Good for them, I love being able to play Windows games on Linux.
Is this going to be the same kind of non-profit as OpenAI? With a mission to improve the world? Yeah, let’s see how that goes. Another Proton marketing play on their set track to enshittification.
Didn’t they get shit recently for AI and crypto related decisions ? Did they backtrack on that ?
Do you understand what enshittification is? It’s a slow descent over a long period. You add optional, privacy-respecting AI now, and over time, (like a decade,) it becomes more shitty until eventually all your data is opted in to centralized data harvesting or wherever.
I’m an Unlimited paid Proton user, and these new trend worry me too. Enshittification is a slow process. I watched Google turn from “Do no evil” to what they are today, and I’m too tired to want to watch the same entire process happen again to Proton.
Shouldn’t we worry of enshittification when we are on the verge of, or on the descending side of trajectory?
So far they added features in a way that keeps respecting users rights, without changing their business model (which is 90% of the reason why companies enshittify BTW). Just because these products have something in common with products of companies who enshittified doesn’t mean the same applies here.
That’s some big slippery slope fallacy. Privacy respecting AI was a highly requested feature, whether you wanted it or not.
Them adding an AI mail assistant that is completely private has nothing to do with them eventually not protecting user privacy. These things have nothing to do with each other.
AI is not inherently a privacy invading tool, its just that the majority of services offering it are free, hence them profiting off data.
Even if they did, so what? We should not then recognise positive decisions?
If we don’t allow companies and people to make any mistakes, for fear of being forever scorned, then we’ll end up with either unprogressive risk averse companies that cannot compete against their peers, or a host of good companies that go bankrupt from the slightest misstep.
Personally I’m glad companies such as proton exist, and are prepared to take risks, as they are currently our best hope against the likes of Google and Meta.
This is old news. Why are you posting this just now? I mean I don’t really care much. I transitioned to Posteo as soon as I learned that they stored the private key. They don’t even let you use your own GPG key, useless honeypot. Their recent bitcoin wallet supports this. If they cared about privacy, they wouldn’t go with Bitcoin. They have been ignoring requests for monero since years.
They also are getting into the AI hype, so I can’t trust my data with them.
You can use your own GPG key (https://proton.me/support/importing-openpgp-private-key or using the bridge), whatever tool does the signing needs the key (duh) so I am not sure what you mean by “they store your private key” (they stored it encrypted as per documentation https://proton.me/support/how-is-the-private-key-stored), their AI was specifically designed as local, exactly to be privacy friendly, plus is a feature that can be disabled (when it will reach general subscriptions).
I don’t care about cyptocurrencies, but I suppose they started with the most popular, nothing to do with privacy as they just let you store your currencies.
Anyway, use what you like the most, of course, but yours don’t look very solid motivations, quite a lot of incorrect information, I hope you didn’t take your decision based on it.
You upload your private key to the cloud. Encrypted or not, this is a bad idea. No thanks. I can do the signing locally and then I’ll do the decryption with my own private key locally without them storing it as well.
Edit: mixed public keys with private keys
You upload your private key to the cloud. Encrypted or not, this is a bad idea.
An encrypted key is a useless blob. What matters is the decryption key for that key, which is your password (or a key derived from it, I assume), which is client side.
They can do the signing and encryption with my public key
They can’t sign with your public key. Signing is done using your private one, otherwise nobody can verify the signature.
Either way:
and then I’ll do the decryption with my own private key locally without them storing it.
You can do it using the bridge, exactly like you would with any client-side tooling.
Just wanted to point out that it does not change anything from privacy and security perspective about their products.
Also they are still operating as a normal company internally (they still offer their vpn through a third party provider and they still work to achieve the highest income from their products).
