This makes me 😭
UPDATE: Thanks @nekusoul@lemmy.nekusoul.de for this update: The issue has now been commented on and was closed by the maintainer, where they explained why those blocks would be nonsense. But it appears the OP wants to still talk with maintainer privately about it.
If a website won’t allow me to register with my protonmail , I will just not used that website.
Yep.
I’ve already run into a few. I mentally thank them for preventing me from wasting my time and money with them.
Is this going to be the response every time this shit happens until we’re all just sitting on Lemmy twiddling our thumbs? The arrogance feels like it’s downplaying the seriousness of the problem, and it’s annoying to see it recited so much.
In a lot of cases, you may not have a choice of using the site or not. In cases where you do have a choice, eventually most if not all the alternatives can do the same shit if it becomes normalized.
API is letting these types of filter lists become shared easily, too. Sites may not even make a conscious decision to filter out proton, it may just happen because their filters are pulling from lists like this.
The problem is the trend. And try as you may, you can not fully escape that.
Well sometimes those websites ask you to register because you are buying something so they will loose me as a customer. Also even if I complain most companies dont care about privacy so I prefer to use my wallet as a way for this companies to listen my voice.
Use a custom domain on Protonmail (which includes Simplelogin) and you won’t have any issues. It’s a grand total of $5 per year for the domain.
Use a temporary email every time you use the website. Clog their mailing lists full of garbage. Make their metrics lie to them
deleted
Same. That said, sometimes it’s a config error. I sent a very annoyed email to a website that didn’t work on Firefox, only for them to tell me that it was a bug and that they fixed it.
Yep what a wild thing, to try and filter email domains so they can try and find “fake” providers
And since people won’t use the website, the website won’t use the list. So the list would be useless.
The maintainer seems to have followed the same interpretation, weighing legitimate use against spam use. This is the official response to the issue as of 8h ago:Dear Contributors,
We value your suggestions for expanding our list of disposable email providers. Your input is crucial in enhancing our tool’s capabilities.
Decision on Gmail and ProtonMail Inclusion
After thorough evaluation, we have resolved not to include Gmail and ProtonMail in our list. Our rationale is based on the following technical and operational considerations:
1. **Reputation and Reliability** * **Gmail and ProtonMail**: Established, reputable providers with a high trust level for personal and professional communication. * **Distinction**: Unlike typical disposable email services, they offer long-term, reliable email solutions. 2. **Active Abuse and Spam Prevention Mechanisms** * **Effective Systems**: Both providers have robust mechanisms to detect and mitigate abuse and spam. * **Proactive Monitoring**: Ensures a secure email environment, reducing the prevalence of malicious activities. 3. **Commercial Intent of Typical Disposable Email Providers** * **Focus**: Targeting providers driven by ad revenue, facilitating spam/abuse. * **Gmail and ProtonMail's Model**: User-centric, not primarily ad-driven. 4. **Domain Limitations** * **Effectiveness**: Limited domain offerings by Gmail and ProtonMail make them less susceptible to misuse. * **Strategy**: Focusing on providers with extensive, rotating domain lists for more impactful filtering. 5. **Individual User Accountability** * **Accountability Measures**: Both services have mechanisms to penalize users violating terms, decreasing misuse risks.
Summary and Next Steps
Including Gmail and ProtonMail does not align with our criteria for identifying disposable email services. Our aim is to target services significantly contributing to online spam and abuse, without impacting legitimate email services. We have reviewed your list and agree on adding some providers, like internxt.com (Reference). We will also incorporate the obvious choices from the tail of your list. We apologize for the delay in addressing this issue but intend to promptly resolve it by focusing on the most impactful additions.
deleted by creator
Simple as, if they don’t even support e-mail it’s surely a rather shite site.
The closed garden corpo-approved electronic message service the github issue is talking about simply won’t do.
deleted by creator
Damn, that guy’s fucking dumb lmao
But also, is 7c/fakefilter even popular? It seems to barely have a following on GitHub to begin with. Seems pretty over the top to claim that PM and SL (and any other provider on that list) will get blocked from registering on websites.
And reading the project description the domains aren’t even added manually. So the whole issue isn’t needed at all. Might explain why it’s been there since October.
The npm package has about 4000 weekly downloads. I don’t know what that means in terms of popularity.
Less than left-pad. JavaScript devs are wild.
I know it probably predates String.prototype.padStart(), but it boggles my mind that people aren’t just using the standard one.
He’s not dumb, he’s extorting people who will probably pay him.
Nobody’s going to pay some random idiot who opened a ticket on a repo they aren’t even a contributer on.
Removed by mod
I was in a club and had to open an account to open a tab, they asked me for my government number ID, pretty standard, but then they started asking for phone number, age, email, Instagram account and I was like wtf, I just want a bottle of water!
Where do you live that providing your government id to a business is standard? In Germany, the only one outside of a judge to be allowed to request that is law enforcement ( even then only with proper cause ). Of course, some businesses are legally required to request and process your ID number ( e.g. when booking international flights, medical insurance companies etc), but these are under tight federal control and supervision to ensure data safety.
Age verification sometimes is a thing for purchasing 18+ things ( media or drugs like alcohol & smokes), but even then businesses will only ever perform a visual check of the date of birth on your ID. Technically they can never demand to hold your ID, not even for a short time just to better read the date. You only have to show them your ID. And actually recording and/or storing any of that information would be insanely illegal.
Germany / Europe might have its issues, but we at least try and take our freedom and data privacy serious. I would never dream of handing my ID to a generic business like a club for anything more than the age check.
It’s in Brazil and is pretty standard. There’s different IDs here, the most common one is called CPF and is used for financial transactions, is the number that identify you with the tax agency. In some things you can denied it, like in the pharmacy, but in other ones not, like buying a TV or car.
Interesting, will have to read up on how that works in Brazil. We also have a separate tax id here ( which is also used for pension and social security ), but that one is even more secure/private than the passport ID. We only provide that to our chosen medical insurance provider ( bc they need to register it with the ministry of finance ) as well as employers ( because 50% of the insurance has to be paid by employers).
It’s explicitly not allowed and intended for generic identification purposes, because it makes it too accessible for identity theft and associated scams.
they asked me my government number ID, pretty standard
How very dystopian.
If you’re ordering alcohol, completely ordinary
Or maybe that’s what you were saying and I missed the sarcasm, idk
Is it ordinary for them to request the ID number? I’m Canada they just do a quick glance at the birth date on your ID
Just keep using the temp emails and when they don’t recieve your email , call them up. Their IT support will unblock it after 50-100 calls. Remember consumers have the power.
I tried to report an issue in GitLab. I needed to input my phone number and payment information to create an account. WTF? No thanks, I’ll just not report the issue.
do you guys not have phones
When buying stuff online I find 0101etc works. Public numbers used to work fine for other things but not so much these days. If that doesn’t work I usually don’t give a damn about the service at that point (e.g. ShatGPT) #TeamBots
I used to have a disposable phone number just for signing up but it was more trouble then it was worth. If the website is shady enough, I go look somewhere else.
Sick of sites requiring an account, email or phone number.
Blame bots. The other day we had a post about how 70% of account creation processes on sites are started by bots. Imagine that if you didn’t even need confirmation.
What if account creation was local (e.g. Git and keys)?
If no data needs to be stored then no account is needed. Use the system where there is a unique indentifier based on the password.
Use the system where there is a unique indentifier based on the password.
Never heard of this, how does that work?
A tripcode "is the hashed result of a password that allows one’s identity to be recognized without storing any data about users. Entering a particular password will let one “sign” one’s posts with the tripcode generated from that password. Trying to take another user’s tripcode and compute their password from it (for instance, to make posts that appear to come from a particular person) is somewhat computationally difficult."
That’s pretty cool, but still, does that really solve the bot problem? Doesn’t it make it easier for them to spam?
Tripcodes doesn’t affect bots spamming at all.
No longer needing accounts removes whatever barrier to entry email, phone or credit card is worth. On the plus side less people are being farmed for data, so society is better off 😕
What I mean is, doesn’t that barrier being removed make things easier for bots as well? And while humans only save a bit of time once to register, bot farms would improve a lot considering they do it over and over again.
Less data farming is undeniably better, but imo if something helps bringing us further from the Dead Internet outcome I can accept it. Of course, just the bare necessities, sites that require you mail + phone + name and so on when they don’t need them to function should really dial it down.
the discussion is happening here: https://github.com/7c/fakefilter/issues/73
Someone working at Proton has commented on the issue, the list maintainer wanted to take the discussion with proton private so we have only a few posts from them.
If you want my personal take:
It’s very clear how the list maintainer opposes anonymity in the internet in any form, which I see as an attack on freedom, journalism and activism.
I’m not a fan of Protonmail of any sort and in fact I consider that their privacy is lacking… but I really hope they can talk some sense into this guy. This block list seems to be used by a lot of webs that will start blocking virtually every private email provider.
(Edit: I assumed the person that posted the email list was a maintainer, but they don’t seem to have a “contributor” or “owner” badge, so idk. Maybe they are just very angry at privacy and anonymity on the internet)
What do you consider to be a good privacy focused email solution that allows anonymity?
deleted by creator
important to emphasize here that email is inherently not very private. Proton is one of the best email providers for privacy, but for things you really need to be private (eg organizing protests in less-than-friendly countries) you shouldn’t use email at all.
deleted by creator
yes I agree with you lol just trying to be extra clear for people who might be confused
Does proton do anything other than encrypting the email file? TLS should be enough to encrypt the transfer.
deleted by creator
Nope. Refer the links below.
https://www.theregister.com/2021/09/07/protonmail_hands_user_ip_address_police/
deleted by creator
If you look at what data they handed over you’ll realize this is a positive thing. You have verifiable proof that the contents of your mails is private, and you’re calling it a negative thing that they have your IP address??
this guy isn’t even hiding behind seven proxies
Do you have articles showing Tutanota refusing to do the same?
I am not here to entertain Whataboutery. I am not a shill for Tuta Mail and will abandon it as well if it does the same thing. I don’t rely on e-mail for communications. I only suggested Tuta Mail in the other thread because it is the least worst of them all.
deleted by creator
I would love to know this too ☺️
Is addy.io any good? I’ve poked around a bit but not investigated deeply
As a paying customer, it’s good if you want a burner email address that forwards to your actual email address. Not sure if they’re offering full blown mailing servers now, though. Pretty much does what I need it to do, personally.
deleted
Yeah, that’s also what I use it for. Discovered that my ProtonMail subscription came with SimpleLogin now, but its UI/extension is kind of annoying to use compared to AnnonAddy (Addy.io now, I guess), so I kept paying for it. Was mostly pointing out that Addy.io isn’t a mail service, they’re a mail forwarding service (unless that’s changed since they became Addy.io).
That’s basically all I want as a mail edge
Try Tuta Mail
Germany vs Switzerland eh?
What do you consider to be a good privacy focused email solution that allows anonymity?
I am not clicking that.
I clicked for you. From the website:
Cock.li is your go-to solution for professional E-mail and XMPP addresses. Since 2013 cock.li has provided stable E-mail services to an ever-increasing number of users. Cock.li allows registration and usage using Tor and other privacy services (proxies, VPNs) and thanks to continued funding by its users is certain to stay free forever.
(SFW)
I just couldn’t say my email out loud.
“Wait, what did you say?!”
“It’s private!”
“I’m calling the police”
These lists are used by platforms to try and cut down on spam/bot account signups. This isn’t a thing done for signups by the vast majority of platforms out there, but the API verification steps IS becoming more prevalent I suppose. I just got rejected for using a Protonmail domain to buy something outright on a very popular pet supplies platform the other day, but…eh.
They’ll just lose my business and get a stern customer support email then. I don’t do business with companies that exclude Proton/Tutanota/Skiff emails.
Bro… You’re on Lemmy. What business?
Yes, Lemmy users literally never spend any money, not once ever.
You guys have money?
Like 3 sometimes
It’s very clear how the list maintainer opposes anonymity in the internet in any form,
why would anyone ever be like this?
Maybe a fed, corpo or authoritarian
I was thinking the same. Would be mighty convenient for them if people had to switch to sellout mail providers because the alternatives are all blocked.
This is not the list maintainer. Just a rando who opened a request
Someone working at Proton has commented on the issue, the list maintainer wanted to take the discussion with proton private so we have only a few posts from them.
They’re not the maintainer.
I say that in my comment
Edit: I assumed the person that posted the email list was a maintainer, but they don’t seem to have a “contributor” or “owner” badge
OK simplelogin you can make an argument there, very stupid one though.
But protonmail and tutanota, wtf ?!?
Just because an email provider is privacy focused and offers custom aliases means all it’s emails are spam ?
Fuck this shit.
I wonder what happens when they find out that you can do my.name+alias@gmail.com
they seem to have it “covered”
To be fair that’s quite easy to check with a simple regex, you can see that in many services that have cached up to that.
deleted by creator
\+[^@]*
Looks like you can even do this with iCloud accounts. They only let you have 3 at a time, but you can delete them whenever and create more as needed.
https://support.apple.com/guide/icloud/add-and-manage-email-aliases-mm6b1a490a/icloud
Advertisers aren’t interested in your privacy. Simple as.
Am I the one one thinking this post is blowing the topic way out of proportion?
The post title is clickbait in its purest form: nothing is being blocked (from what even). There is a single issue raised on some obscure filter list… This has no consequences whatsoever. I am wondering why Protonmail even bothers to comment on this issue…
deleted by creator
Honestly, the more these one time accounts try to convince me to remove protonmail and simplelogin, the more I see how much it’s needed to block them. It’s like the marketing team is desperately trying to keep their services from being rightfully flagged and it just makes me want to block them even more. I do hope they won’t cloud your judgement @7c , as these services are used for temp emails by all definitions. If you have any questions you may always ask me from the conversation we have started :)
Shit like this is what makes me want to pull my hair out at night
Yea, I guess it’s impossible to make burner gmail accounts too…
A whole new account? gasp
Yeah, that’s obviously impossible because that would require you to pick a different username.
deleted by creator
Bold of you to assume they’ve been to highschool yet
Removed by mod
The issue has now been commented on and was closed by the maintainer, where they explained why those blocks would be nonsense.
Hilariously, the issue creator still hasn’t given up and is now trying to communicate with the maintainer privately. 🙃
I’d really want to know what’s driving them. Surely no sane person would be this persistent without some ulterior motives?
I’d really want to know what’s driving them
likely ego
He’s such a manchild, it’s unbelievable. Won’t budge when talked to in a friendly manner, will lash out if someone else calls him out, and will continue to complain in responses to civil people, saying nobody is being civil and whatnot, just for the sake of adding fuel to the fire. He got sat the fuck down by the repo owner, and the schadenfreude is fucking delicious.
They have a repo named reeeeeeeeeee that only contains basically an empty README.md I don’t like to generalize but that speaks volumes.
Pun intended?
I am missing some Internet lore. Can you summarize the first of the volumes? Is it 4chan adjacent?
But did they add addy.io?
It appears that the Github user GalacticHypernova is not a contributor to the 7c/fakefilter project - just someone asking for some domains to be added. The current list does not contain proton.me or protonmail.com.
I suppose this might be a reasonable litmus test for the reliability of that list.
The one who opened an issue is either 13 years old and dumb as a log or a troll (also dumb as a log) and this project is barely used, like at all
So please, don’t give them attention
That comment chain was utterly hilarious. The OP practically wanted to block every email provider in existence.
You know because you can create spam from practically every provider. I guess it’s good that this kind of idiocy is hashed out rather than just being implemented blindly with a pull request.
And once he got sat the fuck down, he wanted to continue discussing the topic “privately, away from the toxicity”, going full out Wormtongue. Fuck him.
Stop all spam with this one simple
trickfilter! All spam emails contain ‘@’, therefore all emails containing ‘@’ are spam and will be blocked
You cannot even make it past the half-way mark of the OP to realize that the creator has no idea what they are talking about.
Something interesting I learnt about the generated gmail accounts is that they either contain + or an excessive amount of dots, 2 very odd patterns in real, legitimate email accounts. I was able to reliably detect at least 3 or 4 dots in the email itself when it’s using the dotted variation.
Continuing the discussion, the fact that they are so defensive and immediately hide behind moral high ground when someone calls out their mental gymnastics out for the bullshit they are, makes me believe that they are a troll. A child would lose interest after getting so many negative responses.
The behavior you see from the creator is close to a troll tactic called “sealioning”. While refusing to give their own claims any plausible proof (they constantly talk about “tests” they’ve run without any specification thereof), they request elucidation or sources for any contraindicating claims (here in the form of discussions which are held off-platform, e.g. on Discord), but fail to engage with any proof of the contrary (refusing to take protonmail and several other legitimate providers off the list even after talking to the literal CTO) while just reiterating their standpoint over and over again.
All the while, they pretend to discuss sincerely and are always polite and superficially receptive to counterclaims. This is key to their general strategy of eroding a victim’s patience and exhaust their attention. One of two outcomes generally occur:
a) The victim snaps. In this case the troll will claim moral high ground and garner sympathy from 3rd-party observers because of fickle reasons like “there is no reason to insult somebody on the internet”.
b) The victim leaves in order to not appear unreasonable. On a public platform, like a thread, many observers will then grant the “victory” to the troll because their stand point seems strong and counterclaims seem indefensible. This is the ultimate goal of the troll and what makes it dangerous.
Just reminds me of an idiot PM we had who after realizing you could do the + thing on Gmail addresses made the devs block it, then didn’t understand why qa and anyone else testing using those types of email accounts got mad when no one could get in or create new accounts
The whole exchange between the ProtonMail person and the repo maintainer is wild. The maintainer is clearly grinding and axe and pretending we should thank them for it https://github.com/7c/fakefilter/issues/73#issuecomment-1785182508
That dude’s not even a maintainer, just some rando who apparently doesn’t like protonmail.
Imagine having that little happening in your life
Lil bro asks for discord instead of using email ahaha
Email is for boomers duh
deleted
Apparently Discord is preferable to email for long form professional communication lmao
It’s absolutely wild to read. This bloke absolutely has issues, what a weirdo
That’s not the maintainer, just the user who opened the issue. Here’s a (somewhat ironic) interaction between the same user and the maintainer: https://github.com/7c/fakefilter/issues/69
deleted
Funny, considering I’ve moved over to a paid proton account as my primary email, and my former primary email/Gmail account, with its ability to instantly become infinitely many disposable email addresses, is now used as exactly that. This same procedure occured many years ago, when I made my yahoo email into the disposable junk mail home, and my shiny new Gmail became my primary. I wonder how many years it be until proton becomes my disposable, and some as-of-yet to be created service becomes my new primary email. Or maybe email will finally be dead by then, and we’ll use something else entirely.
I will say, even after all of these years, and using the living shit out of my Gmail account in many, many places, I still only get two or three spam emails at most during the entire year.
No, you very likely get way more than that, they’re just filtered out.
This. I get tons, but almost none of them actually hit my inbox.
Wouldn’t OP see them in the Spam folder? If they say they get 2 spam messages they probably mean that.
Yep, mail to the spam folder is what I mean.
fr I deleted like 70,000 emails over this past week so you know this guy is lying to seem cool.
Same, gmail now means garbage mail and only acts as a filter for my Protonmail now.
Why does anyone care? The npm package has 3,712 weekly downloads. They’re trying to act like it’s some mainstream package that a lot of companies rely on, but nobody uses it…
I’m tired of watching bad ideas grow into industry standards.
Fair point.