• Jarmer@slrpnk.net
    link
    fedilink
    English
    arrow-up
    130
    arrow-down
    2
    ·
    6 months ago

    Just tried it out with my proton account. Looks great! It’s very simple, but I also like that about it. And of course being private is wonderful.

    • cygnus@lemmy.ca
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      1
      ·
      6 months ago

      I don’t see anything different… How did you access it?

      • illi@lemm.ee
        link
        fedilink
        English
        arrow-up
        9
        ·
        6 months ago

        From what I read it’s being released to users gradually I think?

      • micka190@lemmy.world
        link
        fedilink
        English
        arrow-up
        49
        arrow-down
        2
        ·
        edit-2
        6 months ago

        Today we’re announcing a new end-to-end encrypted, collaborative document editor that puts your privacy first. Docs in Proton Drive are built on the same privacy and security principles as all our services, starting with end-to-end encryption. Docs let you collaborate in real time, leave comments, add photos, and store your files securely. Best of all, it’s all private — even keystrokes and cursor movements are encrypted.

        Literally the second paragraph of the post (but I’m sure you haven’t read it, since you seem so busy replying to every comment here about how Proton is becoming Microsoft or something).

        • John Richard@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          33
          ·
          6 months ago

          So sending a company your private key and trusting their servers to do E2E encryption despite them being able to modify their code whenever they feel like it to capture your password without encryption and masked in obfuscated JavaScript is now considered security? Wow, people really are gullible.

          • experbia@lemmy.world
            link
            fedilink
            English
            arrow-up
            19
            arrow-down
            2
            ·
            6 months ago

            I agree with your general sentiment here (that such an arrangement is not trustworthy enough for me to feel completely private) but your delivery of said sentiment is really fucking rude, dude.

            Even if it’s not secure enough for you or I to feel private, it likely exceeds the security necessary to satisfy most people’s threat models so they can not only feel private but objectively be more private than if they just used Google docs.

            incremental or opportunistic privacy improvements are better than none, a fact that has seemed to be lost in elitist privacy circles these days.

            • John Richard@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              21
              ·
              6 months ago

              Incremental in what way? There is an illusion of privacy. If that makes people feel good then sure, you increase your illusion of privacy.

              • nieminen@lemmy.world
                link
                fedilink
                English
                arrow-up
                6
                ·
                6 months ago

                Dude, you’ve made your point on virtually every comment on this thread. We get it, you don’t trust them. The world has given all of us every reason not to blindly trust this sort of thing. But I’ve done enough digging that I’M happy with the security, and the fact they’re not feeding my private content to the AI monster.

                Please, for the love of the flying spaghetti monster, don’t keep spamming EVERYONE with the same 3 points you’ve already made elsewhere.

          • brochard@lemmy.world
            link
            fedilink
            English
            arrow-up
            15
            ·
            edit-2
            6 months ago

            I’m not sure what you’re talking about ? You’re not sending your private key to their server without first encrypting it first locally. Their servers are not doing the E2EE, your client is. The website front and apps are open source.

            Yes they could send you a compromised front if you use it via their website, that’s a compromise you accept, otherwhise you could only use their apps which are open source.

            • John Richard@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              11
              ·
              6 months ago

              Tell me… when you visit a website that gets updated daily, if not hourly. If it served you a different version of JavaScript than what it served someone else… would you know?

              • brochard@lemmy.world
                link
                fedilink
                English
                arrow-up
                6
                arrow-down
                1
                ·
                6 months ago

                I already answered that. Yes you can’t trust a website’s content, that’s why they offer apps. It’s your choice to trust the website which is as secure as they can make it, or you simply use the apps…

                • John Richard@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  arrow-down
                  2
                  ·
                  6 months ago

                  How does a WebView wrapped app offer much more security than a website? Why do they require a paid subscription to use the desktop apps?

                • John Richard@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  2
                  ·
                  6 months ago

                  Last I checked the apps are mostly just wrappers around WebView, so either way you’re getting served different content randomly without ever knowing. AND, Proton specifically prevents the desktop apps from functioning on unpaid accounts. That would be like Gmail disabling IMAP for unpaid users.

              • sunzu@kbin.run
                link
                fedilink
                arrow-up
                2
                ·
                6 months ago

                Ain’t this a website issue? Or is somebody doing it better?

                No JavaScript?

  • Nima@leminal.space
    link
    fedilink
    English
    arrow-up
    117
    arrow-down
    5
    ·
    6 months ago

    ooooh I love this. Proton is just winning constantly these days.

    • John Richard@lemmy.world
      link
      fedilink
      English
      arrow-up
      22
      arrow-down
      122
      ·
      6 months ago

      No they’re not. They can’t even finish a single solution, let alone actually make anything functional when you’re not using their proprietary servers. They’re becoming Microsoft.

      • micka190@lemmy.world
        link
        fedilink
        English
        arrow-up
        60
        arrow-down
        8
        ·
        6 months ago

        They can’t finish a single solution

        Gee, it’s almost as if that’s the whole point of an ever-evolving SaaS platform.

        • John Richard@lemmy.world
          link
          fedilink
          English
          arrow-up
          8
          arrow-down
          30
          ·
          6 months ago

          A SaaS solution that claims to be private but won’t provide the backend code to prove it. You don’t find it at all suspicious that they claim releasing backend code would make it less secure? What kind of security product is not open for inspection? The same kind of “security” you get from Microsoft.

          • Gestrid@lemmy.ca
            link
            fedilink
            English
            arrow-up
            13
            arrow-down
            2
            ·
            6 months ago

            I imagine it probably is inspected, just not by the public. They probably do it themselves.

            And they may have contracts with certain companies specializing in this sort of security that also inspect it.

            And there’s also the cybersecurity companies that test it whether they’re contracted or not. At some companies, their entire job revolves around finding bugs (especially security bugs) in other companies’ software.

            Just because it’s not on GitHub doesn’t mean it’s not a good product that hasn’t been thoroughly tested.

            • Excrubulent@slrpnk.net
              link
              fedilink
              English
              arrow-up
              14
              arrow-down
              2
              ·
              6 months ago

              Surely we’re not gullible enough to accept “we inspected ourselves and determined we are secure and you should use our services”?

              • Gestrid@lemmy.ca
                link
                fedilink
                English
                arrow-up
                3
                ·
                6 months ago

                That’s where the second and third paragraphs come in. Because other companies likely test it themselves, too.

                They’ll typically report security bugs privately and then, after X amount of months, publicly announce the bug. Doing it this way will, ideally, force the other company to patch the bug prior to the announcement. If not, they’ll end up with a publicly known security bug that bad actors can now exploit. The announcement will also let the public (including companies) know to update their software.

                • Excrubulent@slrpnk.net
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  6 months ago

                  Yes, and those other paragraphs are the same thing other proprietary companies do. Your opening paragraph is just absurd on the face of it because “inspected” does not mean “by themselves”.

                  The second paragraph is literally speculation about something that might happen.

                  The third paragraph is about bug bounties, which every major software company does and which does not involve code inspection.

                  You just smokescreened and talked around the fact that your opening statement “it probably is inspected” is entirely unverifiable and non-credible even if true. I guess since you started that sentence with “I imagine” then it is technically true. You did imagine that.

            • John Richard@lemmy.world
              link
              fedilink
              English
              arrow-up
              7
              arrow-down
              9
              ·
              6 months ago

              You realize that Microsoft code is inspected as well, even more heavily and regulated… and yet they still end up with major breaches. Security evolves through open source collaboration and inspection by experts that aren’t being paid to say you’re doing a good job.

              • sunzu@kbin.run
                link
                fedilink
                arrow-up
                1
                ·
                6 months ago

                You are making a lot good points… But is there any other practical solution?

                Seems this is the best a normie on budget can get

                • lastweakness@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  3
                  ·
                  6 months ago

                  They’re not actually good points at all… Proton’s open sourcing of the clients is for the purpose of trust in terms of security and privacy. The backend doesn’t matter because the point is that the data is encrypted before it ever gets to the backend. The goal with Proton’s open sourcing is not the ability to make it self-hostable. Sure, a lot of concerns are valid, but this isn’t like Microsoft or Google. Nearly all of Proton is verifiably and provably secure. Well, at least as long as you trust the web clients being served are the ones whose code is publicly available. But again… You can’t verify that with any SaaS. Such a risk is even present with self-hosting tbh. But that’s another discussion.

          • micka190@lemmy.world
            link
            fedilink
            English
            arrow-up
            7
            ·
            6 months ago

            You don’t find it at all suspicious that they claim releasing backend code would make it less secure? What kind of security product is not open for inspection?

            No, because Proton has 3rd party audits all the time and they share the results openly.

            • John Richard@lemmy.world
              link
              fedilink
              English
              arrow-up
              3
              arrow-down
              4
              ·
              6 months ago

              Microsoft has third party audits all the time and say they’re secure, and then you learn of new backdoors every 6 months. Audit companies are unreliable and paid to give good feedback while doing the least work possible.

          • deezbutts@lemm.ee
            link
            fedilink
            English
            arrow-up
            8
            arrow-down
            3
            ·
            6 months ago

            Yeah because enterprises primarily use a ton of open source security tools…

            ಠ_ಠ

            • John Richard@lemmy.world
              link
              fedilink
              English
              arrow-up
              6
              arrow-down
              3
              ·
              6 months ago

              Enterprises are using a plethora of open source tools at this point. They may still utilize closed source solutions, but they definitely have quite a bit of open source solutions tied in.

        • slooopy_potatoe@lemm.ee
          link
          fedilink
          English
          arrow-up
          10
          arrow-down
          38
          ·
          6 months ago

          Releasing unfinished products and expect users to just make do while they launch the next product can’t be the solution either.

          • micka190@lemmy.world
            link
            fedilink
            English
            arrow-up
            44
            arrow-down
            3
            ·
            6 months ago

            Then it’s a good thing all of their products are fully functional and working as advertised, I guess.

              • naught101@lemmy.world
                link
                fedilink
                English
                arrow-up
                20
                arrow-down
                1
                ·
                6 months ago

                Which bits are not functional? I’m using their email and calendar… they aren’t completely polished, but they’re very usable.

                • slooopy_potatoe@lemm.ee
                  link
                  fedilink
                  English
                  arrow-up
                  17
                  arrow-down
                  2
                  ·
                  6 months ago

                  Drive has no Linux client, Photos is extremely barebones and locks you basically in, as there is no export function.

                  Pass still has no proper SimpleLogin integration, no credit card support and UX wise is the browser extension pretty bad. Funny enough, years after launch you still can’t auto fill on Reddit.

                  The only thing I don’t like about Mail is that you still have to create reverse aliases through SimpleLogin. Better integration would be great.

                  Contacts still don’t sync to you local mobile contacts. Which means you either do it manually or you have to keep two sets updated.

                  Calendar is good too, I’ve heard it has no offline support though. Although I haven’t verified that.

                  Last thing I would like to see is notification support without Play Services.

                  Some of those things might be super unimportant to some, but for me it makes the use of their stuff unnecessary cumbersome. Especially if you consider that those are all Proton products and should work together well.

                  My by far biggest problem is their communication and general development speed though. Stuff like contact sync has been requested for 5(?) years now but there hasn’t been so much as a “we’re working on it”.

                  It feels to me they come out with new products all the time, like the document editor now, without addressing the little things that would make their ecosystem great.

                  Anyway, long ramble. But I appreciate that you asked for more details without insulting me.

                • MenacingPerson@lemm.ee
                  link
                  fedilink
                  English
                  arrow-up
                  10
                  ·
                  6 months ago

                  Whatever, dude. They’re most probably not a native English speaker, and even if they are, a spelling error doesn’t make them an “idiot”. You’re being a complete dick.

      • Jin@lemmy.world
        link
        fedilink
        English
        arrow-up
        16
        ·
        6 months ago

        All Their services are online based right? I don’t understand why using their proprietary servers is an argument here.

        • claudiop@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          5
          ·
          6 months ago

          So, if you want to have any sense of a service respecting you, it should be hosted on a server you can control?

          No difference at all between the server of the world’s biggest advertiser and a server by a company that opens itself for audits and is in a country whole laws require no bullshit? Are you sure those two are the same? All or nothing?

        • John Richard@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          17
          ·
          6 months ago

          Because their primary audience is those gullible enough to believe they somehow can’t read your messages, yet they can easily capture your private password.

          • Excrubulent@slrpnk.net
            link
            fedilink
            English
            arrow-up
            12
            ·
            edit-2
            6 months ago

            It is entirely possible to keep secure data on a server that only someone else with the password can access. They don’t store your password in plaintext, they don’t test whether what you typed is the same thing they keep on their servers. If the password works to decrypt your data then your client can read the emails. If not, your client gets gibberish and knows your password was wrong. With a secure system your password should never be sent to the server at all.

            Now, that doesn’t mean it’s trustworthy. There could be holes in the security, and I certainly would feel better controlling my own server, but it’s not automatically insecure just because it’s hosted by them.

    • John Richard@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      92
      ·
      6 months ago

      They act just like Microsoft. Lot’s of people think Microsoft is successful. If you think Microsoft is the champion of privacy though you might be in a cult.

        • John Richard@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          19
          ·
          6 months ago

          Really? So Proton saying that they can’t open source the backend code to improve security isn’t something Microsoft would say as well? Proton sells statements, but they don’t back up those statements with proof.

          • nieminen@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            1
            ·
            6 months ago

            Exposing their backend code to the public would be inviting bad actors to find loopholes in the logic. Your excuse for how they’re not secure is in fact one of their security features. No code is perfect, and you give enough people enough time to peruse through your software they’ll find a flaw to exploit. So they only provide their code to 3rd party audit companies they trust.

      • conciselyverbose@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        35
        ·
        6 months ago

        I’ll tell you what. When proton ships a product that takes a screenshot of my desktop every 5 seconds and stores it in an unsecured DB any user on my computer can access, we’ll call them even.

        • John Richard@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          32
          ·
          6 months ago

          I’ll tell you what. If you can prove to me by pointing to the specific source code that would prevent Proton from capturing your private key password when you login or decrypt using their standard clients then I’ll join the Proton cult.

          • nomous@lemmy.world
            link
            fedilink
            English
            arrow-up
            18
            arrow-down
            2
            ·
            6 months ago

            prove to me by pointing to the specific source code that would prevent Proton from your private key password

            You want them to point to code (that’s not publicly available) that prevents Proton from capturing credentials?

            What a dumb hoop to tell someone to jump through. Do you expect someone to actually post a block of code? Would you even be able to read it?

              • Grippler@feddit.dk
                link
                fedilink
                English
                arrow-up
                11
                arrow-down
                1
                ·
                edit-2
                6 months ago

                Yes I can read it. You think I’m an f’ing idiot?

                I mean, you’re certainly not providing much proof that you have any measurable software skills that enables you to do the proper evaluation even if you received the code from proton. Why should anyone believe this unsubstantiated claim from you?

                Edit: for the record, I’m don’t give a shit and I’m just yanking your chain here.

                • John Richard@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  16
                  ·
                  edit-2
                  6 months ago

                  I’m a black belt in TypeScript, JavaScript, Go, Rust, C, C++, Python & can read and write assembly with my eyes closed, okay?😉

          • ArchRecord@lemm.ee
            link
            fedilink
            English
            arrow-up
            17
            arrow-down
            1
            ·
            6 months ago

            This simply isn’t really possible.

            Even if they published open-source code for their backend, it wouldn’t prove that it’s actually what their systems are running.

            And when you are storing your data on their servers, and decrypting it by sending over your password, there’s no way you can actually truly prevent them from accessing your data, if they were to modify how their systems function overall. (this is true for every company)

            Even if they were using zero-knowledge proofs to verify and prove to you the computation done on the server matched what would be expected from published open-source code, then either their very own systems (and by extension, their administrators), or a different company’s proprietary TPM module, would be the root of trust for those ZK proofs, and would still have the same underlying trust assumptions of at least 1 company having the ability to potentially steal your information.

            If you want to rail against Proton for this, you have to be against every single cloud-based instance of code that hosts encrypted data, by any company, for any user.

            Saying Proton acts just like Microsoft is a laughable comparison to make in order to justify claiming a lack of privacy or security on Proton’s part.

            Why? Is it because they’re both companies that offer online services? Guess what, loads of companies do that. But you know what Proton doesn’t do? Give away the contents of people’s files, like Microsoft states they do in their own transparency reports, that they conveniently stopped publishing in 2022. Microsoft handed over the content (not just IP, email, etc, but actual docs, communications, stored files, etc) of thousands of people’s accounts to law enforcement. Proton hasn’t given out content once.

            And this doesn’t even consider the fact that Proton’s business model is privacy. For Microsoft, their users will keep using their services regardless of their privacy, but for Proton, if it comes out that their services are no longer private, nobody will use them anymore, because nobody who got them for privacy would need them at that point.

          • conciselyverbose@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            6
            ·
            edit-2
            6 months ago

            Such source code isn’t possible with the general audience service they offer, even if being open source were a requirement for credibility in any way.

            You’re comparing them to a company with a long history of actively hostile behavior despite the fact that there’s never been a single hint of anything resembling hostile behavior from them, they operate from a country with meaningful privacy protections and only surrender data when compelled by their own courts (who only do so in circumstances that actually warrant it), and haven’t actually given up information that’s useful when required to because they don’t have it.

      • Muscar@discuss.online
        link
        fedilink
        English
        arrow-up
        29
        ·
        6 months ago

        I’d almost believe you were paid to hate on proton, but you’d get fired for how fucking dumb your arguments are.

  • AwesomeLowlander@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    65
    arrow-down
    2
    ·
    6 months ago

    The only open source mentioned in the post is their encryption. Not the document editing software. OP please remove your change to the article title, it’s extremely misleading.

  • BlueMagma@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    56
    ·
    edit-2
    6 months ago

    Open source ? Does that mean I can host my own ? Would it be compatible with other self hosted instance ?

    EDIT: the only source code I found hasn’t been maintained for 3 years.

  • Fisch@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    55
    ·
    6 months ago

    I like how there seems to be more and more alternatives to MS Office, even from big companies like Google. Best case scenario, this could lead to companies actually starting to use an open format, like ODF, so that all these different office applications can be used without causing issues in the file and that would pave the way for open source alternatives, like LibreOffice or OnlyOffice, to become viable alternatives for a lot more people and companies. Do Google Docs and Proton Drive use/support ODF? I’m pretty sure MS Office supports it.

    • tourist@lemmy.world
      link
      fedilink
      English
      arrow-up
      40
      ·
      6 months ago

      I wish msoffice would just die a miserable death

      Word is a pain in the ass. Resize a table column by 1px and the rest of the document gets absolutely fucked

      Excel suffers from similarly frustrating UI issues, but my main problem with it is that it’s being used for things that it was never intended to be used for. On the extreme side, a company will shove all their HR info into one xlsx file and then someone will accidentally, somehow unrecoverably, delete it

      More commonly, I’ve had to use it as a progress tracking/ticketing tool. An entire team adding rows, deleting rows, accidentally clearing formulas, highlighting random fucking cells, resizing columns etc. all at the same time. It’s just hell.

        • gibmiser@lemmy.world
          link
          fedilink
          English
          arrow-up
          8
          ·
          6 months ago

          You use what ya got, and you don’t buy database software or hire a database guy until you know you need one

          • Takumidesh@lemmy.world
            link
            fedilink
            English
            arrow-up
            4
            ·
            6 months ago

            But access comes with office, so if you have excel you have at least a software that is intended to be used as a DB (efficacy aside)

            • micka190@lemmy.world
              link
              fedilink
              English
              arrow-up
              14
              ·
              6 months ago

              Let’s be real, using Excel as a makeshift database is probably still better than actually using Access lol

              • Fisch@discuss.tchncs.de
                link
                fedilink
                English
                arrow-up
                2
                ·
                6 months ago

                When I started studying IT at a Berufskolleg (German word, literal transaltion would be something like job college or job school), we started learning about databases by using Access. We were all so happy when we were done with that and just used SQL. I fucking hate Access.

              • sevan@lemmy.ca
                link
                fedilink
                English
                arrow-up
                1
                ·
                6 months ago

                The only use case I can see for Access is when you absolutely must have a database and your company will not provide you a real database solution. I have experience with both, but haven’t touched Access in years (and hope to never do so again). To be fair, I also regularly use Excel for things that I should probably be using Word for because it is easier to get formatting right in Excel.

          • RecluseRamble@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            1
            ·
            6 months ago

            Probably true for most companies but I worked at one that had plenty of DB servers and developers, even developed their own database tech. Still, Excelitis as we called it was rampant.

        • ruse8145@lemmy.sdf.org
          link
          fedilink
          English
          arrow-up
          1
          ·
          6 months ago

          It can also link nicely over odbc to full databases which are represented a nice tables…with links between sheets…waiiit a second.

      • mutant_zz@lemmy.world
        link
        fedilink
        English
        arrow-up
        12
        ·
        6 months ago

        Sadly, the lock-in is pretty extreme… as is user inertia. Office 365 has made the problem worse as well, even if you have something like OnlyOffice that does a good job of compatibility with Office, it can’t sync with OneDrive.

        If you collaborate with non-technical people, they will expect you to work in Office formats, and won’t even entertain discussion of any alternative.

        • ruse8145@lemmy.sdf.org
          link
          fedilink
          English
          arrow-up
          1
          ·
          6 months ago

          Wait who are the technical people you work with who are using things besides Excel?? Or by technical people do you specifically mean computer science people? Cause you get mech, civil, or electrical engineers in a room and I think I would have a heart attack if their designs were not all in Excel or word (+altium, solidkindaworks, etc)

      • ForgotAboutDre@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        6 months ago

        It’s criminal that Microsoft has such a monopoly on word processing, they can’t even render text properly. It’s not an issue in Mac or Linux, but it is in all windows applications that aren’t using a chromium base.

        • Eggyhead@kbin.run
          link
          fedilink
          arrow-up
          5
          ·
          6 months ago

          Employer: Print out this .doc and bring it to work. Me, with a Mac: alright, here you go. Employer: why did you print it like this? Me: that’s what you sent me.

          • ruse8145@lemmy.sdf.org
            link
            fedilink
            English
            arrow-up
            1
            ·
            6 months ago

            Uses compute platform that’s spent (all of personal computer history) trying to exclude any outsiders from working with them, a design intention of Steve Jobs from day one leading to significant waste and suffering for the past 50 years.

            Sad that Microsoft doesn’t care

            At least Linux has a leg to stand on. The culture can be exhausting but is generally in the right.

            • Eggyhead@kbin.run
              link
              fedilink
              arrow-up
              1
              arrow-down
              1
              ·
              6 months ago

              Life sure is terrible when people enjoy things you don’t, isn’t it?

              • ruse8145@lemmy.sdf.org
                link
                fedilink
                English
                arrow-up
                1
                ·
                6 months ago

                No idea what your point is. Are you arguing the history of apple as a morally depraved company?

                • Eggyhead@kbin.run
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  6 months ago

                  I was just talking about dealing with .doc files, but you are free interpret that however you want, buddy.

      • bzah@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        5
        ·
        6 months ago

        Where I was working Excel was used for the specification of scientific data. You get stuff like thousands of rows in several sheets themselves in multiple files that inherit from one another and everything is edited by hand… And I maintained a tool that combined them to create binary files from this mess. Lot of fun.

      • Fisch@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        2
        ·
        6 months ago

        I feel you on that first part, I always use Markdown nowadays when I don’t have to use Word (or LibreOffice Writer in my case), I even use Marp to make presentations with Markdown. Since there’s no dragging stuff around and eyeballing if it’s actually coherent, it’s much quicker, the layout is always perfect and changing the layout doesn’t fuck up the entire slide/document.

      • ruse8145@lemmy.sdf.org
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        6 months ago

        It…was intended for those things. Excel is modern business’ multi-tool. You’re not going to excise it until there is a solution for the HR person to do basic bulk data processing, basic Excel programming without having to acknowledge they are doing programming, etc.

        The other path is better spreadsheet software, but let’s be honest most of the others are poor clones. Gsheets are nearly useless, only office is solid but…well, it’s just Excel but free. Open office is Excel millennium edition and libre while better than open, and has a few nice quality of life improvements, it’s still Excel.

  • 👍Maximum Derek👍@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    39
    arrow-down
    2
    ·
    6 months ago

    When I was degoogling a couple years ago I had a heck of a time choosing between protonmail and fastmail.

    I went with the fastmail and, while I have no complaints, I’m starting to glance at greener grass.

    • DesolateMood@lemm.ee
      link
      fedilink
      English
      arrow-up
      39
      ·
      6 months ago

      I love Proton and will advocate for it any chance I get, but I can also see that it might be good to have people like you who don’t put all their eggs in one basket

    • alansuspect@aussie.zone
      link
      fedilink
      English
      arrow-up
      3
      ·
      6 months ago

      I degoogled to Proton mail initially. I didn’t like that I couldn’t search my emails (a security thing or something? But annoying) and then their Drive was absolutely useless on macos. I had about 100gb and it couldn’t sync even half of it.

      After much help from support I eventually moved away to a combo of Fastmail, Mega and OnlyOffice.

      • Blu@sopuli.xyz
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        6 months ago

        I did the same thing. The first privacy-oriented service I heard about was Proton. And, to be fair, they’re quite good. But the email search issues and struggles I had with their bridge eventually turned me off.

        I left for mailbox(.)org and haven’t looked back. It’s great Proton has so many cool services, but the last thing I want is to get dependent on one company again, not after how hard it was to get away from Google.

    • John Richard@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      36
      ·
      6 months ago

      If you were on Proton then you wouldn’t be able to sync your calendar & contacts and you’d have to share your private keys.

  • exanime@lemmy.world
    link
    fedilink
    English
    arrow-up
    30
    ·
    6 months ago

    Just signed up today for the family plan in my ongoing degoogling process

    It’s a bit pricey but so far loving it. Specially Proton Pass, coming from bitwarden (which I liked), it’s nicer and faster, much faster

    • BenPranklin@lemmy.world
      link
      fedilink
      English
      arrow-up
      50
      ·
      edit-2
      6 months ago

      Don’t put all your eggs in one basket again, that’s what makes degoogling such a difficult thing. There’s several proton services I intentionally avoid and use alternatives for so I don’t have to uproot my entire digital life to leave them if they start being shitty. If you go from using all google services to all proton you’re setting yourself up to need the same sort of big migration down the road. 15 years ago google was also an awesome company that kept making incredibly useful things for users just because they could and look at them now.

    • Manalith@midwest.social
      link
      fedilink
      English
      arrow-up
      10
      ·
      6 months ago

      My only gripe with Proton Pass so far is that I’m used to Bitwarden’s right-click autofill menu and some sites’ 2FA codes don’t automatically pop up for some reason.

    • ruse8145@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      6 months ago

      Does pass support custom url filters yet? I self host and so I have a lot of 192.168 bookmarks…when I tried pass it had no way to organize them by url prefix (port number).

    • John Richard@lemmy.world
      link
      fedilink
      English
      arrow-up
      10
      arrow-down
      24
      ·
      6 months ago

      And so what happens to your passwords if Proton were to go offline and you needed to continue using Proton Pass? Do they have an open source server you can use like Bitwarden does or vaultwarden? Or are you essentially locking yourself into a new walled garden for no reason other than name recognition? Why not just use KeePassXC which is encrypted locally rather than share your password with a third party who can easily capture your private key password?

      • nutsack@lemmy.world
        link
        fedilink
        English
        arrow-up
        15
        arrow-down
        1
        ·
        edit-2
        6 months ago

        I think a lot of these cloud-based password vaults will have a local database that syncs with the cloud. I think you can unlock them and access your passwords without internet access

        • John Richard@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          11
          ·
          6 months ago

          Keyword… unlock, not add information or use them offline where they can sync to an open source backend. They are cloud-based password managers that are designed to operate online. The backend is not open source. It is designed to lock you into a walled garden.

          • nutsack@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            ·
            edit-2
            6 months ago

            The unlocking happens locally. it’s simply decrypting. also, i think you can export the data from proton pass.

            it’s a cloud solution. keepassxc works great and I don’t know why you want something else to replace it

            • ruse8145@lemmy.sdf.org
              link
              fedilink
              English
              arrow-up
              1
              ·
              6 months ago

              Browser integration with quality biometric login is a beautiful thing. Keepass’ implementation of both is trash, and keepassxc’s browser integration may actually be worse than the original.

              That having been said I always recommend to people they use two managers, with keepass being the secure base for things you don’t often need convenient access to like savings accounts, password manager passwords, tax services, etc.

              bitwarden, proton, et al I use for the day-to-day…I don’t give any fucks if my Lemmy account is lost for example.

        • ruse8145@lemmy.sdf.org
          link
          fedilink
          English
          arrow-up
          1
          ·
          6 months ago

          “A walled garden is a garden enclosed by high walls, especially when this is done for horticultural rather than security purposes, although originally all gardens may have been enclosed for protection from animal or human intruders.”

          Agreed proton isn’t this

          "A closed platform, walled garden, or closed ecosystem[1][2] is a software system wherein the carrier or service provider has control over applications, content, and/or media, and restricts convenient access to non-approved applicants or content. "

          Try using thunderbird and id argue proton is this

          • asdfasdfasdf@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            6 months ago

            Still, that seems like a combo of “comes with the territory of encrypted email” and “their software could use some major improvements”. I think closed platform is closed by design.

            • dan@upvote.au
              link
              fedilink
              English
              arrow-up
              2
              ·
              edit-2
              6 months ago

              comes with the territory of encrypted email

              AFAIK they haven’t tried to standardize their implementation, which to me implies that they’re not interested in interoperability. That’s unfortunate. I wouldn’t want to be locked in to a vendor like that.

              At least some providers do try. FastMail published the spec for their modern, stateless replacement to IMAP through the IETF as “JMAP”, and built on top of existing RFCs where possible.

            • ruse8145@lemmy.sdf.org
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              1
              ·
              6 months ago

              Nah, fundamentally proton uses the same encryption as everyone else, they just have a central server to exchange keys rather than one of the open servers.

        • John Richard@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          7
          ·
          6 months ago

          It will cache credentials for a short time so you can still access some of your passwords. It will not let you add new credentials. It’s like a web browser working in offline mode for a period of time. It is a cloud-based password manager with a closed-source server backend.

  • flop_leash_973@lemmy.world
    link
    fedilink
    English
    arrow-up
    14
    ·
    6 months ago

    Doesn’t appear you can do anything of that via the Drive mobile app. Maybe one day they will make that possible.

    If they can ever get a spreadsheet application I could fully get away from Google for that kind of thing without losing out on anything I care about.

  • gccalvin@lemmy.world
    link
    fedilink
    English
    arrow-up
    13
    arrow-down
    1
    ·
    6 months ago

    I know there are different use cases for each, but generally do people prefer self hosted nextcloud, proton docs, or libre office?

    • fmstrat@lemmy.nowsci.com
      link
      fedilink
      English
      arrow-up
      3
      ·
      6 months ago

      Nextcloud and OnlyOffice. Collabora is basically a VNC session over LibreOffice. While OnlyOffice is web-native and has much better compatibility.

    • Lem453@lemmy.ca
      link
      fedilink
      English
      arrow-up
      2
      ·
      6 months ago

      FWIW collabora and open office can integrate with other clouds like Seafile and owncloud Infinite scale. So even without NextCloud it can be used. It can also be used stand alone.

    • variants@possumpat.io
      link
      fedilink
      English
      arrow-up
      1
      ·
      6 months ago

      probably depends what youre into, I have my own home lab so I setup nextcloud with collabora for my personal stuff

  • elucubra@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    19
    arrow-down
    9
    ·
    6 months ago

    A lot of people confuse open source with community driven/governed.
    If things go awry, you’ll be locked-in, married to Proton.

  • MisterFrog@lemmy.world
    link
    fedilink
    English
    arrow-up
    19
    arrow-down
    11
    ·
    6 months ago

    They’re just too expensive. Like, sure, it costs money to run, but 3.49€/month (the discounted 24 month rate) for the mail only plan, 15 GB storage. (41.88€, $45.17 USD, $67.28 AUD per year)

    That’s really expensive if you just want mail.

    The other stuff, is also really expensive. To the point that makes you think, “there is no way google is making THIS much to make up the difference in advertising to me for a comparable plan”.

    • aquafunkalisticbootywhap@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      11
      ·
      6 months ago

      remember, it’s not just about making up the difference per user in advertising, it’s about getting and keeping as many people into their ecosystem as possible.

      then they make some cash from selling data, and having more data to scrape to train their models and such. proton isnt making any off your data

      it’d be great to be able to easily compare cost and expense, but companies obscure so much in the backend. rental car companies buy discounted in bulk, then sell the cars tens of thousands of miles later at a profit, and that’s before any income from rental

      • ruse8145@lemmy.sdf.org
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        6 months ago

        Switched to them in 2022 after a 2-year of proton precisely because the revised proton plans were weird and because id heard a lot of negative stories about getting locked out (from the proton side, not losing password). Ironically I almost just went thru the lockout process but thankfully the email support guy was able to get things sorted.

        Tbh I miss nothing and since I use simple login or anonaddy for most misc things, switching was easy. My proton account is de facto dead…I wouldn’t refuse to return, but I’m really just an a la carte guy.

    • Mac@federation.red
      link
      fedilink
      English
      arrow-up
      4
      ·
      6 months ago

      You get mailserver capabilities with that tier as well though. You shouldn’t be using the plus plan unless you need the email storage or host custom domains and don’t want to deal with the admin.

      • nieminen@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        6 months ago

        To be fair, it’s not as clear as it could be that there are other “plus” plans. If you happen to land on the proton mail page when looking, they only show you the mail plus option (and unlimited). And even then really truncate what exactly you get for each paid option. There’s a page that I was only able to find after opening my free account (it exists when not logged in, just never found it) that explains in depth all the options and differences.

        Annoyingly, most of the individual upgrade pages don’t give the 2 year purchase option either.