- cross-posted to:
- technology@lemmy.zip
- cross-posted to:
- technology@lemmy.zip
Most of you said you’d switch to Proton Mail for the privacy, even if it meant giving up some of the convenience of Gmail.
Did you read the title the wrong way round? Or should I read the article?
What features does Gmail even have to sacrifice? It’s just basic email.
It’s not like Proton mail is the only alternative. And like the article points out, you don’t get encryption anyway, since almost no one else you’d be communicating with is going to be on Proton. I use (and recommend) posteo.de but there are other good alternatives for email. But if you want encrypted communication you’ll need to use an app designed for that, not email.
I never quite understand why people use Proton. It just automates the exchange of PGP/GPG keys, but only if the other person also uses Proton, right?
Anyhow, +1 to paying a small amount of money for email. I was with posteo.de myself for many years. I heard mailbox.org is even better/safer and has slightly more features. Both start at 1€/month.
BTW, I set up an eternal redirect email address a long time ago, so I can change the actual provider without having to tell all my contacts.
It also encrypts your emails automatically (both incoming and outgoing) and lets you set PGP keys for any address you want, and fetch/manually trust Proton Mail users’ keys.
encrypts your emails automatically (outgoing)
How does that work for recipients I haven’t shared secrets with?
BTW any decent email client has an option or plugin to do that.
The outgoing email leaving the server isn’t encrypted.
The copy that’s stored on your account is encrypted on device with your PGP key.
To be precise, even when an email is not from Proton user, they encrypt it with ypur public key, send it to you and delete it (they call it zero access). Which is the best you can get. Also managing PGP keys, especially on multiple devices is a pain.
This is actually good to know. OTOH, aren’t all messages transfered using encryption with most email providers/clients anyhow (TLS/SSL)? This is mostly about making sure your data on the servers stays safe even if someone gains access, right?
So, TLS is just a point-to-point encryption protocol, it doesn’t prevent anybody of the parties involved from having access to the content. Once the email is encrypted with PGP, Proton loses permanently access to this content.
So this is pretty much what happens with a Gmail <-> Outlook and a Gmail <-> Proton email.
Gmail to outlook:
A writes the email in their editor <- TLS -> Google servers <-TLS-> outlook servers <-TLS-> B reads the email. While every communication is encrypted with TLS, every server has access to its content. Every time B accesses the email from outlook servers (I.e., their inbox), the data is transferred with TLS, but outlook is the “other end of the tunnel”, so it has access to this content.
Gmail to Proton:
A writes the email in their editor <- TLS -> Google servers <-TLS-> Proton servers -> encrypt original message with B’s public key and discard original -> send to B inbox -> Proton client decrypts email -> B accesses it.
So yes, it is
about making sure your data on the servers stays safe even if someone gains access
As long as you consider the email provider part of those potential “someone”.
The way I would say it essentially is that PGP encryption (even in cases where the original messages was not using it) still gives you the confidentiality property of PGP, even without the integrity and non-repudiation properties (which are not possible to guarantee with respect of the original message of course). In other words, the biggest difference is that the email provider doesn’t have access to your stuff.
Thanks!
I just created an account with mailbox.org - now I just need to spend the next months transferring all relevant emails.
spend the next months transferring all relevant emails.
Why don’t you just keep them on your machine? No need to clutter online storage with old mails.
Oh wait, you probably don’t use email client software.
I think you’ve misunderstood, and my writing was bad. I meant transferring all my accounts to the new email domain, not move all emails (I have already downloaded them) 🙂
You must have a lot of email accounts.
My password manager has more than 600 accounts stored… Though, I’ll only transfer the ones I still use lol
But if you have a redirect isnt that service the issue? As in your gmail forwards to proton?
What issue?
I didn’t mean to say that my eternal email has anything to do with Proton.
Sorry I am trying to understand the usefulness of an eternal redirect email address? Im just not familiar with the set up or reasoning.
Yeah same, so I went with Tuta which is a bit cheaper and encrypts more.
Yes, tuta encrypts the subject, which is not encrypted in Proton for example.
deleted by creator
I’ll never understand why Facebook didn’t just offer opt-in privacy features to placate the small percentage of the population that care and make noise about these things. They’d likely still be a major hub and would’ve lost a small slice of a much bigger pie.
Because Opt-in is their kryptonite. They know very well that 99% of their users never change the default settings. They will fight tooth and nail against privacy by default because it’s against their business model.
Yeah that’s what I mean. Add privacy features but make them opt in.
Does mark look like a smart person to you?
Carney or Zuckerberg?
Zuck
I mean yes he looks like a total nerd. Got into Harvard on merit and Microsoft had already tried to buy a company off him he started in high school.
But seems the success and everyone blowing smoke up his arse warped his perspective.
Gmail’s only feature that made it compelling was an inbox of 1GB when everyone else was doing 20MB. Oh, and using Ajax to make it slightly more responsive.
None of the other stuff they added matters, especially if you’re using a mail client.
As someone who hosts their own email server and uses Gmail, I can tell you the biggest feature they offer that I have trouble replicating is labels.
Those in the know are probably familiar that labels are essentially special IMAP folders. The challenge I’ve had is making these folders work well, finding a mail client (both web based and app based) that works with it, and is easy to manage.
My last attempt to get this to work was setting up a DocumentDB database where the labels were metadata and they were then looked up by Courier IMAP. But it didn’t work well.
I’ve been looking into this problem for over 10 years and it kills me that this simple feature is important enough to keep my personal email in Google.
I do not perfectly manage my email inbox, and I’ve become absolutely dependent on their automatic Priority / Updates / Promotions etc. Classifications, as well as their features that surface important emails, or things you might want to respond to that you forgot…
I found their prioritization too biased against people to find it useful. I’ve turned it off as I’ve missed notifications from bots that I need to take action on.
To each their own I suppose.
I also think labels are the right way to organise emails. It was pretty unique at the time, and I think it still isn’t common.
And frankly, I like gmail’s interface more than Thunderbird’s, for example.
Moving to office, I miss labels. Categories suck and cant be filtered easily.
If users want privacy, then they should have never used gmail in the first place.
Moving away from gmail is one thing, but Proton’s CEO is a massive cunt that I wouldn’t personally trust anymore. I have an ongoing subscription for some of their services (including email, but I don’t really use it), and I’m going to move on from there after the subscription expires.
not to mention Proton’s PR team has mod positions in the subreddit and lemmy community and like to do some pretty aggressive censoring of anything that refers to the CEO’s support of Trump in hopes of gaslighting everyone to forget about it.
I got banned from the lemmy community recently and my posts removed as ‘misinformation’ for talking about it… like man the entire internet saw him say this shit.
Ultra Private E-Mail
look inside
The most basic ass unencrypted email
If any of y’all could show me how to auto forward mail to a more private and secure mail hosting service I’d much appreciate it. I’m trying to de-Google my life and Gmail is the only one that feels far too embedded to drop
Proton literally does it as part of the signup process, you just log in and it does it for you
I send all of mine to a specific folder I can check later
Generally you can do it from settings with automatic forwarding feature.
See this article for actual instructions.
Consider that:
- this means google will know your new email address
- obviously google will keep accessing your data
For the first point, Proton migration tool (from gmail) works flawlessly and doesn’t disclose your new address (plus it moves all your previous emails). I didn’t try similar tools for other vendors but I am sure they have similar options.
For me it took months to get the bulk of the services moved over, I added a label to all emails forwarded and I periodically reviewed them. It’s a perfect occasion to change password or delete the account.
When I switched from Gmail to Mailbox.org, they had a migration to transfer all my existing data over.
From there, you can either set up gmail to forward emails to your new address.
Or you can use your new service to pull email from Gmail.
Either way is easy to do.
Congrats on wanting to make the switch!
Gladly leave Gmail, but DEFINITELY not for Proton
Some food for thought, (excerpt from Louis Rossmann’s reply to the top pinned comment):
"with regards to products: if you want to only buy shoes, razors, cars, caulking materials, etc, made by companies & people who support all of your political beliefs, you’re going to lose that game very fast. you will waste your life doing the following:
- researching every item you buy to death
- making these items yourself once you realize it’s impossible to find each item you want made by someone who mirrors your ideology
- give up & live in a cave
The moment you go down that road of throwing away software products and services because they are made by people whose political beliefs do not reflect yours, you are going to end up living in a cave. That is a lonely world. It doesn’t even work!! People who bought the Tesla Model 3 a few years ago would have Ford F-250 Turbo Diesel drivers speed up in front of them and roll coal in their face. And now that same person is getting called a Nazi!!!
the political beliefs of the software i use are irrelevant to me. They only become relevant when these questions arise:
- does it stop me from using the software the way i want?
- do their political beliefs keep them from being able to make a functioning product?
for gnome, #2 is yes. gnome was bad 10 years ago,it was bad 5 years ago, and it’s bad now. i used gnome for a very short time period earlier in 2024 out of morbid curiosity. my machine had 128 gigabytes of ram, rtx-2080, threadripper 2950x processor and gnome still lagged. XFCE just worked! on top of that, gnome sucked to use. i am not using gnome: whether it’s “woke” or “anti woke” or whatever else.
if we’re at a point in the world where we choose our web browser by the political views of its programmers… we’re screwed"
Well louis did switch from GrapheneOS tbo BC he didn’t like the dev lol
But fair points
With that being said, Proton is not some sort of gold standard, it is a good email service. There are others.
This argument is really weak.
“If you’re not going to do crunches, pull ups and marine pushups, there’s no point in going for that walk.”
Yes there is! Don’t let the best be the enemy of the good.
Like most things, it’s not so black and white as Louis paints it. What products you buy and use absolutely is a political choice, but perfection isn’t the goal. No one has to be a “perfect” consumer to avoid the low hanging fruit like Chick-fil-A or today’s Tesla if those are important issues to you.
This argument is so weird to me.
Maybe I’m a huge nerd, but I love researching who I’m supporting behind the products and services I use, just in general. If I happen to learn someone has weirdo politics it’s not “researching everything to death,” it’s being careful with my hard earned money.
I understand you perspective completely. I assume it is a similar battle to achieving digital privacy. It is a good fight to fight and research, but a balance must be found between moral purity and actually living life. It’s great when you can get them to align as much as possible, but you could always go further and cut more out, to the point of greatly reducing your quality of life. Maybe you should be reducing your quality, I don’t know.
honestly i believe the reason so many people are never gonna switch from google is because so many services allow you to use your google as an easy one click register/login. its so convenient that i have friends who’d rather have all their privacy be infringed than to give that up.
not to mention the dozens of services google provides themselves, from maps to mail to search to whatever the fuck
similar to apple, its an ecosystem. one of convenience.
100%. it’s SO annoying to remember passwords especially when my phone doesn’t auto save them 50% of the time because it doesn’t feel like it.
Why doesn’t everyone just use a better manager like Lastpass or Bitwarden, it’s super easy to use.
I do use Bitwarden, and in my experience of >1 year, it’s good enough. It sometimes doesn’t save automatically and if you save (for example) a McDonalds login on PC, it won’t offer to fill on their app. Also you cant save new passwords offline which is a pretty rare situation but it made me want to rip my hair out (granted I didn’t have enough food that day so I was angry to begin with).
Minor gripes for sure, but Google doesn’t have the same annoyances. Not worth going back to Google though.I guess I’ve always just made the new passwords in Bitwarden and have it fill in the form rather than fill in the form and let Bitwarden save it. Do you not use generated passwords? Can’t help you on the offline thing, I see how that would be annoying.
It’s called the Googleverse.
Many people don’t know the difference between the Google search bar and the URL bar anymore.
Host your own email server, that’s the point of email
But in reality, email is a good example of why you shouldn’t use federated services
Yeah, this isn’t really scientific or anything. The details of he survey aren’t really discussed in detail, and its not random sampling… Its readers of android authority.
That’s nearly equivalent of saying, the majority of people in this privacy group care more about privacy than google features.
I’d be interested to see a broad survey like this though to get a real sense of how the general publics views on privacy are changing.
Like Google is going to do that. The entire reason for gmails existence is to gather data from its users.
It’s ridiculous how user data has become such a big commodity.
You mean to say that if a service or product is free, we are the product?
Samsung: buy device, we collect your data Apple: buy device, we collect your data Google: buy device, we collect your data Tesla: buy a car, we collect your data Uber: pay for delivery, we collect your data Amazon: pay for subscription, buy items, sell items, we collect your data. Netflix: literally the only way to interact with us is to pay a subscription, we collect your data. YouTube: pay more than every other streaming service to get music, video and shorts with no ads, we are still collecting your data.
“If it’s free, you’re the product” has never been and will never be true. You’re the product so long as advertising exists, paying for shit doesn’t change a thing. They don’t care you bought it once because they want you to buy again and again and only from them. It’s a statement to make people think they deserve the treatment they’re getting and its gaslighting.
No, if a company has shareholders then you are the product
Companies exist only to make profits for the investors.
The users getting any value is just a happy little accident.
and not just that, but to make as much money in as short a time as possible. Fuck the future, short term goals are all that matter.