O
My feedback
40 results found
-
226 votesO
supported this idea
·
-
268 votesO
supported this idea
·
-
1,447 votesO
supported this idea
·
-
56 votes
An error occurred while saving the comment O
supported this idea
·
-
1,456 votesO
supported this idea
·
-
327 votesO
supported this idea
·
-
642 votesO
supported this idea
·
-
1,133 votesO
supported this idea
·
-
500 votesO
supported this idea
·
-
756 votesO
supported this idea
·
-
711 votes
An error occurred while saving the comment O
commented
Isn't it a privacy risk? This is an answer from Lumo:
Syncing shared folders would indeed be convenient, but it would force Proton Drive to store decrypted copies on your Mac. macOS Spotlight (and any other local process) could then read those files in plain text, which defeats Proton’s end‑to‑end encryption and zero‑access guarantees. Because of that, Proton has deliberately left shared‑folder sync unavailable on macOS, and there’s no indication it will change in the near term. The safest workaround is to keep shared items in the web/app interface and only download the specific files you need to search locally.
-
1,114 votesO
supported this idea
·
-
1,336 votesO
supported this idea
·
-
275 votes
An error occurred while saving the comment O
commented
"give Unlimited a reasonable ongoing discount" - yes, please
O
supported this idea
·
-
250 votes
An error occurred while saving the comment O
commented
yes :)
O
supported this idea
·
-
320 votes
An error occurred while saving the comment O
commented
While I appreciate the enthusiasm for improving Lumo, I personally don’t want a memory or persistent-knowledge feature. One of the main reasons I trust Proton is because their tools don’t retain long-term personal data unless absolutely necessary. Even if the feature were opt-in, adding persistent memory feels like a step toward more data collection than I’m comfortable with.
I prefer Lumo to stay stateless and privacy-focused, without storing information about my preferences, past conversations, or behavior. If I need Lumo to know something, I’d rather tell it each time than have the system quietly accumulate personal details—even with controls in place.
For me, Proton’s strength is minimal data retention, strong boundaries, and tools that don’t try to “learn” about me. I hope Lumo keeps that philosophy intact.
-
504 votes
An error occurred while saving the comment O
commented
I personally don’t want this. One of the reasons I use Proton is its focus on privacy, simplicity, and clean, lightweight apps. Integrating Lumo into Mail/Calendar/Drive could make these apps feel bloated and push them toward an “all-in-one” AI-heavy direction that not everyone wants.
It’s great that Lumo exists for those who want it, but I’d prefer to keep the core Proton apps fast, minimal, and free of AI features. Ideally, any such integrations should be fully optional — or better yet, not added to the main apps at all.
-
194 votes
An error occurred while saving the comment O
commented
I strongly support this feature request. Exposing the primary Proton email address in shared Proton Drive links is a real privacy gap, especially for users who rely heavily on aliases to compartmentalize work, personal life, or anonymous activity.
Being able to choose which alias is associated with uploaded or shared files—and ideally organizing files by alias, as suggested above—would not only protect privacy but also make Proton Drive far more flexible. This could extend naturally to Photos, allowing different devices or contexts to back up to different aliases.
Even better if Proton adds optional settings like:
• Hiding your email entirely on shared links
• Choosing which alias appears (if any)
• Adding a custom message for uploaders
• Offering an upload-only view without exposing existing filesThis feels like an essential improvement for a privacy-focused ecosystem. I hope the Proton team prioritizes it.
O
supported this idea
·
-
18 votes
An error occurred while saving the comment O
commented
Of course, I also do not wish my real proton account e-mail to be seen by anyone.
O
supported this idea
·
-
682 votes
An error occurred while saving the comment O
commented
I wanted to add the pfp today and was surprised it is not possible.
O
supported this idea
·
Interesting. Some ideas from Lumo:
Can Proton VPN see your real traffic?
What passes through Proton VPN’s servers
When you connect to Proton VPN, all of your internet packets travel through Proton’s VPN gateways before reaching their final destination. Technically, any service that sits on the path can inspect the raw traffic (IP headers, DNS queries, unencrypted payloads, etc.).
Proton’s policy and technical safeguards
Zero‑log policy – Proton’s publicly audited policy states that it does not retain connection logs, IP‑address logs, or any metadata that could be linked back to a user. Their internal systems are designed to discard session data as soon as the tunnel is torn down.
No traffic inspection – The VPN software does not include a man‑in‑the‑middle component, nor does Proton run deep‑packet inspection for advertising or analytics. The tunnel is a standard WireGuard/OpenVPN tunnel that forwards packets unchanged.
Jurisdiction & transparency – Proton is headquartered in Switzerland, which has strong privacy protections and a legal framework that makes forced disclosure of user data difficult. Proton also publishes regular transparency reports and undergoes independent audits of its infrastructure.
What could happen in theory
Even with the policies above, any operator of the exit nodes has the technical ability to see the traffic that leaves their network. If Proton were compelled (by a court order, for example) to modify its software to log or inspect traffic, it could technically do so. The real protection comes from the commitment not to do it and the legal environment that discourages such changes.
Mitigating the “single‑hop” trust model
If you want to reduce reliance on a single provider for the exit hop, a *multi‑hop (double‑VPN) setup is the usual approach. Here’s how it works and why it matches the suggestion you saw:
Partnered double‑hop – Two independent VPN providers each run a hop. Your traffic is encrypted twice: first by Provider A, then by Provider B. Provider B sees only the encrypted payload from Provider A, not your original data, and vice‑versa.
Benefits – Even if Provider A were compromised or forced to log, Provider B’s independent jurisdiction and policies would still shield the final exit point from your original ISP.
Existing examples – Mullvad partners with Obscura (as you noted) to offer a “double‑hop” configuration that combines two distinct infrastructures.
Practical ways to achieve a similar level of independence with Proton VPN
Manual double‑VPN – Run Proton VPN on one device (e.g., your router) and then run a second VPN client (e.g., Mullvad, IVPN, or Obscura) on top of it. This creates two encrypted layers without needing a formal partnership.
Proton VPN “Secure Core” – Proton already offers a Secure Core architecture that routes traffic through hardened servers in privacy‑friendly jurisdictions (Switzerland → Iceland/Sweden) before exiting to the wider internet. While not a true third‑party hop, it adds an extra barrier against network‑level adversaries.
Use a dedicated “exit‑only” server – Some advanced users set up a self‑hosted VPN endpoint (e.g., a VPS they control) and chain it after Proton VPN. This gives you full control over the final hop while still benefiting from Proton’s entry‑node privacy.
Bottom line
Proton VPN does not log or intentionally inspect your traffic, and its Swiss jurisdiction offers strong legal protection.
Technically, any VPN provider—including Proton—could see the traffic that exits its network; the trust model rests on policy, audits, and jurisdiction.
If you need an extra layer of independence, a double‑VPN (either via a partner arrangement or a manual cascade of two separate VPN services) is the most straightforward way to achieve it.
Recommendation for you
Enable Secure Core in Proton VPN if you haven’t already—it already adds a hardened, multi‑hop entry path.
If you want a truly independent exit hop, set up a second VPN (Mullvad, Obscura, or any reputable no‑logs provider) on top of Proton VPN, either on the same device or via a router‑level cascade.
Keep an eye on Proton’s roadmap; they occasionally introduce new multi‑hop features, and a formal partnership could appear in the future.
By combining Proton’s strong entry‑node privacy with an independent exit node, you get the “no‑one‑sees‑everything” guarantee that many privacy‑focused users seek.