As we have no guarentee that Proton Calendar is 100% E2EE (no one can check the code), it is heart breaking for me to suggest to temporarily remove Proton Calendar from PG.
So the web source is available, isnât it a problem if the source code isnât available for other devices (Android, iOSâŚ) ?
Instead of removing it, we could maybe add a note next to Proton Calendarâs section to say that the source code is not available yet for other devices (not updated since 2021), if you think it could be important for users to know.
It is now 2024 and the Proton Calendar mobile apps arenât opensource and havenât been since 2021. While web source code is available in their webclient repo this still violates their open source guarantee on their landing page and dedicated open source page.
All our apps are open source and independently audited by security experts so that anyone can use them, inspect them, and trust them.
For over two years now they have been saying they will publish the repo on Github as referenced above by IksNorTen and again 1 year ago and again 3 months ago.
To me this seems very strange if the Proton Calendar mobile app codebases are mature and well-written they should already be well documented. However the fact that they have been unable to do something as simple as publishing the repo after all of this time and that they still represent all of their apps as open source instills distrust.
In summary, I too believe the Proton Calendar recommendation should be revoked, reconsidered or at least caveated in some manner.
Seems to me that Proton has abandoned the open source path, they also havenât updated their VPN source code for macOS for more than 8 months.
I think the companyâs revenue has grown significantly and they have come to the point they donât really care about privacy anymore.
Anyway I personally donât trust them, for some reason they seem suspicious to me.
Do you have a counter argument? âFUDâ can sometimes be quite warranted. Not saying it is the case but screaming âFUDâ is the trendy equivalent of calling something a conspiracy theory in order to dismiss it instead of providing a counter argument. If nothing else, people should still be able to express their doubts and concerns, I think
Itâs somewhat ironic because the same user claiming FUD was making unsubstantiated claims about Apple oath yesterday. I could no longer find the thread in my comment history.
In this case itâs just someone saying âtheir source repos havenât been updated, I find that suspicious!!1!!1!â rather than an actual argument based on that fact alongside others. Calling it FUD is thus warranted here. Not being fully open source is not a sin in of itself, if they refuse to update the sources that are available then we can rehash the whole âtheyâre suspiciousâ argument (if the company already has refused to update repos then the point is moot but I havenât seen anything about that personally)
Sure, thats besides the point though, point being that FUD can be perfectly legitimate. In other words, by just calling something FUD youre not adding anything to the conversation since that by itself doesnt tell you anything
It tells you that the person accusing another of FUD believes the point being made is, in their eyes, unworthy of even a debunking because its nature as falsehood or exaggeration is so self-evident.
Again, the point, which youve continued to miss, is precisely that some people have taken to just label as âFUDâ any criticism they dont like and leave it at that . The person youre accusing of âFUDâ doesnt gain anything from the exchange, nor will anyone else reading it, since that by itself is not an argument, it doesnt present any new or previously unconsidered facts or reasoning
Please avoid dishonest accusations as well as misrepresentations of why this thread exists, which is far from unjustified given what is explained in my first post, assuming you read it.
It doesnât make sense for me to say so (as my person is irrelevant to this topic) but Iâll make it clear anyway: Iâm a long-time Proton user and I use all their products (including Proton Calendar, which no matter what anyone says is much better in terms of privacy and security than most other calendars with synchronization) and that doesnât stop me from questioning certain aspects of their services, because nothing is perfect. So itâs NOT spitting on Proton to point out to our community, which is all about service transparency, that thereâs a grey area forming on this side of Proton Calendar.
If it were a simple matter of a few weeksâ delay in communicating the code, it wouldnât be a problem, because itâs difficult to always be on time, especially for services of this importance. But in this case, weâre not talking about a few weeks, or a few months, but a few YEARS.
This problem has been going on for almost 5 years now, despite the fact that the Proton team has said it would be solved soon.
Also an other quick reminder of PG fundamental criterias in case you forgot ( privacyguides_org/en/tools/ ) :
If youâre looking for a specific solution to something, these are the hardware and software tools we recommend in a variety of categories. Our recommended privacy tools are primarily chosen based on security features, with additional emphasis on decentralized and open-source tools.
. The person youre accusing of âFUDâ doesnt gain anything from the exchange, nor will anyone else reading it, since that by itself is not an argument, it doesnt present any new or previously unconsidered facts or reasoning