• 0 Posts
  • 101 Comments
Joined 4 years ago
cake
Cake day: July 13th, 2020

help-circle





  • Exactly. I was surprised to see my unique named throw-away email being found in the leak, despite having changed it to an uniquely generated throw-away account alias in the year prior. But i don’t mind that much.

    However, bad security practices must still be pointed out regardless of it being applied to something important or large. I do still can criticize my friend decision to expose his local server at home, unsecured, even if in the grand matter of things, it is unlikely it will be exploited or impact him in any way.

    Now, the only issue having my throw-away address, is that i will have to throw it away once i start receiving spam on it. As far i know, the pirated database wasn’t shared nor necessarily conserved outside of prooving the original clowns hacktivists group involvment, outside of confirmed security analyst.












  • What I don’t get, but maybe because of the lack of information I have on the topic

    Exactly. That’s also the issue there. It was opt-out by default AND didn’t seemed to give enough info to the end-user about what it does, and why it would be better to keep it enabled. Most people, complain about the forced default decision without any notice, and without any appropriate info to understand if it was a decent change or not. You should only enable it, IF you understand and ablige to what it does.



  • First. Let me explain some bits about the Play Store. You are using the Google Play store, so of course, it stores the list of installed apps on your Google account. That’s fairly obvious. However, the relation with the apps generally end there. Some apps might have Google account integration (Google Games for example, or just as a login method) but not more than that. There’s also potential Google ads and Crashalytics, but it ain’t “directly” connected to your Google account (It link your device through an unique ID, which Google could correlate with your logged Google account on this device)

    That out of the way :

    • ProtonMail android app doesn’t use any of those Google stuff in it.
    • You can download their app separately of the Google Play Store. Throught their website, source-code release or F-Droid (Depending of their project. Proton isn’t consistency with those)
    • ProtonMail don’t care about your Google account, outside of importing your emails into your new Protonnail account if you choose to do so.

    Also, there is still a privacy gain, from using an email address from Protonmail, but only when you use it. It is just a better and more private e-mail provider. If you keep using a Gmail and Outlook email, than you will still issues with those emails addresses be used and read, for ads and analytics.

    Do note you can use your protonmail address on your Google and Microsoft account. Those services just tend to automatically create an email account on their respectice services by default (Gmail & Outlook) but they aren’t required.