cronenthalThe informed choice
Big TI’ve been using the one included with my Proton subscription, what do yall think about it? Worth it to also pay for Mullvad?
I have nothing against Proton or any of their products, but I took the opportunity of switching away from big tech to also switch away from the all-services-in-one-provider model. Moving everything from let’s say Google to let’s say Proton just kicks the problem down the road. If Proton ever goes evil or goes out of business you’re now looking for a new home for all your services again.
Its also generally good privacy practice to use a VPN provider that is wholly separate from any other provider you use so that provider doesn’t have access to your VPN traffic. This is more true from providers who aren’t trustworthy, but it’s a rule I follow regardless.
Of course, this all depends on your threat model.
unfinished | 🇵🇸Using separate providers for cloud storage, passwords, email and VPN is way less convenient and more expensive than having it all under Proton. It’s not perfect but it’s miles ahead of what most people use.
how is it way less convenient? I switched from Proton to other services and I conveniency has increased since quality of services has increased. and because I don’t really see many fundamental benefits of them being tied together.
DigitalprimateNot challenging you, but do you have evidence that’s easy for you to get to? I am considering their mail service. Thanks!
DownByLawI guess they mean the tweet of the Proton CEO, which was blown far out of proportion and without context and caused a sensationalist shitstorm on Reddit.
If you want a detailed write up: scribe.rip/…/does-proton-really-support-trump-a-d…
Dude basically just said that Reps were more responsive than Dems when he tried to lobby. Everyone’s translation was that he must love Trump.
Good write up, thank you for the context.
I think I’ve gotten this info on Lemmy somewhere. Searching got me this news.ycombinator.com/item?id=44808694
theintercept.com/…/proton-mail-andy-yen-trump-rep…
So it seems like it’s not such a clear cut case as i made it out to be. Thanks for “challenging” me, even though that wasn’t your goal.
Thanks for the update!
I am in the process of slowly buying up the hardware and learning the needed information to self hosting, I degoogled my life which was a hard thing and Proton was the easier place to go and it was intended to be a place holder till I feel confident enough to switch everything over to a self hosted setup. Using the Proton VPN is more a frugal choice.
I’ve setup my first Pi Nas (raspberry 5 pi nas) and that was step in my self hosting journey, I do own my domains for my emails so step 2 is to get another raspberry 5 and setup my own self hosted website server and email.
I’ve always been a tech savvy guy but my field is manufacturing, I’m not a software or web developer like a lot of the people on here so it’s a bit of a slower pace for me but I’m working on it, also its getting more and more expensive to self hosting by the day. I do value the input and information I learn on here and appreciate the explanation and input!
I’ve always been a tech savvy guy but my field is manufacturing, I’m not a software or web developer like a lot of the people on here so it’s a bit of a slower pace and learning curve for me but I’m working on it.
I felt this in my bones. I do a lot of tech work, but basically none of it is programming or web dev. So lots of the self hosting stuff goes right over my head unless I really take the time to dive in. The worst part about self hosting is realizing how much you don’t know, but also knowing there’s probably a lot more that isn’t even on your radar.
Everyone has heard horror stories about the newbie self hoster just forwarding ports for every single service they run, not realizing that it’s turning their firewall into a sieve. And it’s the “not realizing” part that is scary. Especially when basically every Reddit thread about hosting something like Jellyfin will inevitably have a comment near the top, which is along the lines of “lol I just forward my port and it works.” Misinformation about best security practices is rampant, and filtering it out can be overwhelming for a newbie. Especially since the “not realizing” threat is always present. It’s always possible you made some dumb mistake that just exposed your entire LAN to the internet. And you won’t even know you made the mistake until all of your shit is ransomwared or being used to mine bitcoin.
Proton is known to unmask paying customers to agencies like the FBI, just so you know.
zarkanianNo, lol. That would have to go through a Swiss court first. Also, the only info the FBI is going to get is “Yes, this person is a ProtonVPN customer.” Your data is end-to-end encrypted, so Proton cannot decrypt it.
Check the news. Proton literally unmasked the identity of a paying customer to the FBI. Delivering someone’s identity is as bad if not worse than delivering messages: at that point it matters not if your data is encrypted because now the FBI can target you for $5-wrench torture.
Half true.
This post is about VPN. And Proton VPN is still safe.
Your info/news is on Proton Mail. In this case Proton was legally obliged (Swiss law) to give out identifying data for the owner of a known email address. The owner used a credit card and they had to give up the credit card info. The content and communications inside their email account is still private and was not given out. If they had used cash or crypto for paying, proton might have had no information to give out to the authorities. And again, they were obliged by law.
And again, they were obliged by law.
If the only defense a company has for giving away information about (paying!) customers to an agency of a fascist country known for disappearing people is “I was just obeying orders!”, may I remind you of the Nuremberg Trials. But, well, I guess there’s nothing better to expect from Proton on that end. The Swiss were, after all, well-known for taking all that Nazi gold without any complaints.
Just follow orders, like a good soldier.
Luminous5481 "Lawless Heathen" [they/them]Are you OK? You didn’t hurt yourself with that ridiculous stretch, did you?
why, what should have they done? close shop and go to jail for not complying?
you have unrealistic expectations. if you are high risk, you should only access their services over their onion site and only pay in crypto or gift cards. they give all the tools one needs to stay truly anonymous.
why, what should have they done?
In the least, fight it more in court. Isn’t that the entire point of the thing, to keep things looping around via lawyers? Maybe notify the user beforehand, as well.
In the most, not have hosted that data in the first place. No need to keep subscription data if you implement one-time lifetime plans, for example.
In the least, fight it more in court. Isn’t that the entire point of the thing, to keep things looping around via lawyers?
that can be done in questionable cases, but not all is like that. often the law is very clear about what do they need to comply with, isn’t it?
Maybe notify the user beforehand, as well.
I am not a lawyer but I doubt they are allowed to do that
No need to keep subscription data if you implement one-time lifetime plans, for example.
as I said in my previous comment, they accept payments in crypto. but I think they also accept payments in cash over mail
The reporting doesn’t say Proton “literally unmasked a user to the FBI.” What happened is that Proton was legally compelled by Swiss authorities to provide payment data they already had, and those authorities later shared it with the FBI through a legal assistance treaty.
The email content remained encrypted. What identified the user was the credit-card payment tied to the account, which is inherently traceable.
The uncomfortable reality is that people often deanonymize themselves: they create accounts without Tor, pay with identifiable cards, and link real-world data to the account. At that point the provider doesn’t need to “break” anything — the identifying information already exists.
Slice it how you dice it, Proton aided in the process, and they gave out information that the FBI would have reasonably not have had at that point, or else they’d have acted upon it. Slice it how you dice it, Proton unmasked a customer to the FBI.
You can repeat that framing, but it’s still inaccurate. Proton didn’t “unmask a user for the FBI.” They complied with a legal order from Swiss authorities for data they already had, and that information was later shared through legal channels.
What identified the user was their own payment data tied to the account. If you pay with a credit card and create the account without anonymity tools, your identity is already linked — no provider has to “break” anything.
That’s the uncomfortable reality: people often de-anonymize themselves by using identifiable payments and normal connections instead of Tor and anonymous methods when creating the account.
That’s a misleading way to frame it. Proton doesn’t “unmask customers for the FBI.” They respond to legal requests through Swiss authorities, like any company operating under a jurisdiction.
And in the reported cases what was provided was account or payment metadata, not decrypted email content. If someone ties their real identity to an account through payments, no provider can magically make that anonymous.
A good comparison is Mullvad VPN. When Swedish police searched their offices in 2023, they left empty-handed because Mullvad doesn’t keep user identities and accounts aren’t tied to emails. If a user registers without identifiable payment, there simply isn’t much data to hand over.
The real issue isn’t “betrayal,” it’s what data exists in the first place.
I’ve used mullvlad for over a decade.
Just started using proton last year.
Both offer really good encryption and in great countries outside of the big data stealers.
Mullvad sweden, proton swiss. Last I saw protons encryption is a bit better…both offer two-hop. Proton offers many more countries and servers. And proton is a bit faster.
It’s fine in theory. But Proton recently were legally forced to give up user information to the FBI by Swiss-US agreements. This is mainly because Proton have to keep your payment information.
Mullvad’s cash and Crypto acceptance, as well as its determination to hold onto no information, makes it significantly better. They’re built from the ground-up to keep as little info on you as possible. Proton absolutely will give up whatever they’ve got, because they have to.