There was a response to that on the ProtonMail subreddit. They explained it and clarified. Idk what's true but I do know ProtonMail is still better than yahoo, Gmail, or outlook/Hotmail. Tutanota besides having a difficult name to spell out over the phone when ordering stuff, is located in Germany. Germany is probably the country I trust the least in Europe right now.
There was a response to that on the ProtonMail subreddit. They explained it and clarified.
They've already attempted to explain it, which led to more digging, and is what lead to researchers eventually finding they they share a fucking CEO. There are only two possible options here:
Their story is consistent, in which case the above link is a better source (the source from their original confrontation), or
They changed their story, which renders anything they say that contradicts their first story invalid.
Reminder that their first story was already proven invalid: they first stated that they were entirely separate entities, then it was slowly proven over time that they share offices/infrastructure and Tesonet even signs their crypto certs (so no, your data isn't protected from them via encryption).
Idk what's true but I do know ProtonMail is still better than yahoo, Gmail, [...]
This is attempting the lesser of two evils fallacy. Worse, it isn't lesser at all - merely different heads of the same Hydra.
Tutanota [...] is located in Germany. Germany is probably the country I trust the least in Europe right now.
It is a logical impossibility to prove any option safe unless you have direct control or oversight over it. The only option that can be known to be safe is to roll your own and deal with the accompanying 'problems' ("problems" in quotes as the difficulties seem to be designed to discourage independent email hosting from ever becoming a thing).
The only way you can talk yourself into using one webmail over another is through lesser of two evils.
Did you read the link? He writes a novel claiming that 'the stories are false', and then turns around and admits they are true. I'll pull the relevant bits here.
First, before presenting anything that could pretend to be evidence, he tells you what to think:
There's some false info out there about ProtonVPN, and these stories were first fabricated by Private Internet Access, a competitor who has been feeling pressure from ProtonVPN lately. [Editor's note: character assassination doesn't discredit the evidence]
This is not the first time one of our partnerships has been inaccurately portrayed [...]. The truth however, is less interesting than the conspiracy theories might have you believe.
Then he turns around and establishes everything that has been proven.
-> They have been colocated and used the same administration/infrastructure:
"(it would not have been possible to source local candidates, handle HR and payroll, understand local regulations, etc, without outside assistance). We worked with Radix (Macedonia) and Tesonet (Lithuania) to accomplish this. Tesonet in particular was selected since they are one of Lithuania's largest tech companies (and we already knew them)."
Note how they logically linked the need to use Tesonet to handle their own admin and legal bits. No evidence was provided that the story was false - instead he gives excuses for why it is true.
->They shared employees:
"Similarly, the ProtonVPN Android keystore mistakenly lists Tesonet as the organization name, since our Android developer was at that time formally employed through Tesonet."
Again, he provides excuses in lieu of contrary evidence. Whether or not it is mistaken doesn't affect the facts, disregarding that it wasn't actually mistaken.
He admits "Swiss" ProtonVPN/mail is actually located in Lithuania, but outright lies about who is a subsidiary of who:
The entities we use today in Skopje and Vilnius are both subsidiaries of our corporate entities in Switzerland.
Remember, there is no lie he can tell to explain this away; anyone can check the business registries for themselves. The Swiss entity is wholly owned by PROTONVPN IAB, which is Lithuanian.
Further, because traffic passes through Lithuanian datacenters, their "no-logs" claim is false by definition. Lithuanian law requires 6 months of data retention. There is no lie they can tell to explain this away either.
The rest of the post falls apart pretty easily. E.g:
Proton does not share any employees (or company directors) with Tesonet. This is also a verifiable fact.
Though this may be technically true on it's face (or may be a lie like most of the rest of this), they have shared employees in the past, and this is also a verifiable fact.
Here is the reddit post I was talking about where they address it. It seems reasonable to me but to each his own opinion.
There is no new information in this link that wasn't covered in the original confrontation I linked you prior. Further, his post was full of excuses with no evidence (and a few easily-proven lies). Facts aren't a matter of opinion - these crooks are objectively intertwined with a datamining company.
view the rest of the comments →
kalgon ago
https://protonmail.com/about
Try the free version, it's limited in scope but then if you need a pro use there are affordable pro offers
Interface is rather nice, but there's no auto login feature/"remember me", because that's a security flaw to them
skywalker7777 ago
https://voat.co/v/whatever/2683626
h o n e y p o t
boggle247 ago
There was a response to that on the ProtonMail subreddit. They explained it and clarified. Idk what's true but I do know ProtonMail is still better than yahoo, Gmail, or outlook/Hotmail. Tutanota besides having a difficult name to spell out over the phone when ordering stuff, is located in Germany. Germany is probably the country I trust the least in Europe right now.
What email service do you use?
alele-opathic ago
So much is wrong with this post.
They've already attempted to explain it, which led to more digging, and is what lead to researchers eventually finding they they share a fucking CEO. There are only two possible options here:
Reminder that their first story was already proven invalid: they first stated that they were entirely separate entities, then it was slowly proven over time that they share offices/infrastructure and Tesonet even signs their crypto certs (so no, your data isn't protected from them via encryption).
This is attempting the lesser of two evils fallacy. Worse, it isn't lesser at all - merely different heads of the same Hydra.
It is a logical impossibility to prove any option safe unless you have direct control or oversight over it. The only option that can be known to be safe is to roll your own and deal with the accompanying 'problems' ("problems" in quotes as the difficulties seem to be designed to discourage independent email hosting from ever becoming a thing).
The only way you can talk yourself into using one webmail over another is through lesser of two evils.
boggle247 ago
Here is the reddit post I was talking about where they address it. It seems reasonable to me but to each his own opinion.
https://www.reddit.com/r/ProtonVPN/comments/8ww4h2/protonvpn_and_tesonet/
alele-opathic ago
Thank you for the link.
Did you read the link? He writes a novel claiming that 'the stories are false', and then turns around and admits they are true. I'll pull the relevant bits here.
First, before presenting anything that could pretend to be evidence, he tells you what to think:
Then he turns around and establishes everything that has been proven.
-> They have been colocated and used the same administration/infrastructure:
Note how they logically linked the need to use Tesonet to handle their own admin and legal bits. No evidence was provided that the story was false - instead he gives excuses for why it is true.
->They shared employees:
Again, he provides excuses in lieu of contrary evidence. Whether or not it is mistaken doesn't affect the facts, disregarding that it wasn't actually mistaken.
He admits "Swiss" ProtonVPN/mail is actually located in Lithuania, but outright lies about who is a subsidiary of who:
Remember, there is no lie he can tell to explain this away; anyone can check the business registries for themselves. The Swiss entity is wholly owned by PROTONVPN IAB, which is Lithuanian.
Further, because traffic passes through Lithuanian datacenters, their "no-logs" claim is false by definition. Lithuanian law requires 6 months of data retention. There is no lie they can tell to explain this away either.
The rest of the post falls apart pretty easily. E.g:
Though this may be technically true on it's face (or may be a lie like most of the rest of this), they have shared employees in the past, and this is also a verifiable fact.
There is no new information in this link that wasn't covered in the original confrontation I linked you prior. Further, his post was full of excuses with no evidence (and a few easily-proven lies). Facts aren't a matter of opinion - these crooks are objectively intertwined with a datamining company.
boggle247 ago
alright, let's assume you're correct. What email provider do YOU use?