Proton CEO Andy Yen gave a surprisingly sharp interview to the Swiss magazine “watson” (source in German: https://www.watson.ch/digital/wirtschaft/517198902-proton-schweiz-chef-andy-yen-zum-ausbau-der-staatlichen-ueberwachung). He warned that Proton might leave Switzerland if new surveillance laws are passed, which aligns with the company’s strong pro-privacy stance. So far, nothing unexpected.
However, Yen’s remarks about Swiss officials - describing them as lifelong bureaucrats, all lazy, and incompetent - came across as arrogant and out of place, almost like something you’d expect from a capitalism praising Trump supporter. he also was quoted in the interview, that the US works better (so they consider to move there?).
The interview left me speechless, and I’m certain I won’t be considering Proton for any of my future projects
How exactly is this different from Proton?
Proton bridges to other applications via imap. Tuta claims that’s “too insecure.” Even though every email ever uses it.
Isn’t the proton bridge only available for paid customers?
Yes, I use my own domains.
Then you’re good. My main complaint is for the free plan. You either pay or are forced to use their UI and protocols. Most users are on the free plan and as such, enter kind of a walled garden
Their predatory pricing also doesn’t make them look great
I fully agree with you. Sorry, I wasn’t getting your point before.
I paid for Proton for privacy and custom domain. Then I wanted more domain and didn’t love the CEOs words but more over wanted to try Tuta. Price was cheaper and offered more domains.
Tuta had zero non Tuta application use such as thunderbird and you can only email support if you pay! What in the world.
I read online and many recommended mailbox.org. It offers 50 custom domains for less than 4$ a month. I’m now of the opinion that both Proton and Tuta are kind of like VPNs, they prey on scared users who think they need these services. Why does my mailbox need to be encrypted when email already has its own security functions and it’s already unencrypted when sent to another email? Why can’t I use IMAP as all other mail uses? Why should I use a “private” email with a custom domain when I bought that domain with my own name? lol
I don’t have the energy or care to dig deep into those questions like some people might but after my experience switching between those two I find them both quite pointless. It’s good to have google alternatives but, like VPNs, they’re scaring their customers into thinking an extra feature is essential
No worries! That’s kind of you :)
My simple answer for encryption is that encryption at rest ensures that if the mail provider gets hacked or an employee goes rogue, your mails won’t leak. This as well as them not being able to hand out your mail in case of an investigation. That’s pretty much their only advantage over a classical host.
Thank you for explaining! :)
Does Mailbox.org’s privacy statement read well to you?
Oh, I found this. It seems you can activate mailbox encryption! Thanks for pushing me to find this.
The privacy statement shows big words and all, but I’m interested in the legal page of privacy policy. Unfortunately, an orange flag is that it isn’t easily available from anywhere, which is a bad practice. Here is its link: https://mailbox.org/en/data-protection
It’s not written like ordinary privacy policies, they organized it in categories, which funnily enough makes it harder to read and understand.
Overall it’s pretty good but a lot of things aren’t mentioned. It seems like the IP with which you registered is permanently stored on their servers. Big red flag if that’s the case. Consider using a VPN/proxy when creating an account if that matters to you.
It seems like they also let you store your private key encrypted by a password, which is a nice way to do it. Incoming emails are encrypted this way which makes them encrypted at rest. I wonder how it works with other email clients though. Nothing to say more than it’s perfect.
They don’t use the content of your emails, they don’t sell your data or “track” you. That’s nice!
NOTE: I actually didn’t read proton’s privacy policy! So I can’t compare both, but in terms of privacy you’re pretty good with mailbox. Their analytics respect your privacy overall. Anonymity isn’t perfect but they allow VPNs and Tor exit nodes. They would benefit from having more transparency around this subject: data collection and time of retention.
To be clear, the proton bridge is supposed to be accessed via localhost. Connecting via IMAP over a network connection is less secure.
I don’t think I ever said otherwise but thanks for the details.