this post was submitted on 05 Apr 2024
436 points (98.2% liked)

Privacy

31876 readers
357 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
top 41 comments
sorted by: hot top controversial new old
[–] [email protected] 84 points 7 months ago (3 children)

You cannot use the new Outlook app without syncing these data with Microsoft's servers, i.e. your usernames and passwords are sent to the company's cloud servers. While the data is sent using TLS, the IMAP and SMTP username and password are sent to Microsoft in plain text. This could allow the company to access your emails, and share the data with third-parties.

Not only that, but sending usernames and passwords in plaintext allows for MITM attacks.

[–] [email protected] 17 points 7 months ago (1 children)

Isn't MS on the government shit list right now over security missteps that led to the breach of gov officials?

[–] [email protected] 2 points 7 months ago

Not sure what difference that makes since the military uses the MS office suite for everything

[–] [email protected] 9 points 7 months ago

I expect what they mean is that the credentials are encrypted only in transit

[–] [email protected] 3 points 7 months ago

I think outlook iOS has been storing credentials on server since day one, even before it was acquired by Microsoft. I’m not sure what the new outlook app means.

[–] [email protected] 63 points 7 months ago (1 children)
[–] [email protected] 10 points 7 months ago

Indeed. I smacked my head as I fell!

[–] [email protected] 35 points 7 months ago (1 children)

Pretty sure Windows 11 itself has become a data collection service at this point

[–] [email protected] -1 points 7 months ago

I think Windows XP probably was the start of it

[–] [email protected] 33 points 7 months ago (1 children)

Outlook and Gmail have always been data collection tools, apart from being spam magnets

[–] [email protected] 5 points 7 months ago (2 children)

Weirdly enough, I have had less spam mail on my gmail account, than I have on the account of an e-mail provider from my country.

[–] [email protected] 7 points 7 months ago

Anyway, Gmail is a no go. From Google TOS

“Our automated systems analyze your content (including emails) to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored.”

As said, they read and analyze your mail, mainly to sell it to advertizing companies. Google make money with this.

[–] [email protected] 6 points 7 months ago

In my country popular free email providers send many spam messages to users by themselves, so inbox looks much worse than in gmail.

[–] [email protected] 22 points 7 months ago

I’m shocked, truly

[–] [email protected] 18 points 7 months ago* (last edited 7 months ago) (1 children)

this title totally buries the ~~lead~~ lede: outlook has started displaying ads in inboxes, that’s the story and that’s what Proton was pointing out

[–] [email protected] 4 points 7 months ago (1 children)
[–] [email protected] 1 points 7 months ago

damn i never knew! thank you

[–] [email protected] 17 points 7 months ago (1 children)

i love Proton but they kinda going after low hanging fruit on this one

[–] [email protected] 2 points 7 months ago

Low hanging fruit tastes just as good, and for a lot less work.

[–] [email protected] 11 points 7 months ago (3 children)

I don't doubt it... I am looking hard at ProtonMail for the fam... but $290 a year is a bit of a hit

[–] [email protected] 5 points 7 months ago

Have a look at Posteo. Might have all you need and starts at 1€/month. https://posteo.de/en

[–] [email protected] 1 points 7 months ago (1 children)

I just checked the price, it seems like unlimited (with storage, vpn, pass etc) only cost $120 for the first year. And it is $156 for normal price.

And if you only need mail, that only cost around $50 for the first year.

Unless your $ doesn't mean U.S. dollar?

[–] [email protected] 5 points 7 months ago (1 children)

He said for the "fam"

I think he meant family package)

[–] [email protected] 4 points 7 months ago (2 children)

Oh, that is 6 user with 3 terabyte of storage. average to 50$ per user per year. In where I live, that is like 2 meals outside per year, and cheaper than office 365 personal.

To me this is pretty good value, but I understand people are different. However, I cannot get them yet, as proton drive still don't have a linux client (or any client for that matter)...

[–] [email protected] 2 points 7 months ago

As far as I know, tested, and using right now - rclone (through Round Sync) on Android support Proton drive. And it uses the same core as normal Linux rclone.

So yes, there is a client - rclone. And believe me, my own Nextcloud and pronton drives are accessed through rclone. Most clients suck

[–] [email protected] 2 points 7 months ago (1 children)

Proton drive has windows and Android clients that work well. I'd love a Linux client for drive and for them to fix the photo upload issue on android, but eventually those things will come.

[–] [email protected] 1 points 7 months ago

For the moment. Round Sync on Android (use rclone) and rclone on Linux to just mount it. Better than any stupid client tbh

[–] [email protected] 1 points 7 months ago* (last edited 7 months ago)

It's quite good value, especially the 2-year plan, if you actually use all the stuff they offer. I got my family there, but they are still not to eager to integrate all there is into their routines.

[–] [email protected] 8 points 7 months ago

Sending plain-text passwords is rather interesting, tho. Could've at least optionally encrypted 'em with a key derived from smth known by the user only.

[–] [email protected] 7 points 7 months ago (1 children)

Just use either the web version, PWA, or Thunderbird.

[–] [email protected] 12 points 7 months ago

I'm sure the PWA is the one that's being talked about here. Notice the "new Outlook app" in the title.

[–] [email protected] 5 points 7 months ago

Been using betterbird(a fork of thunderbird) for a long time and it has been fantastic. Never disappoints.

[–] [email protected] 3 points 7 months ago

So obviously not to everyone's taste but if you have access to iCloud+ email, your mail isn’t scanned for sale (as per their US privacy agreement anyway), you get randomized email addresses available to give to places that you think might be spammy and you can link a domain to your account, although you’re only allowed 3 email boxes per user in your family per domain. Works well for me so far. Mind you because of photo storage size and devices backups I’m up to $3/ month from the original $1/month when I started.

Plus with Advanced Data Protection a lot of iCloud info is E2E encrypted. (Not email tho.)