Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

They're all encrypted by themselves and if you use your own gpg key they will replace it.

They're all encrypted except when you pay more for dedicated smtp.

They're all encrypted except when they give up logs they promised they didn't have.

And so on.



This is pretty inaccurate. Proton's E2EE works by encrypting client side, and we can't just replace the GPG key because we have both key pinning and key transparency: https://proton.me/support/key-transparency

Proton does not claim no logs and has never claimed no logs. We do not retain logs by default, but our privacy policy has always been clear that we are legally obligated to follow Swiss court orders, which can ask for IP logging on specific accounts.


Listen, if you don’t trust their ProtonDrive - GPG encrypt before uploading. If you don’t trust their email, GPG your message and paste it in or include as an attachment. There are a lot of ways to be able to use proton without trusting them… and if you are an activist of any sort, like just stop oil or cnd, then I am sure they will be doing all of that.

I am not an activist so I don’t need to jump through such loopholes.

I don’t despise proton as much as I despise most of Silicon Vally though. I just hope they fight every single court order, because there will be lots of good people being targeted. However, I reckon that is wishful thinking.


Cryptomator is great for the ProtonDrive example: https://cryptomator.org/


Cool idea. But, if I personally wanted that functionality I would code my own solution with a shell script I think (because it is super easy to do).




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: