• morras@jlai.lu
    link
    fedilink
    English
    arrow-up
    14
    arrow-down
    4
    ·
    9 months ago

    Encryption will not protect your privacy in the specific case of Dropbox.

    They look into your activity, not files.

    And that’s pretty much standard for any kind of commercial SaaS, just because of security concerns.

    Also, they are quite transparent about the provider they are using for internal activities (Stripe, etc.). Companies in EU will typically not disclose such information. For example, Dropbox disclose the use of AWS (for hosting the infra & code, I guess), whereas Proton does not disclose any hosting company.

    • plz1@lemmy.world
      link
      fedilink
      English
      arrow-up
      21
      ·
      9 months ago

      Because they actually run their own infrastructure? They own their own IP space, so the only thing they’d be disclosing is the ISP’s they advertise that IP space through, which you could glean via traceroute anyways.

      Don’t get me wrong, these Proton blog posts are all just thinly veiled ads for their own products, but knocking them for not being transparent about their tech is disingenuous, with their track record of the opposite. Are they open source? No. Are they forthcoming on the steps they take to protect your data (including from themselves)? You betcha.

      Dropbox on the other hand has been breeches multiple times, and each time they slow walk customer notifications to try and mitigate damage to their brand, to the detriment of the customers.

      • morras@jlai.lu
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        5
        ·
        9 months ago

        I was not saying “Dropbox good” or “Proton bad”, just correcting a few things about the privacy policy in itself and what it means.

        • Kernal64@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          5
          ·
          9 months ago

          When you say things like, “Proton doesn’t disclose any hosting company,” after going on about Dropbox being out of the norm because they do, you are in fact specifically saying “Dropbox good, Proton bad.” You haven’t corrected anything, just rushed to the defense of your preferred company. And if you prefer Dropbox over Proton, that’s fine. There are plenty of people who simply don’t care about online privacy or see the trade offs for giving their data away as a fair price for “free” services. That said, there’s nothing in that Proton blog post that’s actually wrong, as far as I can see.

          • morras@jlai.lu
            link
            fedilink
            English
            arrow-up
            3
            ·
            9 months ago

            Just to clarify, I’m self-hosting. I’m using neither Proton nor Dropbox.

            However, I’m a privacy pro, and I read Privacy Policies on a daily basis (ok… weekly basis).

            The US companies recently moved to disclose ALL the providers they are using (including for controller activities) where European companies still hide this information (and disclose only the providers used to deliver the service). For a very concrete example, Salesforces is mentionned by Dropbox where Proton is silent about the crm they use.

            On this specific aspect, the USA are ahead of EU.

            That’s all I meant.

            If you want to read it as “give your data to the USA”, feel free, but that’s not what I said.

            • Kernal64@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              1
              ·
              9 months ago

              The clarification is appreciated, but I didn’t say anything about giving data to the USA. I was talking specifically in the context of free vs paid services and in this case, if one opts for the free tier of Dropbox, one is giving Dropbox and all those other companies listed access to one’s info.