lastweakness
- 0 Posts
- 19 Comments
I mean, anybody could verify it by spending a few hours each on the respective games… But yes, any empirical data would be nice. For example, a study on the amount of blatant hackers found on lobbies joined in comparable ranks. Anyway, this isn’t exactly misinformation to anybody who has played both games at any decent rank. It’s unproved but immediately discernible information. Take that how you will, i don’t really intend to argue about this here. This kind of pointless argument is the worst thing about Lemmy.
It just needs to be "owning* in the way physical media without DRM works. That is data too after all. The ability to sell your copy of the data or have your friend borrow.
Yes, DRM-free is the closest thing, never argued otherwise. I’m also not arguing the services offered by GOG are part of “ownership”. The lack of an ability to download a game at any point is just a part of the fact that GOG too is simply licensing in the end. But yes, GOG is still the closest thing to “owning” games. Which is why it sucks that so many titles on GOG have DRM despite the claims btw…
I’m really only arguing one thing: piracy is better than GOG right now in every single way. You don’t have to worry about hidden DRM. You don’t have to worry about account creation bullshit. You don’t have to worry about anything else. You just download, hit play and it works every single time. If I send the copy to a friend, it will still work.
Piracy has always been closer to “owning” than GOG, so GOG should at least have some other tangible benefits over piracy. But right now, they don’t.
At that point, why not buy the game on any platform of your choosing and just pirate it when it stops being accessible on the platform you bought it on? I understand wanting to support GOG, I “own” a lot of games on GOG as well. But it’s not really “owning” even on GOG if at some point, I could lose the ability to download the game.
Any game that isn’t available as a pirated game isn’t going to be on GOG anyway… The problem here is that GOG needs to be better than piracy in any tangible way and right now, that’s not the case. It would be the case for me if GOG Galaxy was available on Linux but it’s not, as one example.
One key aspect that you seem to be missing is that Proton encrypts every mail, including those sent by or sent to unencrypted providers using your pgp key before storing them on the server. This isn’t a case scenario that can be handled without using a bridge. Thunderbird or any other mail client won’t know how to handle that.
What you described only solves the end-to-end encryption portion of the problem Proton is trying to solve. Not zero access.
Yes, mail headers are unencrypted. They never claim otherwise and neither did I. If it were encrypted, it wouldn’t be interoperable, which is something you want it to be as well right? I’ve always been talking about the mail content itself. Unencrypted mail headers don’t make it “not zero access”.
I feel like you’re just not the target audience for Proton. I just use Proton because I’m fine with the web UI and Proton Unlimited is mostly good value for me. I do also pay for Purelymail as i have a few domains and they’ve been wonderful too.
The bridge does the decryption using credentials you give it locally. Sorry for mentioning “auth”. I should have mentioned encryption instead.
Regarding the rest, it comes down to the zero access mailbox encryption’s implementation details. In all described scenarios, you’re not really using your master password as the “key” for your mailbox. But in proton’s and similar services’ case like Tuta, this is true. Any “zero access” service provider offering IMAP access without a bridge is simply lying to you as IMAP (the protocol itself) requires server-side decryption of the content, even if SMTP doesn’t. (Btw, SMTP is really an artificial limitation. Just not IMAP. If they give you smtp access, it wouldn’t send encrypted mails unless specifically configured to do so but would otherwise be the same.)
What you described is encryption at rest, but not zero access encryption (which is what Purelymail does btw).
Whether all this is needed and all depends on your threat model. I think most tech-savvy folks would be happy with something like Purelymail or Migadu tbh…
They can’t do traditional IMAP/SMTP simply because they always do client-side auth rather than tradition server-side auth, which inherently makes them more trustworthy than every other provider that does offer IMAP/SMTP-based provider to whom you always send your passwords in plaintext. This has the added benefit of having at least your own mailbox always be zero access encrypted.
Please don’t use privacytools.io anymore. Use privacyguides.org instead
What Proton is doing to e-mail is about the same that WhatsApp, Messenger and others did to messaging - instead of just using an open protocol like XMPP they opted for their closed thing in order to lock people into their apps.
PGP is not closed. What proton has done is make a really cool JS library for PGP as part of their Web UI (openpgpjs.org) which other projects, even those unrelated to Proton have used, like Mailvelope. They’re also pushing the PGP standard itself to support stuff like post-quantum encryption. So this is really odd to hear as Proton is, without a doubt, the most open and interoperable of all the properly encrypted providers.
Lavabit
With Lavabit, you were simply trusting them mostly blindly on their claims. Yeah it worked out that one time but could have gone very wrong.
Yes, they have it because GDPR does require it.
They’ve had it since far before GDPR took affect. They’ve also had bridge which has always allowed external backups and is in fact real time. They now also support forwarding mails, which should also suffice for your use case.
Open sourcing the server software is desired ofc, but would it really mean a lot for security? Not really. All the relevant bits are already open source. And none of it is really non-standard. But i do still wish for that for the sake of transparency. And yeah i wish they would move away from this almost source-available model.
Regarding SMTP, yeah i agree. But they do provide that through bridge and also for business users based on a per-request basis.
There are definitely a few artificial limitations and stuff that really pisses me off, like the limit on aliases in custom domains and SMTP for normal paid users, but a lot of the talk I’m hearing on lemmy about proton is just FUD.
Cyberpunk 2077 is an actually great game now. Always had the potential to be one, but the devs fucked it up. But at the core, it was still a good game. And then the devs dedicated the time needed to make it actually great. If Starfield becomes the same in a couple of years, what’s wrong with picking it up then? Just don’t pick it up right now.
Alyx is the only reason i ever consider getting into VR. You might be right on everything else, but I do think Alyx is what put VR on the radar for a lot of people like me and i think that’s a considerable shake up.