this post was submitted on 18 Jan 2025
274 points (95.4% liked)

Privacy

1974 readers
161 users here now

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be civil and no prejudice
  2. Don't promote big-tech software
  3. No reposting of news that was already posted
  4. No crypto, blockchain, NFTs
  5. No Xitter links (if absolutely necessary, use xcancel)

Related communities:

Some of these are only vaguely related, but great communities.

founded 5 months ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
274
Flirting with Trump is flirting with Nazism - Response to Andy Yen (CEO of Proton AG) on Reddit 📢📢📢 (lemmy.ml)
submitted 3 months ago by [email protected] to c/[email protected]
32 comments fedilink hide all child comments
 

andy1011000 Proton CEO posted:

“People honestly seem to forget that I live in Switzerland, where Republican/Democrat doesn’t mean anything, and Trump isn’t even on our ballot to be voted for…”

Onyx376. replied:

“The point is that fighting for a more just and equal society is not just about fighting for the fundamental right to privacy but also for all other fundamental rights, including individual rights and life. When you, as the CEO of a company that starts from these principles, nod positively to whatever action a political figure like Trump, who is known for always flagrantly putting his private interests ahead of those of his own nation, makes speeches about eliminating minorities, hurting their rights as citizens and flirting with Nazi movements, it is understandable that members of the privacy community are disappointed as this reveals a little about who is being the face of a company that should follow contrary principles. But now we really know what “freedom” means to you.”

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 13 points 3 months ago

If you complie your clients, Proton cannot decrypt your data.

But there's a lot more than Proton can do.

They could log your IP, the exact time you log in or use Proton services

They could keep a copy of every email you receive, most of them are probably unencrypted.

If you use VPN, they could log everything you do, they wont be able to decrypt the HTTPS data, but if they log all your traffic, it defeats the purpose of using a VPN.

They could potentially swap the web javascript, if you ever log in via browser.

When you send emails to another Protonmail user, Proton could potentially do a mitm and swap Proton's public key and make the other user's client think its your public key, and also give Proton's public key, and make your client think its that user's public key. Proton essentially act as a keyserver, so they could maliciously replace keys.

And most people don't compile their user clients, so if you just download the clients they compile, they could just not use the source code to compile it, sending you a malicious client.

There's just a lot of attack vectors if the company itself becomes hostile.