is proton still a viable alternative?

Yes. If you don't agree with the CEO, keep in mind that he is not the owner, they moved to a nonprofit structure. Proton's CEO is not the first one saying stupid things, the same happened with Mozilla, Brave, and perhaps many other reputable groups.

Proton products are good, IMHO the layout is OK.

It's good, but not the only one. If you don't feel comfortable with Proton, go to Mailbox.org, Posteo, Tuta. They are smaller, with less products on their portfolio, but reputable and as good as Proton.

I don't get why people hate companies based on one person instead of the company as a whole.

Well the company's board has a choice on who represents them and what their values are as a whole.

If the company thought that this person (CEO on this case) doesn't represent their values effectively they can remove them.

At this point I'd take another look for alternatives to avoid throwing money at this particular CEO clown.

Yeah - mostly was the hope of this post to see what others you put up.

I had looked at tuta but I'm looking to be able to move my digital workspace (email, calendar, storage, docs, etc) over.
- FWIW, tuta offers email, calendar and contacts. That's a good part of it sorted out.
  
  For storage, if you're not up for self hosting Seafile or Nextcloud, look at https://filen.io/
  
  Or, check out https://disroot.org/en which has email, storage, calendar and contacts.
  
  AFAIK none of the above have office suites like you might expect coming from Google or Microsoft, but in my experience installing LibreOffice on your local machine solves that. Not everything needs to run in a browser.

Privacy Guides.org

This is a great site to see recommended products for use like proton and their alternatives.

While Proton does offer a lot of services that are useful, some people dont want to put all their eggs in one basket and use various products together.

Technically, yes.
IF you're worried about the CEO, go for Tuta.

Politics aside, the OpenPGPjs library would be a viable alternative with a client side checksum program, but sure enough, the builds are reproducible.

Until then, this isn't even technically true.

For example, you can't import your emails with the POP3 so when your mailbox gets full you can't even pay for one month and download them all while deleting them from the server.

It isn't usable for free accounts and there was pre-4.0 a cult-like trend on the support subreddit to disclose your tier. I'm not aware of any moderation post, or note, asking users to stop this practice (u/ProtonMail was listed as a mod account).

Apart from the CEO, I've been a bit concerned with the number of outages recently with quite poor and inconsistent communication or updates - not especially long outages but made much more stressful. There's something really off about the way they communicate things I've found. So that combined with the idiot CEO has made me start the process of moving away from Proton, I don't trust them any more.

I think the best strategy is to spread thinly, don't become reliant on any one provider.

I have to say I found this article insightful: "Does Proton really support Trump? A deeper analysis (and surprising findings)"

It inclines me to give him the benefit of the doubt. He clearly got stuck trying to make his point and at some point just stopped explaining. My feeling was that that was good decision because he stopped digging a deeper hole.

got stuck trying to make his point and at some point just stopped explaining.

Oof, super been there before
This is a great write up on an absolute storm in a teacup

Eh, ACAB: All CEOs Are Bastards. Tim Apple attended Trump’s inauguration.

That's a good point people here are getting bent out of shape a out proton CEO lapring Maga but will continue to use their iPhone or android, no questions asked 🤡
- People hate society yet they exist in society. 🧐
- But the difference is we all have a choice of an email provider, whereas people are socially expected to have a smartphone these days and those are pretty much the two viable choices.
- And at least with android devices you have the choice to move to a different OS and opt into more FOSS alternatives

If you are going to spend time and money migrating to another service, choosing one that seems to be headed in the wrong direction seems ill-adviced.

European-alternatives.eu seems like a good resource to find alternative services.

Personally I am waiting to see if Murena.com restores their nextcloud offering, as I am planning to move to /e/OS on my phone again and wouldn't mind sending a little money their way. I'm not into hypersecurity though, if you have very particular needs others will have better insights. For me having it hosted in the EU is good enough.

They look pretty good; I can't tell from their site of they offer custom domain support for email.

I think that there are several things to consider here:

Is is usable software? Yes
Is the company trustworthy? In my opinion not, a MAGA CEO is a security risk when you take a look at what is happening in the USA right now.
Does it feel good to support a MAGA CEO? No

It’s worth it for sure. The product suite and convenience is really “the only” option for that price and while many seem to thing that proton is ready to sell out to American big tech, they won’t, simply because you can’t sell a non-profit organisation.

Tuta is decent email, but terrible UI.

OpenAI is a non-profit too...

I'm quite happy with the products. Not as happy with the company after the event you mentioned. I upgraded my plan not long before that happened (they had a pretty good deal going) so I will stay with them for now but I will need to consider what to do once the prepaid time is up.

I think Proton still offer a strong UX and great privacy, what are your main worries ?

Proton recently admitted they were impacted by Cloudflare outages cause they route a lot of their traffic through US servers using Cloudflare.

Almost no one (like prob 0.1% of users) would ever have the time & knowledge to check for changes in JavaScript that might be different for them vs others, plus some of those would be routine updates, A/B testing, etc. If Proton wants to get your data all they have to do is change the JS sent to you or small portion of users, and it is very likely no one will ever notice.

Many Proton services will get updates that are not pushed to the open source branch for several weeks.

Proton disallows free accounts from using things like their Desktop Mail app without a paid account.

Many Proton services are unnecessarily geared towards ecosystem lock-in, when the security can be achieved in other ways.

Those are to name a few.
- Looks bad, but what about the other mainstream options such as Tuta ?
  
  True but I do think it will get noticed pretty quickly but probably not fast enough.
  
  For weeks ? I know new products are always proprietary closed beta but didn't knew that...
  
  I think it's pretty fair as it is a freemium service, paid user needs to get rewarded for paying.
  
  Yeah I prefer to endorse free and open solution rather than closed garden wall, even if they are published under open source licence, but in the other hand It seens like there is a demand from the market for a privacy-respecting ecosystem that offer a similar experience to Google for exemple.
  
  There is no such thing as a perfect solution or perfect security. Depending on your threat model I do think Proton isn't a bad option, maybe it's not the best but as of today all the honeypot claims seems to be simply FUD. Your worries are legit but I'm pretty sure you can have similar worries for other products that you use and feel safe using them.

I'm tired but:

you'd need to compare the checksums of their web-based cryptography at every login,
you could use their bridge but you'd need to give your OpenPGP passphrase to change your settings, for no reason
they have the CIA at their administration council,
they have an history of unethical behavior toward Twitter survivors,
they have an history of spreading conspiracy theories,
they have an history of contacting hosting providers asking them to remove blog posts,
they didn't share the Lavabit fundraiser so they could get quietly issued a US National Security Letter (overriding the First Amendment and preventing Ladar from appealing),
they can access to your entire mailbox anyway, not just to the email contents,
this has enabled the arrest of Social and Climatic Justice activists, they replied they couldn't resist a Swiss court order (so that's not their fault I guess, the tech is just bad)…

Why would you trust them for your opsec, and why would you enable them further?

Alternatives include Disroot, Nubo, and Zaclys.

#Proton #ProtonMail

Do you have sources for all of this?!
- Tired. In auto-pilot mode for the last 3 hours.
  
  Part of it is based on the OpenPGP standard itself, e.g. you only need the passphrase to decrypt your emails, not to encrypt them and certainly not to change your settings.
  
  Part of it is based on experience.
  
  Part of it actually needs a few sources; the Lavabit part is speculative but solid, there are bread crumbs all over the web.
For being tired this outlined a lot of great points and good alternatives. Nubo has my eye and I'm going to look into starting the process with them.
- Nubo sounds good. However, I'm closer and closer to buying a mini PC and simply self-gosting Nextcloud. I feel that is the only way to be really sure I own my data and not get disillusioned/disappointed in some way by some of these companies.

maybe not important to some, but I was super-unpleasantly surprised a couple months ago because proton deleted my dormant account. my recovery account received a couple of warning emails (didn't check that one in ages) and when I finally got around to it, gone.

so if you're thinking of using it for anything long-term, know that you have to log in once in a while or it's gone.

Pretty sure that's just for the free tier accounts, but I could be wrong.

Not giving my business to a Trump supporter.