this post was submitted on 27 Nov 2023
519 points (88.9% liked)
DeGoogle Yourself
8743 readers
16 users here now
A community for those that would like to get away from Google.
Here you may post anything related to DeGoogling, why we should do it or good software alternatives!
Rules
-
Be respectful even in disagreement
-
No advertising unless it is very relevent and justified. Do not do this excessively.
-
No low value posts / memes. We or you need to learn, or discuss something.
Related communities
!privacyguides@lemmy.one !privacy@lemmy.ml !privatelife@lemmy.ml !linuxphones@lemmy.ml !fossdroid@social.fossware.space !fdroid@lemmy.ml
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
If you made K-9 speak their protocol, I'm sure that would work. Additionally, there's also nothing preventing you from running the bridge on your Android (or whatever) device; it's a statically linked Go binary.
What your point boils down to is basically that they don't use or support IMAP. In order for IMAP to work however, the mail server must have access to all of your emails in plain text.
Do you see how that's an issue when your service is intended to provide privacy to the user? The fact that PM cannot read your emails at rest (even if they wanted to) is one of PM's explicit selling points. See https://proton.me/blog/zero-access-encryption
This is the primary reason why PM (and Tutanota for that matter) don't support IMAP. As a software engineer, I can also imagine they wouldn't want to base their entire operations around such an old and crufty protocol though.
That's fine. I can see both sides. Though, as stated, I'm clearly in the "socialistic" "pay more to support less affluent people" approach to commercial services product camp.
For us power users who need that, yes, that's the point. We should pay.
For your average Joe, they get a fancy web UI calendar and calendar app for free; just like they do with Google but private. I personally find that quite amazing.
[citation needed]
It’s also not altruistic to pay more for to subsidize in the manner you are alluding too since it misses the larger picture of how these wide free tiers have allowed contemporary services to gobble up users to impress investors with growth despite loss-leading products (in code forges look at the publicly-traded GitLab free model vs. SourceHut where everyone pays a small amount to keep servers running (post-beta plan)).
My affordable provider encrypts their servers & the account storage just fine without needing to reinvent the old, tested protocol (might just be a ZFS pool encryption passphrase). But it isn’t security/privacy that’s in question but the accessibility of this standardized protocols with years of tooling built around it & a business model that I don’t think is sustainable.
Whether something is altruistic or not is more of a philosophical debate.
Fact of the matter remains that unprivileged people using PM for free is only possible because us paying users pay at least slightly more. I don't care whether that's altruistic or not.
That's nice but that's just simple disk encryption at rest. That's not at all comparable to zero-access encryption. Please read the Link in my last reply.