Privacy

40710 readers

937 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

175

protonmail blocks account creation through tor (lemmy.ml)

submitted 3 days ago by cookie019@lemmy.dbzer0.com to c/privacy@lemmy.ml

99 comments fedilink hide all child comments

so now proton completely blocking account creation through their onion adress? I have standard protection, javascript enabled. Time to swith for those who use this service as they are ditching tor and switzerland?

you are viewing a single comment's thread
view the rest of the comments

[–] XenGi@feddit.org 1 points 2 days ago (3 children)

Proton always felt like a scam to me. Their claims on privacy and security are questionable at best.

[–] Jason2357@lemmy.ca 8 points 2 days ago (1 children)

My issue exactly. Their marketing isn't careful, which I would expect from a security focused business.

[–] ReversalHatchery@beehaw.org 3 points 2 days ago (1 children)

to me it's not that they market their security, I think it's still meaningful. if they actually dont keep unencrypted messages, that rids them of the need to hand over past data when police comes knocking. but the way they do discounts, the way they publish prices on the pricing page, and things like that that make me question whether do I really want to recommend this to others.

[–] XenGi@feddit.org 4 points 2 days ago (2 children)

If they still hold the private key, your mails aren't encrypted. And even if it's the case you still have to trust them that they don't save the plaintext email somewhere else before they run tbeir encryption.

[–] ReversalHatchery@beehaw.org 3 points 1 day ago (2 children)

you still have to trust them that they don't save the plaintext email somewhere else before they run tbeir encryption.

and that's what I do. I trust that they are doing it. what better can I do? the other option is to use a provider that 100% is not doing that, which does not seem to be better. or hosting it for myself, which maybe a small minority of people are capable to do it

[–] EngineerGaming@retrolemmy.com 1 points 1 day ago

Thus this feature is a "nice-to-have" that should not be relied on.

[–] XenGi@feddit.org 3 points 1 day ago

Yeah, thats the issue. At some point you have to trust the provider or host yourself. I know from friends who worked at my email provider that they actually encrypt and not save it but thats a luxury not everyone has.

[–] sunzu2@thebrainbin.org 1 points 2 days ago

That's an inherent issue with email though, not Proton specific

[–] 3abas@lemmy.world 5 points 2 days ago (1 children)

Their software is open source and you can verify it yourself.

[–] XenGi@feddit.org 3 points 2 days ago (1 children)

You can't verify that they actually run that on their servers.

[–] meta4@retrolemmy.com 5 points 1 day ago (1 children)

So, they operate a repo of open source code as a cover for their internal repo of completely different code?

[–] XenGi@feddit.org 3 points 1 day ago* (last edited 1 day ago) (1 children)

I'm not saying they do that. But you have to trust them that they don't do it. You can never proof it.

[–] meta4@retrolemmy.com 3 points 1 day ago (2 children)

Are there any non-self-hosted services where that's not the case?

[–] EngineerGaming@retrolemmy.com 1 points 1 day ago

No. That's why I wouldn't trust protections that depend on something serverside, like encryption in the web client.

[–] XenGi@feddit.org -1 points 1 day ago* (last edited 16 hours ago)

No. It's an inherit compromice you have to deal with. At least with email hosting. There are services where you can proof that no one was listening in but with email thats not possible.