If privacy is of utmost concern, we recommend that you refrain from communicating any personal data to us since plain-text email is not a safe media for communication. If necessary, use PGP-encrypted email.
...
...
We do use a third party to operate our email service, so we remind you to carefully read #1 again.
A long screed but has this jackhole who writes so unprofessionally even reached out to Mullvad for comment or explanation? Because that's usually what respectable journalistic outfits do.
They don't post some screenshots, make inferences without knowing all of Mullvad's backend, and say "what we are saying is definitely true and there's no possible way we could technically be wrong."
I can think of several ways they could be wrong, it would have been helpful to have any statement from Mullvad, because they might have a technical reason for this (up to and including making sure their emails aren't disappeared as spam, because running your own email server sucks.).
Anyway, pretty unprofessional and makes me pretty skeptical of the claims until more solid evidence than a screenshot surface.
For example, who is to say that Mullvad hasn't set up their own client side encryption keys? This is an option Google offers for use with business accounts. This effectively means Google doesn't have your keys nor can read your emails.
This site has a long history on Kbin and Lemmy of spamming poorly written, poorly researched articles. It is a trash site written by a 14-year-old who knows nothing about anything.
If they were able to polish up that article a little bit and disconnected from their current website, which serves up a whole lot of goofiness in general, It would probably be much better received despite the source.
ex. when Brian Lunduke got treated like a genuine actor
...because why would you go to all the trouble to pay Mullvad (presumably to keep your sensitive information away from big tech) to then give it to google in the form of an e-mail should you reach out to Mullvad for support? Google would then suck up any and all data that comes via their gmail service.
It's because of the difference in credentials. One is a website positing as having both privacy and cryptocurrency investment advice services, and the other is a random Lemur
I've trash talked this website before in my head, but maybe I was approaching it as a professional organization instead of more of a blog run by a small group of people.
They aren’t just doing ads dude, it’s a for-profit propaganda machine.
But seriously, Mullvad would do well to switch out their email provider to something that's not Google. Even though email is inherently unsafe, email through Google is pretty much is unsafe as it can get.
I've been using them for nearly 3 years now and never used (or even knew they offered) email support.
Not ideal they use GMail of course but they could be using private keys (as most business users do I believe) which means Google couldn't see a thing anyway.