In an unexpected mask off “secure” email and VPN provider Proton took the stance of siding with the fascist MAGA Reps. Proton’s services are no option for me and many others any longer. Let’s collect and discuss alternatives (E2E encrypted email and VPN) here 🔐👇

Always try to provide:

-Server location (jurisdiction)

-Governance

-Integrity/trustworthiness/transparency

-User experience/ease of use (grade 1 to 10, lets take Proton as a benchmark with an 8)

-Pricing and links

If you know alternative setups, feel free to share, too.

#ProtonExodus

Background: https://lemmy.ca/comment/13913116

Edit:typo

  • ziproot@lemmy.ml
    7·
    20 hours ago

    Server locations: Riseup is in the US (Washington state), so keep that in mind. Disroot is in the Netherlands (part of the EU).

    Governance: Riseup: Look at their “about us” page. Disroot: Look at their “about” page. The terms of service are more detailed. tl;dr: As far as I can tell, these are run by leftists.

    Integrity/Transparency: I have no idea how to grade this.

    Ease of Use: Subjective. Riseup VPN is just: install the client, turn it on or off. Disroot is much better with a mail client of some kind, so if you already use one, it’s probably a 10, otherwise, the webmail server isn’t that great. Disroot also requries manual encryption (I’m biased here because I use Kmail which makes PGP really easy to use).

    Pricing and Links: Free https://riseup.net/en/vpn https://disroot.org/en/services/email

    tl;dr: Use collective-run services, not corporate-run services

    • perestroika@lemm.ee
      2·
      4 hours ago

      Regarding e-mail: “riseup.net” requires that a long-time user vouch for a new user and invite them. If the new user quickly turns into a complaint magnet (there’s a coming-of-age period after which their actions are considered their own), both the user and the inviter will be held responsible (kicked off the service). I think (hope) they aren’t so strict with VPN, but they have limited people and could not administer a mess made by a big bunch of people.

      Needless to say, none of my (anarchist) comrades have ever been kicked off RiseUp, but they don’t send spam or threats, they just send their cat pictures encrypted with GPG, causing the authorities endless work. :)

      Just like every reasonable service, RiseUp has a few technical mechanisms to ensure they aren’t compromised (disk and inbox encryption, etc) but obviously those can’t help against a dedicated and well-resourced adversary.

      So, whatever e-mail server you use - use PGP / GPG. :) Then the adversary must compromise your device. If you are hardcore, encrypt and sign on an offline device. Then the adversary must breach the air gap.

      (I used to sign releases for some anonymity-related project years ago. Those were the times when I seriously took measures because others depended on me. Currently, not so much.)

      P.S. As for the lack of resources at RiseUp: this can be alleviated by donating to them. Which reminds me, I should set up a small regular donation to their representative organization in the EU.