dengismceo

that was a wild read, thanks for sharing

dess' comment wasn't a response to the long comment but response to my first comment, where i had originally said this:

dess you recommend protonvpn but like… protonmail takes money from CIA-backed orgs & talks about “freeing” hong kong…

and then realized i had mixed something up so i commented this:

i’m sorry – i mixed up two facts. it is protonmail who monetarily (and publicly) supports CIA-backed orgs, not the other way around (afaik).

and edited my first comment accordingly.

dess had responded prior to my edit, but i suspect knowing political leanings, proton would not be recommended regardless. i'm happy to be corrected. @[email protected]

i don't disagree. i only mentioned the CIA connection because if you look it up, you will find claims. hell, you can find a bunch of claims in this very thread. it is unsurprising, as any US involvement in a privacy project makes people skeptical.

facts (that can be verified on protonmail's own website):

• proton received the funds i listed (crowdfunding, EU grants, CRV, FONGIT, possibly additional grants)
• they had teams both in the US + switzerland
• they receive counsel from MIT
• they have openly promoted orgs who have concrete connections to the CIA

that last point is why some think they are compromised. especially because they are always on the side of the CIA. even though they claim they fight for "freedom of speech everywhere" somehow that has not included censorship which is not advantageous to the US gov't

i will never pay for protonmail's services because i refuse to give money to an organisation that supports CIA-backed causes. as someone who cares deeply about others, proton's support to me is what google pulling adblock is to you.

that is correct.

my biggest takeaway from the search was the venture capital funding. not because i think it means 3 letter agencies are involved (which i don't, to be clear) but because i think it compromises being committed to the best interest of their users. also on a personal level i hate that they crowdfunded with the promise they were going to remain independent and then broke that promise. it feels really slimey. how can one trust their word that they won't break more promises in the interest of $$$?

great question!

i use wikipedia all the time. i think the biggest issue, by far, is bias. it is a huge hurdle. even if the articles cited only scientific journals, there would still be lots of ingrained bias (who conducted the study? what were their methods? who paid for it? how reliable is the journal? have the results been reproduced? why was this study cited instead of a different one? etc)

perhaps a way to address bias would to be seeking out multiple sources that contradict each other. then when the article is written, if these opposing sources have the same information, that is presented with all sources cited. if the sources contradict each other, the information is presented individually. ex.: "[source] reported [information] [citation]. However, [different source] reported [different information] [citation]"

a second way, along the lines of what you have suggested, would be getting more people involved (translators included!) i don't know what the best answer is but i do know that it can absolutely be improved!

i understood but i now see i wasn't clear enough in my original comment. sometimes i omit things for sake of clarity but it seems i omitted too much in this case. it was not my intention to imply that all incoming emails, regardless of encryption status, would be unencrypted.

edited: the first part of my comment was irrelevant to the true matter at hand so it has been removed

Proton’s support of the what the riots turned into isn’t tainted by what sparked the controversy in my opinion.

and in my opinion, this actually makes it worse. because then it becomes them promoting a blatant misrepresentation of hong kong in support of a color revolution. this means those deciding to fundraise are openly supporting the interests of the US government. which makes them less trustworthy, not more.

the argument could be made that they saw how many westerners ate up the propaganda around the situation and wanted to capitalize on it. i think that is a fair argument. but them being money-hungry makes them less trustworthy, not more.

Hong Kong riots

support for the riots is not "support of anti-censorship". it had nothing to do with censorship. a brief summary of how things began:

1. a man murdered his pregnant girlfriend while on holiday in taiwan
2. taiwan wanted the man extradited to face charges but hong kong did not have an extradition treaty with taiwan
3. an extradition bill is introduced in hong kong listing 46 crimes for which extradition may be requested by taiwan, macau, and the PRC. nine crimes listed were financial (these were later removed)
4. angry rich kids realized they would not be able to commit the same financial crimes their parents did

it was never about being censored. it was about wanting to continue to exploit others without consequence.

protonmail didn't just "come out and support" the color revolution by merely making a statement. i'm not making the assertion that their support means that they are a honey pot. i am asserting, however, that their support means that, unlike their claims, they are decidedly not "pro-freedom" (unless, of course, their definition of "freedom" is getting away with murder).

you write as if you're correcting me (first comment began with "no", second citing what i already stated) but i said nothing in contradiction - already encrypted emails won't be unencrypted. i did not state otherwise.

i was referring to the recent order (late last year) from a german court ruling tutanota had to "spy" on one user. tutanota cannot access the emails in that user's mailbox because they are already encrypted but they had to comply with the court order so their solution was to write a function that prevents that specific user's new emails from being encrypted.

yup. 12 characters is too few

i'm confused by this statement in the readme:

Back in 2018...But this option was removed with the introduction of full-disk encryption on Android.

android doesn't use FDE - it uses file-based encryption (FBE). it used to use FDE but hasn't since android 9. my point being that FDE existed first and has been phased out so it already existed in 2018 and was introduced waaaay earlier. so is this a typo in the readme or am i totally missing something?