a novel technique they call “oracle trilateration.”

Novel? This is basic geometry. If you can get the distance of a user from multiple locations, then it’s trivial to get their exact location.

Data protection policies might be different, as well. ProtonMail, for example, uses end-to-end encryption for email bodies, but does not encrypt metadata, which includes the sender, recipient, and the rest of the email headers.

There are a few ways this could work, but it hardly seems worth the effort if it’s not phoning home.

They could have an on-device database of red flags and use on-device voice recognition against that database. But then what? Pop up a “scam likely” screen while you’re already mid-call? Maybe include an option to report scams back to Google with a transcript? I guess that could be useful.

Any more more than that would be a privacy nightmare. I don’t want Google’s AI deciding which of my conversations are private and which get sent back to Google. Any non-zero false positive rate would simply be unacceptable.

Maybe this is the first look at a new cat and mouse game: AI to detect AI-generated voices? AI-generated voice scams are already out there in the wild and will only become more common as time goes on.

they need plaintext because they send you a recovery code or a support ticket

Sure, but we’re talking about architectural choices. It is Proton’s choice to use that system; it is not required for the goal of account recovery.

They could avoid storing the recovery email in plaintext. A hash would be sufficient if they require the user to enter their recovery email for confirmation when they really need to recover the account.

For an ostensibly privacy-oriented service, Proton makes some weird architectural choices.

Somehow TV and print media functioned on advertising without such invasion for decades. Online publishing is much much cheaper than print publishing. And some of the biggest companies in the world, like Facebook and Google, make heaps off advertising. I don’t buy this argument at all. The exchange of value is overwhelmingly, unprecedentedly tilted toward advertisers. It is beyond reason.

I’m also interested in hearing Proton users’ experience. On paper it looks like an okay deal, but you could get a similar suite of services from Posteo + iDrive + Mullvad + BitWarden for cheaper and not end up locked into an “ecosystem”.

However, there is legitimate value in combining email and drive space. Posteo only gives you 2GB for email, and their upgrades are rather expensive.

Also, Mullvad might not be equivalent since they axed the port forwarding feature a while back, making BitTorrent only kind-of usable (incoming connections will not work).

There’s a balance between principles and practicality and for a lot of people it just hasn’t tipped yet. I’m kind of in that boat myself.

On principle, I’d like to eliminate Google from my life entirely.

In practice, there is no good alternative to Google Maps. I’ve tried a bunch of OSM-based apps and they’re just not there yet. So I use Google Maps. Not happy about it, but I still use it.