"Privacy is important, so you can follow our latest updates exclusively on the platforms that don't give a shit about privacy"
this post was submitted on 26 Feb 2025
435 points (97.8% liked)
Technology
63277 readers
4145 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
Privacy isn’t particularly good in the fediverse. Any federated instance can track you as much as they want without you ever knowing or consenting.
Self hosting Lemmy is straightforward. Then subscribe to all communities and now you have a treasure trove of data to mine. If you modify the code a bit you can do more like keep deleted posts around or surveil user activities in real time.
Sure, but at least the fediverse doesn't try to fill your browser of ads and tracking cookies
TBF, they push the same content via their email newsletter.
On a platform, that will ban you if you look at it wierd
due to limited resources
Either:
- We have lost our password
- Our C and V keys are broken and we can not copy paste our social media messages anymore
Will be missed /s
Since I have found it historically hard to engage on this (broader) subject around here, just yesterday I put together my own thoughts at https://loudwhisper.me/blog/proton-fediverse-burnout/
Personally, I did not see the value of their Mastodon presence, it was write only marketing communication, no engagement with the community anyway. That happened only ever on Reddit, which I think is going to continue being the case.
They push the same info via email newsletter, if someone really wants that stuff.
Either way, the post above covers my take on the whole drama, not just this last small chapter.
Fuck Proton.
Lmao that second paragraph. This guy is not just a tool, he's the whole toolbox.
Proton can now officially go fuck themselves.
First, their CEO supports Trump. Then this, ditching Mastodon in favour of nazi-Twitter. Proton is not safe anymore and people need to migrate away ASAP.
Was it ever? I ditched them years ago when they tried to gaslight people that e2ee in javascript in browser is secure.
Security is hardly a binary property.
Given you mention the specific technical setup, I would say yes - that is secure against most risks relevant for most people.
At least, it's totally fine according to my own threat model, where I looked specifically at broswer-based encryption vs "manual" encryption (I.e. using PGP tools locally).
It is nuanced, but having the ability to selectively serve malicious javascript stealing keys to specific people only on one access is considerable issue in practice, compared to distributing binary where you would generally have the same binary for everyone and you are able to archive and analyse it. Especially if you use third party distributions, like github releases or flatpaks.
Well, yes-ish.
An organization with resources to coerce or compromise Proton or similar wouldn't have trouble identifying individual users "well enough" (trivially, IP address). At that point there is absolutely nothing stopping a package distributor to serve different content by IP. Not even signatures help in this context, as the signature still comes from the same party coerced or compromised.
Also most people won't (or are unable to) analyze every code change after every update, which means in practice detection is even more unlikely for OS packages than it is for web pages (much easier to debug code and see network flows). The OS attack surface is also much broader.
In general anyway, this is such a sophisticated attack (especially the targeted nature of it) that it's not relevant for the vast, vast majority of people. If you deal with super sensitive data you can build your proton client directly, or simply use the bridge (which ultimately is exactly like other client-side tooling), so for those very rare corner cases where this threat is relevant, a solution exists. Actually, in those cases you probably don't want to use mail in general. So my question is, who is the threat actor you are concerned about?
All in all I think that labeling "insecure" the setup for this I think is not accurate and can paint a wrong picture to people less technically competent.
Bridge did not exist back then.
As for it being sophisticated attack, I think it is relative.
Regardless, if Proton said it did not matter to most people, I would respectfully disagree and move on. They did not. They claimed it is not at all less secure than a native app, which is BS.
"We hate that our CEO keeps getting called out and slammed by our followers so we're gonna stick our fingers in our ears"
Also good time to remind everyone Tuta exists :) https://tuta.com/
load more comments
(11 replies)
If Proton does not refer to the Steam's Windows adapter layer for Linux, I don't care.
Btw, their Mastodon account has more followers than their Bluesky and Threads accounts combined, both of which they are keeping. What a stupid decision.
They will leave Blue sky for twitter once , people find out as well, mark my words, and they will add Facebook eventually, since it's still the place where right wingers flee to have more administrative control over their groups, of they get ousted from reddit
It's not stupidity; it's censorship. They can control what gets posted on their own Reddit community. They can't control what people are actually saying on the fediverse.
People need to realize that Proton has gone to the shitter; stop paying for them and migrate away as soon as possible.
And reddit has been extra aggressive in allowing mods ban users more easier too, as of this month. Now some mods are "cahoots with admins"
load more comments
(3 replies)
Does this have anything to do with the CEO expressing his support for Trump? I can't imagine how, but there are some odd decisions being made at Proton lately.
Almost certainly, yes.
People on Mastodon are not happy about those statements, and called Proton out on it relentlessly with every post Proton made. This is Proton running away with their tail between their legs, back to platforms where they have more control and/or are already full of right-wing nutjobs.
If anyone's looking for secure email, look at tuta.com instead. The email service is very similar in terms of UX and offers better encryption. They don't offer the rest of Proton's suite, but...maybe that's a good thing? I mean, do you want to get locked into an ecosystem?
Tuta is really good. The push notifications work perfectly without delay on de-googled devices. top.
..."the reality is that Republicans remain more likely to tackle Big Tech abuses."
Like doge having our social security and Treasury wallet+keys? >.>
He can suck my ass and nutts.
load more comments
(4 replies)
load more comments
(28 replies)
load more comments
(5 replies)
view more: next ›