Can't find the blog post on the Proton website anymore, but here's an official response from the Proton support team on Reddit: https://www.reddit.com/r/ProtonMail/comments/1cmcre5/comment/l33oxua/
Sending plain text notifications is impossible for Proton btw, since they don't hold the encryption keys to your email inbox and can't read your emails themselves, and thus can't send you a notification with the email subject and body.
There are 3 issues with this:
I don't understand why anyone should use Bluesky with cheap hacks to attempt to fix Bluesky's poor design choices and or utter incompetence, if they could just use Mastodon and federate with the Fediverse over ActivityPub by default.
From a user perspective, Bluesky is just Mastodon with a recommendation algorithm. There is no other protocol required for this, everything could easily be done using ActivityPub exclusively. I will never care about Bluesky, since it tries to be the new Twitter, but the enshittification of Twitter began when they introduced their crappy algorithm, instead of just displaying tweets of accounts you follow in chronological order (like Mastodon does it).
This is their stupid excuse. They could still implement ActiviyPub as a secondary federation protocol. (Bluesky <-> Bluesky via ATProto, Bluesky <-> Fediverse via ActivityPub). They decided against it. It's an intentional choice, and they're just making up excuses.
your emails aren't hidden from Google as much as you think.
You're wrong, Proton encrypts notifications before sending them to you through Google or Apple push services. The notification is then decrypted in the Proton client on your phone, and only then displayed to you.
Probably an unpopular opinion, but I've never seen the point of PWAs. I don't want a crappy website as an icon on my homescreen, I want a proper native app. If the app is privacy-invasive, I will either find a FOSS alternatives, or isolate it in a separate user profile.
The main reason I think they may need google services is the banking app. Mine will refuse to launch without google services installed.
That's true, I also need Play services for mine, but I have a special user profile for it.
No, this is specifically for DNS over UDP (Port 53). What you're looking for is just an HTTPS proxy. There is no difference between a DoH connection and any other HTTPS connection.
Hell no, fuck Bluesky. There is no reason not to adopt ActivityPub when trying to build an open, federated Twitter alternative. Except for power and control over the platform, its core protocol and ecosystem. Screw these guys, use Mastodon or anything on the Fediverse.
They can recieve security updates if you use an alternative ROM such as Lineage or /e/OS.
They can only receive OS updates, but firmware updates are just as important for maintaining the security of a device. These can only be provided by the device manufacturer.
Can you please explain how e/OS/ is insecure?
Sure. It's based on the already insecure LineageOS, you can read more about that here: https://madaidans-insecurities.github.io/android.html#lineageos
On top of that, the /e/OS devs don't release updates in a timely manner, often taking 1-3 months to releases even simple but important Android Security Bulletin patches.
The new Element X is really great, but only available for iOS and Android. Unfortunately no desktop or web version.
If you use a Pixel, why don't you go with GrapheneOS? It is much more secure and private than LineageOS.
I'm trying to help out wherever I can :)