this post was submitted on 17 Jun 2024
612 points (98.1% liked)
Technology
59201 readers
3114 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I don't think that's true. They can always do PGP on the client after decrypting the email (so double-encrypt). It's also not particularly interesting because almost nobody uses PGP. It's a design decision that I'm not a big fan of, but if they're legally obligated to maintain my privacy, maybe I'm okay with it. I'll give it some time and see how that pans out.
OpenPGP is actively supported by dozens of clients, they cannot and do not encrypt subjects, so Proton chose to be compatible with that. I think dismissing cross-compatibility because of a hand wave “nobody uses it” isn’t very productive either.
AFAIK, PGP is only automatically used in emails to other Proton users, you need to do it manually if you want to communicate with someone else with PGP (or use the secure email thing, which does it on Proton's servers). So the PGP is largely just an implementation detail in how they store it, unless you're communicating with a lot of other Proton users.
Then again, it's been a couple years since I used Proton, so I don't know if things have changed. But since nobody I contact uses Proton or Tuta, it's irrelevant that Proton uses PGP. If I use PGP, I'd do it myself regardless.