I’ve been using skiff. com for sometime, as they claim to be a fully privacy preserving app suite like GApps or proton. One thing I like is they provide 10GB storage even for free accounts, where proton eventhough much bigger provides only 500MB.

But that got me wondering… Are they trustworthy as proton? Is there a chanve they end up being a honeypot? Does data actually gets encrypted before sending to the servers in a trustworthy way?

  • Cheradenine@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    22
    ·
    edit-2
    1 year ago

    I don’t like that you have to use play store to install their apps. ‘Oh, but I use Aurora store’ you say. Doesn’t matter, the email app (the only one I checked) uses the play billing api and firebase installations so on first run it phones home to the mothership.

    Someone pointed that out on the other site, and the owner jumped in and said ‘those are disabled’. Then someone else posted firewall logs.

    Edit: I realized that what I wrote in now way answers you question, mea culpa. Tutanota wrote a comparison Here that does though. It seems relatively unbiased, judge for yourself.

    Fwiw I use both Tutanota and Proton. They also have the advantage of being outside of Five Eyes countries.

    Edit: word

    • 𝒍𝒆𝒎𝒂𝒏𝒏
      link
      fedilink
      arrow-up
      6
      ·
      1 year ago

      uses the play billing api and firebase installations so on first run it phones home to the mothership

      Ooh yikes

    • Darth_Vader__@lemmy.worldOP
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      Aurora store doesn’t even work anymore… Btw you can pay using the web interface too? Do we need play billing API?

        • Elektrobank@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          Aurora works but the rate limiting on the anonymous accounts is getting tough. I need to switch accounts multiple times before I can even get one search in

          • Cheradenine@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            I guess I got lucky, I hadn’t used it in a long time and it worked right away after I unblocked the googly from my firewall.

            I just wanted to check Skiff again to see if anything had changed. It was good though, Aurora said I had a few updates, and I thought ’ cool, I can delete those things’. I use Kiss launcher, which I love, but not having everything in front of you I sometimes forget less used apps.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      Both Tutanota and photon mail are proprietary

      Edit: Apparently Tutanota us working on becoming librejs compliant

  • Oliver Lowe@lemmy.sdf.org
    link
    fedilink
    arrow-up
    12
    ·
    1 year ago

    I’ve never heard of Skiff. Beyond studying the protocols and system design, here’s a couple of things off the top of my head to help:

    • Follow the money. Are they charging enough to not be tempted to sell data about their users?
    • Who is in charge? Have leadership demonstrated respect towards their user’s privacy in the past? See their About Us page
    • Read their privacy policy
    • Keep up-to-date. Lots of services start out with good intentions, but over time they get acquired, acqui-hired, big investments… and policies change.
    • Darth_Vader__@lemmy.worldOP
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      I hope they at least are doing the E2EE thing… Last thing I want is to know that they could in fact read the decrypted data…

      Are they open source?

      • Decentralizr@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        https://skiff.com/open-source

        Skiff is pretty good, I switched from proton over as they had a good one year promo and I found it fits better on what I need. The drive and page setup is pretty good too and so is the calendar. Overall I like skiff and they update and add a lot almost weekly. Big fan so far

          • fbsz@lemmy.ml
            link
            fedilink
            arrow-up
            3
            ·
            1 year ago

            Skiff licensed all of it’s apps it at CC-BY-NC-4, why not change it for GPL 3.0 to make it a real free and open source software that respects user’s freedom and mandates the fork to be free and open source. There’s a difference between free software, open source and source available!

            • obosob@feddit.uk
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              I presume the reason they didn’t use GPL3 is because they wanted the attribution and non-commercial clauses offered by CC-BY-NC.

              Not suggesting that they should not prefer to drop those clauses in favour of a copyleft free software licence. but you asked “why not” and losing those clauses is clearly an obvious candidate for why they might not want to.

              • fbsz@lemmy.ml
                link
                fedilink
                arrow-up
                1
                ·
                1 year ago

                A software using CC-BY-NC-4 is not a good option, as it was made for media. If skiff markets itself as open source, it should respect the guidelines of opensource( it’s open source(https://opensource.org/osd/), you can read the 6th rule. It says the software should not be limited for commercial use.)

                • obosob@feddit.uk
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  1 year ago

                  I agree, I’m just answering the why question. Free software licenses don’t have non-commercial clauses and they want an NC clause.