this post was submitted on 25 Jul 2024
70 points (100.0% liked)
TechTakes
1432 readers
133 users here now
Big brain tech dude got yet another clueless take over at HackerNews etc? Here's the place to vent. Orange site, VC foolishness, all welcome.
This is not debate club. Unless it’s amusing debate.
For actually-good tech, you want our NotAwfulTech community
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I don't really understand how it's possible to both not store data in plaintext, but also be able to siphon off some of it in plaintext. Like is this technically possible in the way they suggest it? We shoot off the plaintext before it gets to our storage servers?
Like at some point that means the communication is not encrypted right? But if you're using https and all good normal security standards that should never be the case from the moment it departs your terminal?
I have a small amount of knowledge about this but it's the dangerously small type so any illumination would be appreciated.
Email is never stored unencrypted at rest on Proton's servers. But AI prompts, which are likely your entire draft email, do exist unencrypted at rest on their servers. That's what has the privacy nerds screaming.
I'd personally consider that sufficient grounds to accuse Proton of stealing its customers' data.
At the (miniscule) risk of sounding unnecessarily harsh on tech, any customer data that gets sent to company servers without the customer's explicit, uncoerced permission should be considered stolen.