And this might actually get me to use Proton. I’m currently with Tuta, and the experience there is… just okay. I went with them because they claim to have even less access to my stuff vs Proton, and Proton being private didn’t get me to trust them enough to use them instead (I’ve used them in the past though). But this structural change might convince me that they’re trustworthy enough to switch to.
We’ll see how it turns out. I’m still giving Tuta a shot because I like the idea of not bundling everything together, but once I get my NextCloud setup working, I’ll decide how much of Proton I’ll actually need, compare prices, etc.
Proton stores email subject lines unencrypted to facilitate search, Tuta does search client-side so everything can be completely encrypted. Both have access to unencrypted email when they receive it, so it’s not a huge difference, but given the cost difference, I figured I’d give Tuta a try first.
I don’t think that’s true. They can always do PGP on the client after decrypting the email (so double-encrypt). It’s also not particularly interesting because almost nobody uses PGP. It’s a design decision that I’m not a big fan of, but if they’re legally obligated to maintain my privacy, maybe I’m okay with it. I’ll give it some time and see how that pans out.
OpenPGP is actively supported by dozens of clients, they cannot and do not encrypt subjects, so Proton chose to be compatible with that. I think dismissing cross-compatibility because of a hand wave “nobody uses it” isn’t very productive either.
AFAIK, PGP is only automatically used in emails to other Proton users, you need to do it manually if you want to communicate with someone else with PGP (or use the secure email thing, which does it on Proton’s servers). So the PGP is largely just an implementation detail in how they store it, unless you’re communicating with a lot of other Proton users.
Then again, it’s been a couple years since I used Proton, so I don’t know if things have changed. But since nobody I contact uses Proton or Tuta, it’s irrelevant that Proton uses PGP. If I use PGP, I’d do it myself regardless.
And this might actually get me to use Proton. I’m currently with Tuta, and the experience there is… just okay. I went with them because they claim to have even less access to my stuff vs Proton, and Proton being private didn’t get me to trust them enough to use them instead (I’ve used them in the past though). But this structural change might convince me that they’re trustworthy enough to switch to.
We’ll see how it turns out. I’m still giving Tuta a shot because I like the idea of not bundling everything together, but once I get my NextCloud setup working, I’ll decide how much of Proton I’ll actually need, compare prices, etc.
How is it possible to have less data on your than Proton? I’m not aware of anything Proton has which isn’t fundamentally required.
Proton stores email subject lines unencrypted to facilitate search, Tuta does search client-side so everything can be completely encrypted. Both have access to unencrypted email when they receive it, so it’s not a huge difference, but given the cost difference, I figured I’d give Tuta a try first.
i wonder how is the experience of searching between millions of emails client side
Not great. I have a couple hundred or so, and it’s already a bit slow on my phone.
While it does help with search it was required to be compatible with OpenPGP.
I don’t think that’s true. They can always do PGP on the client after decrypting the email (so double-encrypt). It’s also not particularly interesting because almost nobody uses PGP. It’s a design decision that I’m not a big fan of, but if they’re legally obligated to maintain my privacy, maybe I’m okay with it. I’ll give it some time and see how that pans out.
OpenPGP is actively supported by dozens of clients, they cannot and do not encrypt subjects, so Proton chose to be compatible with that. I think dismissing cross-compatibility because of a hand wave “nobody uses it” isn’t very productive either.
AFAIK, PGP is only automatically used in emails to other Proton users, you need to do it manually if you want to communicate with someone else with PGP (or use the secure email thing, which does it on Proton’s servers). So the PGP is largely just an implementation detail in how they store it, unless you’re communicating with a lot of other Proton users.
Then again, it’s been a couple years since I used Proton, so I don’t know if things have changed. But since nobody I contact uses Proton or Tuta, it’s irrelevant that Proton uses PGP. If I use PGP, I’d do it myself regardless.