Not really. Sure, China is able to make unpopular decisions better then democracies, but that makes them inefficient in different directions. E.g. high speed rail in areas where it is not needed but greatly lacking freight trains. Or their housing bubble.

“We don’t accept ideologically motivated changes” = White supremacist language… Yeah, sounds about like what I expected…

Yeah, we should just ditch email for sensitive communications.

Anyway, my point was that I lost trust in Proton back then over this and went to Tuta that has native clients. It makes no difference to my security since I don’t think I ever sent or received a single mail that was actually e2e encrypted. But Tuta’s more serious approach to e2ee made me slightly more confident in it as a company.

Now it kinda looks like it was the right choice.

doesn’t impact the security sufficiently to make a difference for the average user.

I think it is borderline. I am not advocating for PGP, I like the Signal model where you trust signal for introductions but have the ability to verify, even in retrospect. Trust but verify. Even a few advanced users verifying Signal keys forces Signal to remain honest or risk getting caught.

I think the lack of meaningful verification for proton is a significant security weakness, though average user probably has bigger things to worry about.

Bridge did not exist back then.

As for it being sophisticated attack, I think it is relative.

Regardless, if Proton said it did not matter to most people, I would respectfully disagree and move on. They did not. They claimed it is not at all less secure than a native app, which is BS.

It is nuanced, but having the ability to selectively serve malicious javascript stealing keys to specific people only on one access is considerable issue in practice, compared to distributing binary where you would generally have the same binary for everyone and you are able to archive and analyse it. Especially if you use third party distributions, like github releases or flatpaks.

Was it ever? I ditched them years ago when they tried to gaslight people that e2ee in javascript in browser is secure.

I don’t see any reason why you couldn’t with default settings. Beware of enabling any setting that stores data next to the media like nfo metadata storage, as those could maybe cause conflicts.

My bad, I thought it was about payments in general (including other programs) but it says social security database. Sorry.

Another accusation Elon made was that payments are going to people missing SSNs.

A much simpler answer is that not all Americans actually have an SSN. The Amish for example have religious objections towards insurance, so they were allowed to opt out from social security and therefore don’t get an SSN.

I don’t want to convince you here, you do you.

But it seems funny to say that while you are using Linux, where almost nothing has official support.

I personally love that even if GoG shut down or otherwise was inaccessible, I would still have offline installers (that can be installed to wine manually). Obviously having a launcher is nicer, but I hate that there is no backup with Steam.

I just switched to Linux and there are multiple Launchers that support GoG. It is not official but honestly, that makes it better in my eyes. They are open-source, no bloat, no tracking, …

Games not being on GoG is much more of an issue. :(

Honestly, if the app was open-source so we can check it does not leak data, I would probably have no issue with it.

Making it a separate app makes sense if google wants to allow other apps to re-use the code. No reason to have the same functionality bundled into each app separately.

And the feature, as long as it is configurable, seems useful.

The auto-install is bad but understandable. As far as I am aware, there is no easy way to mark an app as a dependency of another app so it gets automatically installed only when needed. This should be fixed, but auto-install for all is not terrible temporary solution. This does not apply when the app is closed source and may steal your data.

Again? Didn’t they try this once already?

Anyone using a good proton drive alternative?

I run Synology NAS at home and I love it, but it was expensive to set up.

Other extreme is Syncthing for completely free device sync, but no backup beyond your devices and both devices must be online to sync.

I self-hosted Nextcloud on cloudamo with Cryptomator for e2ee but I can’t really recommend it. Nextcloud is pain to administer and tends to be buggy.

More accurately, it traps any web crawler

More accurately, it does not trap any competent crawlers, which have per domain limits on how many pages they crawl.

Because their entertaining videos with cool rare/expensive tech are entertaining. I avoid reviews from them at this point (which is disappointing since Labs had potential), but the cool home server stuff or x Gamers 1 PC are just cool and there is not much like it elsewhere on YT.

Right, so if you massively extend your proposal, it could maybe make sense to a nontechnical person. Congratulations. Your original idea of just blocking google is still stupid and counterproductive to your stated goal.

Anyway, the real issue isn’t lack of competitors. It is vendor lock-in and lack of independent data backups. It would take significant effort for most companies to migrate from one cloud provider to another, since different providers use slightly different, incompatible technologies. And of course, if a cloud provider went down suddenly, a lot of data would be lost.

There is 0% possibility the US gov could do it covertly.

Sure, they could force it overtly but the rest of the world would have forks of Browsers like 15 minutes after it went through.

Besides, there is no need to go after the browsers. If you want a fake cert for a few days, EU has trusted certificate authorities just like the US that can issue a cert for any website (CAs are usually not restricted to specific TLDs). The CA would just get removed from browsers within days, same as browsers being replaced.

PS: Btw, iTrusChina is also a trusted CA. If the US is not concerned about their main adversary, China, forging certificates, why should EU be worried about an ally doing so?

How do you not see, that banning one company would just increase the monopoly the remaining companies hold?

Google is not even the largest cloud provider. Amazon’s AWS has 30%, Microsoft’s Azure 20%, Google is third with 12%.

You can’t “bust monopolies” by reducing the number of options. You need to increase the number of competitiors.