this post was submitted on 17 Jun 2024
623 points (99.5% liked)

Proton

5318 readers
3 users here now

Empowering you to choose a better internet where privacy is the default. Protect yourself online with Proton Mail, Proton VPN, Proton Calendar, Proton Drive. Proton Pass and SimpleLogin.

Proton Mail is the world's largest secure email provider. Swiss, end-to-end encrypted, private, and free.

Proton VPN is the world’s only open-source, publicly audited, unlimited and free VPN. Swiss-based, no-ads, and no-logs.

Proton Calendar is the world's first end-to-end encrypted calendar that allows you to keep your life private.

Proton Drive is a free end-to-end encrypted cloud storage that allows you to securely backup and share your files. It's open source, publicly audited, and Swiss-based.

Proton Pass Proton Pass is a free and open-source password manager which brings a higher level of security with rigorous end-to-end encryption of all data (including usernames, URLs, notes, and more) and email alias support.

SimpleLogin lets you send and receive emails anonymously via easily-generated unique email aliases.

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] PlexSheep@infosec.pub 2 points 5 months ago (1 children)

*encrypt

That is wrong. STARTLS exists, besides imaps and smtps are a thing. I don't see any reason to do the weird bridge thing.

Bridge exists and works on a desktop but IMO it just does not make sense to add a proxy server running in my own device. Besides, I cannot use it (properly) on headless devices, especially with virtualization. Using a proper mobile client is completely not an option for mobile devices.

Community versions of bridge exist, but none are officially supported. I could change the source of the original bridge to host it on my server (not just on the loopback interface, which is literally hardcoded).

Besides, there is no calendar or contacts sync. Birthdays don't get added to the calendar. Many more things. Their ideals are admirable, their email hosting just works for what features they offer (even custom domain), but it does not adhere to standard email stuff and features you find literally everywhere. For some users that may be okay but I decided its not okay for me.

[–] sdwilsh@social.ridetrans.it 1 points 5 months ago* (last edited 5 months ago) (1 children)

@PlexSheep@infosec.pub I don't think you understand how Proton stores email on their servers. STARTTLS, imaps, and smtps all encrypt during transport, but would require the server to have a decrypted copy. Since they use zero-access encryption to store emails, that's not possible.

See https://proton.me/support/proton-mail-encryption-explained

[–] PlexSheep@infosec.pub 1 points 5 months ago

Okay, I that makes sense, but still IMAP and SMTP are the standard. At least let me self host bridge on my server.

The only real solution would be PGP, but that has a pretty bad usability.