Fuck AI

While the open source argument is valid, the end to end encryption critique is a bit odd to me. It is, by definition, end to end encrypted, and proton claims that the chat history is stored locally on your device and is blindly encrypted at rest on their servers, same as in their email system.

The individual messages do have to be decrypted for inference option arrival, but really there isn't another option.

What I'd like to see is evidence of 3rd party audits on this scheme in addition to more information on the models used.

I kind of wish this headline just kept going.

Proton’s Lumo AI chatbot: not end-to-end encrypted, not open source, bad taste in music, murdered family of five

Like most things by Proton. The client side service is usually open source, but not server-side. I use & even pay for some services from Proton, but honestly they could probably decrypt your data if they had a reason to. They do pilot tests all the time. If you use Aurora Store, you'll frequently see some Google Play accounts get different versions of the app that haven't been rolled out to everyone.

I've noticed several times the "open-source" app on their GitHub is multiple versions behind what they're publishing on Google Store. I don't know of anyone doing automated testing for all the unpublished versions. If you use the browser—since the encryption is handled via JS—all it would take is a few small changes to get the information needed to decrypt your data.

There are some alternative open-source bridges for Proton that solve some of these issues, but most people using Proton are just using the stock apps. If you use Proton then you're prob. doing a lot more to protect your privacy from advertisers, but if you think it'll protect you from the government spying if they have a reason, then you might want to think again.

I'm so glad I'm letting my Proton subscription lapse when it runs out. I want away from that ridiculous mess of enshittification.