[saagarjha]

There’s actually a meta-naivety in geeks where they write stuff like this and then get on the soapbox to shill some random project that is somehow better and that we can actually trust some random service for reasons that fall apart if you apply the exact same scrutiny to them. Really, they’re just smug about being smarter.

Let’s take the two advertisements that the author has. I call them advertisements because, despite being sure neither Signal or Protonmail paid this guy, he fell into the obvious trap of “xyz sucks, here’s what to use instead”.

Amazon is bad, Apple is bad, Kagi is bad because they all take your money. But Protonmail is good because they…take your money? They take your money and if they did something bad you wouldn’t pay them. Ok? And this obviously has happened to all the secure apps that people continue to use despite them being hacked, or the companies that rebrand after it’s found out they were leaking your information? If Protonmail was found out tomorrow to be a front for the CIA, who suffers? What’s stopping the people running it from just making Electronmail tomorrow and claiming that they aren’t a front for the CIA?

Meanwhile Signal is an open source project and that means everyone has reviewed the code and trusts it. What happened to giving companies money so that they suffer when they violate your privacy? If Signal makes it so that you don’t want to use it, what harm do they suffer? If they add new code that backdoors the app or sells ads or harvests your contacts, what are you going to do about it? Will you publish a blog post explaining how you were the geek who got conned this time?

I actually have nothing against these specific projects, just as I generally don’t have specific vendettas against the other dozen things these blog posts tend to shill (DuckDuckGo, Brave, Quebes, GrapheneOS, Firefox, whatever). My point is that the geek is perpetually vulnerable to thinking his choices are good because of some technical reasons, when in reality we choose what we associate with based on trust and human factors. You probably choose your software because your buddy from IRC told you it is good. A lot of people choose their software because they saw an advertisement showing that this company actually cares about their privacy. Neither of you is dumber than the other and making people feel bad for not keeping up with the evolving landscape of privacy is generally not productive.

[luqtas]

so what's your point? rant about the rant?

if Proton or whatever gets behind their mission, people will move on to the next company they can 'humanely can trust'... chosing the best option among all the bad options still is progress

[saagarjha]

That’s exactly the thing the author is calling people “naive” for.

[luqtas]

so we should remain in silence and just use the most popular because it's a lost game?

[JoshTriplett]

No, we should apply the same evaluation criteria to whatever we're considering recommending as we do to whatever we're bashing.

[luqtas]

apparently Proton has its source-code open (https://proton.me/blog/security-audit), regards Signal and the other search engine i don't know... i bet none of them are the panacea on privacy but it's also quite naive to counter the author rant placing Google, Meta and whatever are at the same ethical ballpark of the former companies when they were involved in a bunch of scandals over their history and are making A BUNCH of money on their evasive telemetry (often shaping culture, see what Youtube turned; click-bait titles, prolix dialogue because the algorithm of [more time watched = more revenue] and even questionable thing like "album reactions" or just silly stuff that feels an offense to the enviroment like filling a swimming-pool with slime or some absurd shit on Youtube Kids)

edit: i could also go on what Instagram turned out to be...