The articles format is awful and designed to wast your time.
This article also just points out the use of Livekit but doesn't deliver what that means for your security. Maybe instead of writing a hit piece you could have dug deeper, talked to Proton?
I've seen alot of articles and posters here being negative on Proton, calling it "shady", regurgitating facts that are supposed to be gotchas but have tons of nuance if you dig and am beginning to think there is some coordinated effort to get people not to use it.
I recall hearing some controversy around Australian legislation and Proton cooperation with authorities. Though haven't dug into court records or anything yet.
Is there a balanced view someone has summarized somewhere?
Are there some references you'd recommend where I can begin to read up?
The balanced view is Proton is a service that does not treat you as the product and does what I would describe as, the best it can, to provide privacy. They seem to avoid keeping data where they can but do cooperate with government when legally required to. The location they are in has more legal protections for privacy than most places.
If you are a normie wanting to not have your data sold and not have a company violating your privacy for non-legal reasons, they seem like a solid choice.
If you are worried about government level actors working against you or are the sort that gets put off at the idea of a service marketed as "privacy respecting" using any US based sub services, look elsewhere.
If you want references just start reading through comments on any topic here pertaining to proton.
From every instance I've seen, Proton has only ever done what is legally required of them by a warrant. They do not get to say no when asked to turn over what they do have; which is going to be things they can't avoid storing - like email addresses or recurring payment information an account has.
But they don't store logs and all actual data is E2E / at-rest encrypted, so that data does not exist for them to give away. There's no master key or back doors.
The problem is the gap between marketing promises and realities. Proton markets itself as a safe Swiss product[0] for activists[1], but the reality is their accounts often expose more than a casual user may expect, like a secondary email address[2] (often required to sign up) or payment info[3]. The Swissness is even more suspect according to this article, if it's true that they rely so heavily on American infrastructure and don't responsibly disclose this even in their privacy policy.
This seems unreasonable. The entire point of Proton is that they themselves cannot access your data, that's how I've seen it advertised. The Swiss thing is more just that they can't be compelled to enable logging. (To be fair, though, maybe that's changed. it's been a while since I saw their home page and I don't exactly make a habit of disabling my adblock).
But I don't see how any reasonable person would not know that the email addresses and payment information that Proton must have access to would therefore be subject to disclosure to law enforcement. And for the vast majority of people, they aren't exactly on a tight watchlist where intelligence agencies are making thread boards to catch them committing for international crimes to make this matter.
Anyway, I especially don't understand the flack they get on this forum with people who do understand and should understand how hard it is to advertise technical features to normies.
Normal people aren't cyber criminals who needs to hide every spec of their trail from all governments. They just want to feel like no one is reading their messages or Internet history or passwords. Proton offers that, full stop.
A recovery email address is your data, and a company that prides itself on encryption could figure out a way to hash it too. Maybe I'm just below average here, but I expected that from them at a minimum. I was shocked to discover they didn't bother.
It's not unreasonable to think Proton should significantly tone down promises like "We support peaceful protest" while seriously downplaying what they will turn over[0], or promising "We are... committed to defending your freedom" on their homepage[1]. It's certainly reasonable to have a complete list of data processors in their own privacy policy.
If proton hashed your email how the fuck would they send you an email? Did you even think this through?
They're doing the best they can, but at the end of the day it's literally impossible for them to have absolutely zero data.
They need your credit card number stored somewhere so they can repeatedly bill you. That's just how billing works. They need a recovery email on file so they can email that address.
That doesn't mean that they're not committed to defending freedom.
I'll echo what other people have said: this feels like a psyop. If I were the CIA, I would be doing exactly what you're doing here: spewing unreasonable nonsense about proton in an effort to discredit it so that I can push people towards insecure services.
Nothing even comes close to proton when it comes to email security and privacy. That doesn't mean that we cant criticize proton - we can, and we should. But it has to be legitimate critique.
> If proton hashed your email how the fuck would they send you an email?
By asking you to provide it again if you click the "recover account" button, comparing what you enter against the hash, and then sending recovery into to the valid email you provided
Proton cannot destructively hash the email address for recovery because they need to use it. And if they can use it, they are legally mandated to give it to LEO in warrants that include that data as scope.
You can argue they should have a password the user holds to encrypt the recovery address, but that's going into the territory of hurting normal users. You use a recovery address when you don't have your password or recovery phrase. Requiring a password for the recovery email would just mean more customers locked out requiring human intervention (if it's even possible for that account) to get access back for the customer. And remember, many users also use the same account for their password manager.
And no, Proton is 100% welcome to publicly support free speech and protest while not destroying their company and going out of business with all their executives jailed for not complying with non-optional, legally required, minimally exposing warrants from law enforcement.
Proton can claim what they want, but when they promote themselves as supporters of peaceful protests while quietly handing over account details for people engaging in them, that is false advertising.
This isn't much comfort when the swiss government bends over and takes other states up the ass at the slightest issue, eg https://www.404media.co/proton-mail-helped-fbi-unmask-anonym.... Why on earth is the swiss state acting like stooge for the fbi? Tell them to go fuck themselves like a normal person.
PGP/GPG (can never remember the difference) is the only privacy solution worth a damn and proton is just a gmail alternative with a nice interface.
If they advertise that they will protect their users privacy, then I don't see how complying with government snooping is an excuse. Either provide what you say you will or don't say that you will provide it.
Proton has never said they will refuse a warrant for what your email address or recovery account are. They say that the contents of your emails, calendars, notes, passwords, etc are not accessible to them and therefore cannot be spied on even if a warrant is fulfilled.
The point is a country like Iran can, in 2026, force the US Navy to keep an large stand off distance. How much further could a country like China keep the Navy back? What about in 10 years?
Eventually you are beyond the range of being able to project force or risking losing billions invested in one asset to a $50k missile. That is where reality is heading.
Seems like USN can still do whatever it was made for from this large standoff distance, also seems like it wasn't made for chasing individual nondescript trucks in a hundreds-miles-long mountainous shoreline.
One of the primary functions of navies historically has been to secure vital shipping lanes. It’s a big deal that USN can’t seem to fulfill that function anymore.
I'm not sure that the USN would have been any more effective 30 years ago if it tried to make a narrow waterway that is off-shore from a medium-strength world power accessible for safe commercial ship traffic. Effective anti-ship missiles have been around for a long time. Given how understandably sensitive commercial ship crews and owners are to even slight danger, there's just no way to reduce the risk to the necessary near-zero without a prolonged air campaign and/or land invasion to support the naval effort.
A medium-strength world power that it Iran only figured out how to make anti-ship missiles only 25 years ago. They sure got their hands on Chinese ones a bit before that, but that quantity just didn't amount to strait-blocking capability.
> I'm not sure that the USN would have been any more effective 30 years ago if it tried to make a narrow waterway that is off-shore from a medium-strength world power accessible for safe commercial ship traffic.
Yeah I'm not too knowledgeable about this subject, I'm just theorizing.
My thesis is that the only ways that someone could control a waterway was through naval power, air power, or missile power. Air and naval power is negated by a stronger air force/navy, and 30 years ago missiles were only available to a small number of advanced economies nations. Now, high-quality (or at least credibly dangerous to shipping) missiles and drones can be manufactured cheaply by many nations.
The technology has changed. The navies used to be able to protect shipping.
Now the task is much more difficult.
Just as battleships replaced ships of the line, and were in turn replaced by carriers, all due to technology changes.
Maybe there will be drone swarms or some other future magitech being able to protect shipping.
Or maybe the civilization will collapse due to internal (income inequality, widespread employment of AI), external (ecological disasters) or other (demographics, nuclear WW3) pressures before such technologies are developed.
Anduril has yet to deliver anything of consequence. I hope they shake up the industry but to say they are the next hot thing and write off the primes at this stage is premature.
Last gasps? The rent seeking class has literally never been more powerful.
"The Chinese open source model running on the box under my desk can pass the Turing Test. When you call, e-mail, text, or show me an ad, you’ll never know if it’s me or my model seeing it."
And the only thing they'll notice when you are replaced with that opensource model is the slight reduction in the required personnel budget going forward.
Is it any closer to functioning like Solidworks, NX, Creo, and all the other professional CAD software packages?
Edit: After opening it up it seems better than before but still not a replacement. I can use the draw tool to create a rectangle but than immediately cannot apply symmetry or equal length constraints until I delete others which shouldn't overlap. Clicking to create a cut or hole opens up a window that does not make it easy to create a new sketch from within or place something from within (but you can just make a sketch were you want something and then open them up and that they lock onto).
I've generally been a pretty harsh critic of FreeCAD because it represents the only entry in the market of linux CAD and it has frustrated me that it does not just do what is known to work. This seems usable. Still annoying, still not a replacement, but usable. So progress.
My impression of FreeCAD as a project is that for much if its life it has suffered from a certain amount of developer churn and lack of focus. It's like somebody builds a workbench and gets it working just good enough using a workflow that makes sense to them, but then nobody ever really bothers to flesh out the rest of it, so if you try to do things in a different way that may be perfectly sensible to you the result is a broken mess. Eventually somebody decides they can do better, and maybe they do, but the replacement still has a lot of rough spots that never get finished and the cycle starts again.
It seems like the development team has gotten much more organized in the last couple years, so I have a lot of hope for the future. I think that good open source parametric CAD is something the world really needs.
I hope. I only use Windows at this point because of CAD and FEA software and it gets worse every version. For FEA there are options on Linux but for CAD you have been SOL since most major CAD suites dropped Linux support over a decade ago.
It's inherently limited by its geometry kernel. Most "real" CAD suites use something like parasolid, usually with a bunch of extras slapped on top. Making a new one from scratch is a massive undertaking, but I'll remain forever hopeful that we get a new, modern, open-source kernel one of these days...
This isn't really true. The vast majority of problems are in the UI. The geometry kernel is limited, but it's good enough for an open source project. Compared to say OpenSCAD, Open CASCADE is leagues ahead.
I don't necessarily agree in this case - OCCT is more than capable for what FreeCAD is offering. Add to that the development trajectory of OCCT also seems to be really taking off recently (with the 8.0-RC, they've re-worked how all B-Spline algorithms work, with implications for all operations).
There are already at least two geometry kernels being written in scratch in Rust (see fornjot.app for one) --- the problem is the first parts are obvious/easy, so initial progress is rapid, then one hits the difficult/intractable parts and progress stalls, usually to be abandoned.
There are a couple of doctorates available for folks who are willing to research and publish in this space --- the commercial products are all holding their solutions as trade secrets in their code --- even then though, the edge cases are increasingly difficulty to solve in such a way as to not break what is already working, hence the commercial kernels having _very_ large teams working on them, or at least that is my understanding from what Michael Gibson (former lead developer of Rhino 3D, current developer of Moment of Inspiration 3D) has written on the topic.
The entire FreeCAD development philosophy is to not compare FreeCAD with commercial CAD tools. That's a cardinal sin. Basically, they are completely hostile to feedback from people who've spent their entire career doing CAD.
> Basically, they are completely hostile to feedback from people who've spent their entire career doing CAD.
There's an entire working group in the project comprised of people who have spent their entire career doing CAD and now take care of making FreeCAD get on par with proprietary counterparts.
There are numerous discussions online where users have constructive conversations with FreeCAD devs and provide useful input to mutual benefit.
Would you care to point me to a discussion where an actual FreeCAD contributor is completely hostile to someone like you?
That sounds fine except the part where private companies have cameras everywhere surveilling us, directly tied into dmv records to identify us, and then do whatever they want with that data. And not on a random store front or a persons front door but the major roads we all must use.
Even forgetting that, all this means is people that don't care about getting a ticket, either because they won't pay or it's a such a small amount to them that they don't care. just do what they want. Nothing is being "enforced", just taxed.
The idea that any of these companies have anything that represents ethics as they steal everyones data, fight against any regulation or accountability, all while they claim (or lie, depending on your view) they might make something that could endanger the human race as a whole, is laughable.
It's money and power with these people. Dig down and you'll find how this decision is motivated by one or both.
This is the opposite of security theater. It was an apparently an implementation of security with issues but restricting physical access, both for people and vehicles, is absolutely a real improvement to security.
This article also just points out the use of Livekit but doesn't deliver what that means for your security. Maybe instead of writing a hit piece you could have dug deeper, talked to Proton?
I've seen alot of articles and posters here being negative on Proton, calling it "shady", regurgitating facts that are supposed to be gotchas but have tons of nuance if you dig and am beginning to think there is some coordinated effort to get people not to use it.
reply