search

techlore / website

Home of Techlore - digital rights for all
https://techlore.tech
Creative Commons Attribution Share Alike 4.0 International
76 stars 29 forks source link

Proton(mail) Unstar #140

Closed barbiehunter closed 1 week ago

barbiehunter commented 1 week ago

I switched away of Proton awhile ago and use it Simply as the E-Mail for my dad for our ISP, Electric stuff etc. Something I realized Today looks for me like a big Security Risk. As I Logged in Today I don't had to use any 2FA, but I know I have Set up 2FA with my Security Key. As I checked my Two Authentication Settings I have seen the option for using 2FA Security Key is gone. I don't get any mail about saying that this will happen. At this point my Account was unsecure without any 2FA. This doesn't deserve to be recommended in my Opinion Remove a Huge Security feature of the Free Plan and Leave users without a 2FA option.

Let's not forget -Missing Encryption at the Password Manger (German) -Missing Forced Encryption for Mail Delivery (German) -General Shady Stuff -Some other stuff awhile ago of not using Tor Exit Node for their Tor Domain, Blacklisted mail like RiseUp as Backup mail etc.

henry-fisher commented 1 week ago

Much of this is speculation, no longer true or never was true, or is just personal preference. Even if true, it's worth asking 'what do you recommend instead', which realistically has no solid answer since no suite offers what Proton does.

Kindly refer to the top of the resources page:

★ marks a favorite. They don't represent every threat model and shouldn't be over-analyzed.

The star is us sharing our favorite services that balance privacy, security, and usability best that we personally recommend to people in our personal lives the most frequently. It means nothing more than that and is just a guide for people who like our preferences for things to quickly try services that we personally enjoy. So yeah the stars aren't really up for too much discussion on GitHub since it really does reflect our personal preferences.

Notice in a recent PR someone submitted ZCash and starred it for us and we removed it. https://github.com/techlore/website/pull/135

barbiehunter commented 1 week ago

Much of this is speculation, no longer true or never was true, or is just personal preference. Even if true, it's worth asking 'what do you recommend instead', which realistically has no solid answer since no suite offers what Proton does.

I like your work, but where is it ”speculation” or “personal preference” That my 2FA got removed without a Warn Mail, Popup or anything else that my 2FA got removed. Just to be clear, Our Full Name, Address, Phone Number, ISP information etc. is able to see via the Mails. So it makes sense I used a 2FA Security Key, so I don't have to worry. Now for Days I had no 2FA anymore and everyone with knowing/hacking/force the Password could use that against me.

Yes I know that your point is about my linked stuff, but 80-90% of my “Issue” is about the big Security Risk of removing 2FA of User(s). I know some people even want to yeah “Leak” me, so this is even a bigger Red Flag for me Personally.

But yeah sorry about the Star thing, I just can't accept now myself to “recommended” a mail service that remove the 2FA of user(s) and leave them without any Security.

PS: I know some stuff got changed about my linked stuff, but still shows some Lie's that got made which shouldn't happen.

barbiehunter commented 1 week ago

And just as proof that it's not “speculation” of me. I have set up Normal 2FA now, but I had only Security key 2FA for my Account before so no 2FA anymore.

(Name censored of course) image

barbiehunter commented 1 week ago

And just as proof that it's not “speculation” of me. I have set up Normal 2FA now, but I had only Security key 2FA for my Account before so no 2FA anymore.

Ok funny update, I have set ProtonMail to my main Language German, and now it works without changing anything. Weird bug or something but very weird… image