we appear to be the first to write up the outrage coherently too. much thanks to the illustrious @self

  • Steve@awful.systems
    link
    fedilink
    English
    arrow-up
    18
    arrow-down
    1
    ·
    4 months ago

    it all stinks so much. He calls it “opt-in” but the official description of that opt-in is:

    If you try to use Proton Scribe, you will be prompted to chose between local and server-side. So, technically, it’s not active until you decide how, and if, you want to use it.

    as you can see here: https://mastodon.social/@protonprivacy/112807462045101580

    there is opt-in and then there is dangling an expired hotdog

    • self@awful.systems
      link
      fedilink
      English
      arrow-up
      13
      arrow-down
      1
      ·
      4 months ago

      holy fuck that’s worse than I thought

      so going back to not being able to recommend Proton to anyone again: there’s now a button (and associated “tutorial” advertising modals trying to get the user to click the button, don’t pretend there won’t be) that when clicked gives the user a confusing choice between an option that might not work and one that exfiltrates their data and claims it doesn’t (if they even get this choice on a computer that doesn’t support the local LLM), and if they interact with that it just opts them into the feature in a state that may or may not (but by default does) expose the plaintext of their messages to Proton’s servers

      and I’m supposed to recommend this horseshit to non-technical users? what’s that sound like, I wonder? “oh it’s a great privacy-oriented mail service you should pay for — but not for your business because you might fuck up and exfiltrate your data, and also there’s a chance they’ll enable the same feature for regular users at some unspecified time in the future so look out for that. oh and don’t get visionary either.” yeah fuck that