS.

permalink
report
parent
reply
5 points

am i missing something?

Yes.

permalink
report
parent
reply
4 points

How often do you switch email address and provider?

permalink
report
parent
reply

TechTakes

!techtakes@awful.systems

Create post

Big brain tech dude got yet another clueless take over at HackerNews etc? Here’s the place to vent. Orange site, VC foolishness, all welcome.

This is not debate club. Unless it’s amusing debate.

For actually-good tech, you want our NotAwfulTech community

Community stats

  • 1.6K

    Monthly active users

  • 502

    Posts

  • 11K

    Comments

Community moderators