Proton basically follows the blueprint pioneered by Rolex. Start a non-profit to handle stewardship of the profit making entity, have controlling stake owned by members of the founding family/group (I think Swiss laws help here to some extent, because controlling stake doesn’t have to be majority stake, but IANAL so don’t quote me on this), protect yourself from external pressures, and enjoy the tax benefits as a bonus,
Rolex leverages it these days to limit production and maintain scarcity, increasing desirability as a result, pretty much the opposite of what the founder wanted, which was to make competent “tool watches” that were expensive purely because of their accuracy/quality/reliability.
Essentially, non-profit status prevents others from screwing with your for-profit business from the inside, but you’re still free to screw it up yourself.
Look at OpenAI. Swiss non profits are no different. I also think all the virtue signalling about Non profit is along the same lines as “we are audited”, “we are swiss”, and other ideas they sell. Evil will do evil regardless of “do no evil” being their mission statement (look at Google advertising), so I do not get why a non profit magically hand waves away serious questions about sustainable mission.
You are getting to caught up into an individual example. The strategy is about what works on millions of users.
The way Proton handles Standard Notes in general is just so odd, so I can’t say.
SimpleLogin is basically bundled with Pass at this point. Lumo is new product, I am sure more bundling will come. SimpleLogin and Standard Notes are also products Proton bought, not developed themselves so they may have to handle integrating those differently.
My guess is SimpleLogin will be completely absorbed by Pass eventually and Lumo will start being added in as an AI assistant into their other products.
That’s not what they told me, and I believe them. Proton essentially told me that they want people who have no interest in Proton Pass or any other Proton service, to be able to use SL login as a standalone service.
Yes, that is a factor, but it is not the case of Lumo. And I bet it won’t be the only native Proton product that will have the option to be added on. And it’s clear that that decision has more to do with greed profit motives, rather than what is best for the user.
I’m surprised no one mentioned the concept of Trust in this thread (or I might have missed it).
We all use privacy tools based on trust. If it’s closed source, then it means you trust the developers. For example, PG trusts 1password with their words. And there is nothing wrong with that as trust is unique to each individual.
What open source means is that you don’t have to trust words, you or someone else can audit the code. This is transparent and objectively adds trust to a project.
One of the biggest critique of Proton is that they are saying they are open-sourced and in a lot of instances, it was demonstrated that they were actually not. This is lying and breaks trust.
I’m a paid Proton customer and this to me is irky. I’m not saying everyone should stop using Proton because of it, but at least have an exit strategy as others mentioned here, just in case.
I should work on that too, because I don’t have an exit strategy for my aliases.
Blindly trusting Proton because “they’re the good guys” might shock some people if they do end up in the enshittification path.
tldr: are there any solutions for aliasing that allow you to reply from the alias address and integrate as well with mail and password manager?
Are there any strategies people are using to deal with this? This is the key thing keeping me in proton ecosystem at this point. The email and aliasing are so well integrated with proton pass. if you trust them (i waver on this, personally) it’s a great product.
ever since switching to linux a couple years ago, the value of my proton subscription has plummeted. literally no way to use proton drive as intended (please do not suggest unofficial community apps to handle my password manager and drive). i would love to be switching to services who actually care about privacy and security. services that are providing full verifiable builds. services that are developing for linux (the only mainstream desktop os that properly respects privacy and user autonomy). releasing flatpaks for their apps so there is a decent sandbox and less fragmentation within linux. proton is nowhere near this. even the apps they have for linux need to be manually updated. they can’t even be bothered to offer them in a repository like mullvad or brave. the linux proton pass app randomly stopped auto locking a while back and the official response from the company was “it will only auto lock once you minimize it”. it’s just lazy, and there is really no end in sight for the linux dysfunction. their whole “there aren’t enough linux devs to do this work” excuse is total hogwash, they just don’t care about offering the service because they are interested in profit and not making their products usable for all. i’m tired of waiting and would rather give my money to someone else.
If you have a custom domain this is easy with pretty much any provider. Actually Proton kind of uniquely makes working with a custom domain a nightmare compared with other providers if you use their basic Proton plus plan.
The size of Proton is what makes me nervous to use it. I also don’t buy their marketing to be a “private” email. It is impossible for them to offer a truly private email by the very nature of how email works and more appropriate (honest) marketing would be the promise to be a “more private” email than most other email services. I suspect they wish to be Google. Google once had the “do no evil” motto that I once trusted with most of the data in my life and I would be afraid Proton would follow the same path. It is hard for me to trust any large corporation at this point, especially with the amount of data Proton has access to. Don’t get me started with their llm product.
For new users, I would recommend to not use email for anything that is secretive and instead communicate through a different method, like signal or matrix. Of course, we have to have email to be part of modern society and so I would recommend to look for groups that might align with your beliefs or interests instead. For my friends, I recommend Disroot and other smaller organizations.
When it comes to Proton Mail, I think their marketing is fairly accurate. But the reality is, most Proton Mail users probably don’t encrypt most of the emails they send to non-Proton addresses. IMO, this practice needs to change, in that us Proton users should keep the percentage of non encrypted emails we send to a minimum, at least when it’s sent to Big Tech domains (Google, Microsoft, Yahoo, etc…). This is why all my emails to businesses and big tech addresses are with aliases and not my Proton address.
Proton and other privacy companies believe and advocate for privacy as in E2EE by default. They should continue to strive for that. IMO, emails sent to customer support from a Proton address should be E2EE, but they’re not, and it’s not clear why. Maybe it’s a hard problem to solve, which I can appreciate, but I hope Proton tries to solve it.
With Tuta, emails sent to support are E2EE because their support address is a Tuta address. It’s possible that Tuta is able to do this because they are relatively small compared to Proton, but as they grow bigger, it might become harder. As a paying Tuta user, I can tell you that unless you are in the top paying tier which I have no experience with, responses are quite slow. It can take a month or more to hear back from them.
In fact, I did watch the video. And I wasn’t responding to an individual other than the post.
I did forget that the creator of the video is “The Hated One” and not saying that about Proton - was a bit distracted while coming back to write the comment.
Doesn’t change the fact that other than the crypto wallet, I can disagree with the video. Vendor lock-in is a user’s bad choice to make or not. I have my email with Proton and a custom domain that is registered with not my Proton account because that would be foolish. Having a custom domain is only portability of the address that transcends vendors when you don’t lock your keys in the car in the process.
I do agree with you (koocmit) and I think Proton as a company are pretty shitty in a lot of ways and they are conducting fraud (maybe not in a strictly legal sense?) with their advertisement. I’m trying to provide an explanation here as I see it of why Proton does what they do from a business perspective.
I would argue that those businesses have a different audience and that none of them are as successful as Proton. By open sourcing your backend you open yourself to a lot more scrutiny and intellectual theft. Perhaps that trade off is not worth it to most businesses that don’t cater to a hardcore and very technical privacy crowd. Proton wants to be the Google alternative for the masses and they don’t care about the small minority of users that will ever consider self-hosting a Proton stack or consider looking over their backend code.
To become a huge successful business you need to have a network effect. Proton’s network effect is their ecosystem where their products work well together and it encourages existing users to bring in non-Proton users to join (ex. sharing albums/docs, encrypted email). I don’t see a world where businesses like bitwarden or ente could become billion dollar businesses (outside of inflation) any time soon, but Proton is (~$2 billion).
To me, all of Proton’s product decision center around building a highly profitable business and they shouldn’t necessarily paint them as “bad” or untrustworthy. The irony that Proton is owned by a non-profit company is not lost on me here. As it is now, I haven’t noticed any enshitification in Proton’s products, but they could be a lot better. I’ve been looking at ente/tuta/mailbox a lot today and after testing them out I can’t imagine switching from Proton. The value proposition that is offered (~$4/month for me) is worth it to stay subscribed.
