this post was submitted on 03 Aug 2025
547 points (93.5% liked)

Technology

73655 readers
4167 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
547
Proton’s Lumo AI chatbot: not end-to-end encrypted, not open source (pivot-to-ai.com)
submitted 2 days ago by Pro@programming.dev to c/technology@lemmy.world
136 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] DeathByBigSad@sh.itjust.works 7 points 2 days ago* (last edited 2 days ago) (12 children)

Incoming Emails that aren't from proton, or PGP encrypted (which are like 99% of emails), arrives at Proton Servers via TLS which they decrypt and then have the full plaintext. This is not some conspiracy, this is just how email works.

Now, Proton and various other "encrypted email" services then take that plaintext and encypt it with your public key, then store the ciphertext on their servers, and then they're supposed to discard the plaintext, so that in case of a future court order, they wouldn't have the plaintext anymore.

But you can't be certain if they are lying, since they do necessarily have to have access to the plaintext for email to function. So "we can't read your emails" comes with a huge asterisk, it onlu applies to those sent between Proton accounts or other PGP encrypted emails, your average bank statement and tax forms are all accessible by Proton (you're only relying on their promise to not read it).

[–] EncryptKeeper@lemmy.world 18 points 2 days ago* (last edited 2 days ago) (10 children)

Ok yeah thats a far cry from Proton actually “Having your unencrypted emails on their servers” as if they’re not encrypted at rest.

There’s the standard layer of trust you need to have in a third party when you’re not self hosting. Proton has proven so far that they do in fact encrypt your emails and haven’t given any up to authorities when ordered to so I’m not sure where the issue is. I thought they were caught not encrypting them or something.

[–] cley_faye@lemmy.world -5 points 2 days ago (4 children)

Ok yeah thats a far cry from Proton actually “Having your unencrypted emails on their servers” as if they’re not encrypted at rest.

See my other reply. There is no way to retrieve your mail using IMAP on a regular client if they're encrypted on the server. And Gmail can retrieve your mails from proton using IMAP. It's even in their own (proton's) documentation.

[–] nymnympseudonym@lemmy.world 2 points 1 day ago

Agreed.

Really, if someone wants to use an LLM, the right place to run it is in a sandbox locally on your own computer

Anything else is just a stupid architecture. You don't run your Second Brain on Someone Else's Computer

load more comments (3 replies)
load more comments (8 replies)
load more comments (9 replies)