That... sounds pretty good! I generally wouldn't bet on a company doing the right thing, but Proton has been tempting in that regard. I found the Standard Notes acquisition distasteful at first, but just maybe everything will turn out great.
Standard Notes wants to charge you money to run open source JavaScript code, including other people's markdown and spreadsheet editors, on your own server. To do this, they go out of their way to make self-hosting harder.
Standard Notes went out of their way to make it harder to self-host extensions a couple years ago, which IMO was pretty tasteless on its own. Instead of letting you install a single bundle of extensions with one URL, you would have to manually add each extension and then manually update it later.
They opted for charging for other people's work. Their editor extensions were other people's work. For example, their rich text editor was somebody else's rich text editor with a thin wrapper that allowed it to run in Standard Notes. (Using so many other people's editors also led to a bit of a lack of stylistic direction.)
And then, more recently, they decided to shut off web app access to third-party servers entirely.
"FOSS" only means so much when they dictate what goes into the source code. Unfortunately.
Standard Notes went out of their way to make it harder to self-host extensions a couple years ago, which IMO was pretty tasteless on its own.
I didn't dig into this change exhaustively, but it looked like the old approach wasn't very secure or scalable?
They could have charged for the convenience of providing a syncing server with extra storage, but instead they were basically repackaging and selling subscriptions to JavaScript code which was mostly made by third parties who weren't even aware Standard Notes was using their stuff.
I dunno if you're aware, but 95-99% of the Javascript that has ever run in your browser is open source frameworks or packages, or their sub-dependencies, or their sub-dependencies sub-dependencies, ad infinitum... That's how open source came to dominate the web!
And then, more recently, they decided to shut off web app access to third-party servers entirely.
As in, you can no longer load the web app and point it at your own server?
"FOSS" only means so much when they dictate what goes into the source code. Unfortunately.
All FOSS projects have a team of dictators that decide the direction of the project and what gets merged. If you don't like it, you can fork it or move to another product.
I'm not a huge fan of SN, but nothing you described is different to Proton, who don't let you use your own servers with any of their clients, and have no extension functionality whatsoever.
See, I have the same issue the other way around. Hearing about Proton supporting games on Linux makes me always wonder how I can play games via my webmail account.
So it sounds like they had their hand forced in that instance to provide the data and got a court ruling that allows them in the future to not retain that data. I would trust them.
This is how they try to portray it after their choice to comply. Fully.
They also said in the clarification thingy:
The identity and location of the activist was already known to the French authorities...
It's only by them I heard this claim.
Proton gave the IP address, person got arrested is the story I know and it's the one presented in the euronews article.
...(they had already been evicted once before for squatting, and the nature of squatting means that their location is known).
What a weird statement to make to justify giving up an IP address. Actually, I find it weird in all contexts.
Cmon… It’s a sentence linked to the next one. They are not using that as a way to justify anything, they just explained...
This is precisely the reason why I used both quotes. For me, their "explanation" is pure nonsense. Even more so due to their claim latter on in this same text, saying that:
we are activists, too.
On your question on which email provider I'm using, I could say that my activity does not demand precautions like VPN but there are some providers that I don't use. Proton is one of them, because they promised to users and delivered for police. And what did they have to say on their promises?
We will be making updates to our website to better clarify Proton Mail’s obligations in cases of criminal prosecution and we apologize if this was not clear.
This sounds to me like "sorry for making false promises, we just wanted our statement to sound cool enough to convince you to use our services".
They specifically chose non-profit because it allows them to remain profit driven, and continue to run the company as they have. The non-profit is the main shareholder now, and required by law to act in the interest of its founding principles. They basically did this for PR, because now, working in their customers' best interests is mandatory, and they are protected against hostile takeovers
Similar structure, yes, but this is the important part:
Swiss foundations and their board of trustees are legally obligated to act in accordance with the purpose for which they were established
So, just like the Louvre museum in Paris and the Luxor casino in Las Vegas have similar structures, pointing this out doesn’t really contribute much to the discussion.
For all I know, OpenAI’s purpose is to create Skynet and kill all humans. But Proton’s is:
Our legally binding purpose is to further the advancement of privacy, freedom, and democracy around the world.
And this might actually get me to use Proton. I'm currently with Tuta, and the experience there is... just okay. I went with them because they claim to have even less access to my stuff vs Proton, and Proton being private didn't get me to trust them enough to use them instead (I've used them in the past though). But this structural change might convince me that they're trustworthy enough to switch to.
We'll see how it turns out. I'm still giving Tuta a shot because I like the idea of not bundling everything together, but once I get my NextCloud setup working, I'll decide how much of Proton I'll actually need, compare prices, etc.
And if you believe in our mission and want to help us build a better internet where privacy is the default, you can sign up for a paid plan to get access to even more premium features.
Translation: don't give those other guys money, give us your money!
What I love about them is that recently they had more people buying their password manager, than they planned for. This reduced the cost per user for them.
Instead of pocketing all of the profit gained from it, they sent out an email to all of their paid users, to let them know that they can now update their subscription for a discount.
It's fuckin weird to see a company make a decision based on the long term retention of their customers rather than short term profits... I like these guys.
Will this make them stop spamming me for likes and referrals even though I'm a paying customer? Maybe they can even offer me that 6TB storage tier that I've been willing to pay for but only happens to people who spread the gospel and bring in referrals.
The tone around this company is too preachy and evangelical compared to other paid services.
Great catch. It seems that since the last time I've turned off email subscriptions, they've added three more at the bottom: Drive, Pass, and VPN to individually deselect. So it's opt-in until I manually opt out. Additionally, this is inaccessible from the mobile or desktop app and I'm not sure it will turn off the top right advertising banner that shows up sometimes.
They can only reveal metadata since they keep everything encrypted, but that was enough to track down this person's Proton recovery email address? That's disconcerting.
Trying to use a commercial privacy service to threaten election officials is definitely some dumb shit though, but I bet they could have avoided that outcome with some better opsec
Yeah? Proton have always said they will comply with Swiss authorities for requests for metadata. Good luck finding any email provider that doesn't comply with it's home countries laws.
proton.me
Top