|
Email Comments, Questions and Miscellaneous Share your opinion of the email service you're using. Post general email questions and discussions that don't fit elsewhere. |
|
Thread Tools |
14 Aug 2020, 09:20 AM | #16 | |||||||
Cornerstone of the Community
Join Date: Jul 2011
Posts: 713
|
Quote:
Quote:
Quote:
Quote:
Further reading through Reddit, for example, will show some related concerns, just quoting ProtonMail from - https://www.reddit.com/r/ProtonMail/...ts_associated/ - and https://www.reddit.com/r/ProtonMail/...iated/dm7cvqv/ - makes me a little uneasy trusting them. You can see a philosophy on display that is not very inspiring, at least to me. Here's an example, quoted from ProtonMail: Quote:
Quote:
Quote:
So let's look at those statements at face value. This great highly-respected private email service that promotes private, secure communications, with "Swiss Data Security and Neutrality" made those statements above. They say on their homepage that "Privacy is a fundamental human right" and they want to protect freedom of speech and freedom of expression... and yet they would theoretically ban people, even if those people did NOT break the terms of service, if the majority of their userbase demanded it. Now that was all hypothetical, according to the thread, and I'm guessing they have not actually banned anyone like that. However, that was pretty bad communication if you think about it -- there are many other ways ProtonMail could have answered in that thread, by showing true neutrality and focusing on the core human rights philosophies of the company, rather than diverging off the deep end of a hypothetical that shows, to me at least, what some of their internal philosophical and ethical alignment really could be. For me, that doesn't sit well. YMMV of course. And there are a bunch of other little things that bug me that add to my lack of confidence... like this -- https://web.archive.org/web/20200427...lks-claim-back So in that example, IF indeed ProtonMail actually hacked the guy back, then deleted the tweet and changed their story, just think about that for a second. Hacking back, while it may make sense to some people as a justified action/retaliation/mitigation, is actually illegal. So I can't confirm they really did that, but they did tweet about it, then deleted the tweet. That's fact. Raises an eyebrow... again. That was August 2017. It's this kind of pattern that keeps popping up here and there over time that makes me uncomfortable with ProtonMail... at least on a philosophical level. Maybe they're all little gaffes and don't mean anything. And yes, I get it, they are one of the "best" of this little niche group of email service providers, and they are supposedly more "vetted" and really well respected, etc.. And well funded apparently. They even received a €2 million grant from the EU to further develop the "Proton ecosystem." Supposedly there are no expectations/ties to that money. We'll take them at their word of course. Still, I have been trying to be open minded about them, like I mentioned above, and I realize that no company is perfect, and sometimes mistakes are made... but after re-reading some of my notes, I think you helped me realize that ProtonMail is not really the provider for me. YMMV of course. There are plenty of options, everyone has their own needs of course. Cheers! |
|||||||
14 Aug 2020, 07:21 PM | #17 |
Master of the @
Join Date: Feb 2017
Location: USA
Posts: 1,723
|
You could find a similar list of links for almost any mainstream provider of online services--shows they're big enough to attract the attention of the professional trolls. The small ones just don't gather the attention. It sounds like some people don't like the idea that ProtonMail might take action against "accounts associated with inciting violence." At least that is what the title of the Reddit thread is about, and I didn't read every post. I'm certain that some are using these encrypted services for illegal activity, and that is one reason I won't use any of them. I'm not sending my money to a service that winks and nods at illegal activity. To me that is a clear ethical problem, that many people seem to ignore because they think that somehow they are protecting their own free speech. In reality, I have no doubt that if you are doing something serious enough to warrant attention from a state-level actor your email choice will do absolutely nothing to protect you, but lots of lower-level criminals will fly below the radar on the same service because they aren't doing something to attract the attention of the state-level intelligence services. Think of it this way, if I learned my business was being used by criminals I would call the police, wouldn't you? Or, do you seek out businesses that look the other way so they can claim plausible deniability? I wouldn't trust a business like that. That's one of the basic problems with the business model.
|
14 Aug 2020, 10:51 PM | #18 | |
Cornerstone of the Community
Join Date: Jul 2011
Posts: 713
|
Quote:
2) Just because professional trolls come out against a service does not invalidate legitimate concerns about a service. Each concern can be evaluated objectively, or at the very least, reasonable minds can form opinions based on available evidence. 3) The Reddit thread in question was only initially about accounts associated with groups inciting violence, which was *already* against ProtonMail's terms of service. Every one of these services has terms of service BTW which covers illegal activity. The quotes from ProtonMail I have issues with are the ones specifically mentioning politics and hypothetically banning people even if they DO follow the terms of service. For you, that may not be an issue. For me that is an issue. I also find it pretty rare (and even kind of odd) that a representative of a privacy-oriented, free-speech, human rights service would say something like that in a public forum, and I think it's a valid concern that folks can consider in evaluating if they want to use such a service. Even if it's just an innocent gaffe and not official company policy, it's at the very least very poor messaging from a company. In any case, these kinds of services are not your cup of tea in general, I get that. 4) Of course some people are using these kinds of services for illegal activity. People are also using Google, Outlook, Yahoo, and every other provider on the planet for illegal activity. No one here is condoning illegal activity. Again, these businesses have terms of use that prohibit illegal activity. And that has absolutely nothing to do with why these services got into business in the first place. If you really want to get into the philosophy of illegal, immoral, unethical usage of online services, there are plenty of examples of massive companies turning a blind eye to those kinds of things happening on their platforms while they rake in huge profits. But again, this has nothing to do with illegal activity. 5) And honestly, we could spend the next 50 pages of this thread discussing what some people believe are the legitimate philosophical reasons why these kinds of services exist in the first place. Why some people prefer these kinds of services or even consider them essential, especially in this world of massive profile harvesting and tracking by huge corporations, even for something as innocuous as reducing web advertising tracking. But there are countless other legitimate reasons for people, such as those dealing with human rights issues, other kinds of invasion of privacy by businesses and/or governments, private political party communications, protecting business communications, protecting personal health information, yes, protecting to some degree even government overreach, political persecution, freedom of expression, and so on and on. Some people use these services between themselves just because they don't want their email floating around Google hard drives for the next decade, ready to be harvested by some slick new algorithm or hack. Some do it for purely psychological reasons that none of us might understand. Some are just writing their memoir and sending drafts to themselves and want to keep it to themselves. Any one of those reasons is enough for someone to want to gain some higher level of privacy or control in their lives, depending on their own unique needs and/or threat model. Some just like a cool feature that a provider has. And yes, obviously, if a state authority really really wants your information they're most likely going to eventually get it one way or another, we all know that. None of these services could 100% protect against a state power that is determined to get your info. Again, that's part of an individual's threat model assessment, and may not have anything to do with why someone would choose to use one of these services. Sometimes a fence is all someone wants. They may not need or want a hardened bunker. 6) And if you're going to avoid using any of these small services that care about your privacy because you think they are "winking and nodding" at criminals as a primary revenue stream, I think you don't understand their business model. It is not in their interest, for profit or otherwise, to protect any criminals on their networks. They are in business for legitimate business reasons or philosophical reasons, not to make money from criminals. Its costs these small businesses time, legal headaches and frankly money when they do have to deal with an enforcement or compliance action, certainly not worth whatever profit they might get from the "criminals" that might be paying for those services. And if you're a purist about illegal, immoral, or unethical behavior happening on a platform, look no further than ALL of the major platforms we all use, which are riddled with abuses that go unenforced. Not to mention there are plenty of genuinely illegitimate services out there that criminals can use and they can easily roll their own or jump from provider to provider. Of course you don't need to agree with any of those reasons. These services are clearly not for you as you've indicated, so we can probably at least agree on that! Cheers! Last edited by ioneja : 14 Aug 2020 at 10:56 PM. |
|
15 Aug 2020, 05:44 AM | #19 |
Master of the @
Join Date: Feb 2017
Location: USA
Posts: 1,723
|
https://protonmail.com/law-enforcement
ProtonMail is open about the fact they will cooperate with law enforcement, so that is a good thing, but I don't want to hijack this thread with a discussion about the pros and cons of encrypted mail. |
17 Aug 2020, 07:23 AM | #20 |
Cornerstone of the Community
Join Date: Jul 2011
Posts: 713
|
While I'm thinking about it, thought I'd quickly update this thread since it has recently been covering recommended secure email services, i.e. including: Tutanota, which has been experiencing an ongoing DDoS attack. IMO, the way they have handled this attack so far has taken them out of contention as a mature, reliable service, for me personally. I'll check in on them in the future, since I was really starting to like them, and perhaps they'll come up with a better plan for responding both publicly and privately to a crisis like this. For now, I'll be saying goodbye to them. Here's the thread in the forum with relevant info: http://www.emaildiscussions.com/showthread.php?t=77329
|
20 Aug 2020, 01:57 AM | #21 |
Master of the @
Join Date: Feb 2017
Location: USA
Posts: 1,723
|
This person says "stop using encrypted email." https://latacora.micro.blog/2020/02/...encrypted.html
|
20 Aug 2020, 06:30 AM | #22 | |
Senior Member
Join Date: Oct 2015
Posts: 159
|
Quote:
That's why I decided, when Tutanota were having their problems, to use Signal (as this person suggests) for secure messaging. For day to day stuff I am going to use GMail/Fastmail due to their excellent reliability and if I need to share large secure documents I am going to use Internxt but encrypt the documents myself twice first before uploading, using open-source tools that are proven to be secure. As I have said before these guys running encrypted email services are not (as far as I can tell) cryptographic experts and in my view we have to take them on trust not to snoop on our email. If they can give law enforcement access to unencrypted email who knows what goes on behind the scenes on a day to day basis. |
|
22 Aug 2020, 07:54 PM | #23 | |
Cornerstone of the Community
Join Date: Aug 2006
Location: Philippines
Posts: 843
|
Quote:
|
|
26 Aug 2020, 12:20 AM | #24 |
The "e" in e-mail
Join Date: Jun 2004
Location: in between the bright lights and the far unlit unknown
Posts: 2,341
|
I should know more about MailFence, being a Belgian myself and MailFence being a Belgian service, ... I know they're using the same platform as ContactOffice and Mail.be but there are some big differences as well.
I'm fairly pleased with Protonmail, and unlike some here, I do like their interface. It's not flashy, but I actually like that simplicity. It's very clear and user friendly, which is what matters to me. I would add that, while not having used Runbox myself, their location doesn't seem a downside to me. Norway is not a EU member and I never heard of it becoming a surveillance state, none of my Norwegian friends ever talked about any such thing. That said, I have no problems with using services based in for example the US, as I would say a law-obeying citizen doesn't have to fear preying eyes. Which doesn't mean I approve of staff members scrolling through mails or so, that is a breach of privacy. But to my understanding, this isn't happening with any of the widely used services. |
29 Aug 2020, 04:08 AM | #25 |
Member
Join Date: Nov 2013
Posts: 69
|
|