It’s not that is is a different ecosystem, it show shows how things can get bad very quickly. People like to say that they’ve the bridge that allows any generic IMAP/SMTP client to use their service, however what if they decide to disable the bridge? People talk a lot of shit about Microsoft and Google when it comes to email but at least those two provide email over standard protocols that can be used anywhere, not proprietary stuff. I wouldn’t be comfortable with having my email hostage to proprietary stuff like that.

No. Same BS as Proton.

The spreadsheet is very opinionated for eg. Proton fails in integration very hard because you can’t use it with a generic email client without extra steps… and in some platforms like iOS your only way to use it is by using their own app.

What do they offer?? An alternative to email that isn’t standard, not based in open and standard protocols like IMAP/SMPT at all and is incompatible with everything else out there that FYI is distributed. So this is basically another attempt at emulating Proton’s success and making email effetely less standardized. lol

Is there anyone more familiar with this age verification process that can explain if and what data does this share with some UE body or government? Is the the system 100% client-side or is there any API or tie to other govt service that may be able to track when and where (website) you’re trying to verify your age? Thanks.

DNS0.eu is the new thing. Maybe also Control D Free DNS, Alternate DNS or if you want to go more hardcore LibreDNS. To be fair your biggest concern shouldn’t be only where you get your DNS from BUT also if it supports DoT and DoH - encrypting the DNS is more important for a lot people than actually using something other than Cloudflare or some other big company.

Adguard is a very large data mining operation. You’ll eventually figure that out.

Yeah that extension should be shipped with the browser to make things easier.

That’s not Ungoogled Chromium, at all. Not even close.

I believe its this: https://lemmy.world/post/32106925/17916457

The only problem with Ungoogled that makes it “not ideal for a normal human” is that fact that it is still cumbersome af to download it. Regular people don’t know github and how to click on “show all assets” and pick the right build.

And to add to all of that the user experience is bad.

When facebook was all over removing anti-vaxx posts and “misinformation” that later turned out to be very close to the truth that guy was okay with “working close with the regime”, now he suddenly isn’t. I wonder…

Some people can’t because they need updated proofing tools and that version no longer has updates.

They do lock you in on handheld devices but that seems to be a consequence of the fact that they are storing all emails encrypted on the server. After reading this link (“[…]Since IMAP can’t decrypt your emails[…]”), I agree that they are just implementing PGP with an extra steps and creating an unneeded layer (the bridge).

Yes, that’s precisely the problem there. You can use PGP with any generic IMAP provider and that will work just fine with handheld devices. There are multiple mail clientes capable of doing and all your mail is still encrypted on the server. Proton just made an alternative implementation that forces you into proprietary systems because it’s more convenient for them.

Those kinds of setups with servers encrypting your mail and still delivering over IMAP are fairly easy to implement, here’s an example. They simply decided to go all proprietary.

The reason I would not compare it to XMPP is because they are still using SMTP. It is when they stop using SMTP or force others to use something e

On a generic mail system SMTP is used in two places: 1) from your mail client to your provider and 2) between your provider and other providers. Proton is NOT using SMPT for the first step, making it non-standard and much more closed.

I want to learn about PGP and how to encrypt email. Someone sells that service, great. And it is not like I cannot send normal emails to anyone else.

I don’t disagree with you, I believe it as well. PGP is it stands is cumbersome.

The thing is that could’ve still implemented a easy-to-use, “just login and send email” type of web client and abstracted the user from the PGP complexities while still delivering everything over IMAP/SMTP.

They are using the same standard, not some made up version of SMTP (when sending to other servers, I assume any email from client A to client B both being Proton customer never leave their server, so no need for a new protocol).

You assume correctly, but when your mail client is trying to send an email instead of using SMTP to submit to their server, you’re using a proprietary API in a proprietary format and the same goes for receiving email.

This is well documented and to prove it further if you want to configure Proton in a generic mail client like Thunderbird then you’re required to install a “birdge”, a piece of software that essentially simulates a local IMAP and SMPT server (that Thunderbird communicates with) and then will convert those requests into requests their proprietary API understands. There are various issues with this approach the most obvious one is that it is an extra step, there’s also the issue that in iOS for eg. you’re forced to use their mail app because you can’t run the bridge there.

The bridge is an afterthought to support generic email clients and generic protocols, only works how and where they say it should work and may be taken away at any point.

while being fully open source using open standards

Delivering your data over proprietary APIs doesn’t count as “open standards” - sorry.

Would it be inaccurate to say that your fear is that Proton pulls an “Embrace, Extend, Extinguish” move?

No, it isn’t. But they never “embraced” as there was never direct IMAP to their servers, instead it’s a proprietary API serving data in a proprietary format.

I also see how that would make Proton like WhatsApp, which has its own protocol and locks its users in.

The problem isn’t that taking down the bridge would make Proton like WhatsApp. It’s the other way around, when they decided to build their internals with proprietary protocols and solutions instead eg. IMAP+SMTP they became the WhatsApp. Those things shouldn’t be addons or an afterthought, they should be bult into the core.

This clearly shows that making open solutions ranks very low their company and engineering priority list. If it was at the top they would’ve built it around IMAP instead.

I could download an archive of everything I have on Proton without a hitch.

Yes you can, but the data will come in more property formats hard to upload to anywhere else - at least for some of the data. They’ve improved this situation but it’s still less than ideal. In the beginning they would export contacts and calendars in some JSON format, I see they moved to vCard and iCal now.

I work in another big4 company, and I have a strong feeling that your claims apply to us as well.

That’s sad, but it is the world we live in.

Okay, here are a few thoughts:

• Companies like blame someone when things go wrong, if they chose open-source there’s isn’t someone to sue then;
• Buying proprietary stuff means you’re outsourcing the risks of such product;
• Corruption pushes for proprietary: they might be buying software that is made by someone that is close to the CTO, CEO or other decision marker in the company, an old friend, family or straight under the table corruption;
• Most non-tech companies use services from consulting companies in order to get their software developed / running. Consulting companies often fall under the last point that besides that they have have large incentives from companies like Microsoft to push their proprietary services. For eg. Microsoft will easily provide all of a consulting companies employees with free Azure services, Office and other discounts if they enter in an exclusivity agreement to sell their tech stack. To make things worse consulting companies live of cheap developers (like interns) and Microsoft and their platform makes things easier for anyone to code and deploy;
• Microsoft provider a cohesive ecosystem of products that integrate really well with each other and usually don’t require much effort to get things going - open-source however, usually requires custom development and a ton of work to work out the “sharp angles” between multiple solutions that aren’t related and might not be easily compatible with each other;
• Open-source requires a level of expertise that more than half of the developers and IT professionals simply don’t have. This aspect reinforces the last point even more. Senior open-source experts are more expensive than simply buying proprietary solutions;
• If we consider the price of a senior open-source expert + software costs (usually free) the cost of open-source is considerable lower than the cost of cheap developers + proprietary solutions, however consider we are talking about companies. Companies will always prefer to hire more less expensive and less proficient people because that means they’re easier to replace and you’ll pay less taxes;
• Companies will prefer to hire services from other companies instead of employees thus making proprietary vendors more compelling. This happens because from an accounting / investors perspective employees are bad and subscriptions are cool (less taxes, no responsibilities etc);
• The companies who build proprietary solutions work really hard to get vendors to sell their software, they provide commissions, support and the promises that if anything goes wrong they’ll be there. This increases the number of proprietary-only vendors which reinforces everything above. If you’re starting to sell software or networking services there’s little incentive for you to go pure “open-source”. With less companies, less visibility, less professionals (and more expensive), less margins and less positive market image, less customers and lesser profits.

Unfortunately things are really poised and rigged against open-source solutions and anyone who tries to push for them. The “experts” who work in consulting companies are part of this as they usually don’t even know how to do things without the property solutions. Let me give you an example, once I had to work with E&Y, one of those big consulting companies, and I realized some awkward things while having conversations with both low level employees and partners / middle management, they weren’t aware that there are alternatives most of the time. A manager of a digital transformation and cloud solutions team that started his career E&Y, wasn’t aware that there was open-source alternatives to Google Workplace and Microsoft 365 for e-mail. I probed a TON around that and the guy, a software engineer with an university degree, didn’t even know that was Postfix was and the history of email.

Yeah it’s all about outsourcing the risk to someone.