Need to let loose a primal scream without collecting footnotes first? Have a sneer percolating in your system but not enough time/energy to make a whole post about it? Go forth and be mid: Welcome to the Stubsack, your first port of call for learning fresh Awful youā€™ll near-instantly regret.

Any awful.systems sub may be subsneered in this subthread, techtakes or no.

If your sneer seems higher quality than you thought, feel free to cutā€™nā€™paste it into its own post ā€” thereā€™s no quota for posting and the bar really isnā€™t that high.

The post Xitter web has spawned soo many ā€œesotericā€ right wing freaks, but thereā€™s no appropriate sneer-space for them. Iā€™m talking redscare-ish, reality challenged ā€œculture criticsā€ who write about everything but understand nothing. Iā€™m talking about reply-guys who make the same 6 tweets about the same 3 subjects. Theyā€™re inescapable at this point, yet I donā€™t see them mocked (as much as they should be)

Like, there was one dude a while back who insisted that women couldnā€™t be surgeons because they didnā€™t believe in the moon or in stars? I think each and every one of these guys is uniquely fucked up and if I canā€™t escape them, I would love to sneer at them.

  • self@awful.systems
    link
    fedilink
    English
    arrow-up
    18
    Ā·
    4 months ago

    Proton, who I use for mail and various other services, has gone against the wishes of the majority of their userbase as measured by their own survey and implemented an LLM writing assistant in protonmail, which is a real laugh given Protonā€™s main hook is its services are end-to-end encrypted

    (supposedly this piece of shit will run locally if you meet these incredibly high system requirements including a high end GPU or recent, high end Apple M chipset and a privacy-violating Chromium-based browser. otherwise it breaks e2e by sending your emails unencrypted to Protonā€™s servers, and they do a lot to try to talk over that fact)

    • Mii@awful.systems
      link
      fedilink
      English
      arrow-up
      14
      Ā·
      4 months ago

      Who is the target audience for this?

      People who use Proton are privacy-conscious and mostly (I would argue) tech literate, and yet they shove spicy autocomplete that no one ever needed until two years ago and most people donā€™t want now because it produces complete horseshit, and spellchecking that every browser under then sun has built in by now.

      And then they quietly say you need to use Chromium, so the people who use anything but (like, I donā€™t know, the majority of privacy-conscious folks who should be their main user base, lol) have their e2e broken?

      I really hope they catch a raging firestorm for this.

      (Also Iā€™m really pissed right now because used to recommend them to people and now feel like a total jackass for doing that.)

      • self@awful.systems
        link
        fedilink
        English
        arrow-up
        10
        Ā·
        4 months ago

        (Also Iā€™m really pissed right now because used to recommend them to people and now feel like a total jackass for doing that.)

        donā€™t feel bad for making the best choice you could with the information of the past. until we get a workable, interoperable, federated, encrypted communication/online services platform, the choice was to recommend one of the centralized e2e providers. we both chose to recommend Proton and they did this shit, but it could have just as easily been tutanota.

        now my brainā€™s going ā€œe2e encrypted federated email but it preferably uses activitypub as a transport and classic email as a fallback, is that anythingā€

        • self@awful.systems
          link
          fedilink
          English
          arrow-up
          8
          Ā·
          4 months ago

          yep! thatā€™s the game theyā€™re playing. I really donā€™t give a fuck about Protonā€™s relatively tiny number of enterprise whales, but they make Proton a shitload of money in the short term.

          the depressing part is, historically, online services that remain uncompromisingly user-focused tend to stick around roughly forever, while the ones that chase short-term gains and compromise everything else almost always enshittify and fizzle out pretty quick.

    • froztbyte@awful.systems
      link
      fedilink
      English
      arrow-up
      10
      Ā·
      4 months ago

      Saw this in passing earlier and I just laughed

      Until indicated otherwise Iā€™m going to presume it was some bizbro PM/PO/whatever pushing it because they really think it should be there ā€œto be able to competeā€ (because of some laughably idiotic misunderstanding of their own value proposition and pitch)

      Tangent: while I mostly run my own servers and services I did a recent assay on whoā€™s reasonable for service shit. Proton kept popping up massively recommended while some occasional critical mentions from folks in anarchist circles, etc - made me a bit šŸ¤Ø and want to dig in more, but also just their product offerings arenā€™t great. Others I poked into are fastmail and tuta - both seem a fair bit better. Might be worth a look

      • jax@awful.systems
        link
        fedilink
        English
        arrow-up
        8
        Ā·
        4 months ago

        Proton kept popping up massively recommended while some occasional critical mentions from folks in anarchist circles, etc - made me a bit šŸ¤Ø and want to dig in more,

        No surprise that folks in anarchist circles are skeptical of Proton ha. That said, I do know quite a few people in the email ā€œindustryā€ who are broadly skeptical of Protonā€™s general philosophy/approach to email security, and the way they market their service/offerings.

        Others I poked into are fastmail and tuta - both seem a fair bit better. Might be worth a look

        Fastmail has a great interface and user experience imo, significantly better than any other web client Iā€™ve tried. That said, theyā€™re not end-to-end encrypted, so theyā€™re not really trying to fill the same niche as Proton/Tuta.

        From their website:

        Fastmail customers looking for end-to-end encryption can use PGP or s/mime in many popular 3rd party apps. We donā€™t offer end-to-end encryption in our own apps, as we donā€™t believe it provides a meaningful increase in security for most usersā€¦

        If you donā€™t trust the server, you canā€™t trust it to load uncompromised code, so you should be using a third party app to do end-to-end encryption, which we fully support. And if you really need end-to-end encryption, we highly recommend you donā€™t use email at all and use Signal, which was designed for this kind of use case.

        I honestly donā€™t know enough to separate the wheat from the chaff here (I can barely write functional python scripts lol - so please chime in if Iā€™m completely off base), but this comes across to me as an understandable (and fairly honest) compromise, that is probably adequate for some threat models?

        Last time I used Tuta the user experience was pretty clunky, but afaik it is E2EE, so itā€™s probably a better direct alternative to Proton.

        • froztbyte@awful.systems
          link
          fedilink
          English
          arrow-up
          7
          Ā·
          4 months ago

          re fastmail, david mentioned a thing I wasnā€™t aware of so theyā€™re off the list now, more or less just going to forget they exist except as a counter-recommendation

          this comes across to me as an understandable (and fairly honest) compromise, that is probably adequate for some threat models?

          theyā€™re sorta saying ā€œyeah just use external GPG like beforeā€

          albeit I will say their reasoning is a bit fucked in the head imo: that ā€œif you canā€™t trust the serverā€ shit applies equally for whether itā€™s serving you up the page elements to do message cryptography, or whether itā€™s serving you up a normal webmail client. I think I know/understand where they meant to go with it, but the wording they picked is quite shit

          I set up a tuta domain for a thing about a month ago. it couldā€™ve been a bit smoother (esp. domain/dns state checks) but I didnā€™t find anything immediately jarringly bad - and I was even drunk at the time (which means my diy-able supergrump comes out about this sort of shit). will see how it goes over some longer use :)

          • froztbyte@awful.systems
            link
            fedilink
            English
            arrow-up
            5
            Ā·
            4 months ago

            there really are some weird-ass reports from people on fedi sometimes. I imagine it also hits on other platforms, but there we donā€™t get to see them

            • Steve@awful.systems
              link
              fedilink
              English
              arrow-up
              5
              Ā·
              4 months ago

              I imagine it was reported by proton because they were directly @ in the post :)

              • self@awful.systems
                link
                fedilink
                English
                arrow-up
                5
                Ā·
                4 months ago

                fucking wow. so that kinda confirms that:

                • thatā€™s Eamonā€™s alt account heā€™s using because heā€™s a fucking coward
                • proton fucking sucks and is doing their best to squash this in exactly the way a privacy/security company shouldnā€™t
                  • self@awful.systems
                    link
                    fedilink
                    English
                    arrow-up
                    5
                    Ā·
                    4 months ago

                    thatā€™s exactly why itā€™s the point of no return for me ā€” I canā€™t trust a company that does this, and Iā€™ll actively advocate against using them

                    maybe privacy and security are just too precious to trust to something as malicious as a corporation, and I say that knowing Proton just re-incorporated as something that can be called a non-profit but shouldnā€™t

    • V0ldek@awful.systems
      link
      fedilink
      English
      arrow-up
      9
      Ā·
      4 months ago

      Jesus fucking christā€¦

      So where do I switch now? Is this the moment I build my own email server and handle this shit myself? I really donā€™t wannaā€¦

        • self@awful.systems
          link
          fedilink
          English
          arrow-up
          6
          Ā·
          4 months ago

          they have apparently promised they donā€™t plan on implementing anything AI-related which is good, though Iā€™m honestly hoping for a system where our privacy isnā€™t entirely reliant on the promises of a single authority

          and Iā€™m not saying we should do our own federated e2e email service, but somebody should

          ā€¦more realistically, Iā€™ll probably switch to tuta when my proton account nears renewal, as Iā€™m not a fan of how much pure unfiltered horseshit Iā€™m seeing them output with the money I paid them

      • smiletolerantly@awful.systems
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        4
        Ā·
        4 months ago

        Setting up an email server is really straightforward with simple-nixos-mailserver, highly recommend. No idea how likely you are to be classified as spam though from a new domain

        • flowerysong@awful.systems
          link
          fedilink
          English
          arrow-up
          9
          Ā·
          4 months ago

          I host my own email and for my day job I run an institutional email system that handles ~50 million messages per week. I canā€™t recommend hosting email at either end of that scale (or anywhere in between), and I find it difficult to believe that anyone with experience running a mail server would claim itā€™s reasonable or straightforward.

        • flere-imsaho@awful.systems
          link
          fedilink
          English
          arrow-up
          9
          Ā·
          edit-2
          4 months ago

          i host my mail services for the last twenty seven years, and yeah, youā€™re talking shit. starting the smtp daemon is not the same as managing mail server.

          • self@awful.systems
            link
            fedilink
            English
            arrow-up
            11
            Ā·
            4 months ago

            i host my mail services for the last twenty seven years

            this is one of the circles of hell Dante didnā€™t comprehend when he wrote Inferno

          • froztbyte@awful.systems
            link
            fedilink
            English
            arrow-up
            6
            Ā·
            4 months ago

            coming up on 18y on mine. my postfix config is almost of legal drinking age in a lot of countries.

            modern email ecosystem is a fucking mess.

          • froztbyte@awful.systems
            link
            fedilink
            English
            arrow-up
            5
            Ā·
            4 months ago

            itā€™s also really, really fucking unpredictable, in the the-other-parties-do-not-reliably-behave-the-same way

            used to hate having to debug mail failing to deliver to yahoo, and now lately google has started filling that nicheā€¦

        • o7___o7@awful.systems
          link
          fedilink
          English
          arrow-up
          7
          Ā·
          4 months ago

          eh, nix is experiencing a chudpocalypse at the moment, which might be why youā€™re catching strays

    • ShakingMyHead@awful.systems
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      5
      Ā·
      edit-2
      4 months ago

      Not to downplay what proton mail is doing, but theyā€™re saying that you can run this locally with a 2 core, 4 thread CPU from 2017 (the i3 7100, which is a 7000 series processor), and a RTX 2060, a GPU that was never considered high end. Perhaps they changed the requirements while you werenā€™t looking. Or Am I reading this wrong?

      • self@awful.systems
        link
        fedilink
        English
        arrow-up
        10
        Ā·
        4 months ago

        only one of the 8 computers I own (and Iā€™m not being cheeky here and counting embedded or retro systems, just laptops and desktops) is physically capable of meeting the modelā€™s minimum requirements, and thatā€™s only if I install chromium on the Windows gaming VM my bigger GPUā€™s dedicated to and access protonmail from there. nothing else I do needs a GPU that big, professional or otherwise ā€” that hardware exists for games and nothing else. compared with the integrated GPUs most people have, a 2060ā€™s fucking massive.

        do you see how these incredibly high system requirements (for a webmail client of all things), alongside them already treating the local model as strictly optional, can act as a funnel redirecting people towards the insecure cloud version of the feature? ā€œthis feature only works securely on one of the computers where you write mail, at bestā€ feels like a dark pattern to me.

        • ShakingMyHead@awful.systems
          link
          fedilink
          English
          arrow-up
          6
          Ā·
          4 months ago

          Unfortunately, ā€œextremely expensiveā€ and ā€œhigh-endā€ arenā€™t really synonyms, thanks to, yā€™know, bitcoin. Of course, I donā€™t disagree with your argument that having to buy a GPU just to ensure your webmail does what itā€™s advertised to do is, well, dumb.

          What I donā€™t know is what the LLM even is. Did they just tack on Llama to their webmail app and call it a day? Did they train a model? Was it trained on emails? If so, whose emails? What an advertisement that would be: ā€œUse Protonmail to encrypt your emails so that companies like Protonmail canā€™t use them to train an LLM.ā€