Highest Rated Comments


Larua_Pamler259 karma

Hi Andy! Thanks for doing this. Eventually, using a VPN comes down to “how much do you trust the VPN provider”. And a lot of this trust is directly tied to the people running the company today. But people will inevitably change or find a new job and leave the company and after a while the core ideas behind the company might get lost or could become compromised. So - first question - how are you planning to ensure that your line of thought will be consistent and coherent throughout the years as well as with future boards of directors and management and when should we become alarmed in case things go wrong? Second question - looking at what happened to /r/CopperheadOS how can we be sure that there won’t be any hostile takeovers from third parties? I realise that from a legal point of view Switzerland is not the US so someone taking over the company is rather unlikely, but it’s also worth remembering that ProtonVPN is, in fact, a separate company . I imagine this was done for a number of reasons (subsidies, taxes, legal stuff, diversifying risks…) but nonetheless we have to trust a separate entity that is legally not the same as “ProtonMail” and the software ProtonVPN is running is not directly verifiable like for Open Source software, hence my question.

Larua_Pamler95 karma

Being Open Source is commendable, but how can we be sure that the ProtonMail code being sent to the users is not being compromised? I think this issue was brought up several times, and someone mentioned something like to create an open source browser extension which would constantly verify the integrity of the code. Is this actually planned?

Larua_Pamler16 karma

Email aliases using “+” are highly impractical, as many sign-in forms don’t allow the use of that character. There’s a request on uservoice to address the problem by using the hyphen (-) character instead, but from what I recall PM never publicly took a stance on the issue. Is there a reason why this is not being implemented? There’s no point in having aliases if you cannot consistently use them.

Larua_Pamler4 karma

Let’s talk about hardware products, in particular phones and laptops. As we know, both can be considered as surveillance devices so of course their usage depend on the user’s level of threat. But aside from Purism with their Librem product line, to my knowledge no one is developing privacy-focused software optimised for privacy-focused hardware. For laptops, I find it extremely frustrating that the “less worse” alternative for a creative professional is actually Apple (if it wasn’t for Adobe products I would already have switched to Linux), and it’s even more frustrating now that they keep increasing the prices and removing features used by the creative industry, replacing them with TouchBars with emojis that no one asked for. And for smartphones, Librem 5 aside, I find it weird that the now-defunct /r/CopperheadOS and other project like /r/RattlesnakeOS require a Google Pixel phone. I mean, I want to protect my privacy so I don’t give my data and my money to Google, but I have to buy a Google phone in order to degoogle? It’s seems like a paradox to me. So, my question - given that ProtonKey is in the works, in the long term can we expect Proton to become also an hardware manufacturer and focus on other kind of softwares such as OS, a browser etc.?

Larua_Pamler1 karma

I’m using Bridge, but I realised that I would be perfectly fine only by using the web version, provided that I wouldn’t have to log in at each session. I know you’re already working on this issue, but once that’s solved do you think it would be possible to have a simple app only sending instantaneous notifications when a new email arrives? Using Bridge is fine, but I’m simply looking for an energy-efficient and battery-friendly app to tell me when I’ve got a new email without having to wait 30+ seconds for Bridge to catch up with the new messages I already received on my phone. Alternatively, it would be great to actually merge Bridge, VPN and notifications in one single app, but I don’t know if it’s feasible.