this post was submitted on 08 Jul 2023
45 points (65.7% liked)

Privacy

32003 readers
974 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] polygon@lemmy.zip 64 points 1 year ago (10 children)

This is a silly thing to take issue with. I use a password manager. When I need a new password I allow the manager to generate one for me. Is the password inherently insecure or bad because it was generated by "a company" and not myself? Proton generates your key for you, just like a password manager does, and they've integrated that functionality into their service for ease of use, and probably ease of administration as well. There is no way someone can screw it up and not be able to read their emails if Proton handles it.

Encrypting email is extremely niche in the first place, the fact that Proton can enable it quickly and seamlessly for users with no prior knowledge on how this all works is a good thing imo. Everyone with just enough knowledge to think they know better seems to get annoyed by this type of thing and starts spreading ridiculous FUD even while Proton is enabling encrypted email for millions of people who otherwise would be using Google Mail. Don't get so caught up in the details that you miss the big picture of what Proton is actually providing.

[–] dan@lemm.ee 17 points 1 year ago (4 children)

Right, but what the author is trying to implement is what is generally considered best practice for secure email.

You’re right that what Proton are doing is a compromise that’s reasonable for most people, but the author here is annoyed that there’s no way to turn it off so he can implement best practice E2EE himself.

Ironically he could probably do that with the vast majority of providers that aren’t Proton, so to me it seems like a totally reasonable ask that a self described privacy focused email provider has some way to allow you to implement best practice email security.

[–] DreadTowel@lemmy.world 6 points 1 year ago (1 children)

Exactly this. Why in the world would they not allow that? I don’t believe it’s that hard.

[–] dan@lemm.ee 3 points 1 year ago

I guess they were probably so caught up in making it easy to use they forgot about the best practice use case.

I agree with you - I don’t think it would take much to adapt their system to support both, even if it’s a manual “I know what I’m doing” power user option hidden away somewhere.

load more comments (2 replies)
load more comments (7 replies)