As if I would use a 3rd party to host my bitwarden data.

Eitger 1st party or selfhost. But some unknown 3rd party? Way too risky.

(And Aegis has amazing backup features like backup after changes to accounts.)

Can you export accounts in (encrypted) json?

No company phone = Me using a desktop app for work related 2FA.

Not my problem.

Bitwarden authenticator is free for non-paying customers too.

Google Wallet is not so much a "wallet" for your cards but a way to link your cards to their own payment service, Google Pay.

Both Apple and Google had a lot of problems convincing banks to accept their respective services, and even then many stores still don't support this payment method. A company with the clout and size of Proton has no chance to get their own service widely accepted.

No, Proton specifically has no confirmed association, I agree. So I trust them? No.
I see too many signs, too many people recommending it online, too many all-connected services. For me, this is a recipe for disaster and I’m not here to be lied to my face again.

Not the first time for the very neutral state

According to a Swiss parliamentary investigation, "Swiss intelligence service were aware of and benefited from the Zug-based firm Crypto AG’s involvement in the US-led spying".

More info

On a related note, we have also had people ask us about Proton Mail’s official position regarding the ongoing Palestinian-Israeli conflict and whether working with an Israeli company means we are taking sides in this conflict. The answer is NO. As a Swiss company, we adhere to a policy of strict neutrality

I don’t know about you guys but this is enough for me.

I wouldn't mind not having a native Linux drive client if they didn't block rsync, which used to work, and now does not. What a stupid decision.

The FSF (and RMS himself) wanted an alternative for online payments for ages, without crypto. An anonymous buffer layer between your payment method, like a credit card, and the vendor. I believe something was eventually released but it never took off, because unlike something like a NFC Wallet, vendors would have to natively support GNU's version.

Feels like everyone has forgotten when LastPass was breached, and that was barely three years ago.

Any affected LastPass users storing their 2FA backup codes in with the rest of their login data got a rude awakening.

Anyone who had them separate was at least able to rescue those accounts. But hey do what you like people, I know convenience usually trumps security.

They do advertise direct export, but I’m not sure if that means encrypted json

Definitely supported the Republicans. It was a red flag to hold opinions like this:

Here is our official response, also available on the Mastodon post in the screenshot: Corporate capture of Dems is real. In 2022, we campaigned extensively in the US for anti-trust legislation. Two bills were ready, with bipartisan support. Chuck Schumer (who coincidently has two daughters working as big tech lobbyists) refused to bring the bills for a vote. At a 2024 event covering antitrust remedies, out of all the invited senators, just a single one showed up- JD Vance. By working on the front lines of many policy issues, we have seen the shift between Dems and Republicans over the past decade first hand. Dems had a choice between the progressive wing (Bernie Sanders, etc), versus corporate Dems, but in the end money won and constituents lost. Until corporate Dems are thrown out, the reality is that Republicans remain more likely to tackle Big Tech abuses.

He's not wrong about the Democrat party choosing the establishment over the progressive wing, but the idea that he supports the Republicans as being more likely to reign in tech companies is so laughable it's not even funny, and makes you wonder why Andy Yen believes it.

What other commenters have said before though is true: aside from this incident with the CEO, Proton has been careful to stay politically neutral and on message... It damaged their public trust but didn't destroy it.

I started using Curve since I swapped to Graphene. Upsides: it's not google and it works fine. Downsides: it's a free as in beer app that (I assume) is selling my data.

I've read that Monzo used to have their own NFC payment app, but it looks like that isn't around anymore and they just integrate with Google Pay now. If anyone knows more about it I would love to hear it.

How? BitWarden has great 2FA, but is also a password manager with good integrations, group sharing, etc. Plus when you log in with it, it auto-copies the 2fa to clipboard.

Assuming you've used both, so what does Aegis bring to the table? Wondering if I should try it.

2fa is free

I think you are referring to GNU Taler.

It recently started operating in a kind of open beta in Switzerland https://news.itsfoss.com/gnu-taler-swiss-operations/

I wish there was a good alternative to YouTube. I've been meaning to host a Peertube instance but that process is really not as straightforward as it should be if they want the platform to gain widespread adoption

Google Maps has pretty decent alternatives though:

• For simply browsing the map I use OpenStreetMaps on desktop, and Organic Maps on mobile.
• For navigation (by car) I used to use Waze (which is also owned by Google), but I've switched back to good ol' TomTom

As for iPhone.. personally I have a Google Pixel which I'm going to keep using till I can't anymore. After that I'm probably switching to Fairphone. They're a European company and their phones are right up my alley

For the same reason you usually shouldnt store 2FA in the passwordmanager.
Besides that Aegis has some features like automated (encrypted) backups when accounts are removed/added.
Also can use multiple different 2FA protocols (even Steam when your phone has root).

There are no very clear reasons to distrust proton, but is it just me that finds them releasing a 2FA app kinda disturbing? Like, why waste the resources? What could they do better than Aegis, which is already FOSS and privacy preserving? If there is no reason, than I have to wonder if the hidden reason is to get more data into their ecosystem. Which a privacy focused company shouldn't care about.

I am probably just paranoid but I don't trust Proton.

Not the first time for the very neutral state

According to a Swiss parliamentary investigation, "Swiss intelligence service were aware of and benefited from the Zug-based firm Crypto AG’s involvement in the US-led spying".

If your concern is that the CIA owns Crypto AG you should take into consideration what their focus is on, are they focused on child predators and gangs or people torrenting movies and music?

Crypto AG and Proton have clashed in the past resulting in this article from Proton;

Is Proton Mail trustworthy? Our thoughts on email trust - Proton Mail Blog | Proton

It’s important to trust your email provider because they safeguard some of your most sensitive data. Should you trust Proton Mail?

Proton (proton.me)

Transparency: You know who runs the company, where they run it from, how they run it, what data they have, how they interact with law enforcement, and much more.

Business model: Their business model (how they make money) is simply having paid users that pay for the service. If they were to breach that trust, then they would no longer be able to sustain themselves.

Competence: They have a team of highly competent people. Most people in their management level have Ph. Ds and they are trusted by many users with heightened security needs. These users include

, Bellingcat etc.

Verified By Third Parties: Proton is still in the process of getting all their apps audited and open sourced. Currently, the ProtonMail iOS app, OpenPGP.js, GoOpenPGP and all the ProtonVPN apps have been audited by Cure53 or SEC Consult and the reports publically available with the source code on github with android and bridge on the way. Furthermore, they have been checked over by the EU and given a 2 million euros of funding that can be used on anything to further their mission with no other obligations.

Legal guarantees: Proton is based in Switzerland, a country with strong privacy protections, and outside the 14 eyes surveillance network. Under Swiss law, they are only permitted to reveal user data if served with a binding legal order from the Swiss government. Sharing data without a legal order is a criminal offense under Article 271 of the Swiss Criminal Code.

Track record: ProtonMail’s creation by scientists who met at CERN (the European Organization for Nuclear Research) is well documented, including on the CERN website. The scientific background of their leadership team can be easily verified by looking at their academic careers and scientific publications.

More info

On a related note, we have also had people ask us about Proton Mail’s official position regarding the ongoing Palestinian-Israeli conflict and whether working with an Israeli company means we are taking sides in this conflict. The answer is NO. As a Swiss company, we adhere to a policy of strict neutrality

In the header of this article you seemed to have glossed over:

UPDATE April 3, 2020: The information in this article is outdated. As of last year, we no longer have any contract with Radware.