I’m trying to get rid of my Google dependency and one of those steps was moving over to Protonmail. Now in the past few days i have been picking up signals that even Protonmail is not as clean as it might be.
Does this really impact the privacy of how i use email and so is moving to Protonmail a step forward from Google, or is Protonmail just as bad?
If so, what could be alternatives?
edit:
Some of the alternatives being mentioned in the comments are:
Email:
VPN:
edit 2 (2023):
There seems to be some new activity around this post. At the time of writing the post (2 years ago) there were some stories going as user @UnfortunateShort described in their comment. This made me question the best options available at that moment. Currently i am still a Proton user, using their Mail and Calendar service, and Mullvad for VPN.
Protonmail is most professional encrypted email service in industry.
Even if it be a honypot, you can compile their phone apps yourself and use them.
Also for those rumors that say they want to use google cloud, they won’t.
They just route your traffic from one of the big providers like azure, aws or gcs if their service be blocked in your region.
Also they pinned their cert into their app so that the potential to intercepting of your traffic to their servers via these third party routine services become low to about near zero.
Also you can disable that in their app and that feature is not in their web app!
The option is alternative routing.
You can easily disable it from their apps, although it won’t ever used if your traffic to their own servers not get blocked.
Also there is no data stored in these third parties, they just route you to proton’s actual server.
And to emphasize it, you can disable it completely from their apps and it isn’t enabled in their websites (it is impossible also to do that for their websites, technically)
Also if they be a honypot, still you can audit their apps source code yourself and then compile them yourself or in near future download them from fdroid.
So if they be a honypot, your data still is encrypted with strong openpgp (apps) and openpgpjs (javascript implementation of it) in their web apps and all of them is open source.
So when your data is encrypted and if you don’t do any unencrypted communications through their service, they can’t do anything with your data even if they be a honypot.
Openpgp is 20 years old protocol that still is well maintained and is proven to be really secure.
Also about tutanota, they use their own homebrew encryption that always is discouraged by cryptographer engineers.
Also about honk kong protests, they just don’t want to become more influenced by ccp as you probably seen that some people in mainland china are really brainwashed that accept everything their government do and say.
They just supported that, not any murder or anything else that is really terrible and the guy should get judgement for his creepy crimes.
Regards.