okr765
  • Communities
  • Create Post
  • Create Community
  • heart
    Support Lemmy
  • search
    Search
  • Login
  • Sign Up
ZeroCool@slrpnk.net to Privacy@lemmy.mlEnglish · 8 months ago

All Proton Drive apps are now open source

proton.me

external-link
message-square
102
fedilink
830
external-link

All Proton Drive apps are now open source

proton.me

ZeroCool@slrpnk.net to Privacy@lemmy.mlEnglish · 8 months ago
message-square
102
fedilink
All Proton Drive apps are now open source | Proton
proton.me
external-link
Proton Drive’s desktop apps are open source, meaning you can review the code of any Proton Drive app for yourself.
  • Nihilist@lemmy.nowhere.moe
    link
    fedilink
    arrow-up
    9
    arrow-down
    21
    ·
    edit-2
    8 months ago

    Oh it’s open source? where are the serverside repositories then

    • unknowing8343@discuss.tchncs.de
      link
      fedilink
      arrow-up
      40
      ·
      8 months ago

      The title specifies that it’s the apps that are open source.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      1
      ·
      7 months ago

      If it is running on the server you have no way of verifying the code or the execution environment.

      Theoretically you should now be able to self host proton

      • delirious_owl@discuss.online
        link
        fedilink
        arrow-up
        1
        ·
        7 months ago

        TC says otherwise

        • moonpiedumplings@programming.dev
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          7 months ago

          There is concern amongst critics that it will not always be possible to examine the hardware components on which Trusted Computing relies, the Trusted Platform Module, which is the ultimate hardware system where the core ‘root’ of trust in the platform has to reside.[10] If not implemented correctly, it presents a security risk to overall platform integrity and protected data

          https://en.m.wikipedia.org/wiki/Trusted_Computing

          Literally all TPM’s are proprietary. It’s basically a permanent, unauditable backdoor, that has had numerous issues, like this one (software), or this one (hardware).

          We should move away from them, and other proprietary backdoors that deny users control over there own system, rather than towards them, and instead design apps that don’t need to trust the server, like end to end encryption.

          Also: if software is APGL then they are legally required to give you the source code, behind the server software. Of course, they could just lie, but the problem of ensuring that a server runs certain software also has a legal solution.

          • delirious_owl@discuss.online
            link
            fedilink
            arrow-up
            1
            ·
            7 months ago

            Not all TC is proprietary

            https://www.golem.network/

            • moonpiedumplings@programming.dev
              link
              fedilink
              arrow-up
              1
              ·
              7 months ago

              I read through the docs. I’m not sure how this enables trusted computing.

              • delirious_owl@discuss.online
                link
                fedilink
                arrow-up
                1
                ·
                edit-2
                7 months ago

                The whole idea is to be able to build a secure, distributed cloud. The whole network depends on secure enclaves.

                • moonpiedumplings@programming.dev
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  7 months ago

                  I cannot find anything related to that in their documentation, their about page, or their whitepaper.

                  They talk a lot about decentralized computing, but any form of secure enclave or code verification isn’t mentioned.

                  Compare that to this project, which is similar, but incomplete. However, quilibrium uses it’s own language instead of python or javascript, like golem does. The docs for golem do not explain how I am supposed to verify a remote server is actually running my python/javascript code.

        • Possibly linux@lemmy.zip
          link
          fedilink
          English
          arrow-up
          1
          ·
          7 months ago

          And I call there bluff

          • delirious_owl@discuss.online
            link
            fedilink
            arrow-up
            1
            ·
            7 months ago

            Its not a bluff, its cryptography lol

            • Possibly linux@lemmy.zip
              link
              fedilink
              English
              arrow-up
              1
              ·
              7 months ago

              Except you don’t control the hardware. If the execution environment is untrusted everything goes out the window

              • delirious_owl@discuss.online
                link
                fedilink
                arrow-up
                1
                ·
                7 months ago

                Thats literally what TC solves

                • Possibly linux@lemmy.zip
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  7 months ago

                  Not really as you still need trust

                  • delirious_owl@discuss.online
                    link
                    fedilink
                    arrow-up
                    2
                    arrow-down
                    1
                    ·
                    7 months ago

                    Nope. That’s why we have cryptography. Read about TC

Privacy@lemmy.ml

privacy@lemmy.ml

Subscribe from Remote Instance

Create a post
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !privacy@lemmy.ml

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

  • Lemmy.ml libre_culture
  • Lemmy.ml privatelife
  • Lemmy.ml DeGoogle
  • Lemmy.ca privacy

much thanks to @gary_host_laptop for the logo design :)

Visibility: Public
globe

This community can be federated to other instances and be posted/commented in by their users.

  • 587 users / day
  • 3.3K users / week
  • 6.56K users / month
  • 15.9K users / 6 months
  • 1 local subscriber
  • 37.7K subscribers
  • 2.35K Posts
  • 55.8K Comments
  • Modlog
  • mods:
  • k_o_t@lemmy.ml
  • tmpod@lemmy.pt
  • Yayannick@lemmy.ml
  • ranok@sopuli.xyz
  • BE: 0.19.9
  • Modlog
  • Instances
  • Docs
  • Code
  • join-lemmy.org