pull down to refresh
related posts
1000 sats \ 0 replies \ @Atreus 8 Sep 2023
Basically, if we want to keep a secret, we have to be like characters in Dune, making up languages we know only ourselves and 3 other living people know.
reply
6 sats \ 3 replies \ @SatoshisSkeleton 8 Sep 2023
Yes. I posted a thread here asking if anyone could audit the Proton code and most said it was great. Except one person on Nostr said its sandboxed and you'd be better off with Google because they st least are transparent how they handle your data. Had to look that up.
Basically he thought the whole thing was compromised and that Proton would be harvesting data and spying on all and any of us at will. The app was created by government and cern and he listed different apps and methods for securing your data.
I'm tending to agree and err on the side of caution. Trusting something because it claims to be FOSS and encrypted is not the way!
reply
116 sats \ 2 replies \ @kepford 8 Sep 2023
Better off with Google? Nah. You are trusting any hosted software provider you use. I'm not saying it isn't possible that Proton is a front but I doubt it. That said, this is email. No matter who is hosting it there are serious privacy issues. If you are very concerned with your communications via email you should be encrypting them yourself with GPG.
The fact that Proton's code is open source is why this was found. Read the article from the firm that reported the issue. Proton has a bug bounty (they are actively looking to fix unknown issues).
https://www.sonarsource.com/blog/code-vulnerabilities-leak-emails-in-proton-mail/
I'm not telling you that you should trust Proton but I am telling you be sus of anyone saying "Use Google".
reply
0 sats \ 1 reply \ @Tjacten 9 Sep 2023
Selfhosting is another option.
reply
5 sats \ 0 replies \ @kepford 9 Sep 2023
It is but it isnt like self hosting other tools. Email is a whole other animal. I've done it.
reply
1 sat \ 0 replies \ @ceife 8 Sep 2023
Must read too:
https://www.reddit.com/r/ProtonMail/comments/16bgr1s/xss_vulnerability_in_proton_mail_allowed_to_leak/?utm_source=share&utm_medium=mweb3x&utm_name=mweb3xcss&utm_term=1&utm_content=share_button
reply
0 sats \ 0 replies \ @kepford 8 Sep 2023
Source: Code Vulnerabilities Put Proton Mails at Risk | Sonar
reply
0 sats \ 0 replies \ @Zepasta 8 Sep 2023
Oooof
reply