Sure, they have some things (arguably low-value, but you may disagree) on GitHub, but they do not have the main protonmail service - where I could run my own Protonmail server - on GitHub.
Setting the bar awfully high there, aren't you? Very few companies open source everything, and I'd say that it's pretty reasonable to say you support open source and open standards despite that.
If instead they said "Protonmail supports open source" then I would totally agree with you, but I think my conclusion is fair to draw from their language: "Protonmail will always be open source."
They must comply with the legally binding Swiss order. The alternative is shutting down the business. Also note they BEGAN logging the subpoenaed IP AFTER receiving the warrant and notifying the user. They did not have IP logs ready to go.
I don’t think anyone actually reads into nuance anymore. The privacy advocates are their own worst enemy. If this bar is too low for you, there’s basically only self hosted GNU software left…
ProtonMail respects your privacy, but they also respect warrants issued by the Swiss authorities. If you use ProtonVPN (or no VPN) to access ProtonMail then your real IP is recorded and can be turned over. If hiding your real IP address is important than use a different non-logging VPN provider (personally I use Mullvad to access ProtonMail and everything else).
> 2.7 IP logging: By default, we do not keep permanent IP logs in relation with your Account. However, IP logs may be kept temporarily to combat abuse and fraud, and your IP address may be retained permanently if you are engaged in activities that breach our terms and conditions (e.g. spamming, DDoS attacks against our infrastructure, brute force attacks). The legal basis of this processing is our legitimate interest to protect our service against nefarious activities.
>
> If you enable authentication logging for your Account, the record of your login IP addresses is kept for as long as the feature is enabled. This feature is off by default, and all the records are deleted upon deactivation of the feature. The legal basis of this processing is consent, and you are free to opt in or opt out of that processing at any time in the security panel of your Account.
I removed my premium subscription after this incident and was surprised to find that all benefits for the subscription were immediately revoked. Mail was rendered undeliverable until space was clear back to 500MB.
Mind you there was still time in my subscription.
So fuck ProtonMail regardless. Others will recommend Tutanota, Fastmail… I use mailbox.org for business, all much better recommendations.
They have a free service, there was no reason to cut him off completely unless he was over quota and then they should have logically warned him and given notice they would purge the account after x days unless it was cleaned up. So yeah this seems kind of dirty.
Are you referring to the "from" address or specifically the "reply-to"? You can change the "from" ... I am not sure about keeping the "From" the same but changing "reply-to"
What are the opinions on moving a personal family domain on the GSuite Legacy free over to Proton?
It seems like the cost is reasonable, 9.99€/month for 15 email addresses and 3 custom domains. I have just one domain and 5 email addresses for my family so I don't need much. Curious to what everyone thinks about Proton or if there might be a better alternative. Side note: I know Proton is based in Switzerland but my family and I are based in the US. Not sure if that is something which would be a problem.
Otherwise, I think they are really the best private email company.
And now with this change, they are the only privacy ecosystem out there, unless you count nextcloud which a different thing and isn't as heavily encrypted as proton.
Be aware that proton doesn't offer standard SMTP connections, you need a bridge which is only available on desktop.
The same thing is true with the calendar/contacts there is no cardav/caldav sync.
I hope they are working on integrating a Dav bridge on desktop and syncing from mobile apps.
>The same thing is true with the calendar/contacts there is no cardav/caldav sync.
The lack of CardDav and CalDav are absolute deal breakers for me. If I can't get my contacts and calendars into my preferred apps on my phone there's just no way they'll get adoption from me. I stick with Fastmail because it just works for mail, calendars and contacts across all of my devices and apps.
However I would remind you that since Fastmail is based in Australia, its privacy is pretty limited.
> The new law also allows officials to approach specific individuals—such as key employees within a company—with these demands, rather than the institution itself. In practice, they can force the engineer or IT administrator in charge of vetting and pushing out a product's updates to undermine its security. In some situations, the government could even compel the individual or a small group of people to carry this out in secret. Under the Australian law, companies that fail or refuse to comply with these orders will face fines up to about $7.3 million. Individuals who resist could face prison time.
Email isn't really secure or private anyway. And Proton's email is only making email between Proton accounts private, so unless a large number of my email recipients are also on Proton it's a moot point.
I don't get the draw of Proton. If I send email to someone else outside of Proton I should assume that email is now in an insecure state.
Fastmail may not advertise privacy, but honestly, I don't think much email in general should ever be considered private, including much of what is sent from Proton.
Proton's feature is its privacy adovacay and now its ecosystem.
Its a compelete ecosystem designed with privacy in mind, and encrypting emails is not the only benefit, another ProtonMail benefit is that no one can read the stored emails, only you can do that.
Maybe so, but if the recipient of the email, or sender of the email is not using an email service that provides the same then those emails should not be considered private. They might not be accessible on my email service, but they are on someone else's.
Proton's major draw, in my view, is the storage being encrypted and not accessible unencrypted to the server, not the transmission and emails to others. While it does do relatively convenient PGP encryption to other ProtonMail users (and annoyingly inconvenient PGP encryption to others, when I've tried), these are rather limited in scope, because of the limitations on recipients.
If your concern is a major state-level actor, able to spy on every recipient/sender you're communicating with and generally tap emails being transmitted, yes, Proton offers little protection, and email is insecure. If you're worried about a data breach or targeted attack compromising your stored email in its entirety, however, it does. These are more feasible for smaller-scale attackers, and in getting an entire, potentially complete history of your emails, potentially offer something more than just spying on one email.
I'd speculate that targeted attacks are more often client-side, usually trying to steal credentials from the user, but at least the user can be careful about these. Having all your correspondence stored and readable on a server that isn't under your control means you have to trust the security of the server much more than you would with this type of encryption.
> annoyingly inconvenient PGP encryption to others, when I've tried
If the recipient has set up Web Key Directory for their key the encryption looks just like for a Proton recipient (transparent key fetch in the background). And WKD is quite common and easy to setup (eg all major Linux distros have it).
Yeah, anything in the US, New Zealand, Australia, Canada, and the UK should be considered accessible by the government and shared between the 5 upon request.
It would work if you are all fine with using the same login.
If you want separate logins, take a look at Tutanota, it's 1€/month and you can add each family member as a full user.
As to the location, there is no issue, Tutanota is based in Germany, but both options (Switzerland or Germany) are fine for usage from the US. At least I've never heard about anyone complaining.
I have Visionary, which allows for five logins if I recall right. It also has a drive replacement, and something like 12 VPN assignments. I run a few domains through it without issue.
Edit: Looks like they aren’t allowing anyone new to sign up for Visionary. That’s recent as I was seeing signups available as of a week or two ago if I recall right.
Our family did the same thing... gmail is pretty superior in most aspects, but so is their ability to search your deepest darkest secrets. a tradeoff we were fine making. that said in the year we've been using it their overall "arc of change" has been positive and this latest refresh looks to follow that trend. FWIW I use the iphone beta app through trustpilot and it's a lot better but this refresh looks like they're moving towards GA'ing that version soon.
I use Visionary subscription for that, so far the only downside was lack of mailing lists - I really want some emails to be received both by me and my wife.
I can see why they do what they do, it probably prevents a lot of spam accounts and abusive use type accounts from being created. But privacy doesn't mean anonymous. If you want anonymous I don't think Proton is for you.
What if that $10/mo is going to result in a charge back from the stolen credit card? That, on top of spam and whatever other abuse is going on with that account.
And it would be easy for Proton, because they already accept cryptocurrency for subsequent payments after account creation, but not for the first payment during account creation (catch 22)
Honestly, cryptocurrencies (I hate that these have hijacked "crypto" for their silly garbage, to me crypto will always be cryptography. Old man yells at cloud I guess..) just invite abuse. As a service provider I'd never offer cryptocurrency as payment if that service could be abused in one way or another. Just my experience, to each their own.
I don't like it either (to put it mildly) but Mullvad allows cash to be send to them, no questions asked. You can even pay for various months that way.
Proton also supports cash for renewals/upgrades, but they went out of their way to remove the cryptocurrency option and the cash option during signup...
Exactly. The reason I pay for proton mail is not so that proton mail doesn’t know I’m a customer. It’s because proton mail doesn't read my emails. Gmail/Google does. That’s what privacy is important to me as an email user.
Sometimes it feels like people scream security === anonymity === privacy and really don’t understand what they’re even yelling about.
I just tried to register an account using the onion site. It requires JavaScript, as well as either an email or phone number for SMS. I saw no captcha when attempting to create the account.
"If you are only given the option of email or SMS verification and would like to avoid using email or SMS verification, it is possible to do so by upgrading to a paid plan using PayPal or Bitcoin."
Yeah, I would hardly call any of those options anonymous. Pseudonymous at best.
Which .onion? The signup link on https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7... redirects to their clearnet site. Maybe it redirected you too and you landed on that one mythical Tor exit node not yet blocked by Proton, which is always rumored to exist (but I've never seen it)
Right now it's staying on .onion again (and blocking anon signups), but at the time of wangler1949's comment it redirected to proton.me when I checked.
Between 2019 and 2020, I've created a few free one-time ProtonMail accounts, which I used for creating throw-away Apple IDs.
In fact, I just created one to verify. It's still possible. See for yourself:
user: testaccount.forhackernews@protonmail.com
pass: testdonotuseforseriousstuff
All I had to do was to solve a captcha with bicycles in order to prove I was human. And the dialog for recovery e-mail / phone had a "Maybe later" button.
I live in Switzerland, maybe the impossibility of anonymous account creation is a legal issue in some countries ?
Personally I'm still looking forward to the new android app, as the current one is pretty crappy.
I'm using the beta app and everything is good but it still doesn't support conversation view.
(I have yet to find any open source android email app which looks as modern as proton's, maybe AOSP email?)
They have also bought [SimpelLogin](https://simplelogin.io), the email aliasing service, and promised that SL would be intgersted in the plus plans when SL Is merged into proton in 2-3 months.
I'm hoping that they keep multiple domain support, even though I doubt it will happen.
As for proton calendar, its usability for me is pretty limited until they enable syncing with the OS on mobile and offer a Caldav server with desktop bridge. If they would also offer contact sync that would be super!
After five years waiting for them to implement swipe to move forward and backwards in your inbox rather than having to click and wait multiple times to move to the next message, and the same amount of time waiting for it to let me automatically open the next message after deleting the one I'm on...
Moving my email via IMAP bridge into ProtonMail resulted in many many messages being corrupted (they show HTML as TXT instead of rendering it) and duplicated.
I finally literally gave up a week ago and switched to Fastmail and am already so much happier. It's annoying, I really wanted to love Protonmail but they just do this window dressing nonsense with updated logos and website design instead of making the core product work better. I can't deal with it anymore.
It's very sad to me, I was one of their first customers :-(
just a reminder that Fastmail is based in Australia.
However I would remind you that since Fastmail is based in Australia, its privacy is pretty limited.
> The new law also allows officials to approach specific individuals—such as key employees within a company—with these demands, rather than the institution itself. In practice, they can force the engineer or IT administrator in charge of vetting and pushing out a product's updates to undermine its security. In some situations, the government could even compel the individual or a small group of people to carry this out in secret. Under the Australian law, companies that fail or refuse to comply with these orders will face fines up to about $7.3 million. Individuals who resist could face prison time.
Yeah, I really wish protonmail had been good enough, obviously I originally got it due to the privacy features which I agree are better. But five years is a long time to then get them spending this much money to redesign their website instead of finally finishing basic features.
I really really tried to give them time, but honestly this announcement is insulting for people like me waiting for years for actual features to reach parity. I finally gave up, but I'm not happy about it and would have much rather kept giving ProtonMail money.
> just a reminder that Fastmail is based in Australia.
> However I would remind you that since Fastmail is based in Australia, its privacy is pretty limited.
And Fastmail’s data centers are in the U.S. I don’t know if they encrypt all data and logs at rest. They/the data centers could be compelled to hand over data to U.S. three-letter-agencies too, with an NSL (gag order).
I'm sure the 3 letter orgs don't set up the paper trail for NSL until they need to for a court. They are scooping up all that stuff already, email/messaging is a goldmine of info too good to wait on warrants and such. Australia is a member of 5 eyes as well, so it's all basically the same, you can bet they all share information with little to no guard rails.
Certainly an aspect of my willingness to switch was that email encryption end to end only worked with other protonmail users, and unencrypted emails in transit are already readable, and they could surely be compelled to capture my decryption password the next time I used it anyway. They're still subject to swiss law which isn't quite as libertarian as protonmail sometimes implies.
I think that for most people (or at least me) the attacks that protonmail is good for aren't especially likely and can trivially be rendered useless by the kind of adversaries they would theoretically have worked against.
Disclaimer: not a security expert, just based on my impressions. Sorry if I got any details wrong.
At least fastmail isn't Gmail sending your info to marketers.
I canceled my subscription explicitly based on just how poor the app is. conversation view is just the tip of the issues here. its very slow and buggy for me. for many years basically unchanged.
I have been using Proton products for years now. VPN is top notch at the paid level, and email is pretty great. Don't know what else to say, it's good stuff.
That change was, as far as I can tell, it was done without any prior announcement (it is announced on the new website). Unfortunately, I had been trying over last few days to figure out the best way to move my currently partially self-hosted setup to ProtonMail, and the only feasible way to do so would likely have been with the Visionary plan. ProtonMail's sudden removal of it means that I likely won't be able to switch to them, and will likely end up removing my current Professional plan.
With its removal, there is no non-business plan with multiple mailboxes. It also appears that the ability to pay additional fees per item for extra custom domains, addresses, and other features has been removed. As such, if you need more than what the largest plan offers on these (eg, you need what the old Visionary plan offered), this now appears impossible.
I'm definitely happy that my €6 per month subscription has been upgraded to Proton Unlimited. The storage boost for email is more than I'd ever use, but the ability to add more custom domains is a definite win in my book.
For those who like using other mail clients there is the official Protonmail Bridge[1] (for paid customers). There is also Hydroxide[2] (which I use). I am able to use Apple Mail on mobile, Aerc[3] command line mail client on desktop (MacOS and Linux), and sync with the CardDav instance for contacts.
Understandably, this is not an ideal solution for everyone -- it works awesome for me! Just a PSA for those not aware.
I am a long time paying customer. Good to see improvements.
The one thing that keeps me from using Proton as my primary email is lack of email/calendar integration. When I get an email with an invite, I would like that to appear auto-magically on my calendar. When I assign my custom domain to Proton and use it heavily for a few months, this is what eventually makes me switch back to Apple/Gmail/FastMail.
Mm, I am a paid customer as well. I use proton mail exclusively and I like the calendar. You can add events to your calendar from an email/invite. I also share calendars with non-proton users (my wife uses user iPhone/calendar app). I haven't had any issues with it.
I was working on a side project to do exactly this, including emails from Airbnb, hotel and flight bookings, but for fastmail :) I will check if I still have the code...
I gave up on it because I wasn't sure how to solve potential privacy issues or concerns if I wanted others to be able to use it.
I was a paid customer, and I still support ProtonMail's mission, but the app experience drove me to cancel my paid subscription and go with FastMail instead. The mobile client and desktop were never in sync; I'd swipe an email to archive and it'd show back up in the inbox, etc. It happened time and time and time again and I got sick of it having to clean up after their messy app.
So much faith in the government of Montenegro, eh? Not optional anymore means I don't like it.
Also, what is the incentive as a previously paying customer to return? I see none. It does not seem to be loyal customers but current ones. So someone who subscribed last month or a few days ago (for however long) gets more benefit than me a multi year former user. OK, so where is the incentive to make me a returning customer?
Every other company on the planet seems to go with the 'screw the current loyal users, let's offer great deals for new customers only' model. One company finally does it the other way and you complain. This is the way every company should operate.
While it might be rare Humble Bundle did it as well, but then I was on the beneficiary side. My question still remains: what's my incentive to return? I get no deal whatsoever. I pay about 2 EUR a month for AirVPN as it is, and I switched to them because they had Wireguard support.
What are you referring to? What is their affiliation with Montenegro, and what is no longer optional?
Edit: Also in terms of incentives, is there another decent email provider that offers the same suite of services (end-to-end encrypted email that won't data mine you and serve ads to you?). That's still the main draw for me.
I'm a medium-happy Protonmail user. I really wish they'd step up their core services - give us the ability to snooze emails, schedule sends for later - all of the stuff you can do in Gmail, Outlook or other modern mail clients. It's such a hard time, because I reeeeally want to like the service, but I feel like they make it so hard
So the "Plus" plan no longer exists, and the only way to get more than 1 Vpn connection is now to get "Unlimited" which is even more expensive at €11.99
What was the price of "Plus" before this change, i think something like €8 or €10 ?
Great, even more different products using same names. I understand the idea of uniting all different Proton services under the same name, but now Proton (Mail and other services) and Proton (SteamPlay, from Valve) will be hard to differentiate in short news headlines. Similarly as with Unity (Ubuntu desktop environment) and Unity (game engine).
And to be honest, I don't know the best way to avoid UX problems when a service change domains.
I mean, besides that many users will lost access/do the reset pass process because of that, the experience to fix this as a user is: go to the pass manager, copy the credentials from the old domain, go to the new login page and paste it, save it as in the new domain, and delete the old domain saved credentials, because that will be saved there forever with no propose and confusing users with duplicated login information.
I guess more advanced password managers maybe notify about domain changes? But at least Firefox and I suppose Chrome, which is massive, don't have that.
1password browser adding needs you to add an extra url against the stored login. Not a problem imo, very rarely does a service change domain like this. This is the case for the safari addin, but Im sure Chrome and others will be the same
A more frequent problem is where a site will authenticate you against some other domain or URL, so its something Ive had to do before and I think someone using 1pass or similar should be able to do
Mobile app lets you search for an existing login when one isn't found for the new domain. After you give it permission to autofill, it will continue to do so
If the service gives a 301/308 response, it should in theory rewrite all bookmarks and things like this, but that also opens up security issues especially when it comes to password managers.
Kudos for taking the baton and maintaining https://github.com/ProtonMail/go-crypto which should replace Keybase's fork everywhere. Terraform and providers such as AWS now use it instead.
ProtonDrive excites me the most. The only other user friendly end to end encrypted cloud storage provider is Tresorit, who are overpriced for consumers. Please note I don’t consider Boxcryptor in the same category as they just serve as an encrypting proxy between you and cloud storage.
I wish ProtonDrive would explain more about their data resilience, whether they maintain custodian keys or any ability to access customer data, how access works when traveling across borders, etc. otherwise iCloud Drive and Boxcryptor are a stronger choice.
129 comments
[ 2.7 ms ] story [ 186 ms ] threadBut the last paragraph violates one of my common complaints: using "open source" as a buzz-word:
> Proton will always be open source
Oh really? Where can I download the source code to run my own Protonmail server? Answer: I can't.
https://github.com/ProtonMail
Did Proton redeemed this somehow?
I don’t think anyone actually reads into nuance anymore. The privacy advocates are their own worst enemy. If this bar is too low for you, there’s basically only self hosted GNU software left…
> The privacy advocates are their own worst enemy
Probably, but Privacy is Proton's motto. I'm just pointing at the controversy.
They can't refuse this as it was required by law, and protonVPN is protected from IP logging requirements.
https://proton.me/news/climate-activist-arrest
The have also updated their privacy policy.
> 2.7 IP logging: By default, we do not keep permanent IP logs in relation with your Account. However, IP logs may be kept temporarily to combat abuse and fraud, and your IP address may be retained permanently if you are engaged in activities that breach our terms and conditions (e.g. spamming, DDoS attacks against our infrastructure, brute force attacks). The legal basis of this processing is our legitimate interest to protect our service against nefarious activities. > > If you enable authentication logging for your Account, the record of your login IP addresses is kept for as long as the feature is enabled. This feature is off by default, and all the records are deleted upon deactivation of the feature. The legal basis of this processing is consent, and you are free to opt in or opt out of that processing at any time in the security panel of your Account.
https://proton.me/legal/privacy
Mind you there was still time in my subscription.
So fuck ProtonMail regardless. Others will recommend Tutanota, Fastmail… I use mailbox.org for business, all much better recommendations.
And so what? For someone to play like that it’s fair to give a refund for the unused period. Otherwise, like I said, fuck ProtonMail.
What are the opinions on moving a personal family domain on the GSuite Legacy free over to Proton?
It seems like the cost is reasonable, 9.99€/month for 15 email addresses and 3 custom domains. I have just one domain and 5 email addresses for my family so I don't need much. Curious to what everyone thinks about Proton or if there might be a better alternative. Side note: I know Proton is based in Switzerland but my family and I are based in the US. Not sure if that is something which would be a problem.
The cheapest option is 7$ per user, which is a big jumb from free.
https://proton.me/business/plans
Otherwise, I think they are really the best private email company.
And now with this change, they are the only privacy ecosystem out there, unless you count nextcloud which a different thing and isn't as heavily encrypted as proton.
Be aware that proton doesn't offer standard SMTP connections, you need a bridge which is only available on desktop. The same thing is true with the calendar/contacts there is no cardav/caldav sync.
I hope they are working on integrating a Dav bridge on desktop and syncing from mobile apps.
The lack of CardDav and CalDav are absolute deal breakers for me. If I can't get my contacts and calendars into my preferred apps on my phone there's just no way they'll get adoption from me. I stick with Fastmail because it just works for mail, calendars and contacts across all of my devices and apps.
> The new law also allows officials to approach specific individuals—such as key employees within a company—with these demands, rather than the institution itself. In practice, they can force the engineer or IT administrator in charge of vetting and pushing out a product's updates to undermine its security. In some situations, the government could even compel the individual or a small group of people to carry this out in secret. Under the Australian law, companies that fail or refuse to comply with these orders will face fines up to about $7.3 million. Individuals who resist could face prison time.
https://www.reuters.com/article/us-australia-security-data/a...
I don't get the draw of Proton. If I send email to someone else outside of Proton I should assume that email is now in an insecure state.
Fastmail may not advertise privacy, but honestly, I don't think much email in general should ever be considered private, including much of what is sent from Proton.
Its a compelete ecosystem designed with privacy in mind, and encrypting emails is not the only benefit, another ProtonMail benefit is that no one can read the stored emails, only you can do that.
If your concern is a major state-level actor, able to spy on every recipient/sender you're communicating with and generally tap emails being transmitted, yes, Proton offers little protection, and email is insecure. If you're worried about a data breach or targeted attack compromising your stored email in its entirety, however, it does. These are more feasible for smaller-scale attackers, and in getting an entire, potentially complete history of your emails, potentially offer something more than just spying on one email.
I'd speculate that targeted attacks are more often client-side, usually trying to steal credentials from the user, but at least the user can be careful about these. Having all your correspondence stored and readable on a server that isn't under your control means you have to trust the security of the server much more than you would with this type of encryption.
If the recipient has set up Web Key Directory for their key the encryption looks just like for a Proton recipient (transparent key fetch in the background). And WKD is quite common and easy to setup (eg all major Linux distros have it).
If you want separate logins, take a look at Tutanota, it's 1€/month and you can add each family member as a full user.
As to the location, there is no issue, Tutanota is based in Germany, but both options (Switzerland or Germany) are fine for usage from the US. At least I've never heard about anyone complaining.
Edit: Looks like they aren’t allowing anyone new to sign up for Visionary. That’s recent as I was seeing signups available as of a week or two ago if I recall right.
https://news.ycombinator.com/item?id=31505489
Make of that what you will, after so many years and the nth redesign
I can see why they do what they do, it probably prevents a lot of spam accounts and abusive use type accounts from being created. But privacy doesn't mean anonymous. If you want anonymous I don't think Proton is for you.
In the end it's their choice to continue collecting personal data, even after Swiss authorities compelled them to disclose personal data to French authorities: https://en.wikipedia.org/wiki/ProtonMail#Compliance_with_Swi...
And Proton is marketing themselves as anonymity friendly: https://proton.me/news/climate-activist-arrest
Sometimes it feels like people scream security === anonymity === privacy and really don’t understand what they’re even yelling about.
Edit: https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7...
"If you are only given the option of email or SMS verification and would like to avoid using email or SMS verification, it is possible to do so by upgrading to a paid plan using PayPal or Bitcoin."
Yeah, I would hardly call any of those options anonymous. Pseudonymous at best.
In fact, I just created one to verify. It's still possible. See for yourself:
user: testaccount.forhackernews@protonmail.com
pass: testdonotuseforseriousstuff
All I had to do was to solve a captcha with bicycles in order to prove I was human. And the dialog for recovery e-mail / phone had a "Maybe later" button.
I live in Switzerland, maybe the impossibility of anonymous account creation is a legal issue in some countries ?
I'm using the beta app and everything is good but it still doesn't support conversation view.
(I have yet to find any open source android email app which looks as modern as proton's, maybe AOSP email?)
They have also bought [SimpelLogin](https://simplelogin.io), the email aliasing service, and promised that SL would be intgersted in the plus plans when SL Is merged into proton in 2-3 months. I'm hoping that they keep multiple domain support, even though I doubt it will happen.
As for proton calendar, its usability for me is pretty limited until they enable syncing with the OS on mobile and offer a Caldav server with desktop bridge. If they would also offer contact sync that would be super!
Moving my email via IMAP bridge into ProtonMail resulted in many many messages being corrupted (they show HTML as TXT instead of rendering it) and duplicated.
I finally literally gave up a week ago and switched to Fastmail and am already so much happier. It's annoying, I really wanted to love Protonmail but they just do this window dressing nonsense with updated logos and website design instead of making the core product work better. I can't deal with it anymore.
It's very sad to me, I was one of their first customers :-(
just a reminder that Fastmail is based in Australia.
However I would remind you that since Fastmail is based in Australia, its privacy is pretty limited.
> The new law also allows officials to approach specific individuals—such as key employees within a company—with these demands, rather than the institution itself. In practice, they can force the engineer or IT administrator in charge of vetting and pushing out a product's updates to undermine its security. In some situations, the government could even compel the individual or a small group of people to carry this out in secret. Under the Australian law, companies that fail or refuse to comply with these orders will face fines up to about $7.3 million. Individuals who resist could face prison time.
www.reuters.com/article/us-australia-security-data/australia-passes-bill-to-force-tech-firms-to-hand-over-encrypted-data-idUSKBN1O42SR
I really really tried to give them time, but honestly this announcement is insulting for people like me waiting for years for actual features to reach parity. I finally gave up, but I'm not happy about it and would have much rather kept giving ProtonMail money.
> However I would remind you that since Fastmail is based in Australia, its privacy is pretty limited.
And Fastmail’s data centers are in the U.S. I don’t know if they encrypt all data and logs at rest. They/the data centers could be compelled to hand over data to U.S. three-letter-agencies too, with an NSL (gag order).
I think that for most people (or at least me) the attacks that protonmail is good for aren't especially likely and can trivially be rendered useless by the kind of adversaries they would theoretically have worked against.
Disclaimer: not a security expert, just based on my impressions. Sorry if I got any details wrong.
At least fastmail isn't Gmail sending your info to marketers.
A note for anyone recommending ProtonMail as that changes the calculus for many.
With its removal, there is no non-business plan with multiple mailboxes. It also appears that the ability to pay additional fees per item for extra custom domains, addresses, and other features has been removed. As such, if you need more than what the largest plan offers on these (eg, you need what the old Visionary plan offered), this now appears impossible.
https://news.ycombinator.com/item?id=31505489
Not sure what that has to do with the number of email aliases.
I've been a VPN subscriber, so haven't really played around with the mail side too much.
Understandably, this is not an ideal solution for everyone -- it works awesome for me! Just a PSA for those not aware.
[1] https://proton.me/mail/bridge [2] https://github.com/emersion/hydroxide [3] https://aerc-mail.org/
The one thing that keeps me from using Proton as my primary email is lack of email/calendar integration. When I get an email with an invite, I would like that to appear auto-magically on my calendar. When I assign my custom domain to Proton and use it heavily for a few months, this is what eventually makes me switch back to Apple/Gmail/FastMail.
I gave up on it because I wasn't sure how to solve potential privacy issues or concerns if I wanted others to be able to use it.
Also, what is the incentive as a previously paying customer to return? I see none. It does not seem to be loyal customers but current ones. So someone who subscribed last month or a few days ago (for however long) gets more benefit than me a multi year former user. OK, so where is the incentive to make me a returning customer?
Edit: Also in terms of incentives, is there another decent email provider that offers the same suite of services (end-to-end encrypted email that won't data mine you and serve ads to you?). That's still the main draw for me.
Protonmail is proprietary (given the JavaScript served cannot be audited), and because it does not use an open standard.
Both Posteo and Tutanota are alternatives which don't profile you but whether they suit your needs is up to you. Hosted in Germany.
however its nothing out of the ordinary to expect from the UAE.
What was the price of "Plus" before this change, i think something like €8 or €10 ?
And to be honest, I don't know the best way to avoid UX problems when a service change domains.
I mean, besides that many users will lost access/do the reset pass process because of that, the experience to fix this as a user is: go to the pass manager, copy the credentials from the old domain, go to the new login page and paste it, save it as in the new domain, and delete the old domain saved credentials, because that will be saved there forever with no propose and confusing users with duplicated login information.
I guess more advanced password managers maybe notify about domain changes? But at least Firefox and I suppose Chrome, which is massive, don't have that.
A more frequent problem is where a site will authenticate you against some other domain or URL, so its something Ive had to do before and I think someone using 1pass or similar should be able to do
Mobile app lets you search for an existing login when one isn't found for the new domain. After you give it permission to autofill, it will continue to do so
I wish ProtonDrive would explain more about their data resilience, whether they maintain custodian keys or any ability to access customer data, how access works when traveling across borders, etc. otherwise iCloud Drive and Boxcryptor are a stronger choice.