this post was submitted on 03 Jul 2024
872 points (98.0% liked)

Technology

59578 readers
3420 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] Excrubulent@slrpnk.net 0 points 4 months ago (1 children)

Yes, and those other paragraphs are the same thing other proprietary companies do. Your opening paragraph is just absurd on the face of it because "inspected" does not mean "by themselves".

The second paragraph is literally speculation about something that might happen.

The third paragraph is about bug bounties, which every major software company does and which does not involve code inspection.

You just smokescreened and talked around the fact that your opening statement "it probably is inspected" is entirely unverifiable and non-credible even if true. I guess since you started that sentence with "I imagine" then it is technically true. You did imagine that.

[–] Gestrid@lemmy.ca 1 points 4 months ago* (last edited 4 months ago) (1 children)

I admittedly should've done more research before my first comment, but it does actually turn out that everything I said is true. Proton's technology was previously audited by Mozilla and is currently audited by SEC Consult and other companies regularly, and the audits are available for everyone to view. Additionally, they do have a bug bounty program. Also (and this is something I didn't mention), the ProtonVPN and Proton Mail apps are all open source.

[–] Excrubulent@slrpnk.net 0 points 4 months ago (1 children)

Is that the backend code? It seems like they're talking about the apps, not backend code. The thing being discussed here is backend code.

[–] lastweakness@lemmy.world 1 points 4 months ago (1 children)

Nearly all of Proton's stuff uses publicly verifiable client side encryption, so idk what all this is about

[–] Excrubulent@slrpnk.net 1 points 4 months ago

It's about the server-side code. If that's not an issue then someone needs to make the argument, not throw up smokescreens about the apps and frontend code.

You're right that the encryption needs to be verifiable on the client side, but then why not share the server side code?

I mean if they did, anyone could theoretically spin up an instance, which would be good, actually.