[HN Gopher] Private Gmail and Docs alternatives: Proton, Skiff, ...
___________________________________________________________________
Private Gmail and Docs alternatives: Proton, Skiff, and more
Author : janjones
Score : 118 points
Date : 2021-06-25 13:18 UTC (9 hours ago)
(HTM) web link (www.fastcompany.com)
(TXT) w3m dump (www.fastcompany.com)
| ampdepolymerase wrote:
| > _CDRT used to be "outrageously slow" for something like a
| document editor, Milich says, but that's not the case anymore._
|
| What is their trick for this?
| imagine99 wrote:
| I've said this before but I've been waiting for almost five years
| now to switch to Protonmail personally - and with several
| clients, SMEs and startups.
|
| Why haven't I done it?
|
| Well, for one, to this day their pricing and feature structure is
| utterly unattractive, orders of magnitude more expensive than
| competitors (especially Gsuite/Google Workspace and Microsoft
| 365) and thoroughly confusing.
|
| Some examples:
|
| - Want to put your whole family on the "visionary plan"
| (~$350/year)? Tough luck, it's limited to 6 users, so your wife's
| parents are out.
|
| - No multi-user support in tiers below "Professional", i.e. a
| family of 7 (incl. e.g. grandma) pays at least $560 per year.
|
| - Work as a consultant, juggling several projects or startups?
| Tough luck, 2 custom domains and 5 measly aliases included only,
| even on the professional plan (~$90/user)! Also a mere 5 GB of
| storage. Google offered twice that 10 years ago and currently 3x
| - for free. Google's paid accounts include up to 2 TB (!) at that
| price point. As for the custom domains, on my private Gsuite I
| currently run about 10 without problem plus and at least fifty
| aliases (I make new ones for many services I sign up for, my #1
| spam-avoidance trick). Even if I wanted, I couldn't switch
| without losing a ton of functionality, security and convenience.
| Getting most of this in Protonmail would probably cost me an eye-
| watering additional ~$360 - per user!
|
| What on earth is their value proposition? Switzerland +
| encryption, okay, all well and good. Happy to pay _some_ extra
| money for that. But not more than _10 times_ the amount a user
| costs on Google Workspace.
|
| They also have no discounts, let alone free accounts for EDU or
| NGOs which makes it hard _very_ hard to convince any of these
| orgs to switch there seeing as they get a lot more value from
| Google Workspace or Microsoft 365, completely for free - and
| these companies know that people will be more likely to privately
| sign up for Gmail, Office etc. if they use it at work or at
| school all day.
|
| Bottom-line, I've longed for a service like Protonmail for almost
| half a decade now but at least the people and companies I work
| with don't want to pay close to what they're asking and are not
| willing to be nickel-and-dimed for something trivial like
| aliases, a catch-all address or a reasonable amount of storage (2
| TB would cost ~$21,500 per year on Protonmail, according to their
| published price list!!).
|
| From statements of their management I suspect that they're trying
| to manage (and limit) growth and thus have positioned their
| product in a way that makes it a premium/high-end offer,
| certainly without the goal of getting "everyone" to switch to
| them. The price and feature/addon policy makes it extremely
| difficult to convince anybody to switch for whom privacy and
| encryption is "nice to have" but not worth $$$.
|
| I am a bit frustrated by this and have been for a long time.
|
| Here's to hoping that a competitor appears and offers a more
| attractive bundle. Or that they finally get together a growth
| plan or funding that allows them to reduce costs and scale to
| more customers quickly.
| bredren wrote:
| Is the pricing really too high or just lacking in subsidy due
| to monetization of your data?
| sgrove wrote:
| Depending on your use case - specifically for notes - Serenity
| notes [0] might fill the niche: * End to end
| encrypted * Fully collaborative via CRDTs * Mobile
| clients
|
| They have some ideas to incorporate zero-knowledge proofs to even
| remove some of the metadata that leaks from watch encrypted data
| move around. There was a talk earlier today at worker.sh on how
| it works and their ambitions [1].
|
| Next Wednesday they'll have a very technical deep dive into all
| the inner workings https://www.meetup.com/Security-Meetup-by-SBA-
| Research/event...
|
| And I believe the source is available if you care to audit it
| yourself!
|
| [0]: https://www.serenity.re/en/notes
|
| [1]: https://youtu.be/3p1uQ4Fzilk?t=6344
| yewenjie wrote:
| Is there some webextension and/or email provider that supports
| quickly creating calendar events to CalDAV servers?
| gnicholas wrote:
| Does anyone know if Skiff uses canvas-based rendering? I heard
| that Google Docs is moving toward a canvas-based rendering
| system, which will prevent some Chrome extensions (including my
| own accessibility extension) from working on Docs.
|
| It would be great to know if Skiff could be an alternative for
| folks who rely on extensions to make document creation/editing
| more enjoyable and accessible.
| bhl wrote:
| Skiff uses https://github.com/chanzuckerberg/czi-prosemirror
| last time I checked, which just uses the DOM.
| danaris wrote:
| Not only that, it breaks browser-native search functionality--
| and apparently replaces it with nothing, at least on Safari,
| where they've removed the standard search option entirely.
|
| _Strangely enough_ , the in-Google-Doc search function works
| just fine on Chrome.
|
| I recognize that it sounds somewhat paranoid, but I strongly
| suspect this is a deliberate attempt to push people to use
| Chrome over other browsers.
| tut-urut-utut wrote:
| Wow, page talking about privacy that get 44% of the page blocked
| by AdBlock Origin. There are so many trackers that I had to
| scroll the list to see everything that is blocked.
|
| I'm not even sure I want to check the actual content anymore.
| andai wrote:
| Ah, but this is how everybody does things now! An article is
| text, maybe some images, and of course 20MB of JavaScript
| spyware.
| mark_l_watson wrote:
| I don't really use ProtonMail calendar, but I like the email and
| VPN functionality. I run the ProtonBridge on my laptop just in
| case I need to search my email. I can't search my ProtonMail on
| my phone ( except subject lines), and that is OK. I use Apple's
| calendar.
|
| Apple has hinted at privacy enhanced email with personal domain
| names. I am not sure what will happen there. I will stay a paying
| ProtonMail customer but I really hope iCloud+ gets more secure
| services.
|
| I keep medical records and tax notes in encrypted Apple Pages
| documents. I think the encryption is good enough for me.
| eterps wrote:
| It's weird that Skiff still represent documents in pages. I guess
| most tech workers make a hardcopy of a document once or twice a
| year (or even less?).
| aamarks97 wrote:
| I haven't printed a document in 3 or 4 years. Don't think I'll
| ever own a printer
| 12ian34 wrote:
| >To truly take on the likes of Google, they need to build
| ecosystems instead of just one unique service.
|
| I'd like to see this leverage decentralisation and/or open
| standards rather than see each of these companies building
| interoperable walled gardens. I think this dream is unlikely
| because sadly it's less obvious as an option for monetisation
| which, at the end of the day, is why each of these companies
| exist.
| twodayslate wrote:
| What alternative has a customizable priority inbox like Gmail?
| Priority inbox is essential to my workflow and is the main reason
| I won't switch away from Gmail. I have my unread messages on top,
| drafts, then everything else.
| actuator wrote:
| E2E is mentioned in the article as a target for few of the
| alternatives mentioned but how do you trust these companies to
| build the E2E tech safely unless it is open and if not E2E, I
| would trust them way less than big companies like Google to keep
| my data safe as data security is hard. Almost every other day
| some service gets breached.
|
| If ads on Gmail are a concern, it is mentioned briefly in the
| article, you can get Google Workspace for yourself as a single
| user. It is way cheaper than the alternatives as well and after
| trying out Hey last year, I personally prefer Gmail.
|
| Here is an excerpt from Google's workspace page
| (https://workspace.google.com/security):
|
| > No ads, ever. Google does not collect, scan, or use your data
| in Google Workspace services for advertising purposes and we do
| not display ads in Google Workspace. We use your data to provide
| Google Workspace services, and for system support, such as spam
| filtering, virus detection, spell-checking, capacity planning,
| traffic routing, and the ability to search for emails and files
| within an individual account.
| mark_l_watson wrote:
| I used to do this, but stopped. The deal breaker for me was
| that I use my personal gmail account to buy Google Play books,
| TV shows, and movies. I have YouTube subscriptions. Etc... I
| found switching between Google accounts irritated me.
| MiddleEndian wrote:
| Google has always been really weird with accounts. Back when
| they were still pushing Google+, I could not register with my
| Google Apps account because it didn't end in @gmail.com lol.
| I have a permanently grandfathered free plan, but if I were
| paying for it and I cared about Google+, I would have been
| pissed.
| meitham wrote:
| Being a customer of Fastmail I had briefly assumed incorrectly
| that fastcompany and fastmail are related and this post was a
| promotion of fastmail!
| prophesi wrote:
| Just wanted to give a quick shoutout to Mailfence[0]. Their
| support team helped me set up DMARC/SPF/DKIM. Their keystore
| makes it easy for non-techies to use PGP, and the tech-savvy are
| free to use their own keys and their own mail client.
|
| [0] https://mailfence.com/
| CA0DA wrote:
| Protonmail still does not have message threading built into the
| mobile app. That seems like a minimum requirement in 2021,
| doesn't it? I don't know how that is still not in there.
| AzzieElbab wrote:
| what is wrong with using encrypted s3 and desktop apps?
| tupac_speedrap wrote:
| The UX on that website more akin to torture than an actual user
| experience. Not only an auto playing video but one that actually
| chases you down the page and I can't block the element because
| I'm on a work laptop.
| leephillips wrote:
| I use a bookmarklet that deletes all fixed elements. I seem to
| be using it on half of the pages I visit these days, because of
| "front end engineers". I don't remember where I got this, but
| it works well:
|
| javascript:let i, elements = document.querySelectorAll('body
| *'); for (i = 0; i < elements.length; i++) {
| if(getComputedStyle(elements[i]).position === 'fixed' ||
| getComputedStyle(elements[i]).position === 'sticky'){
| elements[i].parentNode.removeChild(elements[i]); } }
| alberth wrote:
| It's interesting Proton is featured instead of Fastmail ...
| especially given that Vivaldi (who is featured) has a close
| partnership with Fastmail.
|
| Off topic: I wish Fastmail provided SSO (IdP) services. I want to
| move my small business over to it but lack of SSO is a blocker. I
| guess I'll just continue to use it for personal.
| brongondwana wrote:
| On that off topic... I'm interested to know more about your use
| case. I've been looking at what it would take to integrate SSO
| into Fastmail. You can email me brong at fastmailteam com or
| just comment here if you're happy to respond in public. Thanks!
| alberth wrote:
| Hi Bron
|
| Really appreciate you noticing my comment and responding. I
| really love your company for its values (and it doesn't hurt
| that you have the best webmail interface I've ever used ...
| and I've used them all).
|
| Essentially, I have a small company of 11 employees. All
| remote. We have no on-premise infrastructure, cloud for
| everything. The vast majority of my team use: Github,
| Zendesk, Zoom, and Slack daily.
|
| Whenever I hire a new employee, without SSO (and identity
| management), I have setup a multiple account credentials just
| for that single employee (and off boarding employees to
| deactivate access is a whole bigger issue).
|
| It's not uncommon that an employee of mine might have 8-10
| different username and passwords for all the various systems
| they use daily. Because of differing username or password
| retention policies, the usernames might be different and/or
| the passwords become out of synch because one provider is on
| a 90 day password change when another is on a 60 day password
| change. It's a mess and I'm sure people have sticky notes
| with their username/password written down just to keep up
| with all of their various username/passwords.
|
| By having SSO/IdP provided by our email provider, I can
| eliminate all of these problems. Note: I'm not saying for you
| to accept SSO from a 3rd party - I'm suggesting that Fastmail
| be the Identity Provider (IdP) for my employees so that they
| can use their Fastmail (my domain) account with
| Github/Slack/Zendesk/etc.
|
| Here's some SSO documentation from common 3rd party services
| we use.
|
| Again, thanks so much for considering this. I would LOVE it
| if you became an IdP/SSO provider. Happy to answer any more
| questions.
|
| EDIT: I should mention that I've looked into Okta in the past
| but for sites that don't support SSO, what Okta does is
| essentially a formfill/Lastpass like feature. Which kind of
| makes me uncomfortable. But if Fastmail allow SSO, Okta
| becomes more appealing (though not required)
|
| EDIT2: this might be more heavy weight that you're looking
| for but I know at one time the gold standard for open source
| SSO offerings is OpenAM (it's the forked SSO offering that
| was from Sun back in the day and Sun at the time was the IAM
| leader). https://github.com/OpenIdentityPlatform/OpenAM/
|
| [1] https://docs.github.com/en/github/authenticating-to-
| github/a...
|
| [2] https://slack.com/help/articles/203772216-SAML-single-
| sign-o...
|
| [3] https://support.zendesk.com/hc/en-
| us/articles/203663826-Sing...
| brongondwana wrote:
| ... and on the on-topic, I really do need to get back to
| writing up that blog post idea about the distinction between
| secrecy and privacy. Protonmail definitely does more secrecy
| (with the end-to-end, hidden from themselves encryption, etc) -
| but I suspect that with our (Fastmail's) image proxying and
| standards-based integration with regular tooling that the
| overall balance of usable and effective privacy is more mixed.
| jabroni_salad wrote:
| The privacy community does not really like fastmail. I stick
| with FM because I personally value the service and find it
| reliable, but they aren't zero-knowledge and australia has
| recently had some unfortunate legislation in regards to digital
| privacy.
| fossuser wrote:
| I think Fastmail is more honest - if you're using email and
| communicating with 90% of the rest of the world that uses
| gmail then the 'privacy' provided by proton mail is
| irrelevant.
|
| They're also based in [edit: I thought Protonmail was Russian
| based, but they're not]. I think that's probably worse from a
| country level.
|
| Encrypted email is a bad way to do private communication -
| services that pretend otherwise set off alarms for me.
|
| The main advantage of Fastmail vs. Google is that it's a
| separate service focused on providing you a good experience
| with custom domain support. The business model is not ad
| driven so incentives are more aligned and it lets you leave
| Google services.
|
| The privacy people's faith in proton is misplaced (imo).
| cherrycherry98 wrote:
| Who's based in Russia? Fastmail seems to be Aussie/American
| and Protonmail is Swiss.
| fossuser wrote:
| Ah you're right - not sure why I thought that Protonmail
| was Russian, but they're not.
| mackrevinack wrote:
| i would have gone with fastmail if there was a free tier.
| ive been paying for protonmail for years now even though i
| don't need any of the premium features, but if there ever
| comes a year where i cant pay for whatever reason, its nice
| knowing that my email still work as normal
| cge wrote:
| The major point of Protonmail, I think, is the no-access
| encrypted storage, not E2E-encrypted transit, which it does
| have, but only in limited and, as you point out,
| problematic circumstances.
|
| If your concern is with state-level actors with the ability
| to do mass spying on emails in transit and collection from
| many different providers, then no, Protonmail won't be that
| useful. If your concern is with someone getting access to
| your email archive, possibly years after the emails have
| been sent, then Protonmail does offer something: even if
| its own data storage is compromised, your emails should be
| secure. I suspect the latter is actually a much more common
| problem than the former, as we've seen with data ransoming
| lately.
|
| Unfortunately, Protonmail's implementation is rather
| clunky. I actually would consider using a self-hosted
| system that did something similar: get clear-text emails,
| but immediately encrypt them with a key that the server
| doesn't have the private key for, and still allow searching
| and notifications in some way.
| fossuser wrote:
| Thanks - I think this is a good counter argument.
|
| My personal approach is to treat email as public
| communication and to delete archives aggressively.
|
| I recognize that this isn't something most people do.
| tionis wrote:
| Well if you want custom domain support and reliable mail, I
| can suggest purelymail, very cheap, only mail, reliable non
| bloat service. I switched from protonmail because I like
| using native mail clients and not paying as much.
| allarm wrote:
| > They're also based in Russia?
|
| No, they're based in Australia. They've been blocked in
| Russia recently though.
| gunapologist99 wrote:
| Protonmail is Swiss, not AU. Fastmail is Australian.
| cutthegrass2 wrote:
| Are these alternatives even worth adopting if you're using an
| Android phone?
| soco wrote:
| Why not? The only thing Google mandates on Android is that you
| download them from Google Play (and even that can be worked
| around). Nothing stands in your way to use what you want for
| email or document editing or storage.
| Natsu wrote:
| I assume they mean that you don't gain much privacy from
| Google if you still have one of their phones. See also: the
| location tracking stuff lately.
| spinax wrote:
| Real life +1, Google is used for the basic Android setup
| needs and that's it, all other needs are non-Google services
| (well, technically NewPipe is Youtube because who doesn't
| like a good cat video). One key app most people will want is
| DAVx5: https://www.davx5.com/ (also available on f-droid)
| Bayart wrote:
| I use Protonmail, including on Android, and it's doing fine.
| Albeit I don't do anything fancy, save for some filtering.
| minton wrote:
| My company recently tried to find an alternative to Google
| Workspace.
|
| We looked at Hey and really liked it. However, they lacked a
| calendar and we felt training some of our less technical users
| would be too much effort.
|
| We tried ProtonMail (Business account) but ran into these issues:
| - no shared Calendar - no way to enforce MFA - no way to enforce
| a password policy - no way to forward emails (except manually) so
| we can use Zapier - no way to help employees with password resets
|
| In the end we just stayed with Google as we couldn't find a
| competitor with matching services.
| pjerem wrote:
| It looks like Fastmail checks all your needs (not sure about
| password policy) and it's a fantastic product. It deserves the
| << fast >> in its name and the webmail as well as the calendar
| are really great (and fast, too).
|
| It's one of those rare products you can feel that they have
| been crafted with a lot of love.
| josefresco wrote:
| Did you evaluate Zoho or Office365?
| minton wrote:
| We looked briefly at Zoho but the founder didn't trust the
| brand for whatever reason. Office365 seemed like too much a
| burden on IT to setup and configure everything properly.
|
| Also, we're trying to move away from these "suite" type
| offerings that come with a ton of tools. We just want email
| and calendar.
| bredren wrote:
| Fwiw, zoho's brand logo has needed an update since the crm
| launched. The child blocks don't scream professionalism.
| yonixw wrote:
| I had a similar experience searching for MS Office\Google Docs
| self-hosted alternative. While evaluation ONLYOFFICE, I found
| that they don't have RTL support (for over 4 years:
| https://github.com/ONLYOFFICE/DocumentServer/issues/19)
| forbiddenvoid wrote:
| Curious: Did you evaluate MS Office? I feel like Microsoft gets
| left out of a lot of these conversations because of a cult-like
| 'M$ is bad' culture in SV, but a lot of people I've talked to
| haven't even used or tried their products in years if ever.
| minton wrote:
| We looked at Microsoft's offering, but IT felt the
| administration burden was too high even compared to Google
| Workspace.
| kwanbix wrote:
| I use both. Google Workspace at work and my personal account
| which I got free at the time, and Office 365 Family.
|
| Gapps is very good. It does probably 100% of what 90% of the
| people need. Same for Office.
|
| My only grip with Office is that in Android, the integration
| seems to be less polished than that of Google.
|
| The advantage for Office is the family plan that for about
| 50~100 euros per year gives you 6 accounts. Something similar
| for Google Workspace will be 300~360.
|
| And if you must have office desktop, that is the cheapest
| way.
| yosito wrote:
| Did you look into Nextcloud? If you don't have the expertise to
| maintain it in-house, you might have to pay for a managed
| instance, but it's been a pretty solid replacement for Google
| services for me.
| temp8964 wrote:
| May I ask, what's wrong with using the email service provided by
| your domain / web hosting company? Many times they are free.
| sys_64738 wrote:
| I stick with iCloud myself.
| wishinghand wrote:
| This site has served me well for finding alternatives to
| companies that sell your data: https://switching.software
___________________________________________________________________
(page generated 2021-06-25 23:02 UTC)