this post was submitted on 25 Sep 2024
837 points (99.6% liked)

Privacy

32177 readers
491 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] acockworkorange@mander.xyz 220 points 2 months ago (3 children)

It took me going to their GitHub to find out, but it’s GPL 3.

[–] barkingspiders@infosec.pub 64 points 2 months ago

really appreciate you reporting back, thanks for sharing!

[–] sunzu2@thebrainbin.org 49 points 2 months ago (3 children)

What does this mean practically

[–] TheImpressiveX@lemmy.ml 107 points 2 months ago (3 children)

It means it can't ever become proprietary closed-source software (not without a major lawsuit).

[–] ambitiousslab@lemmy.ml 58 points 2 months ago* (last edited 2 months ago) (1 children)

Any new open source software is always a net positive.

But, there are a few small caveats to the way they've done it (depending on how cynical/cautious you are):

  • Because Proton are not accepting contributions, they own all the copyright, so can make the code closed source again if they want to (that wouldn't affect the already released versions, but future versions)
  • They could likely take down any derivative on iOS, since Apple will always take instruction from the copyright holder, for GPL'd code
  • Since the builds are not reproducible, there's no guarantee that the binaries they distribute are built from the source code
[–] EveryMuffinIsNowEncrypted@lemmy.blahaj.zone 22 points 2 months ago (2 children)
  • "Because Proton are not accepting contributions, they own all the copyright, so can make the code closed source again if they want to (that wouldn’t affect the already released versions, but future versions)"

They can't do that actually. They can close the source, yes, but if they do they can't then release the new closed-source version to the public.

From the GPL FAQ page:

Does the GPL require that source code of modified versions be posted to the public?

The GPL does not require you to release your modified version, or any part of it. You are free to make modifications and use them privately, without ever releasing them. This applies to organizations (including companies), too; an organization can make a modified version and use it internally without ever releasing it outside the organization.

But if you release the modified version to the public in some way, the GPL requires you to make the modified source code available to the program's users, under the GPL. [Emboldened by me.]

Alternatively:

Can the developer of a program who distributed it under the GPL later license it to another party for exclusive use?

No, because the public already has the right to use the program under the GPL, and this right cannot be withdrawn.

  • "They could likely take down any derivative on iOS, since Apple will always take instruction from the copyright holder, for GPL’d code"

Does the license prohibit this? Definitely. Could they get away with it? Probably. Though I'm uncertain Proton would go that far. I mean, if they wanted to prevent forks, they wouldn't have released the source, let alone with the GPL3 license, which requires the right to make modifications (as that's one of the Four Freedoms).

  • "Since the builds are not reproducible, there’s no guarantee that the binaries they distribute are built from the source code"

Technically true, I suppose, though again why they would do that is beyond me. If they didn't want forks, they likely wouldn't have allowed forks.

 

Again, this is all assuming I'm understanding the GPL FAQ page correctly. If I'm wrong, I would welcome someone smarter than me to correct me. :)

[–] AwakenedAce@lemmy.blahaj.zone 19 points 2 months ago (4 children)

The way I understand it is that they can relicense it and then publish it if they want, but the GPL would still fully apply to the previous versions.

The first question you cited seems to refer to any different organisation/individual making changes to the source code. And the second seems to refer to revoking the GPL for an already released version, which they would of course not be allowed to do.

This would make sense as ownership of the copyright would supersede a license.

load more comments (4 replies)
[–] acockworkorange@mander.xyz 8 points 2 months ago

IANAL, but AFAIK that’s incorrect. If you’re the only copyright holder, you can issue multiple licenses for your work. GPL doesn’t allow you to rescind previous issues, so anyone in possession of your GPL code can still modify and release it under the GPL freely. But it doesn’t prevent you from issuing your own work under a different license.

There isn’t usually much economic sense for most applications to do that because anyone can fork the project and distribute it for free. For Proton, since they still hold the server as closed source, they could simply introduce a breaking protocol change and all the forks would be useless.

load more comments (1 replies)
[–] bdonvr@thelemmy.club 54 points 2 months ago

It's pretty much not reversible and the code is free to use, modify, and distribute forever. And if you do modify it you also must make those changes open source.

Very good news

[–] Mwa@lemm.ee 12 points 2 months ago (2 children)

gpl v3 you can do pretty much anything but you have to put it the same license but it has like drm protections and Anti-Tivoization and also has some patent protections people find this license too strict

load more comments (2 replies)
[–] yogthos@lemmy.ml 6 points 2 months ago (4 children)

Why the but? GPL 3 is the correct license to use for open source projects to ensure they stay open and corps don't freeload on them.

[–] acockworkorange@mander.xyz 8 points 2 months ago (5 children)

English isn’t my first language. I share your opinion regarding the license. Which connector would you use instead of “but” to indicate that you succeeded in your efforts even though it was harder you thought it would be?

[–] 0ops@lemm.ee 9 points 2 months ago (2 children)

English is my only language, and yours looks fine to me. I thought it was pretty clear from the first comment that the "but" indicated success despite difficulties, and as you clarified that's exactly what you meant.

load more comments (2 replies)
load more comments (4 replies)
load more comments (3 replies)
[–] lupec@lemm.ee 119 points 2 months ago* (last edited 2 months ago) (2 children)

Very nice, I do hope that helps us finally get a Linux version sometime soon lol

[–] Toribor@corndog.social 25 points 2 months ago

Feels like this would be a bigger win for them than a lot of other companies. The people interested in privacy focused alternative to the Google/Microsoft/Apple offerings probably have a lot of overlap with Linux users.

[–] lemmyvore@feddit.nl 8 points 2 months ago (1 children)

I believe that rclone already has Proton Drive support.

[–] lupec@lemm.ee 6 points 2 months ago

It does, yeah. Still, having access to the official client too would be nice.

[–] Mwa@lemm.ee 36 points 2 months ago (3 children)

sad its on github but am not complaining much

[–] pyre@lemmy.world 13 points 2 months ago (4 children)

can you educate me a bit about what's wrong with that?

[–] Mwa@lemm.ee 36 points 2 months ago* (last edited 2 months ago) (1 children)

bcs github is owned by microsoft its not that private nor open source(like git)

[–] pyre@lemmy.world 7 points 2 months ago (1 children)

wow didn't even know that. they certainly are hiding it well.

load more comments (3 replies)
[–] Agent641@lemmy.world 5 points 2 months ago

You people are never satisfied!

[–] franiis@lemmy.world 33 points 2 months ago (1 children)

Will they be now on FDroid? I think only one Proton app is there and it's a little bit sad.

[–] piracysails@lemm.ee 23 points 2 months ago (1 children)

Proton VPN and proton pass

IRRC they even removed all telemetry from pass but not VPN.

They should definitely push drive and calendar there too.

[–] sudoer777@lemmy.ml 5 points 2 months ago (3 children)

Why the fuck does their VPN have telemetry?

[–] loutr@sh.itjust.works 13 points 2 months ago

Telemetry is not bad in itself. It can be used for bug/crash reports, or usage statistics, without tracking or personal data collection.

load more comments (1 replies)
[–] roserose56@lemmy.ca 10 points 2 months ago

I started with their email services many years ago, and today I user their email + free calendar. To be true, they went too much far with all these apps, but as long as it works for them thats fine.

[–] bruhsoulz@lemmy.ml 8 points 2 months ago (1 children)

Awesome! Cant wait for their wallet thing to become ready and i hope they have support for many types of coins.. also i wish theyd make it so that proton drive work with joplin 😑

[–] ReversalHatchery@beehaw.org 5 points 2 months ago (1 children)

they can only support one coin legally. for details check out the Opt Out podcasts's episode about this topic

[–] june@lemmy.dbzer0.com 6 points 2 months ago (1 children)

Can you give a summary of why that is?

load more comments (1 replies)
load more comments
view more: next ›