• @[email protected]
        link
        fedilink
        1043 months ago

        It means it can’t ever become proprietary closed-source software (not without a major lawsuit).

        • @[email protected]
          link
          fedilink
          English
          54
          edit-2
          3 months ago

          Any new open source software is always a net positive.

          But, there are a few small caveats to the way they’ve done it (depending on how cynical/cautious you are):

          • Because Proton are not accepting contributions, they own all the copyright, so can make the code closed source again if they want to (that wouldn’t affect the already released versions, but future versions)
          • They could likely take down any derivative on iOS, since Apple will always take instruction from the copyright holder, for GPL’d code
          • Since the builds are not reproducible, there’s no guarantee that the binaries they distribute are built from the source code
          • @[email protected]
            link
            fedilink
            English
            193 months ago
            • “Because Proton are not accepting contributions, they own all the copyright, so can make the code closed source again if they want to (that wouldn’t affect the already released versions, but future versions)”

            They can’t do that actually. They can close the source, yes, but if they do they can’t then release the new closed-source version to the public.

            From the GPL FAQ page:

            Does the GPL require that source code of modified versions be posted to the public?

            The GPL does not require you to release your modified version, or any part of it. You are free to make modifications and use them privately, without ever releasing them. This applies to organizations (including companies), too; an organization can make a modified version and use it internally without ever releasing it outside the organization.

            But if you release the modified version to the public in some way, the GPL requires you to make the modified source code available to the program’s users, under the GPL. [Emboldened by me.]

            Alternatively:

            Can the developer of a program who distributed it under the GPL later license it to another party for exclusive use?

            No, because the public already has the right to use the program under the GPL, and this right cannot be withdrawn.

            • “They could likely take down any derivative on iOS, since Apple will always take instruction from the copyright holder, for GPL’d code”

            Does the license prohibit this? Definitely. Could they get away with it? Probably. Though I’m uncertain Proton would go that far. I mean, if they wanted to prevent forks, they wouldn’t have released the source, let alone with the GPL3 license, which requires the right to make modifications (as that’s one of the Four Freedoms).

            • “Since the builds are not reproducible, there’s no guarantee that the binaries they distribute are built from the source code”

            Technically true, I suppose, though again why they would do that is beyond me. If they didn’t want forks, they likely wouldn’t have allowed forks.

             

            Again, this is all assuming I’m understanding the GPL FAQ page correctly. If I’m wrong, I would welcome someone smarter than me to correct me. :)

            • Vivian (they/them)
              link
              fedilink
              English
              193 months ago

              The way I understand it is that they can relicense it and then publish it if they want, but the GPL would still fully apply to the previous versions.

              The first question you cited seems to refer to any different organisation/individual making changes to the source code. And the second seems to refer to revoking the GPL for an already released version, which they would of course not be allowed to do.

              This would make sense as ownership of the copyright would supersede a license.

              • @[email protected]
                link
                fedilink
                13 months ago

                “releasing the modified version to the public” would cover them re-closing the source and then subsequently releasing that newly closed source, so they can’t relicense it and then release the built version of the code.

                At least not easily, this is where court history would likely need to be visited because the way it’s worded the interpretability of “modified” in this context would need to be examined.

                • @[email protected]
                  link
                  fedilink
                  133 months ago

                  Not a lawyer but in the scenario where proton closed the source but kept offering the build, even if gpl3 still applies since they’re the only copyright holder (no contributions) it’d only give them grounds to sue themselves?

                  From gnu.org:

                  The GNU licenses are copyright licenses; free licenses in general are based on copyright. In most countries only the copyright holders are legally empowered to act against violations.

            • @[email protected]
              link
              fedilink
              83 months ago

              IANAL, but AFAIK that’s incorrect. If you’re the only copyright holder, you can issue multiple licenses for your work. GPL doesn’t allow you to rescind previous issues, so anyone in possession of your GPL code can still modify and release it under the GPL freely. But it doesn’t prevent you from issuing your own work under a different license.

              There isn’t usually much economic sense for most applications to do that because anyone can fork the project and distribute it for free. For Proton, since they still hold the server as closed source, they could simply introduce a breaking protocol change and all the forks would be useless.

      • @[email protected]
        link
        fedilink
        543 months ago

        It’s pretty much not reversible and the code is free to use, modify, and distribute forever. And if you do modify it you also must make those changes open source.

        Very good news

      • @[email protected]
        link
        fedilink
        English
        123 months ago

        gpl v3 you can do pretty much anything but you have to put it the same license but it has like drm protections and Anti-Tivoization and also has some patent protections people find this license too strict

        • @[email protected]
          link
          fedilink
          33 months ago

          Its actually more restrictive, in a good way.

          You can’t, for example, fork it, make changes, and sell that derivative software without releasing the source code

          • @[email protected]
            link
            fedilink
            English
            13 months ago

            yeah but drm is too strict for some people and anti tivozation this is why linux did not do gpl 3.0 or later

  • Lupec
    link
    fedilink
    117
    edit-2
    3 months ago

    Very nice, I do hope that helps us finally get a Linux version sometime soon lol

    • @[email protected]
      link
      fedilink
      English
      263 months ago

      Feels like this would be a bigger win for them than a lot of other companies. The people interested in privacy focused alternative to the Google/Microsoft/Apple offerings probably have a lot of overlap with Linux users.

    • lemmyvore
      link
      fedilink
      English
      83 months ago

      I believe that rclone already has Proton Drive support.

      • Lupec
        link
        fedilink
        63 months ago

        It does, yeah. Still, having access to the official client too would be nice.

  • @franiis
    link
    313 months ago

    Will they be now on FDroid? I think only one Proton app is there and it’s a little bit sad.

    • @[email protected]
      link
      fedilink
      223 months ago

      Proton VPN and proton pass

      IRRC they even removed all telemetry from pass but not VPN.

      They should definitely push drive and calendar there too.

        • @[email protected]
          link
          fedilink
          133 months ago

          Telemetry is not bad in itself. It can be used for bug/crash reports, or usage statistics, without tracking or personal data collection.

          • @[email protected]
            link
            fedilink
            43 months ago

            I’m curious, any advice on that? How does one do “good” telemetry? I’m the first to complain about Microsoft, Apple, (even worst) Google, Meta and now OpenAI collecting data to sell me stuff… but it’s true that also some data is needed to get some kind of introspection in terms of usage. Developers need to understand what is actually happening with the software they develop.

            Now I’m wondering specifically about 2 side :

            • how to do the data collection correctly (e.g local only, only send on crash, only send without PII, store only aggregate)
            • how to get informed consent from users (e.g off by default, UX that supports understanding of why it’s done and how)

            I’m genuinely glad that the mindset around privacy have changed since the last few years but I’m wondering how, when it’s a genuinely positive good case (to truly make better products), to do it.

            • @PieMePlenty
              link
              33 months ago

              Your app has a button on its front page. No one ever presses that button. With good telemetry, you will know this and remove the button. The only thing you need to know is how many times each user opens the app and how many times they tapped that button. Crash reports can include the causes of errors. Without this data the app might have that unused button there forever and crash everytime anyone taps the donate button and you wouldnt know why you arent getting any dontaions.

              Telemetry is usually collected on non metered networks. Usually it is opt-out by default, set by the user in the apps settings. Personally, I’d inform the user of this and let them decice on first startup.

  • Rose56
    link
    fedilink
    93 months ago

    I started with their email services many years ago, and today I user their email + free calendar. To be true, they went too much far with all these apps, but as long as it works for them thats fine.

  • bruhSoulz
    link
    fedilink
    English
    83 months ago

    Awesome! Cant wait for their wallet thing to become ready and i hope they have support for many types of coins… also i wish theyd make it so that proton drive work with joplin 😑

  • @cultsuperstar
    link
    33 months ago

    I want to make the jump from Google apps but I can’t because I use GCal heavily and Proton Calendar doesn’t (yet) sync to GCal. I can enter in something in GCal and it’ll appear in Proton Calendar, but I can’t enter in something in Proton Calendar and it shows up in GCal. Hopefully they add that soon.

    • @[email protected]
      link
      fedilink
      03 months ago

      If you want to move away from Google apps, why keep using Google Calendar? Maybe someone has a suggestion for a way to work with it if you say what your continued use case for it is and what kind of limitations you are working with.

      • @cultsuperstar
        link
        53 months ago

        I have shared calendars with family and friends that I need to keep using.

        • @[email protected]
          link
          fedilink
          23 months ago

          Ok. The way I’m set up with my partner is to have two calendars, one on Nextcloud (me) and one on Google Calendar (my partner). We subscribe to each others calendars, and I’m also formatting it the same so it appears to be one. However, we cannot edit each others entries, but for our use case that is not needed, we just need to share certain events between us. So while this is not Proton, I believe the same is doable there.

          I can see how this is not a very practical with multiple people (but potentially doable, it has been set-and-forget in my case), and if you need the ability to edit each others entries, then it is a non-starter.

          • @cultsuperstar
            link
            13 months ago

            Oh gotcha, I see what you’re doing. Samsung Calendar (I use the S24 Ultra) has 2-way syncing with GCal. Everyone else is on iOS and they all have Google accounts so GCal was the easiest way to handle it.

        • GHiLA
          link
          fedilink
          03 months ago

          Then your plan is kinda flawed from the start, eh?

    • macniel
      link
      fedilink
      7
      edit-2
      3 months ago

      It would have only taken you two clicks to see if the source code of proton calendar for mobile devices is released or not.

      spoiler: Yes the code for iOS and android is on GitHub.

        • @SirQuackTheDuck
          link
          -6
          edit-2
          3 months ago

          GitHub has a “clone” button, if you click on that you can get git links to download the code. The http-URL doesn’t require authentication.

          Edit: I misread the comment that it’s about a different app.

    • macniel
      link
      fedilink
      103 months ago

      Yeah I don’t understand why they don’t have a codeberg or similar that they host themselves.

      • @[email protected]
        link
        fedilink
        43 months ago

        How would that help? If you release something as GPL code, you cannot prevent it from being used to train a model, no matter where it’s hosted.

        • @[email protected]
          link
          fedilink
          33 months ago

          There’s a difference between handing something to someone and leaving it somewhere they happen to be able to take it from.

        • @[email protected]
          link
          fedilink
          13 months ago

          Im personally waiting for a massive lawsuit, legally companies cannot train AI on GPL code (at least I don’t believe so)

          • @[email protected]
            link
            fedilink
            33 months ago

            There’s nothing in GPL that would forbid it. Only distribution without code publication is forbidden.

            • macniel
              link
              fedilink
              23 months ago

              mhm, and how would the distribution inside an LLM work? Are those code snippets CoPilot et al produce come with dedicated license sections?

              And regarding how it would help selfhosting the code: it wouldn’t be on the GITHub servers owned by Microsoft, which owns/operates CoPilot. Its akin to feeding the LLM directly by pushing it to their servers.

  • Nihilist
    link
    fedilink
    -12
    edit-2
    3 months ago

    Oh it’s open source? where’s the serverside repositories then

    • Possibly linux
      link
      fedilink
      English
      13 months ago

      If it is running on the server you have no way of verifying the code or the execution environment.

      Theoretically you should now be able to self host proton

        • @[email protected]
          link
          fedilink
          1
          edit-2
          3 months ago

          There is concern amongst critics that it will not always be possible to examine the hardware components on which Trusted Computing relies, the Trusted Platform Module, which is the ultimate hardware system where the core ‘root’ of trust in the platform has to reside.[10] If not implemented correctly, it presents a security risk to overall platform integrity and protected data

          https://en.m.wikipedia.org/wiki/Trusted_Computing

          Literally all TPM’s are proprietary. It’s basically a permanent, unauditable backdoor, that has had numerous issues, like this one (software), or this one (hardware).

          We should move away from them, and other proprietary backdoors that deny users control over there own system, rather than towards them, and instead design apps that don’t need to trust the server, like end to end encryption.

          Also: if software is APGL then they are legally required to give you the source code, behind the server software. Of course, they could just lie, but the problem of ensuring that a server runs certain software also has a legal solution.

              • @[email protected]
                link
                fedilink
                1
                edit-2
                3 months ago

                The whole idea is to be able to build a secure, distributed cloud. The whole network depends on secure enclaves.

                • @[email protected]
                  link
                  fedilink
                  13 months ago

                  I cannot find anything related to that in their documentation, their about page, or their whitepaper.

                  They talk a lot about decentralized computing, but any form of secure enclave or code verification isn’t mentioned.

                  Compare that to this project, which is similar, but incomplete. However, quilibrium uses it’s own language instead of python or javascript, like golem does. The docs for golem do not explain how I am supposed to verify a remote server is actually running my python/javascript code.