ProtonMail: Important clarifications regarding arrest of climate activist

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Communication systems Openpgp Terminal Email Openpgpjs

SurveyJS
Our great sponsors
  • SurveyJS - Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
Our great sponsors

  • ProtonMail Web Client

    Monorepo hosting the proton web clients

    A counter to this would be to let users deploy their open source client [0] themselves to wherever (as one example, this is something that TermPair implements [1]).

    [0] https://github.com/ProtonMail/WebClients

    [1] https://github.com/cs01/termpair/#static-hosting

  • termpair

    View and control terminals from your browser with end-to-end encryption 🔒

    A counter to this would be to let users deploy their open source client [0] themselves to wherever (as one example, this is something that TermPair implements [1]).

    [0] https://github.com/ProtonMail/WebClients

    [1] https://github.com/cs01/termpair/#static-hosting

  • SurveyJS

    Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.

  • mailvelope

    Browser extension for OpenPGP encryption with Webmail

    Mailvelope ( https://github.com/mailvelope/mailvelope) is an open source extension for Chrome and Firefox that allows users to use openpgp encryption with any webmail provider. Unfortunately, I have only one contact who has corresponded with me with pgp. But two others (both activists) use ProtonMail (my only reason for having an account on the service) -- but not Tor (their ProtonMail use predates the latest "explainer"). At least when it comes to email, I'm going to go out on a limb and say people should _never_ trust it for sensitive communications. Message content itself can be protected by pgp encryption (if people would bother to use it), but there's no watertight way to consistently avoid the kind of relationship mapping that nation states and transnational corporations have been doing for the last two decades. That game is already over, and Big Brother won -- no matter who you use for email.

  • webext-signed-pages

    A browser extension to verify the authenticity (PGP signature) of web pages

    The browser add-on that comes closest is Signed Page[0], and in theory it could provide TOFU level security by requiring the user to opt in to new versions. For unclear reasons, though, the devs seem to be against implementing that.[1]

    Any system for protecting against backdoors assumes that someone is auditing the code to check for user-specific code paths, so the only extra layer of security to add is some sort of Binary Transparency. A good example of that is Sigstore, which is being experimentally integrated with the Arch Linux package ecosystem.[2]

    [0] https://github.com/tasn/webext-signed-pages

    [1] https://github.com/tasn/webext-signed-pages/issues/13

    [2] https://github.com/kpcyrd/pacman-bintrans

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts