Proton will no longer post on Mastodon
-
Proton can now officially go fuck themselves.
First, their CEO supports Trump. Then this, ditching Mastodon in favour of nazi-Twitter. Proton is not safe anymore and people need to migrate away ASAP.
Was it ever? I ditched them years ago when they tried to gaslight people that e2ee in javascript in browser is secure.
-
Proton: “We’re consolidating our social media presence due to limited resources and no longer posting on Mastodon. Follow us on Reddit for the latest updates”
due to limited resources
Either:
- We have lost our password
- Our C and V keys are broken and we can not copy paste our social media messages anymore
-
They’ve still a loong way to go to match Proton’s product suite though, as they only offer Email, Contacts and Calendar for now
honestly that's a plus for me, I'd rather they focus on a small set of products and do really well with them. before I left Proton I was wary of their scope creep, and then the crypto wallet shit
Funny that the crypto wallet also upset people in the space who like crypto. Because crypto, IF USED CORRECTLY, can be a privacy tool (because it is the main way to pay online that can be utilized without KYC). However, such people got upset not just with Proton broadening their product scope for no reason, but also the fact that Monero was not even considered, despite it having built-in privacy protections unlike Bitcoin, and overall being agreed on as today's "digital cash".
-
"Privacy is important, so you can follow our latest updates exclusively on the platforms that don't give a shit about privacy"
TBF, they push the same content via their email newsletter.
-
Proton does not use end-to-end encryption for email headers. That includes the subject lines, senders/recipients, and other potentially sensitive information.
Tuta uses E2EE for email contents AND headers.
Consider for a moment what someone with access to your contacts and subject lines would know about you. For me personally, they would know which political campaigns and causes I donate to, and when. They would know when I see various doctors, and who they are. They would know my travel dates and destinations. They would know what newsletters I read (many of which are also political). Etc.
Sender and recipient can't be encrypted e2e. How would the server know to whom deliver the email if those are encrypted and not visible to it?
AFAIK tuta encryption extends to the subject line only.
Still a nice addition, don't get me wrong, but I believe you misunderstood something.
From their own doc:
The only unencrypted data are mail addresses of users as well as senders and recipients of emails.
Contacts and everything else is encrypted similarly in all "secure email" providers, including Proton.
-
Tuta is great, I will start from that. But they encrypt the subject line, in addition to the body afaik. It is technically impossible to encrypt "every part of the email" because that would break delivery (e.g., metadata such as recipient or timestamps).
This also has the cost of a nonstandard protocol (not plain PGP), with all that implies in terms of compatibility, maintenance needs etc.
That's a fair point about the portability of their protocol. And yeah, you're right that they don't encrypt everything. I'd meant to say "they encrypt everything you can encrypt without making the email undeliverable" but my fingers decided to type something else.
-
Proton: “We’re consolidating our social media presence due to limited resources and no longer posting on Mastodon. Follow us on Reddit for the latest updates”
Will be missed /s
-
"Privacy is important, so you can follow our latest updates exclusively on the platforms that don't give a shit about privacy"
Privacy isn’t particularly good in the fediverse. Any federated instance can track you as much as they want without you ever knowing or consenting.
Self hosting Lemmy is straightforward. Then subscribe to all communities and now you have a treasure trove of data to mine. If you modify the code a bit you can do more like keep deleted posts around or surveil user activities in real time.
-
Was it ever? I ditched them years ago when they tried to gaslight people that e2ee in javascript in browser is secure.
Security is hardly a binary property.
Given you mention the specific technical setup, I would say yes - that is secure against most risks relevant for most people.
At least, it's totally fine according to my own threat model, where I looked specifically at broswer-based encryption vs "manual" encryption (I.e. using PGP tools locally).
-
They also can't control the narrative on Mastodon like they do on Reddit and Lemmy through "volunteer mod" Nelizea.
Especially since reddit is quite ban happy about political narratives right now, gearing the site like with Facebook, who only pushes right wing.
-
How do they control the narrative around here?
Reddit allows more control and is much aggressive in banning people sitewide as of recently. If you attempt to report a comment on reddit, you can get banned instead by the mod
-
Btw, their Mastodon account has more followers than their Bluesky and Threads accounts combined, both of which they are keeping. What a stupid decision.
They will leave Blue sky for twitter once , people find out as well
-
It's not stupidity; it's censorship. They can control what gets posted on their own Reddit community. They can't control what people are actually saying on the fediverse.
People need to realize that Proton has gone to the shitter; stop paying for them and migrate away as soon as possible.
And reddit has been extra aggressive in allowing mods ban users more easier too, as of this month. Now some mods are "cahoots with admins"
-
Checked both out of curiosity and seems like they are active on twitter but stopped posting weeks ago on bluesky after their feelings got hurt there from ceo backlash.
I predict they will mostly be on X and Meta platform
-
"Privacy is important, so you can follow our latest updates exclusively on the platforms that don't give a shit about privacy"
On a platform, that will ban you if you look at it wierd
-
Whats the problem with creating one message and using the API for posting it? With optional formatting it per platform?
They wrote that they don't want to "write and forget" but engage with people (as they do on Reddit, for better or worse).
I think it's opinable, but it sounds reasonable to me. What is the value of having an official account which just reposts one-way communication already published on the blog and on the newsletter? Anybody can build such a bot, but it's not "presence" the way I interpret it. -
Security is hardly a binary property.
Given you mention the specific technical setup, I would say yes - that is secure against most risks relevant for most people.
At least, it's totally fine according to my own threat model, where I looked specifically at broswer-based encryption vs "manual" encryption (I.e. using PGP tools locally).
It is nuanced, but having the ability to selectively serve malicious javascript stealing keys to specific people only on one access is considerable issue in practice, compared to distributing binary where you would generally have the same binary for everyone and you are able to archive and analyse it.
-
It is nuanced, but having the ability to selectively serve malicious javascript stealing keys to specific people only on one access is considerable issue in practice, compared to distributing binary where you would generally have the same binary for everyone and you are able to archive and analyse it.
Well, yes-ish.
An organization with resources to coerce or compromise Proton or similar wouldn't have trouble identifying individual users "well enough" (trivially, IP address). At that point there is absolutely nothing stopping a package distributor to serve different content by IP. Not even signatures help in this context, as the signature still comes from the same party coerced or compromised.
Also most people won't (or are unable to) analyze every code change after every update, which means in practice detection is even more unlikely for OS packages than it is for web pages (much easier to debug code and see network flows). The OS attack surface is also much broader.
In general anyway, this is such a sophisticated attack (especially the targeted nature of it) that it's not relevant for the vast, vast majority of people.
If you deal with super sensitive data you can build your proton client directly, or simply use the bridge (which ultimately is exactly like other client-side tooling), so for those very rare corner cases where this threat is relevant, a solution exists. Actually, in those cases you probably don't want to use mail in general.
So my question is, who is the threat actor you are concerned about?All in all I think that labeling "insecure" the setup for this I think is not accurate and can paint a wrong picture to people less technically competent.
-
also nobody really cares about nostr
Well, we have to carry info to the masses so that we don't repeat the story of BlueSky, where yesterday the moderators deleted a not-so-dangerous video but reopen after an uproar. It's the same Twitter, side view.
So far, I'm only getting minuses.
-
Well, yes-ish.
An organization with resources to coerce or compromise Proton or similar wouldn't have trouble identifying individual users "well enough" (trivially, IP address). At that point there is absolutely nothing stopping a package distributor to serve different content by IP. Not even signatures help in this context, as the signature still comes from the same party coerced or compromised.
Also most people won't (or are unable to) analyze every code change after every update, which means in practice detection is even more unlikely for OS packages than it is for web pages (much easier to debug code and see network flows). The OS attack surface is also much broader.
In general anyway, this is such a sophisticated attack (especially the targeted nature of it) that it's not relevant for the vast, vast majority of people.
If you deal with super sensitive data you can build your proton client directly, or simply use the bridge (which ultimately is exactly like other client-side tooling), so for those very rare corner cases where this threat is relevant, a solution exists. Actually, in those cases you probably don't want to use mail in general.
So my question is, who is the threat actor you are concerned about?All in all I think that labeling "insecure" the setup for this I think is not accurate and can paint a wrong picture to people less technically competent.
Bridge did not exist back then.
As for it being sophisticated attack, I think it is relative.
Regardless, if Proton said it did not matter to most people, I would respectfully disagree. They did not. They claimed it is not at all less secure than a native app, which is BS.
