Is Protonmail usually accessed through web clients? I only use native iOS client and MacOS Mail with the Bridge app. Somehow I would expect Protonmail users to not use the web client so much, maybe I am wrong.
I hope that many other are paying users too, because there are no ads. And without paying clients, how can a service like Protonmail survive?
(1) not counting obscure ones like Lynx or others.
Ad blocker, IPFS, and Onion support out of the box is prett neat.
it's like there are public laws and hidden "patriot" laws, and companies are not allowed to disclose those things.
as a privacy company, if you haven't yet been raided by some government office, then you are probably compliant on some visible and invisible levels.
Although I'm still naive enough (by choice) to trust a select few companies.
I tried tutanota but it refuses to create an account at all over a VPN, or at least the VPNs I've used. At least it told me the reason it was a no go here instead of silently failing.
Anyone have any recommendations in this space?
This was a very recent (within last week) change I noticed though.
And Apple provides iCloud+ members with a VPN which does not tie browsing history to users by separating ingress and egress traffic and using encrypted forwarding (similar to onion routing): https://www.apple.com/privacy/docs/iCloud_Private_Relay_Over...
Is it a privacy problem if Apple collects aggregate browsing history from iOS users?
And is this relevant to a thread about desktop browsers?
The following data may be collected but it is not linked to your identity: Location Browsing History Usage Data Diagnostics
I now use ProtonMail as my backup email even though I am a long term paying customer. This is obviously a personal decision, but I consider Apple’s email service to be good enough in terms of privacy and usability. Also, every company I have worked for in the last decade uses Google Workplace and I find having work material in Google and my stuff in Apple’s ecosystem leads to a good separation of work vs. my life.
Yes its better than chrome, but its worse than anything which claims good privacy.
Chrome sneaks launchagents into startup and updates itself even though I don’t want to. And the agent has spiked my cpu and frustrated real activities.
The crypto stuff isn’t my favorite but I like the idea of “tipping” site owners although I’ve never done it. I used to put $2/month into flattr and wish it took off.
Don’t use it.
They also seem to attract surprisingly similar groups of users, including a larger-than-chance overlap. Protonmail, in particular, seems to have become a sort of running joke as the e-mail provider of choice to send threatening mails in all-caps.
Disclaimer: I don't use Brave
From a functionality standpoint I would list, hey.com, fastmail and icloud as better. mailbox.org is better on being a traditional mail host you access using your own client (no wierd bridge app). hey.com and icloud are US hosted if that matters to you.
For the semi selfhosted options https://thehelm.com seems like a really good option.
Isn't Brave a commercial, ad serving entity?
Maintaining a browser is a huge amount of work. The web evolves constantly and security fixes are extremely important. Being competitive in the space requires a very large amount of engineering resources.
A commercial entity has a sustainable path to providing those resources. While nobody likes ads, I think they're opt-in in Brave and at the end of the day they're a potential source of funding for the necessary development efforts. Brave also has a unique way of serving ads in a privacy-friendly way.
Most of Brave is developed in the open. Where it isn't, there are good reasons why such as for example security. But I'm also privy to some of the internal discussions. It is amazing how much thought and effort the people at Brave put into privacy, even when it is not visible to the outside world. Again serious engineering resources are devoted to changing Google's Chromium implementation to make it better for privacy. One discussion I vaguely remember was how browser caching can be used to fingerprint users in a very subtle way, and Brave engineers thought very long and hard about how to close this particular loophole of the web.
In short, I don't think "commercial" is bad and having seen some of the internal discussions, I trust Brave a lot when it comes to privacy.
I don't think you can muster a good security reason for not developing something in the open.
[...]
> ...having seen some of the internal discussions, I trust Brave a lot when it comes to privacy.
I felt similarly about Google while I worked there. There were and still are a great many very skilled people focusing on security and privacy within Google, with good intentions. I personally had my own work vetted multiple times for security related stuff, and I was quite impressed.
Yet, Google has grown a bit of a PR problem with respect to privacy issues.
The (potential) problem is structural. Commercial entities exist to make money for investors. Protecting user privacy is a different goal. We also live in a world of grey areas, so judgement calls need to be made.
What structurally prevents the Brave corporation from changing once those people leave, leadership changes, acquisitions happen or Brave is acquired?
I see no particular structural reason to trust Brave more than Google. They're both companies that go to great lengths to respect and preserve user privacy. They're both corporations that exist to make money for investors.
What would I trust even more than Brave or Google? Something run under some form of governance that is legally accountable at a primary and structural level to what it is actually aiming to provide (e.g. privacy) rather than to making money (most every corporation in the world).
Brave is an ad company, in the sense that their only revenue is from ads.
Brave has every motivation to make external tracking as useless as possible, because it increases the relative competitiveness of their own ad platform. Since they own the browser, they can track as much as they want. I'm not saying that they do this today, their implementation might be very privacy focused right now.
I also appreciate that you need money to maintain a browser, even if it's just a layer on top of Chromium.
But we've seen again and again that maximizing revenue always wins out in the long term.
As long as primary revenue for Brave is ads I don't see why I should trust them any more than Google. Less so in fact, because Google doesn't depend on Chrome to generate revenue. For them it's just a helpful sidekick.
https://en.wikipedia.org/wiki/Brave_(web_browser)#Controvers...
At the face of it, it sounds like they had a "Donate to platypus" button but you'd only get the donations if you knew to sign up with them on the back end? Gross.
It's opt-in for creators to accept payouts.
All the complaints mentioned in your link were resolved 2 years ago. Brave returns money to donators if the creator doesn't sign up within 90 days. And creators status with Brave is clearly prominent in the UI.
The list of sketchy stuff in Chrome over the years makes Brave look saintly. And Firefox and even Safari.
Completely optional too. First time I've ever seen an advertiser allow users to simply turn off the ads. Plenty of people use Brave on mobile just for the built-in ad blocker. It's not as good as Firefox + uBlock Origin but it's still a huge improvement over Chrome.
PrivacyTests.org is run by a Brave employee (Arthur Edelstein)
He is extremely smart person though, just that money can taint any good intentions easily. Especially in a very "shark" ecosystem.
Mozilla is a not-for-profit company, and that matters, but they do engage in advertising deals and things of the sort. Non-profits do have less incentives for unethical behavior, but they don't have zero incentives.
I don't think we can only recommend non-commercial companies, although giving points for being so is good.
(Biases disclaimer: I like Brave, I prefer Firefox by a tiny margin)
I prefer it better than for a browser to get 100 millions $ from Google
That said: FireFox4Life! (Or at least, until they betray my trust).
Brave/iOS. (Still killing it, still on hold).
Nothing wrong with that. Every browser should do that by default.
> except their ads are supposedly the good ones
You can literally turn them off. Only way for advertising to get better than that is to stop existing.
Also, if you do turn them on, they're the most benign ads I've ever seen. Basically a small text notification. Easily dismissed and ignored.
> they cut you in on it by giving you some of their made up token currency
They pay you in cryptocurrency for your attention. The idea was for people to spend those coins on the sites they like. I think the execution could have been better. Most people just amass a large amount of coins and exchange for other cryptocurrencies or USD.
It's not "made up". At the top of the cryptocurrency bull market, 1 BAT was worth almost two dollars. I've seen people with thousands of BATs just from browsing.
In conclusion, snake oil and yet another crypto scam.
- protonVPN is great! But its linux app is not. - Proton Mail contact sync doesn't Integrate with the OS itself. - Proton Calendar doesn't integrate with the system, and isn't included with bridge. - Proton is generally very stable and very professional, but their rate of development isn't the fastest. - the proton bridge is great, no problems so far.
But In general it has been very stable.
I have a personal mail domain that I have connected to proton. On my laptop I can send from any user@mydomain.com via Thunderbird connected to a free SendGrid outbound server. But on my phone I can only read mail or send from proton registered user@. Wondering if anyone knows of an ios mail client that allows me to setup something like Thunderbird with custom outbound server
HOWEVER, I can't really get past the fact that it's closed source. At the end of the day, that means that Apple can say they do XYZ practice, and it's very likely to be true (some is testable, and imagine the shit-storm if a whistle blower showed that they really do store your keys, etc), but what if it does something else sketchy "instead" of the things they promise they aren't doing?
Pretty much, if I care about privacy, closed source anything never makes it on my list.
but they don't walk the talk
Outside of using Tor and your own VPN, it looks like Safari w/ iCloud+ protects browsing history from everyone (Apple and ISPs) while delivering a seamless experience.
https://support.apple.com/guide/safari/browse-privately-ibrw...
> Your open webpages aren’t stored in iCloud, so they aren’t shown when you view all your open tabs from other devices.
> Your recent searches aren’t included in the results list when you use the Smart Search field.
