this post was submitted on 18 Jun 2024
68 points (97.2% liked)
Privacy
31914 readers
519 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
First thing you need to understand is that the smooth end-to-end encryption works only tuta-to-tuta or proton-to-proton, so in rare cases. Encryption at rest, which is what tuta-to-proton, gmail-to-tuta etc. can do, is something that a lot of other email providers do too.
I'm currently in the process of moving from Proton to Tuta, because despite several years of promises, the Android client for Proton still doesn't do non-google push notifications. Also because if you just need email with your own domain, Tuta is much more price-friendly. (The tier also includes unlimited calendars and event invites, which I haven't tried.) If you also want VPN and encrypted storage, the balance tips.
I don't use the calendar from either, so can't talk for their properties. I prefer seamless calendar integration for wrist gadget integration and such, so using NextCloud Calendar + DavX. For smooth integration with encryption, could also look into Etesync. I think you'll be able to share an ics attachment from either of those through your normal calendar.
Germany is a 14-eyes-country, but since I'm just privacy conscious and my threat model doesn't include international-coordination-level actors (barely state level, am in the EU but not German, so eh, far enough), it doesn't matter that much to me. Proton also has to obey court rulings.
The push notifications would be a issue for me. I am using GrapheneOS without any google services.
Also the calendar i am not 100% sure how I want to do it. I currently use Nextcloud and Caldav. Which for me works great when syncing with Etar on my phone and Evolution mail in the desktop. For my dad I have setup caldavsynchronizer for outlook as that is the email client he has used for years. When i would use Tuta id loose the nextcloud calendar because it can in no way synchronize with Tuta. With proton on the other hand I can use the bride for email and use the calendar how i am currently using it together with Etar on the phone.
On the other hand if say Tuta providers a calendar that is integrated and works with both the email client on the desktop and on the phone. the same goal is accomplished.
I've been using Proton Mail and GrapheneOS for some time now. Early in I found an app called You Have Mail that solved the pushnotifications problem for me. I've never used Tutanota, so I can't speak for it at all, but I really like Proton.
Thank you for the tip! It feels a bit sketchy to give it my login info though
The app is completely open source: https://github.com/LeanderBB/you-have-mail
Your login data is only stored locally on your device, and used to log in to your Proton account. It's not sent to a third-party server. This is totally fine.
I stripped down Hydroxide, the OSS version of the Protonmail Bridge, to only send push notifications of new mail via a ntfy.sh server of your choice. Needs a Linux box to run on still, so not for everyone.
Main advantage over the otherwise good You Have Mail android app is that if you already use ntfy for other notifications, there's no need for a separate app for just mail notifications.
https://github.com/0ranki/hydroxide-push
Thanks mate, this is really awesome! Will definitely try it out. Many people might find this useful, consider making a separate post about it. I created a community for UnifiedPush and related topics: !unifiedpush@lemmy.dbzer0.com, you're welcome to post there.
Yeah, tuta is actually on fdroid (should be the minimum bar for open source software from a company like proton) and has an efficient notification service that doesn't depend on google services at all
multipost
multipost
What all do you consider "synchronizing" to include? I mean, the calendars won't, but using Etar+NextCloud for calendar, and Tuta for email, has worked fine for me. Of course it means that my calendar isn't encrypted.
I just tested sending an ICS event to both. The Tuta app offered to open it on Etar, and Etar offered the default calendar with dropdown for others, just like normal. (Strangely it didn't even offer to open on Tuta's own calendar, which is in the same app; maybe because I've added no calendars there?) Proton's app (which may be out of date, the mail app isn't on F-droid, either publicly or in an official repository, and I'm a lazy updater) wanted to open it on Proton Calendar only when I don't even have it installed.
Proton's bridge OTOH worked really well for me for syncing to Thunderbird, probably works as well for Office too.
Feeling sort of in same boat here, love proton....minus the google push notifications! For past year or more I've had to manually check my proton client daily for new messages on my grapheneos phone, super annoying....not the end of the world but still a neusance
The difference is that proton tries to be somewhat interoperable with other services. It uses standard PGP encryption, you can import public keys to it from elsewhere, and you can download your private key from them if you need it.
*
Of course I meant that you can easily export the private key from their web client, which is not really a download as such.Depends a lot on your peer group, but I have even fewer contacts that use PGP than ones that use either service. :/ Just tried to keep it simple.
If it's more than none at all that's pretty good. But adhering to open standards is also a factor in how we should judge these providers which goes beyond that.
And years of not fully supporting Linux.
Another way to put that is actively pushing/encouraging their "privacy concious" clients onto windows spyware if they want to get the service they paid proton for. Can't be private on windows folks.
Not privacy focused at all IMO, its all privacy theatre and proton is just money focused.