Damn. Proton is doing a good job of stacking up W’s these days.
They act just like Microsoft. Lot’s of people think Microsoft is successful. If you think Microsoft is the champion of privacy though you might be in a cult.
I’ll tell you what. When proton ships a product that takes a screenshot of my desktop every 5 seconds and stores it in an unsecured DB any user on my computer can access, we’ll call them even.
I’ll tell you what. If you can prove to me by pointing to the specific source code that would prevent Proton from capturing your private key password when you login or decrypt using their standard clients then I’ll join the Proton cult.
This simply isn’t really possible.
Even if they published open-source code for their backend, it wouldn’t prove that it’s actually what their systems are running.
And when you are storing your data on their servers, and decrypting it by sending over your password, there’s no way you can actually truly prevent them from accessing your data, if they were to modify how their systems function overall. (this is true for every company)
Even if they were using zero-knowledge proofs to verify and prove to you the computation done on the server matched what would be expected from published open-source code, then either their very own systems (and by extension, their administrators), or a different company’s proprietary TPM module, would be the root of trust for those ZK proofs, and would still have the same underlying trust assumptions of at least 1 company having the ability to potentially steal your information.
If you want to rail against Proton for this, you have to be against every single cloud-based instance of code that hosts encrypted data, by any company, for any user.
Saying Proton acts just like Microsoft is a laughable comparison to make in order to justify claiming a lack of privacy or security on Proton’s part.
Why? Is it because they’re both companies that offer online services? Guess what, loads of companies do that. But you know what Proton doesn’t do? Give away the contents of people’s files, like Microsoft states they do in their own transparency reports, that they conveniently stopped publishing in 2022. Microsoft handed over the content (not just IP, email, etc, but actual docs, communications, stored files, etc) of thousands of people’s accounts to law enforcement. Proton hasn’t given out content once.
And this doesn’t even consider the fact that Proton’s business model is privacy. For Microsoft, their users will keep using their services regardless of their privacy, but for Proton, if it comes out that their services are no longer private, nobody will use them anymore, because nobody who got them for privacy would need them at that point.
prove to me by pointing to the specific source code that would prevent Proton from your private key password
You want them to point to code (that’s not publicly available) that prevents Proton from capturing credentials?
What a dumb hoop to tell someone to jump through. Do you expect someone to actually post a block of code? Would you even be able to read it?
Removed by mod
Such source code isn’t possible with the general audience service they offer, even if being open source were a requirement for credibility in any way.
You’re comparing them to a company with a long history of actively hostile behavior despite the fact that there’s never been a single hint of anything resembling hostile behavior from them, they operate from a country with meaningful privacy protections and only surrender data when compelled by their own courts (who only do so in circumstances that actually warrant it), and haven’t actually given up information that’s useful when required to because they don’t have it.
The only open source mentioned in the post is their encryption. Not the document editing software. OP please remove your change to the article title, it’s extremely misleading.
Fair enough! That’s exciting news
Well, they’re not wrong. It is ‘open-source’, not Free Software.
? It’s not open source, AFAIK.
Proton at this very moment
I CANT STOP WINNING!
Open source ? Does that mean I can host my own ? Would it be compatible with other self hosted instance ?
EDIT: the only source code I found hasn’t been maintained for 3 years.
As I’ve slowly been expanding my homelab, NextCloud caught my attention. I haven’t tried it quite yet, but it might be closer to what you’re looking for.
Thanks, I’ll have a look
If you do want to host your own google docs, look into Onlyoffice, or LibreOffice with Collabora
Just signed up today for the family plan in my ongoing degoogling process
It’s a bit pricey but so far loving it. Specially Proton Pass, coming from bitwarden (which I liked), it’s nicer and faster, much faster
Don’t put all your eggs in one basket again, that’s what makes degoogling such a difficult thing. There’s several proton services I intentionally avoid and use alternatives for so I don’t have to uproot my entire digital life to leave them if they start being shitty. If you go from using all google services to all proton you’re setting yourself up to need the same sort of big migration down the road. 15 years ago google was also an awesome company that kept making incredibly useful things for users just because they could and look at them now.
And so what happens to your passwords if Proton were to go offline and you needed to continue using Proton Pass? Do they have an open source server you can use like Bitwarden does or vaultwarden? Or are you essentially locking yourself into a new walled garden for no reason other than name recognition? Why not just use KeePassXC which is encrypted locally rather than share your password with a third party who can easily capture your private key password?
I think a lot of these cloud-based password vaults will have a local database that syncs with the cloud. I think you can unlock them and access your passwords without internet access
Keyword… unlock, not add information or use them offline where they can sync to an open source backend. They are cloud-based password managers that are designed to operate online. The backend is not open source. It is designed to lock you into a walled garden.
The unlocking happens locally. it’s simply decrypting. also, i think you can export the data from proton pass.
it’s a cloud solution. keepassxc works great and I don’t know why you want something else to replace it
Proton Pass works offline. Proton isn’t a walled garden.
It will cache credentials for a short time so you can still access some of your passwords. It will not let you add new credentials. It’s like a web browser working in offline mode for a period of time. It is a cloud-based password manager with a closed-source server backend.
Because of their integration with simplelogin.
Vaultwarden/Bitwarden integrate with SimpleLogin… and they offer other alias service providers as well.
Doesn’t appear you can do anything of that via the Drive mobile app. Maybe one day they will make that possible.
If they can ever get a spreadsheet application I could fully get away from Google for that kind of thing without losing out on anything I care about.
I know there are different use cases for each, but generally do people prefer self hosted nextcloud, proton docs, or libre office?
deleted by creator
Immich is amazing as an app with a self hosted backend service.
Are they trying to become Google alternative?
They’re just too expensive. Like, sure, it costs money to run, but 3.49€/month (the discounted 24 month rate) for the mail only plan, 15 GB storage. (41.88€, $45.17 USD, $67.28 AUD per year)
That’s really expensive if you just want mail.
The other stuff, is also really expensive. To the point that makes you think, “there is no way google is making THIS much to make up the difference in advertising to me for a comparable plan”.
If you just need an email account I’d suggest to have a look at posteo.de. I am with them for many years now. Price is good and terms also.
Great, hopefully it is as useful. Surveys and such are a must for any migration.
Interesting. I will try to find out if it’s 1:1 in handling .docx like OnlyOffice which i hope it is. It sucks that OnlyOffice won’t run natively on Wayland.
It is fork of onlyoffice, https://www.onlyoffice.com/blog/2023/07/self-hosted-onlyoffice-docspace
Ehhh It is? Thanks for letting me know cause i didnt know that
notice the lack of the word ‘free’
Get started by creating a free Proton Drive account today (if you don’t already have one). We are rolling out Docs starting today, and the feature will be available to all users over the next couple of days.
You can use it for free ¯\_(ツ)_/¯
Removed by mod
Specify that, “free” means two things in English, otherwise use “libre”, which means freedom in Spanish and it’s sometimes used to refer to free or libre software.
