Welcome to Incremental Social! Learn more about this project here!
Check out lemmyverse to find more communities to join from here!

Is the Proton (Mail, VPN, Password Manager) ecosystem any good?

Due to the recent announcement of Proton moving to a non-profit structure (although not becoming fully non-profit) I've decided to take another look at them and really, Proton Unlimited is an enticing offer. However, the fact of everything from mail, to accounts, to storage being in one place is somewhat disconcerting. Also I recall them being decent, but not particularly outstanding at refusing to provide data to outside sources, there was a situation a while back where they handed over information of a climate activist.

To be fair, mail is insecure by default and if you're going so far as to write to another Protonmail user you might as well use something actually secure and I am not exactly planning on breaking the law so I'm not too worried about data being handed over to authorities, yet it still leaves a bitter taste in my mouth and with the state of politics where I live there certainly is a concern that, being queer, I should also be a bit weary of governing bodies as well, as laws may change in the future.

Basically, by switching to Proton I'd be putting a lot of trust in them, instead of splitting it up between things like Mullvad, Bitwarden, etc. and besides a password manager (and to some extent my email provider), while dramatic, a single failure at any point wouldn't be a total disaster.
Are they trustworthy enough for the convenience benefits to be worth it to any of you?

iiGxC ,

I think they're trustworthy, but not the best in all those categories - I think tuta is better for mail (no dependence on google services), mullvad is better for vpn (linux app actually works with wireguard, and doesn't have a hard dependence on networkmanager), and keepassxc + syncthing is better for passwords, although to be fair I haven't tried proton pass

EveryMuffinIsNowEncrypted ,
@EveryMuffinIsNowEncrypted@lemmy.blahaj.zone avatar

mullvad is better for vpn

Except if you torrent and have poor upload speeds, as it doesn't support port forwarding.

kylian0087 ,

Anymore yeah they used to allow it. A even better option for uploading is seeding to I2P. the bigger we can get i2P the better.

EveryMuffinIsNowEncrypted ,
@EveryMuffinIsNowEncrypted@lemmy.blahaj.zone avatar

You're talking about this, right?

That sounds promising. Know any good sites that can help me get started, or at least learn more?

kylian0087 ,

The official site is best to get started. Personally i find it the most easy to run a container and configure a secondary Firefox profile:
https://geti2p.net/en/

EveryMuffinIsNowEncrypted ,
@EveryMuffinIsNowEncrypted@lemmy.blahaj.zone avatar

Thanks, I'll check it out.

Thetimefarm ,

This is my opinion exactly. Plus they don't have a way to upgrade storage without a family or business plan. I just want a google drive alternative for the sake of migrating away from google, not security, though it's a nice bonus. Right now you can't increase the storage on the basic plan, you can upgrade to unlimited but it only gets you 500 gb but costs a lot more. If they had a $5/month plan for 2 tb of storage and no other services I'd sign up right now.

RmDebArc_5 ,
@RmDebArc_5@sh.itjust.works avatar

You don’t have to use all the services, most of them have an excellent free tier. My setup is paying for VPN, using the free tier of pass and self hosting my email and cloud storage.

Legally they (and every other company) are required to hand over data to the police, however they can try to have as little data as possible. While Proton doesn’t take as extreme measures to protect your privacy as for example mullvad, they have no log policy and such. I believe the case where they had to collect data (IP address, which they normally don’t collect) they received a legally binding order from the Swiss government which normally is used for serious crimes. Every company has to follow these orders, so this isn’t a proton thing but rather a Swiss law thing.

sunzu ,

One service provider, single point of failure. After google bullshit and how long it took me to get away, i aint cornering myself again. I will pay for the extra fee for mobility and choice.

NuXCOM_90Percent , (edited )

I can't speak to their Password Management as I use Bitwarden for that

But I am slowly but surely migrating myself away from gmail to (my own email at my own domain routed to) Proton. The webmail is very much comparable to gmail and, if you communicate with like minded people, it has decent support for signing and even encrypting email both to other proton mail users as well as to complete randos with just a password that you can send later. My only real complaint is that (... for some really good reasons) there is no easy to use exchange server and I need to run their mail bridge to use a desktop client like Thunderbird to send and maanage and (one day) back up emails.

VPN? I switched over to this around the same time I decided I wanted to "take control" of my email and it works pretty well. Very easy to get some openvpn credentials that I can plug into whatever setup I want. And no extra fee for port forwarding unlike SOME providers. That said, my main complaint is that the port is semi-randomized which doesn't play the nicest with my totally legit linux iso torrenting setup... But a quick docker ps and docker logs and then updating the config is pretty trivial and I only have to do it maybe once a week?

The big elephant in the room is that, as you rightfully understand, you are still putting a LOT of trust. But that is actually why I like Proton. Because other companies pretend they are going to knife fight the CIA and the US Government on your behalf all while actively not acknowledging anything until we get a post mortem. Proton are VERY open about just how far they are willing to go to protect you (not very) and what YOU can do to mean that Proton can't provide much useful information once the appropriate paperwork and legal actions have been filed.

I wouldn't trust a paid account with anything more sensitive than what really innovative stuff a friend did with a bun in the dumpster behind the Wendy's the other night. But, hypothetically, if I needed to send an anonymous email? Third party VPN/Tor, clean hardware, and a free Protonmail account works great and I do trust Proton to give the absolute bare minimum in that case.

And just for a bit of context. My "grand plan" is to migrate the vast majority of my correspondence and accounts to email addresses tied to one or more of my own domains. Currently I plan to use Protonmail for the mail server because I don't want that smoke. But the point is that I control the email address so I can get my Heat on and walk away in 30 seconds (actually more like a few hours but...).

Which is why the other aspect of that is that I want to back up the emails I actually want to save (rather than just EVERYTHING like those of us with older gmail accounts do) via a local client that I then archive to an encrypted volume on my NAS and (REDACTED) after that.

hperrin ,

I’ve been using Proton for several years now, and paying for their Mail and VPN features. Proton Mail is definitely better than Gmail, but other than the privacy features, it’s just a basic email service. Their VPN also is just a basic service. If that’s what you need, then by all means, I’ve always had a good experience with them.

That being said, I do run a competing email service called Port87 that (IMHO) has better features for organization and spam protection, so take what I say with the knowledge that I am technically their competitor (although my user base is tiny compared to them). Really, I see them more as an ally against Gmail and MS Exchange, because I’ve never experienced any sort of anti-competitive behavior from them like I have with both Google and Microsoft.

Supporting smaller players in the email space is what keeps email open, so the more people move away from Gmail and Exchange/MS 365, the better.

TheButtonJustSpins ,

I really love Proton, but I'm only using Mail, VPN, and Calendar. I kept BitWarden - already had it for a bit before Pass came about.

Oh: I'm also using SimpleLogin. Love that.

trevor ,

FYI: Bitwarden has integrations for SimpleLogin, Addy.io, FastMail, etc. for their username generator, so you can easily generate aliases for every site, regardless of what alias provider you use.

cyberwolfie ,

You don't have to use all services. I have the Unlimited plan and use mail with custom domains (+ the included SimpleLogin account) and VPN mostly, and Drive for backup (no Linux client yet makes it a no-go for daily use, but I have my own Nextcloud server that serves my purpose fine). Pass I have not tried (I use another manager), and Calendar I also don't use.

I still feel I am getting my money's worth.

GravitySpoiled ,

https://flathub.org/apps/com.hunterwittenborn.Celeste

Pass is awesome

Calendar is good but can't speak caldav which makes it useless for android and linux.

cyberwolfie ,

Nice, didn't know about Celeste. Will check it out :)

lastweakness ,

Use it but don't rely on it. Celeste uses rclone. The rclone support was temporarily disabled from Proton's end a while back and also, the rclone backend still has a bunch of bugs and the developer seems to have gone missing

CatLikeLemming OP ,
@CatLikeLemming@lemmy.blahaj.zone avatar

Wait, it doesn't support caldav? That really kills the appeal of the convenience they provide as a one-stop-shop, as I'd have to deal with hosting my calendars in another way.
I guess at that point I could just get SimpleLogin and use the rest as I have it, even if that gets close to proton unlimited price-wise...

GravitySpoiled ,

Yes. I host my own nextcloud, I don't need their calendar. But that also means I don't need their drive. I only need the VPN and the mail and simplelogin is a nice bonus.

EddoWagt ,

I'm pretty much in the same boat, you think it's worth subscribing only for the vpn and email?

GravitySpoiled ,

Tough question, but I guess yes. It's 10 bucks a motnh iirc, and I don't pay for streaming services

EddoWagt ,

Yeah I suppose that's not too expensive, although it feels like a waste when I'm not using all the services provided

GravitySpoiled , (edited )

They're changing their business structure (or just changed it). I guess you could say now that it's also a donation to the whole system itself. Like donations to EEF or so. The more (financial) power proton has the better compared to other services.

EddoWagt ,

Yeah that's totally true and worth a bit extra for me too

Tywele ,

Why does the lack of CalDAV make it useless for Android? The app works just the same as Google Calendar on my phone.

GravitySpoiled ,

It doesn't integrate with android or linux. You are vendor locked in. You can only use proton's app. Usually carddav and caldav go together, my tasks (and now kanban board. thank you jtx) and my calendar are very well integrated.

kellenoffdagrid ,
@kellenoffdagrid@lemmy.sdf.org avatar

They're referring to the quality of integrations with third-party systems, like the built-in CalDAV support basically every OS has. For some people, using just the calendar app is fine, but others want that deeper integration so they don't have to rely entirely on Proton to provide features in their frontends that OS apps might already handle.

For example, on Android I might want to let other apps access information from my calendar (e.g. my launcher so it can show me events from within its built-in schedule widget). Same goes for my Thunderbird client on Linux, it'd be nice to have the calendar events be integrated there too. Unfortunately, they currently only support a mail bridge, but the official Proton account on Reddit has made a few comments stating that they're "looking into" adding CalDAV support to Bridge, but there's no official timeline on when or if that'll actually happen. I'm willing to bet it eventually will, but I'll say I'd definitely appreciate it if they did.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • privacy@lemmy.ml
  • random
  • incremental_games
  • meta
  • All magazines
    •