I’ve been using skiff. com for sometime, as they claim to be a fully privacy preserving app suite like GApps or proton. One thing I like is they provide 10GB storage even for free accounts, where proton eventhough much bigger provides only 500MB.

But that got me wondering… Are they trustworthy as proton? Is there a chanve they end up being a honeypot? Does data actually gets encrypted before sending to the servers in a trustworthy way?

  • Cheradenine@sh.itjust.worksEnglish
    22·
    2 years ago

    I don’t like that you have to use play store to install their apps. ‘Oh, but I use Aurora store’ you say. Doesn’t matter, the email app (the only one I checked) uses the play billing api and firebase installations so on first run it phones home to the mothership.

    Someone pointed that out on the other site, and the owner jumped in and said ‘those are disabled’. Then someone else posted firewall logs.

    Edit: I realized that what I wrote in now way answers you question, mea culpa. Tutanota wrote a comparison Here that does though. It seems relatively unbiased, judge for yourself.

    Fwiw I use both Tutanota and Proton. They also have the advantage of being outside of Five Eyes countries.

    Edit: word

    • 𝒍𝒆𝒎𝒂𝒏𝒏
      6·
      2 years ago

      uses the play billing api and firebase installations so on first run it phones home to the mothership

      Ooh yikes

    • Darth_Vader__@lemmy.worldOP
      3·
      2 years ago

      Aurora store doesn’t even work anymore… Btw you can pay using the web interface too? Do we need play billing API?

        • Elektrobank@lemmy.ml
          1·
          2 years ago

          Aurora works but the rate limiting on the anonymous accounts is getting tough. I need to switch accounts multiple times before I can even get one search in

          • Cheradenine@sh.itjust.worksEnglish
            1·
            2 years ago

            I guess I got lucky, I hadn’t used it in a long time and it worked right away after I unblocked the googly from my firewall.

            I just wanted to check Skiff again to see if anything had changed. It was good though, Aurora said I had a few updates, and I thought ’ cool, I can delete those things’. I use Kiss launcher, which I love, but not having everything in front of you I sometimes forget less used apps.

    • Possibly linux@lemmy.zipEnglish
      1·
      2 years ago

      Both Tutanota and photon mail are proprietary

      Edit: Apparently Tutanota us working on becoming librejs compliant

  • Oliver Lowe@lemmy.sdf.org
    12·
    2 years ago

    I’ve never heard of Skiff. Beyond studying the protocols and system design, here’s a couple of things off the top of my head to help:

    • Follow the money. Are they charging enough to not be tempted to sell data about their users?
    • Who is in charge? Have leadership demonstrated respect towards their user’s privacy in the past? See their About Us page
    • Read their privacy policy
    • Keep up-to-date. Lots of services start out with good intentions, but over time they get acquired, acqui-hired, big investments… and policies change.
    • Darth_Vader__@lemmy.worldOP
      2·
      2 years ago

      I hope they at least are doing the E2EE thing… Last thing I want is to know that they could in fact read the decrypted data…

      Are they open source?

      • Decentralizr@lemmy.world
        1·
        2 years ago

        https://skiff.com/open-source

        Skiff is pretty good, I switched from proton over as they had a good one year promo and I found it fits better on what I need. The drive and page setup is pretty good too and so is the calendar. Overall I like skiff and they update and add a lot almost weekly. Big fan so far

          • fbsz@lemmy.ml
            3·
            2 years ago

            Skiff licensed all of it’s apps it at CC-BY-NC-4, why not change it for GPL 3.0 to make it a real free and open source software that respects user’s freedom and mandates the fork to be free and open source. There’s a difference between free software, open source and source available!

            • obosob@feddit.ukEnglish
              1·
              2 years ago

              I presume the reason they didn’t use GPL3 is because they wanted the attribution and non-commercial clauses offered by CC-BY-NC.

              Not suggesting that they should not prefer to drop those clauses in favour of a copyleft free software licence. but you asked “why not” and losing those clauses is clearly an obvious candidate for why they might not want to.

              • fbsz@lemmy.ml
                1·
                2 years ago

                A software using CC-BY-NC-4 is not a good option, as it was made for media. If skiff markets itself as open source, it should respect the guidelines of opensource( it’s open source(https://opensource.org/osd/), you can read the 6th rule. It says the software should not be limited for commercial use.)

                • obosob@feddit.ukEnglish
                  1·
                  2 years ago

                  I agree, I’m just answering the why question. Free software licenses don’t have non-commercial clauses and they want an NC clause.