If the owner of the standard notes will now be a proton, doesn’t that contradict this principle? I have a proton email account but I don’t want it linked to my standard notes account. I don’t strongly trust companies that offer packaged services like google or Microsoft. I prefer to have one service from one company. I am afraid that now I will have to change where I save my notes. What do you guys think about this?
Syncthing + your text editor (orgzly revived is great)
I’ve been using orgzly for years and this is the first I’ve heard of revived. Looks promising.
Same! I used orgzly for a good while, might have to get back to it.
Zim
And there is orgzly for linux or something?
A simple text editor does the job on PC, I use kate (kde) but perhaps a markdown editor might be better.
You activated my trap card!
It’s entierly based on the excellent org-mode for Emacs.
Average Joe wants an easy all-in-one solution. That’s what Google, Apple and Microsoft offer. An ecosystem. If you want to fight that, you need to be able to offer that. So that’s what Proton is doing.
Of course it’s better to have it seperated. And the security and privacy nerds will likely keep doing that anyways. But Average Joe doesn’t want to take a hassle and rather looses privacy than do that.
Issue is, things are only as secure as the least secure point. Average Joe using Google and Microsoft means your data also goes there when interacting. When Average Joe is swayed by a place that is privacy-friendly ánd convinient, it makes your weakest link also stronger.
Meanwhile, Average Joe is also more save then when he was using Google or Microsoft services. Even when he would be less save than if he had his stuff seperated.
It helps everyone.
With that in mind, I applaud it. But I won’t use it. I use Proton for mail, Joplin for notes (encrypting them in Joplin and syncing with NextCloud), and my passwords are also elsewhere than ProtonPass.
Just create another account. What’s the problem?
If the owner of the standard notes will now be a proton, doesn’t that contradict this principle?
There’s no principle… Standard Notes was never about having an open solution or going against the big co. it was about creating something that could be monetized.
Let’s see what Proton does with this, but I personally believe they’ll just integrate it in Proton and further close things even more. The current subscription-based model, docker container and whatnot might disappear as well. Proton is a greedy company that doesn’t like interoperability and likes to add features designed in a way to keep people locked their Web UI and applications.
Standard Notes for self-hosting was already mostly dead due to the obnoxious subscription price, but it is a well designed App with good cross-platform support and I just wish the Joplin guy would take a clue on how to design UIs from them instead of whatever they’re doing now that is ugly and barely usable.
Proton is a greedy company that doesn’t like interoperability and likes to add features designed in a way to keep people locked their Web UI and applications.
That’s nonsense. Proton has built everything around PGP and allows uploading public keys for users not using Proton Mail so that you can messaging them with Proton’s PGP system automatically.
https://proton.me/blog/openpgp-crypto-refresh
There’s 0 vendor lock in (in the entire Proton ecosystem) and there’s tons of open sourced code.
There’s no vendor lock in until you realize your emails are essentially hostage of their apps and a bridge that may be shutdown at any point. If you can’t simply setup a regular email client then there’s vendor lock in, not even Microsoft does that.
By that argument Microsoft could just shut down their IMAP servers tomorrow.
The fact of the matter is, Proton does currently provide tools to get your emails out of their ecosystem, that you can use today. Including a free tool (https://proton.me/support/proton-mail-export-tool) that creates EML files that can be imported elsewhere via Thunderbird.
Yes, but you can reliable use their service with a generic email client, specially on iOS for instance. The bridge doesn’t even provide everything a IMAP server does and there’s isn’t a way to get get calendars and contacts.
That bridge and the fact they don’t use generic IMAP/SMTP/CardDav/CalDav is a form of vendor lock-in. Other providers are also capable of encrypting email with PGP on a open manner and still use those generic protocols.
Other providers will return garbage to your mail client. The mail client itself must have PGP capability (plenty don’t).
The bridge doesn’t even provide everything a IMAP server does
I’ve yet to find any functionality missing from the bridge’s IMAP server that’s present in any other IMAP server.
and there’s isn’t a way to get get calendars and contacts.
- https://proton.me/support/protoncalendar-calendars – see “Export a calendar” no page anchor for this one
- https://proton.me/support/proton-contacts#export-contacts
There’s not currently a real time way to get that data, but it’s hardly “vendor lockin.”
specially on iOS for instance
There’s something ironic to me about chewing Proton out for alleged vendor lock in while using iOS / Apple products.
There’s not currently a real time way to get that data, but it’s hardly “vendor lockin.”
You got there yourself, that’s one of the problems.
There’s something ironic to me about chewing Proton out for alleged vendor lock in while using iOS / Apple products.
I used iOS as an example, for Android you can get a bridge but that’s just going to be one more thing going for your battery.
Now, consider this, there’s a TON of situation where having a standard SMTP-capable provider is interesting. Maybe you’re running in iOS, maybe you want to have an ESP32 to send a few emails, or some custom software in your computer. All those use cases are impossible or require more coding and more non-standard solutions just because Proton decided to be the first provider ever not to use standard protocols.
What Proton is doing to e-mail is about the same that WhatsApp, Messenger and others did to messaging - instead of just using an open protocol like XMPP they opted for their closed thing in order to lock people into their apps. People in this community seem to be okay with this just because they sell the “privacy” cool-aid.
instead of just using an open protocol like XMPP they opted for their closed thing in order to lock people into their apps
That’s just not true, you’re severely misinformed on this.
Proton took the established practice of PGP encrypted email and put it in a nice package. That’s why you can add public keys and just message somebody that’s using Thunderbird.
There is no “open protocol for end to end encrypted email”, XMPP is not applicable here. There’s no “IMAP for PGP” there’s just IMAP, so they made a bridge so you can use IMAP even if your mail client doesn’t support PGP.
Could they have made an IMAP server that returns the PGP emails and requires your mail client to handle the decryption? Yes. However, that goes against a major selling point of the product which is that it manages all that encryption for you (like a password manager). Nobody in their right mind would use that.
This isn’t some matter of privacy coolaid and fanboyism; they did the open interoperable thing. You can even (as an example use case) if you’re a new customer that was doing PGP email on your own, upload your own existing PGP key, and use that with Proton if you don’t want to change the PGP public key people use to send you email.
Edit: Perhaps you’ve been confused by some falsehoods coming from Tutanota or confused the two https://proton.me/blog/proton-vs-tuta-encryption
