• TWeaK
    link
    fedilink
    English
    838 months ago

    You cannot use the new Outlook app without syncing these data with Microsoft’s servers, i.e. your usernames and passwords are sent to the company’s cloud servers. While the data is sent using TLS, the IMAP and SMTP username and password are sent to Microsoft in plain text. This could allow the company to access your emails, and share the data with third-parties.

    Not only that, but sending usernames and passwords in plaintext allows for MITM attacks.

    • @cm0002
      link
      178 months ago

      Isn’t MS on the government shit list right now over security missteps that led to the breach of gov officials?

      • @Echo5
        link
        28 months ago

        Not sure what difference that makes since the military uses the MS office suite for everything

    • lazynooblet
      link
      fedilink
      English
      98 months ago

      I expect what they mean is that the credentials are encrypted only in transit

    • @shadycomposer
      link
      38 months ago

      I think outlook iOS has been storing credentials on server since day one, even before it was acquired by Microsoft. I’m not sure what the new outlook app means.

    • @Oneobi
      link
      108 months ago

      Indeed. I smacked my head as I fell!

  • @Lumisal
    link
    348 months ago

    Pretty sure Windows 11 itself has become a data collection service at this point

    • 🍜 (she/her)
      link
      fedilink
      58 months ago

      Weirdly enough, I have had less spam mail on my gmail account, than I have on the account of an e-mail provider from my country.

      • @[email protected]
        link
        fedilink
        78 months ago

        Anyway, Gmail is a no go. From Google TOS

        “Our automated systems analyze your content (including emails) to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored.”

        As said, they read and analyze your mail, mainly to sell it to advertizing companies. Google make money with this.

      • @[email protected]
        link
        fedilink
        68 months ago

        In my country popular free email providers send many spam messages to users by themselves, so inbox looks much worse than in gmail.

  • @[email protected]
    link
    fedilink
    18
    edit-2
    8 months ago

    this title totally buries the lead lede: outlook has started displaying ads in inboxes, that’s the story and that’s what Proton was pointing out

    • @SquirtleHermit
      link
      38 months ago

      Low hanging fruit tastes just as good, and for a lot less work.

  • @exanime
    link
    118 months ago

    I don’t doubt it… I am looking hard at ProtonMail for the fam… but $290 a year is a bit of a hit

    • UnfortunateShort
      link
      1
      edit-2
      8 months ago

      It’s quite good value, especially the 2-year plan, if you actually use all the stuff they offer. I got my family there, but they are still not to eager to integrate all there is into their routines.

    • @[email protected]
      link
      fedilink
      18 months ago

      I just checked the price, it seems like unlimited (with storage, vpn, pass etc) only cost $120 for the first year. And it is $156 for normal price.

      And if you only need mail, that only cost around $50 for the first year.

      Unless your $ doesn’t mean U.S. dollar?

      • @Nanabaz2
        link
        58 months ago

        He said for the “fam”

        I think he meant family package)

        • @[email protected]
          link
          fedilink
          48 months ago

          Oh, that is 6 user with 3 terabyte of storage. average to 50$ per user per year. In where I live, that is like 2 meals outside per year, and cheaper than office 365 personal.

          To me this is pretty good value, but I understand people are different. However, I cannot get them yet, as proton drive still don’t have a linux client (or any client for that matter)…

          • @[email protected]
            link
            fedilink
            28 months ago

            Proton drive has windows and Android clients that work well. I’d love a Linux client for drive and for them to fix the photo upload issue on android, but eventually those things will come.

            • @Nanabaz2
              link
              18 months ago

              For the moment. Round Sync on Android (use rclone) and rclone on Linux to just mount it. Better than any stupid client tbh

          • @Nanabaz2
            link
            28 months ago

            As far as I know, tested, and using right now - rclone (through Round Sync) on Android support Proton drive. And it uses the same core as normal Linux rclone.

            So yes, there is a client - rclone. And believe me, my own Nextcloud and pronton drives are accessed through rclone. Most clients suck

  • @[email protected]
    link
    fedilink
    88 months ago

    Sending plain-text passwords is rather interesting, tho. Could’ve at least optionally encrypted 'em with a key derived from smth known by the user only.

  • Matt
    link
    fedilink
    58 months ago

    Just use either the web version, PWA, or Thunderbird.

    • Xy_Lemmy
      link
      fedilink
      118 months ago

      I’m sure the PWA is the one that’s being talked about here. Notice the “new Outlook app” in the title.

  • @[email protected]
    link
    fedilink
    58 months ago

    Been using betterbird(a fork of thunderbird) for a long time and it has been fantastic. Never disappoints.

  • @[email protected]
    link
    fedilink
    English
    38 months ago

    So obviously not to everyone’s taste but if you have access to iCloud+ email, your mail isn’t scanned for sale (as per their US privacy agreement anyway), you get randomized email addresses available to give to places that you think might be spammy and you can link a domain to your account, although you’re only allowed 3 email boxes per user in your family per domain. Works well for me so far. Mind you because of photo storage size and devices backups I’m up to $3/ month from the original $1/month when I started.

    Plus with Advanced Data Protection a lot of iCloud info is E2E encrypted. (Not email tho.)

  • Kairos
    link
    fedilink
    -478 months ago

    Why the fuck is this an article and why the FUCK is this a post??

    • @[email protected]
      link
      fedilink
      English
      118 months ago

      I think your first point totally valid and justified, though the second is a little more nuanced, including Proton Mail making promotional mileage out of some genuine privacy and potentially security related concerns.

      • Kairos
        link
        fedilink
        -98 months ago

        I hate these “news” articles which just summarize something else freely available on the Internet.

        • TWeaK
          link
          fedilink
          English
          228 months ago

          This article doesn’t just summarise the discussion on Proton’s blog post (which the article linked to), it’s looking to spread the information and increase discussion of the issue, in particular in the community of users who regularly browse their site and comments sections.

          Your comment is like complaining about reposts. Yes, in the worst cases reposts can be bad and disruptive, but more often than not it’s just a genuine attempt to spread the content/story further and one that introduces it to more people than the original. This isn’t one of those worst case examples.

          Articles like this are at least better than Yahoo or MSN articles that literally just copy the text of other publications (although sometimes the source article is paywalled while the copy is not).

        • Night Monkey
          link
          fedilink
          2
          edit-2
          8 months ago

          You have a good point. You generally don’t get the other side of the story. Mainly just op-eds that yeah one side. Would love to have actual journalism back.

          Arstechnica seems to be the last bastion of actual journalism even though sometimes I feel even they succumb to the click bait shit.

          I used to read ghacks daily. It’s like the drudge report of tech news. Maybe even blues news.