Removed by mod

where’s the “…or else” part?

not to shit on you specifically but I see this over and over, folks asking how to be “secure”. secure against what?

if you’re into this, you need to set up a “threat model” i.e. what are your threat vectors and then you build your defenses against that model. a defense against blanket surveillance doesn’t handle targeted threats. a successful defense against your government doesn’t preclude other nation-state actors getting at you.

like, if your threat vector is e.g. your SO “inspecting” your phone, you set up a passcode and you’re safe against that threat. but, if there’s a toddler going around smashing stuff, your defense isn’t valid. defense against that vector is placing your phone high up. but that defense isn’t effective against SO.

I am sure any messenger recommended here can be successfully red-teamed, be it design flaws, operator error, the famous wrench comic, or whathaveyou. but that doesn’t mean it’s ineffective in your specific case.

you’re ignoring the important part - who that’s coming from.

analyzing a new shit-sandwich from the shit-sandwich-shop to determine “does this one have shit in it” is a valid academic endeavor, but hardly something you’d spend one second of your life pondering.

don’t need any such “proof”. the whole industry has lost any and all benefit-of-doubt privileges, for ever. they don’t get an opportunity to gain a foothold in mi casa and possibly be in a position to do harm.

I don’t get the idea that after all the shit they pulled someone’s like “well maybe this new thing’s nice”.

those are immoral people with zero compunctions about doing anything that hurts you, your community, and humanity as a whole. we are in an adversarial position and you’d do well to remind yourself of that constantly.

not my circus, not my monkeys

but them positions… as mr. cici famously quipped, that’s alot of buffers

you really need a VP of eng and then a director of eng and further liaisons until you reach an actual engineer for a shop that has one product?

again, what do I care, spend it in good health

what is this take based on? there’s a direct line between “we want this shit done” and “judge rubberstamps order”? no process, no interview, no hearing, no nothings? medieval courts maybe worked that way, no system of government I know of nowadays does.

I imagine they got courts and lawyers and motions and hearings and stuff over there, even if the fight is doomed you need to show your teeth once in a while. and what’s with the proton employee reviewing whether there were “explosives” and “guns” involved, naturally based on super-reliable evidence, what the fuck is that?!

and alla that aside, why do they have payment and user info on file, for what fucking purpose? there’s either user privacy or there ain’t. and them folks are in the “ain’t” camp.

article in case you can’t read it: lemmy.ml/post/44086795 edit: better link in a reply.

proton coulda put up a fight, a loud one, for optics sake if nothing else. rolling over on any (and by implication, all) request should be the last straw in their long line of snafus; by way of “death by a thousand cuts”, I would never entrust them with anything of importance.

signal demonstrated that you could decouple payment info from user data and a shop that touts the privacy part of their offerings coulda at least mimic such a thing.

edit 2: fuck any and all pay-with-crypto shills and the horse they rode in on.

I’m saying I’m not gonna use it as an email provider, as in pen a love letter to to sydney sweeney, reminding her of the shit she promised me in my most recent dream and she’s kinda tardy so what’s up with that and so on.

I am gonna use it as a transactional email inbox, as in “you registered to yadda-yadda here’s shit you’re never gonna read”. and if in the process of using them it turns out they’re a buncha good folks, maybe I’ll elevate out reationship.

the trackings and whatnot are a) blocked by a buncha filters, b) gone when I close the tab with their url, c) they don’t get my PII, and d) they don’t get to store anything on my hardware.

way worse shit out there.

what I said in the first sentence - I am assuming we’re in an adversarial position. if I know you’re out to fuck with my shit, guess how much of my shit I’m gonna entrust you? the equivalent of junk mail.

now it’s possible them guys are good people and whatnot, but until that is established beyond a significant threshold, any and all such providers get zero of my trust up front.

I know nothing about these services but intuitively this shit rings true:

• the whole setup is kinda unfalsifiable - who’s to say how many of them “brokers” are out there and if they contacted all of them and what the outcome is/was
• advertising all over the place implies a scammy business model; life’s too short to figure out what the scam exactly is
• related, almost every piece of shit advertising all over the podcast world turned out to be a piece of shit
• the threat vector of you voluntarily supplying them complete and detailed personal info (so they can find you everywhere) cannot be overstated
• they’re motivated to keep you on the hook for a long time; it’s not a pay-once thing, it’s a subscription thing - alarm bells should be going off
• finally, paying for that looks to me like them going to the “broker” and divvying up the cash, if not outright being their affiliate

same way how you don’t send “unsubscribe” proof-of-life to spammers, I’d stay the fuck away.

I automatically assume I’m in an adversarial position vs such a thing and don’t care what kinda shit they try to pull - they’re met with the full arsenal of privacy enhancing tools at my disposal.

as for me, an email provider that asks for no backup email or other verification methods can come useful in everyday life, thanks for mentioning them.

don’t like the email domain, the UX is nothing to write home about, and they’re obnoxious with the upsale pitch, but with a few tweaks here and there this can be useful for signups, transactional emails, and the like.

you are still buying stuff you dont need to and they are not cheap by any metric. $200 for a phone with a degraded battery that was rubbed all over, spat on, taken to the shitter, and dogknowswhatelse is not cheap, by any metric.

a year ago, $50 could get me a Poco F1 or Oneplus 6/6T, SDM 845 with 8 GB RAM. full lineageOS and postmarketOS support. nowadays, same money can get me something like a Poco X3 Pro, SDM860 with 8 GB and 256 GB storage. insanely powerful platforms, that’s what I’d buy if I had to. but I don’t gotta, the latest lineageOS runs on my shit.

first of all, posting this here is kinda pointless, ain’t a soul here that doesn’t know about this thing. second, no ill feelings about madame V., the world is better with her work in it, but this ain’t the audience for it as her work is kinda superficial and, again, directed at a different audience.

third and final, fuck grapheneos. fuck the pixel. and fuck google. and fuck the premise that the only way you can escape their clutches is buying new shit.

if you think this thing is a good idea, that’d be as if linux can run only on a couple of the most recent thinkpads and nothing else. would you still be into it? I know I wouldn’t be.

gOS is the easiest to get onto hardware and that’s why this thing dominates the youtube slop sphere. you try to make flashing lineageOS into a coherent video, you’d lose all of your audience, presto.

for the 99,9% of us that ain’t a buncha jason bournes on the run from 5eyes and friends, lineageOS is plenty fine and secure as is.

ai;dr

took one look, said needs an external video/voice provider (e.g. zoom, jitsi,…), said bye.

because it has the best (not one of the best, the best) UX of any of its brethren and normal people are super forgiving about them non-important things once they get used to the fluidity and glitz of weirdov’s app.

I have first hand experience with forcing (apt term) normies to use XMPP and Matrix clients in a corpo setting and am witness to the abject horror they experience when they clash with the dogshit apps these lunatics claim are production ready.

it’s known that google doesn’t want you to use email, they want you to use gmail. same as how all those fucks co-opt standard protocols (XMPP, ActivityPub, etc.) and then defederate it and make it their own walled, proprietary thing.

I ran a slew of geo-dispersed mail servers for a decade+; not really spam as it’s willing recipients but essentially not that far from it, either. also fully compliant, experimenting with voodoo-adjacent tips for improving deliverability (none of them work). so glad to be out of that racket.

anyhoo, you can utilise mailchimp/sendinblue/etc as they have a direct pipe into gmail/outlook infra and are not subject to any of those harassment tactics, which is basically payola. the prices last time I was involved with checking things weren’t that much better (worse in fact, if you add the costs of running all that shit) than transferring everything to gmail and friends, which is their ultimate goal.

I use it reluctantly and only to un-fuck the fucked up search. if there were a good search engine I wouldn’t use the thing.