279

andy1011000 Proton CEO posted:

“People honestly seem to forget that I live in Switzerland, where Republican/Democrat doesn’t mean anything, and Trump isn’t even on our ballot to be voted for…”

Onyx376. replied:

“The point is that fighting for a more just and equal society is not just about fighting for the fundamental right to privacy but also for all other fundamental rights, including individual rights and life. When you, as the CEO of a company that starts from these principles, nod positively to whatever action a political figure like Trump, who is known for always flagrantly putting his private interests ahead of those of his own nation, makes speeches about eliminating minorities, hurting their rights as citizens and flirting with Nazi movements, it is understandable that members of the privacy community are disappointed as this reveals a little about who is being the face of a company that should follow contrary principles. But now we really know what “freedom” means to you.”

all 37 comments
sorted by: hot top controversial new old
[-] itslilith 23 points 6 days ago

Having 88 (in binary) in your user name is highly suspicious, especially after takes like the one he recently dropped

[-] shadow@lemmy.sdf.org 4 points 5 days ago

Time for a new CEO. Would be great is they went with a nonprofit board with explicit privacy/public good bylaws and at least 1 member elected from the user base... But that's pretty wishful thinking, huh...

[-] leaf 3 points 6 days ago

There's so many Andy bootlickers in that subreddit. I'm glad I quit Reddit.

[-] ExtremeDullard@lemmy.sdf.org 121 points 1 week ago* (last edited 1 week ago)

People honestly seem to forget that I live in Switzerland, where Republican/Democrat doesn’t mean anything

Yeah but Nazism does mean something in Switzerland. Nobody forgot that the Swiss weren't that uncomfortable working with the Nazis.

"I live in Switzerland" isn't a great defense when you're accused of licking an American fascist's boots.

[-] Randelung@lemmy.world 3 points 5 days ago

Also very easy to post all that shit from the safety of the walled garden that is Switzerland. But if your product is anti-persecution tools, rising fascism is good for business.

[-] fxomt@lemm.ee 61 points 1 week ago

I'm feeling very conflicted on this overall. I love proton and I'm not even American, but this whole fiasco is making me think of moving.

They handled this very unprofessionally, and I'm not sure if I'm comfortable trusting them anymore.

Can anyone recommend me some alternatives for some proton software?

[-] chaoticnumber@lemmy.dbzer0.com 14 points 6 days ago

I cancelled my proton the other day, right after his post.

As alternatives:

  • tuta for mail
  • psono, keepass, passbolt (self hosted) for the password manager
  • mullvad for vpn ( actually never used the proton one, I swear by mullvad)

Im still figuring out the drive, thinking of self hosting that too.

Good luck out there.

[-] fxomt@lemm.ee 4 points 6 days ago

Besides the password manager (I use Bitwarden) those are strong recommendations. Thanks

[-] chaoticnumber@lemmy.dbzer0.com 2 points 6 days ago

Are you happy with bitwarden? Its very tempting ... I'm just concerned about it being in the US, where some agency could "request" data.

[-] ilhamagh@lemmy.world 3 points 6 days ago

Why not just self-host vaultwarden then? Since you seem to already selfhost other managers.

[-] chaoticnumber@lemmy.dbzer0.com 4 points 5 days ago* (last edited 5 days ago)

Thats because I was not informed until I read your comment. I honestly didn't know that vaultwarden is what bitwarden self-hosted is called. Thanks. Guess I was ignorant.

I'll give it a try.

[-] ilhamagh@lemmy.world 3 points 5 days ago

Oops, sorry I didn't mean it to sound condescending, my bad.

Yeah, it's pretty easy to run, I just use their docker image.

Backup and how to secure it on the other hand is a frequent discussion on Lemny selfhosted or r/selfhosted

Also see Selfh.st for other OSS apps alternatives.

[-] chaoticnumber@lemmy.dbzer0.com 3 points 5 days ago

We have to bring those selfhosted guys over to db0 somehow :D

Goes hand in hand with the "Yarrisms"

[-] fxomt@lemm.ee 3 points 6 days ago

Unless your master password is stolen or it is just "123" it is literally impossible to crack your vault. I've been happy with BW (even if it is in the US I'm not American so they can't even use it against me)

PS there is a European server at bitwarden.eu :)

[-] ddash@lemmy.dbzer0.com 6 points 1 week ago

While I get the sentiment, what could possibly happen to Proton that makes it unsafe and you wouldn't know? We already known they do comply with the law and hand over basic information.

But they do not give access or decrypt the actual content of your mailbox and that's not because they choose not to but because it is technically not possible, or am I wrong about that. If the plan to change that it would hopefully become obvious through some announcements.

[-] fxomt@lemm.ee 52 points 1 week ago

It's moreso the trust factor for me. Proton is secure, I know; but the company behind it has been making many bad decisions lately.

They were extremely unprofessional dealing with this. I mean, who comments their own political views on a company account then doubles down??? That's just stupid to me.

I should have specified that I might not even switch off of proton, I'd like to know alternatives JIC shit hits the fan :(

[-] massive_bereavement@fedia.io 19 points 1 week ago

Same. After the whole AI fiasco and the crypto fiasco, this is just adding insult to injury.

[-] atro_city@fedia.io 9 points 1 week ago

Oh shit, what did I miss?

[-] DragonTypeWyvern@midwest.social 17 points 1 week ago

The security vulnerability behind any decent VPN is the VPN provider. When they're signalling support of fascists and technocrats you need to move on because their mask slipped and their real motives have been exposed. The sheer gall it takes to pretend you can believe Trump supports privacy goals is laughable.

The question is really who is an actual alternative.

[-] fxomt@lemm.ee 7 points 1 week ago* (last edited 1 week ago)

The question is really who is an actual alternative.

None, really.

All companies have skeletons in their closets, it's not a matter of if, it's a matter of when. I don't trust companies, but not everyone can self-host. As for your question; Mullvad seems good, but be wary.

[-] ddash@lemmy.dbzer0.com 9 points 1 week ago

Agree, always good to be prepared

If you complie your clients, Proton cannot decrypt your data.

But there's a lot more than Proton can do.

They could log your IP, the exact time you log in or use Proton services

They could keep a copy of every email you receive, most of them are probably unencrypted.

If you use VPN, they could log everything you do, they wont be able to decrypt the HTTPS data, but if they log all your traffic, it defeats the purpose of using a VPN.

They could potentially swap the web javascript, if you ever log in via browser.

When you send emails to another Protonmail user, Proton could potentially do a mitm and swap Proton's public key and make the other user's client think its your public key, and also give Proton's public key, and make your client think its that user's public key. Proton essentially act as a keyserver, so they could maliciously replace keys.

And most people don't compile their user clients, so if you just download the clients they compile, they could just not use the source code to compile it, sending you a malicious client.

There's just a lot of attack vectors if the company itself becomes hostile.

[-] Evotech@lemmy.world 1 points 1 week ago

It's very blown up

[-] dohpaz42@lemmy.world 44 points 1 week ago

I just signed up with proton and was strongly considering moving my Gmail account to their services. But this thing with their CEO is giving me great pause.

I guess it goes to show that no matter what, all ceos/rich people are simply out of touch and cannot be trusted. It is greatly disappointing.

[-] fraksken@infosec.pub 8 points 1 week ago

I'm out of the loop. What happened?

[-] massive_bereavement@fedia.io 47 points 1 week ago

Proton CEO turns out to be a far right nut that has a hard on for Trump and everyone that's paying for privacy (AKA their entire customer base) is pretty allergic to authoritarians.

[-] fraksken@infosec.pub 4 points 6 days ago

Thank you for that insight.

Time to look for an alternative

[-] frayedpickles@lemmy.cafe 6 points 1 week ago

I wouldn't bet on that. Just visit matrix if you want to see how many far right nutters there are who are also into privacy.

[-] massive_bereavement@fedia.io 4 points 6 days ago

Now that you mention it, I read in several places how there were multiple active efforts to convert people on the left to the right through many ways.

E.g., "you care for the planet? Then less people is a good thing, then immigration is a bad thing." "You dislike government overreach? Then dismantling the federal government is a good thing." Etc.. Etc..

[-] jaggedrobotpubes@lemmy.world 4 points 1 week ago

Point of order: not the CEO, a board member. Doesn't change a ton but worth noting.

[-] IDKWhatUsernametoPutHereLolol@lemmy.dbzer0.com 19 points 1 week ago* (last edited 1 week ago)

Proton AG is kinda complicated.

So its majority shareholder is the Proton Foundation, a non-profit. Andy Yen is one of five members of the Proton Foundation. But Proton AG is still a for-profit corporation, and it still has a CEO. Andy Yen is the CEO of Proton AG.

Basically:

Proton AG (owns every Proton service) = For Profit

It's Shareholders are:

  • Proton Foundation (majority share) (Non-Profit)
  • FONGIT (the Fondation Genevoise pour l'Innovation Technologique) (I'm pretty sure this is also a non-profit)

And within the Proton Foundation, is the five members of the board of trustees, one of them is Andy Yen. And its apparant that the board of the Proton Foundation has appointed one of its members, Andy Yen, as the CEO of Proton AG.

This actually confusing for me as well, but the TLDR is, Andy Yen is both a member of the board at Proton Foundation, and simultaneously the CEO of Proton AG.

[-] dustyData@lemmy.world 4 points 6 days ago* (last edited 6 days ago)

Talk about a conflict of interests. How can he uphold a non-profit and a for profit role mission at the same time? (Spoilers: he can't) it completely contradicts the reason why the foundation and the company are different entities. They should be a counterweight to each other. This is like the same politician being president, head of Parliament, and Supreme court judge. At that point you have monarchy with extra steps.

I'm not an expert, but I think the idea is that:

Proton AG is a for-profit to maximize revenue for Proton Foundation, the non-profit that owns (a majority of) Proton AG.

Meaning, although its technically "for-profit", but because its owned by non-profits, its not like Andy Yen can just put the money in directly in his pocket. The most he can do is try to get the majority shareholder (aka the Proton Foundation Board) to give him a raise as CEO, but becauase Proton AG is owned by a non-profit, theres probably some legal limit to what's considered "reasonable", since otherwise you have a loophole where a non-profit can be explited for personal profits (I'm sure swiss law isn't so lenient like the US).

The "profits" directly go to Proton Foundation to (supposedly) advance their goal of bringing more privacy to the world, if the board members start stealing funds, the swiss government might step in and remove them from the board (remember, its a non profit, they are on the board as a "truestee" not owners), and possibly jail time for mis-using Non-Profit funds.

[-] dustyData@lemmy.world 3 points 6 days ago* (last edited 6 days ago)

Oh, him stealing money is not my concern. He's a millionaire, he already has plenty of venues to make more money than humanly conceivable.

The concern is that he can compromise the mission on the nonprofit side with decisions made as a leader of the for profit company with lesser oversight and higher discretion. Because he wears the same hat of the person that should be his counterpart. And there would be a delay for evaluation of his actions as the board won't supervise his every move day to day, that's not what they're there for and most boards delegate this discretion to executives with explicit clauses to only evaluate strategic performance. That can be manipulated given enough time and resources.

As for making money out of nonprofits, I envy your naïveté. I shall suggest you read "The revolution will not be funded", for a clear example of how nonprofits are exploited to make more money for the trustees.

The swiss government might prosecute a person for fraud if they're accused, but otherwise won't move a single finger if a nonprofit is not fulfilling their mission. They're even more liberal regarding freedom of association than the US. Removing board members is not a power they have, such a thing infringes on fundamental human rights.

this post was submitted on 18 Jan 2025
279 points (100.0% liked)

Privacy

456 readers
388 users here now

Protect your privacy in the digital world

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

This includes the instance rules of dbzer0, which can be tl;dr'd to: this is a libertarian socialist space, no right wing nutjobs or tankies are allowed. As for the community rules:

  1. Be nice
  2. No bigotry/prejudice
  3. No tankies/right wingers
  4. Don't promote proprietary software
  5. Stay on topic
  6. No crypto
  7. Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!
  8. If you post news exclusive to a country please name it. (This isn't a bannable rule, but just a recommendation :) )

founded 2 months ago
MODERATORS