cross-posted from: https://lemmy.dbzer0.com/post/50693956
Transcript
A post by [object Object] (@[email protected]) saying: courtesy of @[email protected], Proton is now the only privacy vendor I know of that vibe codes its apps: In the single most damning thing I can say about Proton in 2025, the Proton GitHub repository has a “cursorrules” file. They’re vibe-coding their public systems. Much secure! I am once again begging anyone who will listen to get off of Proton as soon as reasonably possible, and to avoid their new (terrible) apps in any case. https://circumstances.run/@davidgerard/114961415946154957
It has a reply by the author saying: in an unsurprising update for those familiar with how Proton operates, they silently rewrote their monorepo’s history to purge .cursor and hide that they were vibe coding: https://github.com/ProtonMail/WebClients/tree/2a5e2ad4db0c84f39050bf2353c944a96d38e07f
given the utter lack of communication from Proton on this, I can only guess they’ve extracted .cursor into an external repository and continue to use it out of sight of the public
@sunzu2 it feels janky as hell, it’s missing advanced features (someone in the other thread asked about Sieve filters), and it doesn’t support non-Tuta clients. their development cycle is so slow I can’t count on any of these features cropping up anytime soon.
with those criticisms in mind, Tuta’s still approximately the only credible choice remaining for threat models where end-to-end encryption is important. we desperately need better fully open source options for this.