from the team:
Hey everyone,
We are now able to share that Proton VPN has successfully passed its 4th consecutive independent audit of our strict no-logs policy, conducted by Securitum, a leading European security auditing company.
Key takeaways from the audit:
- No activity or metadata logs are kept anywhere on our servers.
- No inspection of user traffic occurs.
- Robust administrative and technical controls are in place, including automated configuration management and a dual-control change process.
- The no-logs policy is enforced uniformly across all servers, regions, and subscription tiers.
Don’t trust, verify is not just something we preach, but something we practice, so our no-logs policy has now been verified by independent experts; you don’t have to take our word for it.
📖 Read the full audit report here
Stay safe,
Proton Team
You must log in or # to comment.
Red flags, red flags everywhere
Such as?
Huge Red Flag:
Red flags, they’re everywhere.
Was he not clear about that?
There’s even some in the room with me right now.
Sorry to be a downer, but audits of software that isnt selfhosted are kinda useless. Unless they allow spontaneous unannounced inspection of their infrastructure, they can just do whatever they want after the audit.
The code is open source so feel free to audit it anytime you wish. But the audits are there for a third-party evaluation by actual experts.
The only thing you can truly know is that you exist. Sorry to be a downer
Descartes, chill.
I do not think, therefore I do not am
So would you equate a company that doesn’t do any audits as the same caliber?
Well, would you trust the company that’s actually gone through the audits, or the one that skips them to save money & be cheaper?
Only the one that just open sources their code and encourages people to self host.
You can’t self host a VPN, what would be the point?
You can, I do. The point is to gain encrypted access to my network no matter where you are.
Never the less is your actual point correct.
Well, yes, you can self host a VPN to access your home network, I do that as well. That is not the context for proton et al though, and you can’t self host a privacy VPN.
Lemmy is “self hosted” that doesnt mean every user has their own instance…
That doesn’t mean that instance owners can’t do shady shit. Open source is meaningless when you’re talking about a service provider.
I would trust some real court case where they end up turning up nothing because they have nothing.
