To replace everything. Mail, calendar, drive, vpn, password manager, documents etc. What are the pros and cons relative to proton? What are the mobile apps like? What assurances do you have they won’t go full proton in the future? And other questions
So the whole “we encrypt your life” thing is pretty nice. But in reality look at what you’re actually doing… You have super secure encrypted email to do what? Send unencrypted emails to your friends…
It makes no sense to me… Like, you need an encrypted calendar? Why? What are you getting with encryption that you can’t get with using a VPN to connect to your local network and access a self-hosted calendar. In what was is that less secure?
Drive? Sure. VPN? Sure. Password manager? Sure. Documents? Sure. I see the value in having H/A for services like this, but all of that can be self-hosted on an rPi in your basement with a rProxy and a domain.
One reason is to prevent targeted advertisement.
It doesn’t, though. Not even a little bit. Using encrypted services doesn’t stop tracking cookies. That too has to be handled client side. So you would use a browser that lets you use host files via extensions (firefox, etc) and other tracking blocking extensions, or you can setup network wide protection via Adguard Home, etc.
It does. You need both. Even if you have cookies disabled, Gmail can read all of your emails and use that information.
You need both.
For the third time now–not if the service/device you’re using contains both the password and the 2FA… How is this not getting through?
If someone gets into my Bitwarden install, and gets access to both my passwords and my 2FA seeds, in what way does 2FA protect me? I kept all the family jewels in one place. That’s the exact situation two factor authentication is designed to prevent by forcing you to have an additional and separate device/key/passcode/password.
Say it a fourth time if you want to continue feigning ignorance. You’re assuming that the only way your credentials could be compromised is if your password manager it compromised. 2FA would not protect that specific use case if you store both authentication methods in your password manager. However, it does still protect your services from other types of compromises, which is better than no 2FA at all.
I currently self-host NextCloud and run TailScale to access my home network and use as an exit node for a secure connection when I’m out and about ¯\_(ツ)_/¯
I remember when the Chick-fil-A CEO got a lot of flack. While I disagree with him, I still eat at CFA. Until I feel like the quality of the service is or will be compromised, I do not plan on migrating off of Proton.
The whole universe
I honestly don’t see the big deal with people hating on proton. It’s still open source it’s still encrypted and doesn’t mine your data that seams to check most of the boxes for me. The only problem I had with it was the default main client which shows upgrades to go unlimited all the time but I just use Thunderbird now.
The hate for proton is because the CEO Andy Yen retweeted Trump announcing his pick for assistant attorney general for antitrust cases. His retweet included commentary fawning over Republicans as “standing for the little guys.” When criticized the company doubled down and supported him but then said they wouldn’t be making any more comments because it was a distraction.
If that isn’t enough, someone noticed that CEO Andy’s Reddit username is ”andy1011000.” The numbers at the end are binary for “88” - a well known pro-Nazi dog whistle. He says this is only a coincidence and is meant to refer to being born in 1988.
So in summary he is publicly praising fascists and has a username which coincidentally has a pro-Nazi reference.
According to Wikipedia pages 14, 18, 1488, 8814 are also common Nazi’s symbols. I personally feel the birthday explanation more likely as I see a lot of people doing that (without the nerdy base 2).
But yeah, I’m not sure of anything now, if you told me a few years ago that dozens of billionaires would go full on highlander on 2025 I wouldn’t have believed you…
I agree it could be a coincidence. It’s just a really unfortunate coincidence in light of his public statements and the fact that so many other corporations are doing an any% evil speed run right now. Folks are right to ask questions and be wary.
I get the controversy about the CEO being controversial but the services that proton make are still very good for the most part. And since they’re open source and encrypted you don’t need to trust proton anyway (aside from the VPN).
Self host email and nextcloud. Keepass for pw manager. I use davx5 and fossify calendar for mobile calendar. Nextcloud mobile just manages your files and doesn’t have the other Nextcloud apps.
Idc about Proton either way though. Imo if proton was fine for you before then it’s fine for you now. I just prefer to have control over my own services.
What assurances do you have they won’t go full proton in the future?
Absolutely none. That applies to all services that exist now or in the future. The only way around that is self-hosting but that path has its own issues including a very steep learning curve if you want to be secure as well as private. Maybe this could be a longer term project to work towards?
For services:
- Mail - Mailbox.org seems the best option right now
- Calendar - don’t know.
- Drive - either Cryptomator used with literally any service or a dedicated service like Filen
- VPN - Mullvad
- Password Manager - Bitwarden
- Documents - I just use LibreOffice offline or CryptPad occasionally if I’m collabing with someone.
In truth none of these are perfect. Privacy has got a lot harder recently as Proton and StartMail/StartPage have politically shit the bed and the UK seems determined to kill encryption which means I have to avoid really good services like IceDrive just because they’re in the UK.
EDIT: Calendars. Mailbox.org’s included one works fine. You can sync using CalDAV. The process for Thunderbird (desktop) is here.
The process for mobile is a little more complicated. First you need Davx5 to actually get the data, but thats all that app does. It’s not a Calendar app. It does work with the native Android Calendar but I used FossifyCalendar.
So install both of those then login to your Mailbox account in a browser and create a Calendar (or use an existing one). Get its unique URL by looking under the heading ‘My Calendars’, clicking the three bars icon, click ‘Properties’ and you can then copy your CalDAV URL.
On your Android device open Davx5, tap the plus icon then specify ‘login with URL and username’ tap ‘continue’ then paste in the URL you copied earlier, your email address and your email account password, tap ‘login’ and that should work.
Now, switch to your Calendar app. I used Fossify Calendar so if you are too, open that up, go to Settings, scroll down to the CALDAV section and turn on CalDAV sync. It might switch to your new Mailbox calendar now, but if it doesn’t, tap ‘Manage synced calendars’ and activate it there.
Can you provide any link for what Startpage has done wrong? I’m familiar with the Proton situation but hadn’t heard anything about Startpage. I’ve actively been looking for non-US based search engines.
Thank you!
Regarding Password Managers, you can put a little extra effort into setup with KeePass + SyncThing to avoid using 3rd parties at all.
Highly recommend not relying on a cloud provider for this kind of thing. You’re just asking for one of two things to happen:
- Their servers get compromised
- They decide to shut down
I know you can self-host with vaultwarden, but if you’re not a self-hoster then it’s a little bit simpler to setup SyncThing and use the kdbx format.
Thats a good point, I might set that up myself!
At the moment I do a once-a-week encrypted export from BitWarden and Aegis (authenticator) and put those exports onto an encrypted USB pen drive to avoid the issues you mention but I think your way is probably better.
You mentioned another excellent tool, Aegis!
I use it too, and I have it set to auto-export every time I add a new OTP provider to my SyncThing system. Since you can encrypt the exports, it fits nicely and have my OTPs available everywhere.
What happened with StartPage?
Yikes…
I can personally recommend fruux for calendars and contacts, but their free accounts are rather limited.
Tuta is a great german alternative with e-mail and calendar. For Drive there is many options but I don’t feel recommanding one now For VPN there is Mullvad, IVPN and NymVPN(beta) For Password Manager there is BitWarden or any popular KeePass clients but sync is mainly on you. For Documents there is CryptPad
I wholeheartedly agree with Tuta over Proton Mail!
And to add to password manager, KeePass + SyncThing is excellent if you need to access your vault on multiple devices without any 3rd parties involved.
It does not offer all the options from proton but I bought my own domain from OVH provider (France). Can configure email addresses in their admin user interface. I have one main account that I do not disclose. So when I need to create an account somewhere, I just go to OVH web interface and create a new alias for my main email.
The day OVH goes dark, I’ll just have to move my domain somewhere else.
I like fastmail
There are no viable package solutions, that’s the thing. If you want to make sure your service supplier shares your values, there’s nothing but self-hosting left.
As others have said no all-in-one solution, but Privacy Guides has good recommendations for each use case
Proton’s probably the best mail.
Calendar: paper
Documents: cryptpad
Tuta for mail & calendar, CryptPad for cloud docs and spreadsheets, Mullvad for VPN, plus a few other random things like Disroot which offers email and some other services. There’s some overlap and duplication but I don’t want to keep all my shit in one place any more. The Tuta app is blocky but acceptable. Everything else I only view in browsers.
Tuta – https://tuta.com/
Includes mail and calendar and contacts. No files, or password management. But worth a look, if you want an encrypted solution and you’re OK with using their client apps. I do, and I am and it’s great, IMO.
Their blogs say they’re pro-privacy, and anti-BS, if you believe them: https://tuta.com/blog
