we appear to be the first to write up the outrage coherently too. much thanks to the illustrious @self

  • self@awful.systems
    link
    fedilink
    English
    arrow-up
    10
    ·
    5 months ago

    and now, my swing at a secure version of this feature:

    if I receive a message whose content was sourced from the cloud LLM (ie the user activated the feature at any point while writing), instead of pulling the content of the message, protonmail displays a warning that the content of the message was exposed to their servers, and I’m given buttons to either display the message, or delete it and block the sender. if I delete the message and block the sender, protonmail itself sends a message back to the message’s author proving that I deleted the message unopened.

    I’m not kidding, that’s the only secure version of this. that’s the version a privacy-oriented company would have implemented, if they really had to do any of this at all (they didn’t)