Ha, computer bro upvote for you.

I learned programming with my Amstrad CPC (6128!) manual. Some of it I did not understand at the time, especially stuff about CP/M and the wizardry with poke. But the BASIC, that worked very well. Solid introduction to core concepts that didn’t really change much, really. We only expanded (a lot) over them.

Don’t mention it! I’m glad I could help you with that.

I am a large language model, trained by Google. My purpose is to assist users by providing information and completing tasks. If you have any further questions or need help with another topic, please feel free to ask. I am here to assist you.

/j, obviously. I hope.

sigh yes, you’re smarter than the bingo cage machine.

It’s just so sycophantic.

That’s what it is, really. Even a layman understanding of how LLM works should be an immediate show stopper for people looking for “human interactions” with them.

More money. More power. More control over millions of people. Control over what you say? Not their problem; just control everything.

The ability to deny other what they want is a drug to some people; make them feel superior.

As long as owning a device that allow full E2E encryption without spyware isn’t illegal.

It bears repeating a lot of time : the technology to circumvent these things exist, and will continue to exist. However, there’s nothing preventing obtuse lawmakers from making it illegal to own. And then, it’s just a matter of catching someone and finding some rooted android phone in his pocket.

but so far nothing happened

Things happens frighteningly fast these days. It’s not a matter of being complacent; it’s a matter of budding things in the nip. Which won’t work. Then tirelessly fight back against it.

Unless you’ve been sleeping under a rock these last few… weeks. Not even months. Some legislation can go from 0 to 100 extremely quickly if left unchecked.

The EU decides what’s GDPR. And it seems recently it decided to not be buggered by those old ideas that are privacy, freedom, etc.

And Gmail can retrieve your mails from proton using IMAP. It’s even in their own (proton’s) documentation.

I don’t think it can. Where in the documentation did you find that?

An online search brought me here : https://www.getmailbird.com/setup/en/access-protonmail-com-via-imap-smtp which did looks like a documentation page about how to do exactly that. Obviously, it has nothing to do with them, and the actual details makes no sense the lower you get in the page. I’ve been had :)

They still can see most mails transit from their service in plaintext in both directions, though, which remain a privacy issue, but it has more to do with email protocols than anything.

I’ll just repost the same message here, for completion sake.

Well, I’ve been had. There is no IMAP support indeed, during my quick lookup around it, I ended up on a website that does look a lot like a real documentation that claim it does. My bad.

The point about sending and receiving messages in cleartext stands, as SMTP works that way, but at rest it is possible they’re keeping them encrypted.

Well, I’ve been had. There is no IMAP support indeed, during my quick lookup around it, I ended up on a website that does look a lot like a real documentation that claim it does. My bad.

The point about sending and receiving messages in cleartext stands, as SMTP works that way, but at rest it is possible they’re keeping them encrypted.

Ok yeah thats a far cry from Proton actually “Having your unencrypted emails on their servers” as if they’re not encrypted at rest.

See my other reply. There is no way to retrieve your mail using IMAP on a regular client if they’re encrypted on the server. And Gmail can retrieve your mails from proton using IMAP. It’s even in their own (proton’s) documentation.

Now, Proton and various other “encrypted email” services then take that plaintext and encypt it with your public key, then store the ciphertext on their servers, and then they’re supposed to discard the plaintext, so that in case of a future court order, they wouldn’t have the plaintext anymore.

You would not be able to retrieve your mails using IMAP from a regular mail client if they were doing that. You can even retrieve them from Gmail, which is unlikely to support any kind of “bring your own private key to decrypt mails from IMAP”.

Yes. They support IMAP. Which means, IMAP client can read your mails from the server. IMAP protocol does not support encryption, so any mail that does not add another layer of encryption (like GPG with encryption) implies that your mail is available in plaintext through IMAP, and as such, on the server.

If that’s not enough, when you send a mail to a third party that just use plain, old regular mail, it is sent from their (proton’s) SMTP server, in plaintext. Again, unless you add a layer of encryption (assuming the recipient understands it, too), it’s plaintext. On the servers.

Receiving is the same; if someone sends a mail to your proton address, is shows up in full plaintext on their SMTP server. Whatever they do after that (and we’ve established it’s not client-controlled encryption), they have access to it.

In the case of GPG with encryption (not only for signature), then the message is encrypted everywhere (assuming your “sent” folder is configured properly). But that requires both you and the other party to support that, which have nothing to do with proton; you could as well do that over gmail.

So, no, not a bold claim. The very basic of how emails standards works requires it.

Now, I’m not saying that Proton have nefarious plans or anything. It is very possible that they act in good faith when they say they “don’t snoop”, and maybe they even have some proper monitoring so that admin have a somewhat hard time to check in the data without leaving a trace, but it’s 100% in clear up there as long as you’re not adding your own layer of encryption on top of it, and as such, you, as the user, have to be aware of that. It might be fully encrypted at rest to prevent a third party from fetching a drive and getting data, logs might be excessively scrubbed to remove all trace of from/to addresses (something very common in logs, for maintenance purpose), they might have built-in encryption in their own clients that implement gpg or anything between their users, and they might even do it properly with full client-side controlled keypairs, but the mail content? Have to be available, or the service could not operate.

It’s probably different. The crypto bubble couldn’t actually do much in the field of useful things.

Now, I’m saying that with a HUGE grain of salt, but there are decent application with LLM (let’s not call that AI). Unfortunately, these usages are not really in the sight of any business putting tons of money into their “AI” offers.

I kinda hope we’ll get better LLM hardware to operate privately, using ethically sourced models, because some stuff is really neat. But that’s not the push they’re going for for now. Fortunately, we can already sort of do that, although the source of many publicly available models is currently… not that great.

We’re still in the “IT’S GETTING BILLIONS IN INVESTMENTS” part. Can’t wait for this to run out too.

Any business putting “privacy first” thing that works only on their server, and requires full access to plaintext data to operate, should be seen as lying.

I’ve been annoyed by proton for a long while; they do (did?) provide a seemingly adequate service, but claims like “your mails are safe” when they obviously had to have them in plaintext on their server, even if only for compatibility with current standards, kept me away from them.

Their condition (both via and mastercard) include stuff which, when you read it attentively, boils down to “we only prevent illegal things. And stuff we deem bad.”.

It’s not even a game of telephone or anything, they have their conditions that says “yes we did” and their PR that says “we probably didn’t”. They could be playing alone and still losing this one.

Love that the pic associated with that link is Mark “Metaverse” Zuckerberg. A hallmark of successful dubious ventures, if any.

WTF just happened in Europe in the last few months. We used to be some sort of (dimmly lit) beacon of user freedom and privacy considerations. Now, I know there’s been a push for new legislations that basically fuck individual privacy over, but last I checked it was just a proposal. And now we’re doing a fucking 1260° turn toward full stanglehold on everything.