this post was submitted on 27 Nov 2023
519 points (88.9% liked)

DeGoogle Yourself

8743 readers
16 users here now

A community for those that would like to get away from Google.

Here you may post anything related to DeGoogling, why we should do it or good software alternatives!

Rules

  1. Be respectful even in disagreement

  2. No advertising unless it is very relevent and justified. Do not do this excessively.

  3. No low value posts / memes. We or you need to learn, or discuss something.

Related communities

!privacyguides@lemmy.one !privacy@lemmy.ml !privatelife@lemmy.ml !linuxphones@lemmy.ml !fossdroid@social.fossware.space !fdroid@lemmy.ml

founded 4 years ago
MODERATORS
 

Why would anyone use this over Proton Mail or the gazillion alternatives if it treats people like shit.

you are viewing a single comment's thread
view the rest of the comments
[–] Atemu@lemmy.ml 0 points 11 months ago* (last edited 11 months ago) (1 children)

you still have to use their clients on mobile OSs even if you prefer running a client like K-9

If you made K-9 speak their protocol, I'm sure that would work. Additionally, there's also nothing preventing you from running the bridge on your Android (or whatever) device; it's a statically linked Go binary.

What your point boils down to is basically that they don't use or support IMAP. In order for IMAP to work however, the mail server must have access to all of your emails in plain text.
Do you see how that's an issue when your service is intended to provide privacy to the user? The fact that PM cannot read your emails at rest (even if they wanted to) is one of PM's explicit selling points. See https://proton.me/blog/zero-access-encryption

This is the primary reason why PM (and Tutanota for that matter) don't support IMAP. As a software engineer, I can also imagine they wouldn't want to base their entire operations around such an old and crufty protocol though.

Where I definitely don’t agree tho is the free-tier thing.

That's fine. I can see both sides. Though, as stated, I'm clearly in the "socialistic" "pay more to support less affluent people" approach to commercial services product camp.

Having access to the bridge cut off as well as not {Cal,Card}DAV is a real pain that forces the premium subscription

For us power users who need that, yes, that's the point. We should pay.

For your average Joe, they get a fancy web UI calendar and calendar app for free; just like they do with Google but private. I personally find that quite amazing.

If there was no free tier to subsidize everyone could pay a lot less & get “premium” features others deem as essential.

[citation needed]

[–] toastal@lemmy.ml 2 points 11 months ago (1 children)

It’s also not altruistic to pay more for to subsidize in the manner you are alluding too since it misses the larger picture of how these wide free tiers have allowed contemporary services to gobble up users to impress investors with growth despite loss-leading products (in code forges look at the publicly-traded GitLab free model vs. SourceHut where everyone pays a small amount to keep servers running (post-beta plan)).

My affordable provider encrypts their servers & the account storage just fine without needing to reinvent the old, tested protocol (might just be a ZFS pool encryption passphrase). But it isn’t security/privacy that’s in question but the accessibility of this standardized protocols with years of tooling built around it & a business model that I don’t think is sustainable.

[–] Atemu@lemmy.ml 1 points 11 months ago

It’s also not altruistic to pay more for to subsidize in the manner you are alluding too

Whether something is altruistic or not is more of a philosophical debate.

Fact of the matter remains that unprivileged people using PM for free is only possible because us paying users pay at least slightly more. I don't care whether that's altruistic or not.

My affordable provider encrypts their servers & the account storage just fine without needing to reinvent the old, tested protocol

That's nice but that's just simple disk encryption at rest. That's not at all comparable to zero-access encryption. Please read the Link in my last reply.