Slashdot Mirror
Google's Gdrive Raises Instant Privacy Concerns
An anonymous reader writes "The rumor mill is already raging over the potential functionality and capacity for Google's online storage service we talked about earlier this week (the company says 'it makes sense' to put all its Web apps under the same umbrella). But Internet rights advocates are now crying foul over liability issues, a probable lack of encryption and a cash-cow model that could scan all your personal data for advertising keywords. From the article: "'Google would be wise to offer users an option to encrypt your information,' says Nimrod Kozlovski, a professor of Internet law at Tel Aviv University. 'It really needs to have really detailed explanations of what the legal expectations are for storing your info.'""
You have the choice to:
Seriously, the issues raised are the same as with the other on-line storage services. And, this move by Google mostly integrates/consolidates what they already offer, albeit with the extension of storing any kind of data. I think it's great, I've started storing much of my data on line in various forums and I love the internet access. At your parents house and need a file? Download from the clouds. Got a special inside track on a new job and they need your resume, quick? From the clouds. Serenity now!
If you've got data you think sensitive, encrypt it, or figure out a different way to store it. Personally, from anecdotal, but plentiful, observation, those who store their data "in"/on the internet:
As for the screaming about Google figuring out a way to make money doing this, hwah? Kind of what running a company is about. And the more money they figure out how to make by ads makes the price point that much less for you and me, or anyone willing to trust Google. For the moment, I am. I'm assuming I'll get enough warning signs to not trust them, I'll move my data elsewhere. For now, good for Google.
This isn't new, just big. And, from a personal standpoint, I hope it's one more ding in Microsoft's armor. The more there are alternatives to data locked up in Microsoft's products, the better chances of real competition, and ultimately progress (finally!) in technology. (sorry, had to dig... this is slashdot, right?)
First off, if you're that concerned about your data being secure, you probably should just store it on a personal webserver and encrypt it yourself.
That being said, I really don't see this as a major concern for Google in relation to the success of Gdrive. A large percentage of people today really don't care about whether or not their personal data is scanned an analyzed, as proven by the information people list on social networking sites like facebook, myspace, livejournal, etc.
So the real question here is whether or not Google (and the small percentage of users that would use encryption) would benefit enough from this feature to offset the time needed to develop it and the hassles that will come along with it. I think that alot of the users wont realize that if Google encrypts their data with the password that the users provide, then there will no longer be that friendly "Forgot your password? Let us reset it for you." button. People will then be constantly complaining that they can no longer access their data if they forgot their password and had it reset (Because the data is encrypted based on their old password obviously). The only way that Google would be able to recover that data for the user is a.) by brute forcing it, or b.) by using precomputed hashes in a rainbow table format (though something tells me that Google is smart enough to use salts and this wouldn't be an option). Realistically, even Google doesn't have the resources to go around brute forcing people's passwords. This means the only real way that Google could encrypt the data would be to store their passwords as plaintext in case the user forgot it, which is really just providing security as the cost of losing alot more security. All in all I don't see the process being beneficial for Google or the users.
I have no plans to use gdrive or google apps for the reason outlined as well as others.
However, I have to ask...
Am I the only one who got a chuckle out of the professor's name? Nimrod
Everything I need to know I learned by killing smart people and eating their brains.
if i don't care about the privacy of the data i'm uploading, what if i upload random pron and i just want the space (i f i have something private, ill pay for my own hosting and encrypt ot my way, not google's way
Live Electronic Music
And I thought I had it bad growing up!
Because that's not useful. If they encrypt your data for you, guess what? They have the key! If you want your data safe from them, YOU need to encrypt it. That's just how it works. If you send your data in the clear to someone else and then they encrypt it for you, that means they can get at your data. Same deal is you send them data and the encryption key as well (see AACS). The only way to give it to them, but not let them at it is for you to encrypt it yourself, and to not give them the key. Then and only then can you be assured that while they have a copy, they can't read it.
Seriously people, get Truecrypt, it isn't hard.
At least let Google say something on their plans first...?
...). Software may send usage information to some company's servers. Game companies analyze your system to detect cheats, and could in the process find a lot of other things on it.
Besides, what's so special even if they'd do this? It's the norm to not encrypt mails. It's the norm to not encrypt instant messages on servers on services that provide offline messaging (Messenger, ICQ,
As usual, when this is released, I think *gasp* that the users will just have to decide for themselves if they care for having encryption or not. They'll also be free to encrypt their data. Why the rumor mill? Just chill and take it for what it is, as with any other service. It's not like Google will force you onto it. Then I could see the fearmongering kicking in early be more motivated.
Beware: In C++, your friends can see your privates!
Disclaimer: I don't see myself being an early adopter or anything of this service, but not because of privacy.
cash-cow model that could scan all your personal data for advertising keywords
What, like the "disaster" that Gmail is? I'm all for Internet privacy, but get some perspective. I trust this service in the hands of Google. They've done nothing to shake that trust, and to be frankly I have good faith that they won't. They're a data miner, sure, but they have always done in the least intrusive way as possible. Get this, I even like their ads sometimes! I know, unbelievable right! So thanks for being watchdogs and all, but as of right now, Google has my trust.
I got a catholic block.
At least for long. This is just like all the concerns over gmail. It will all pass.
#1 - Everything on the internet is not free. Actually, nothing is truly free - there's a cost SOMEWHERE. #2 - You do not have to use G So stop getting your panties in a wad. Just because YOU don't like the idea of it, doesn't mean some of us couldn't care less and like the idea of free storage. Everyone acts like GMail is the only mail system out there or that they are being forced to use it. Don't like the ads? Don't like that Google might read your mail? DON'T USE IT. You have plenty of choices out there - it's not Google's responsiblity to provide you with free anything. Get over yourselves.
Use truecrypt. Open, GPL, quick and easy.
.
When it comes to GDrive, I wonder whether anyone is being forced to use it. I doubt this is the case. If this is not the case, why not just avoid it? Shhesh?
It's a free service, some will find it useful, some won't. I mean, what kind of nimrod would expect his data to be 100% perfectly private and encrypted if he's outsourcing his data retention to someone else, and then question the company storing his data for, um, storing his data in the form he transmitted it? I just don't get the OMFGism.
Simple, don't use it. Seriously, google aren't in the business of simply giving stuff away out of the goodness of their hearts. They're giving things away because they think that they can generate revenue. Pretty much the only thing they get for storing your data "for free" is the data itself.
Just like your emails: you pay them by giving data so that they can search it advertise to you. Why would anyone think that they would do anything else with more of your data.
If you are sufficiently naive to think that a company will simply give you free online storage for no benefit to themselves, than I have a bridge to sell you. Lots of traffic, one careful owner...
SJW n. One who posts facts.
Oooh, is there a sale on tinfoil these days?
If you got data that is so sensitive that you're worried about Google processing it for some kind of ad targeting purpose you should be worried enough to spend a few bucks and get a webhost for your data. You can get a webhost with a couple of gigs of storage and more transfer for ~10 bucks a month. What's the issue?
Dedicated Cthulhu Cultist since 4523 BC.
Is that guy's name really Nimrod? :).
Oh any why do you need online storage? Use SSH/SFTP and you're all set.
I've always heard it used as an insult, example "You're such a nimrod".
Well, I am a dumb American, so I guess that's par for the course
I guess that only works for all us geeks who leave our machines on 24/7, or run our own servers.
Ah, the poor non-techy people.
Shameless plug alert: Game server control panel
The cost of using GDrive is allowing Google to mine the information you store with them so they can refine the type of advertising they present to you on the other services they provide for "free."
Looks like our pr0n collections will have to stay hidden on our hard drives unless we don't mind receiving ads for hot singles waiting to meet us NOW everytime we check our gmail accounts. . .
What?
If they encrypt your data for you, guess what? They have the key! If you want your data safe from them, YOU need to encrypt it.
This is patently wrong. Why can't I supply them with a public key that they use to encrypt, but I never reveal my private key thats used to decrypt the data. I mean honestly this is what public key encryption was invented for.
That said they dont need the key as you gave them the DATA to encrypt in the first place. So you'd have to trust them that once they encrypt it they throw away that data stream. But this is not a problem of key distribution as we have already solved that.
Really, it's far too late to be concerned about it. If Google already has your email, and your documents via Google Docs or Writely services, then they have too much already.
Aficionados of Appalachian culture will surely know the name Nimrod Workman, who made a name for himself as a folksinger after retiring from a life as a Kentucky coal miner.
Check out Appalshop for recordings and a film about Nimrod.
Three Squirrels
This is idiotic. Seriously. The "product" in question is a rumor. No details are confirmed about how it will work, what advertising hooks there will be, what features it will have, or whether it will ever see the light of day. You know what criticizing it at this point makes you? Not an analyst, not an expert, not a technologist. It makes you a guy with a guess and a blog.
My Photography - http://ian-x.com
The Deathlings (comic) - http://thedeathlings.com
I know to avoid things if it involves giving private information to Google. "Do no evil" motto or not they have already shown they can and will bend to the right political pressure (i.e. China), or the right financial pressure (i.e. focused ad targeting).
My concern is how many people will blindly use it who don't know better. How many of those people will be ones I have to deal with? How much information about me will they be storing on G that I won't have control over? What happens when the government gets power happy again and decides that since it's stored on a public server they should have transparent access to it?
TANSTAAFL...
I'm a fiscal conservative, it's a pity we don't have a political party anymore
How do any of these concerns also not apply to GMAIL. In fact there are software packages you can use to turn your gmail account into a "G Drive" already and utilize those 5+ Gigs for file storage.
The only way encryption keeps someone out is if they never get the plain text, and never get the key. If I give you a disc and say "Here, encrypt this with my key, then burn it," you can read the data before you do so. There's nothing I can do to stop you. Likewise, if I give you encrypted data, and give you the key but say "don't use this" you can look at my data because you have the key (this is what HD-DVD and Blu-Ray do). The only way to keep someone out is for them to have nothing but the cypher text. So if I give you an encrypted disc and no key and say "Keep this safe for me," then you can't read it.
Encryption isn't a magic wand you wave and make everything safe with. It is a system of mathematics that has some very real constraints on its use. If someone has the clear text at any time, or the decryption key at any time, you are implicitly trusting them with that data.
Do they write these articles from scratch or do they have a program that just generates them from a template whenever Google makes an announcement?
Well, it has never been successfully tested.
Granted Google has not yet shown us they're capacity for evil (tm) the way M$ has over the years but give them a chance... they're still young. Bottom line is that the same arguments I've seen here for why it's not a big deal (ex. do this, do that or don't use them) are the very ones used for why M$'s monopoly is not so bad (ex. use Linux, do this, do that) Problem is M$'s stanglehold at this time makes those options less "adaptable" for the masses. If we knew then what we know now we would have prevent M$ from even getting there.
But Google can do no evil, right, therefore despite this company being at that very point where we can do something before the ignorant masses consume their products in such quantities to the point where, like M$, change is difficult, we shouldn't worry about the same thing happening here, right? Yeah... right. Unfortunatley I see another monopoly coming but this time on personal information products which may not restrict our freedom of choice in the same sense as the M$ one does (eg. our ability to choose alternate technologies) but will be so valuable and so entrenched in everything that it'll be just as difficult to move away from.
We realistically could see most people, companies and even the governments depending on Google the way we did on Blackberries. It took the RIM injunction scare of 2006 to open some eyes up since even emergency services were depending on Blackberries (sigh.) Think beyond this on Google product, their 700MHz band bidding and every isolated move they've made in the past 5 years or so. Look at all of it holistically and as much as I like them and their products I don't like where it potentially leaves us in the future.
That's just my POV... no more, no less.
Holy fuck. How did you afford the tinfoil for a hat THAT big?
Many valid points are made here, not the least of which is that sensitive information should secured locally, not via some free web service. And of course, Google does tell you what they will and will not do with your data, as do most places like Facebook etc.
What I'm interested to watch is how legislation, or even case law evolves as more and more information moves on-line. Will lawmakers force on-line services to encrypt customer data, or to meet minimum levels of security? Will servcies like Google find themselves liable for large settlements if a user's data is lost of their account hacked? It would seem that lawsuits are inevitable.
If there are legal minimums for data protection and encryption for web based services, what happens to the millions of small sites, forums, and blogs that offer users the choice of logging in to post messages, or of accessing other services on-line? Will they disappear? Will sites under a certain size be exempted?
Three Squirrels
Would that be called the "G-Spot"?
I'm not tense. I'm just terribly, terribly, alert.
Here's the supposed printer-friendly page: http://www.popularmechanics.com/technology/industry/4234444.html?do=print
That's not printer-friendly, and only partly reader-friendly! (OK, so I gave away the real reason I'm using the printer-friendly page)
"Work is the curse of the drinking classes." -Oscar Wilde
The recent barrage of articles concerning privacy and Google would lead me to believe you don't read Slashdot, but I know that's probably not the case, so we must assume that you're just...
And you didn't even RTFA.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
Part of a good security strategy is to have off-site backups of important data. So, it is better to put stuff on Google's servers than it is to risk losing it when your system crashes, don't you think? For sensitive information, encrypt before storing (or store it on google as a truecrypt volume? I haven't used the gdrive thing, but if it can be mounted, then this seems the optimal solution).
She's studying in the US, but most of her family is back in China, and she uses her Yahoo mail account to communicate with them.
She does this knowing full well that Yahoo is reading her mail and will rat her family out to the government if she says anything that smells like dissidence. She told me she always tries to be careful how she words things, just in case. But she doesn't bother encrypting things or switch email addresses, because she's NOT a political dissident, and she has "nothing to hide." To me, the whole thing seemed terribly Orwellian. Watch what you say, Big Brother is listening.
Hey, wasn't there a case where some foreign branch of Google did the same thing a few days ago, turning data over to the government without even a warrant?
Hey, don't WE have a horrifically intrusive federal government that thinks nothing of trying to push corporations into illegally revealing sensitive information?
Personally, I use gMail, because I too have "nothing to hide" - no weird political affiliations, etc. But I wonder how long before I start to subconsciously self-censor what I write people, just to be sure.
"But if you want to keep your secrets, don't use Google/encrypt your communications!" I hear the cry. This is of course true; if my friend and I WERE political activists, we'd probably both be taking a lot more steps to secure ourselves. But we're not, and it's honestly not practical to start sending out public keys to everyone who wants to chat with us via email. So in comes the self-censorship, which IMO has a far more damaging chilling effect on political dialogue than may be immediately evident.
Whats the point of having Google encrypt and decrypt your info? They'll have to turn it over, decrypted, if served with papers. And wouldn't release it otherwise.
Encryption has to happen client-side.
Cool, I might be able to find some new powernoise musicians that way! :D Merzbow has reminded me at times of what it must sound like to pipe a tarball into /dev/dsp.
(My gdrive would probably contain one large encrypted file. Tar + gpg + free offsite backup, sounds like a win to me.)
News for Geeks in Austin, TX
I don't know who these supposed "privacy advocates" are, but as far as I'm concerned they can go f**k themselves. If they don't trust their data on Google's servers, then don't use the service. END OF DISCUSSION.
Tired of FB/Google censorship? Visit UNCENSORED!
Way to point out exactly what the poster was saying. The GGP said that you can't let google encrypt it because they have the key. That is stupid. The key allotment isn't the problem. If it was just a matter of them having the key you could do public/private keys, but as you and he were saying, they have the original data and don't need to decrypt it.
That's what you get for being stupid enough for getting an Abble Mak
When Google provides a Linux filesystem (either native or via FUSE), people can use eCryptfs to prevent Google from reading the contents of their files. eCryptfs stacks on top of other filesystems and encrypts the data.
An unjust law is no law at all. - St. Augustine
zzzz..*snort* roomba!...zzzzzzzzz *dreams of capresso* Back OT: I don't trust them as far as I can throw them. But, that doesn't mean it's not a useful service and that I won't use it. I'll just stash my bank records somewhere else. See? simple!
What?
There's a problem with the way things have been done, that's why we are having this discussion.
Actually, Twitter, this is more of a 'I have not personally seen or used your service, and you have not published detailed specs, so I will write some suggestions on how to fix the problems you have'
The other options are things like M$'s Live Desktop Rape Service
Yeah, you don't have too much free time on your hands. Tell your mom to stop sending the sugary snacks to your apartment over the garage, they're getting you too worked up.
I don't really see the issue here- as long as users can determine which of their files get uploaded to it and which don't (and I can't imagine anything other than that being the case), what is the problem? I have plenty of data that isn't sensitive in the least. My data that is sensitive isn't going on Gdrive (or .Mac, or any other server that I do not control). Maybe everyone else doesn't have as much random, unimportant junk as I do...
You either trust them or you don't. If you do, then what is the encryption supposed to buy you? You trust them right? If you don't, well then why would you trust their software to encrypt it, but not send the key?
You can just use any obsolete archiver if you don't want Google scanning your data. Sure, they could write a module to unzip your files, but are they going to bother with LHarc and .ZOO files?
Hey, it's Twitter the M$ troll, erhm...I mean Erris.
You've given Google your data, they can look at it all they want. Simple enough? They will certainly have the service agreement you have to accept when you use the service, with things like how much your copyright on your works protects you and what license you explicitly grant them by uploading copyrighted works to their storage, things like that. But basically, you stored your data on their disk, assume it's their data now. If you don't like it, well, disk space is pretty cheap now, order few disks from Newegg.
Now, protecting the data from 3rd parties is just good business sense for Google: they plan to make money somehow by analyzing the data, if anyone can see the data then anyone can do whatever Google plans to do and take a portion of that money.
If people trust a company with the data, then I can blame nobody but them. During the past years there was so much information about data loss and security breaches that it makes me want to un-plug my computer when I am not at home. Given the fact that Google, Yahoo, Comcast and other big companies constantly play favorites and bend over in front of foreign governments, I do not and will not utilize their services for any serious business.
I trust only myself or dead people. If you need space, get an external hard drive or two. Store data there, encrypt, remove all old stuff that is no longer need and repeat. Your habit will save you in a long run. There is an article on Slashdot about YouTube's refusal to publish information from one of the bloggers who exposes controversial subjects. "Don't tase me, bro" has been sitting on 'tube for weeks now while this poor guy from Egypt cannot publish his material online. Does this sound right to you? Is this a company that you would like to support? Is this ethics? What do you think Google is going to do if Chinese government asks it to provide data stored on your hard drive given the fact that you may be in charge political opposition? I hope that it is not that complex to figure this out...
I currently use Google Browser Sync, this has built-in encryption, so any information you send to Google is already encrypted and they have no knowledge of what it contains. Why would this service be much different. I don't see any reason for them NOT to encrypt the information.
This same paranoia came up when GMail came out. People all freaked out that Google was reading their mails to match up ads.
I don't have GMail. I pay for a service (*) rather than look at ads.
But you know what, I still let my e-mail provider read all my mails. How else does anyone think that spam filters work? You can't filter out spam without reading the e-mails.
It's not like Eric Schmidt is there reading each message looking for the good ones.
* service = fastmail.fm I highly recommend them.
There's a lot of talk about encryption here, but it is unlikely that "ordinary" users are going to use it or care. But I would say that if I had any illegal or questionable materials, good sense would make it unlikely I would store them on a Gdrive. And as far as Google data mining my files for ad purposes, my guess is that they will offer a paid service wherein your data is not scanned by them at all, beyond virus scanning I would guess. So if you pay the protection money, then it's cool, if you trust Google that is...
To the making of books there is no end, so let's get started
Just add water!!
There already exist drive in the sky web services. I suspect Google's gdrive is only a me-too comparable service. If we're so paranoid (which I probably am), then the game is already won by the bad guys. Case in point, over the last year, I have needed to wipe my hard drive clean four times because something went awry, just unexplicable things like network services starting to do strange things. No virus check found anything. With the guise of a Microsoft update, my computer can be surreptitiously surrendering all kinds of information against my will, we don't need a gdrive for that, it's already possible and more than likely happening to almost all who use Windows.
I can think of a few fixes but it's probably not going to be something that will happen fast or without a fight.
It takes a special type of douche bag to 'rage over' a free service. If you don't like it, then don't use it..
Microsoft knew as much about you as Google does:
It appears that you are trying to erase emails that your mistress sent you. Would you like to:
o Forward them to your spouse?
o Click on the banner ad to delete them?
o Forward them to all of your contacts?
o Buy an update to Office for the low price of $799.00 to delete them?
o See other options?
If you transfer you data to a third party, there is really little chance that someone isn't going to have access to it, including Admin. users on the system.
If you really need to use it you could of course encrypt before you upload.
Home based RAID systems now sell for $300-$500 with TeraByte size drives. Or put the data on a Flash drive and store it in your bank vault.
http://www.hawknest.com/
Does no-one else observe the futility of griping about a product that does not exist yet? Let's see what they come up with before gathering the pitchforks and torches. -ellie
I, for one, welcome our new storage overlords!
---
What the hey. My karma sucks anyway!!!!!
says Nimrod Kozlovski,
You mean there actually are people named Nimrod?
The higher the technology, the sharper that two-edged sword.
Do you have a wife? Sister? Daughters? Because if you do, you should think about seeking psychological help. If you're a 15 year-old living in your mom's basement, then it's OK. You'll probably grow out of it.
Seriously. This is another pile of shi....erm... sensationalist 'cry wolf' journalism.
Google has my data that they're storing for me, for free, because i gave it to them...along with my email...and a spot on my MSIE toolbar, and a spot on on the MSIE searchabr, and a spot on my desktop for desktop search...
Seriously, we coudl all say to encrypt it but 99% of people out there won't. Ease of use + free > privacy to most people. In fact google still keeps your data private. Yes, they'll give you targeted advertizing...same as every other 'free' website. They do it better, with a better interface, faster, and are less intrusive. Know what? Sometimes their adds are actually USEFUL. So yeah, if i save and upload and work on a presentation about the price of sex slaves in asia and a link pops up offering a tour...remind me why i should complain?
Half the time the adds are...pre-emptive searching.
You can get rich if you own a politician, but you have to be rich to buy one in the first place.
If the Privacy Nazis kill my google data service or render it unusable, I'm going to be furious. For chrissakes, let me decide what to do with my data!
Privacy Advocates = One law professor in Israel.
So where are the "raised eyebrows among privacy advocates worldwide" ?
Like many people have said in this thread - don't like it, don't use it.
Seriously, if someone figures out a way to send incremental rsync style truecrypt container changes to Gdrive via FUSE, it would get interesting.
BUT, since it's incremental, Google potentially could do some very interesting analysis on incremental container changes. And there's always the temptation to use your Google logon for the container password.
For everyone else, it'll be a FUSE like module with rsync style connections and the link encrypted using your google account logon. Google needs to see the average users Gdrive to do content analysis for their ads. Now, if they did TimeMachine like versioning, sorta like some kind of SVN for your generic files, then they provide some real value. Couple this with kinky single instance storage on Google's end, and they're in business.
I hope Google enables me to attach things like pictures or say a resume right from my gdrive within the gmail interface. That way I don't have to be at the right damn computer to attach those docs when I want to send them.
I seriously think this is the next killer email feature that will set someone apart from all others.
Google generally makes APIs available for their services, and they will likely do the same here. So, if you want an encrypted file system with Google storage, all you need is the right client.
I suspect you're going to see a Fuse-based encrypted Google file system within days of the release of the API and service.
You can ignore it. It's the same advice you gave.
If there's a privacy problem, Google is not likely to tell you about it. Not everyone in the world is aware of problems with the privacy of their data. "Advocates" are the people who warn other people about those problems. Everyone should make their own informed decisions. It is ridiculous to think every possible user of GDrive would know the possible issues with it.
That's assuming the problems will actually exist, which I'm not convinced of yet.
It's rare that you're presented with a knob whose only two positions are Make History and Flee Your Glorious Destiny.
I wrote a song for you
About a strange new thing called PGP
With a key that's public too
This software for encryption
So-called breach of export law
Brought a few more privacy
And put the fear in a whole lot more
we have been emailing ourselves documents and the like for years.
..and keep B on some other low cost internet storage provider (say Amazon S3 but even they may be too expensive compared to free but thats another issue).
Anyone who wants A has to get a copy of B from somewhere other than Google in order to reverse the computation.
A FUSE based file system could easily do this. Anyone looking at traffic just to google or just to your other provider wouldn't be able to get anything.
Anyone know of anything that already does this?
... about privacy. I mean really online unencrypted email gives any bad person in the right place access to a lot of your personal information anyway. If we dumped all the email out of the free emails services, I'm sure we'd have a hell of a lot of data just from that alone.
Hi honey this is your wife. I'm sorry I just uploaded the most incredibly embarrasing pictures of when you were flapping around in your underwear during our vacation to Picasa, YouTube, Gdrive, and any other place that I could find. I hope you don't mind. All of your relatives are laughing their asses off. I accidentally uploaded our tax documents too using some toolbar thingy. You'll just go up there and delete them right? OK I thought that would be possible, thx, bye.
You can't send a takedown notice to an already printed newspaper.
No one says you have to use this. The only reason this is even an issue is that most people are seeing Google's halo effect (and are taken in by "ooh, shiny, web 2.0!"). It should take even the least computer-savvy person less than 10 seconds of thought to realize that trusting any computer other than YOURS with YOUR DATA is a Bad Idea (TM). Especially when you can't physically get to the machine. What happens if your internet connection dies or is terminated? That's not even getting into the fact that trusting anyONE else with your information is an Even Worse Idea (also TM).
~Eien no Inori wo Sasagete~ Searching for my Hatsumi...
encfs does the same thing, but also encrypts filenames. It isn't "Enterprise-class" though, so I guess if you are a PHB you probably shouldn't use it.
I love how whiney little "experts" pick on Google, when their gripes apply to every online storage system ever.
I use my (leased) servers spread out all over the world for backup storage. That's right, there are copies of my data in 3 different places (plus the original at home). The archives are encrypted, but theoretically someone could boot one of my boxes into single-user, copy a file and try real hard with rainbow tables until they crack it. My life is boring as hell so the likelihood of that happening are nil, but it's feasible.
I could store those files anywhere else... Google, Amazon, or any of the stupid little ad-supported file hosts. Hell I could post the dumb thing on The Pirate Bay, label it as geek pron and let it float in P2P until I need it back. The end result is the same: my files can be accessed by third parties, and I'm not the least bit worried about it. I've taken the necessary steps to keep random idiots out of there by using fairly strong encryption, but a motivated hacker will always end up getting whatever he/she/it wants.
There is no absolute privacy, only relative privacy. The security of a piece of information is directly related to how valuable it is to how many people. Encryption will raise the bar, but the data is never ever 100% safe. Once you accept that fact, you stop worrying about it so much.
-Billco, Fnarg.com
Google would be wise to offer users an option to encrypt your information
Yeah, I suppose it would be wise, from google's viewpoint. After all, if they offer encryption, many customers would use it. And since google supplied the encryption, google can decrypt it any time they want (or any time a government agent orders them to do so).
What percent of the users do you think would fall for this, and thing that their stuff is secure because google encrypted it?
It is good to see that others here are suggesting various encryption packages that you can install on your own machine. At least someone has some sense.
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
It won't stay this way. I have it on good authority google will deploy an encryption solution, one that is client side so that data stored on google's servers is encrypted at all times, at some point after the initial release.
At least, that's what one of the Platypus (gdrive's code name apparently) developers told me at a technology conference.
I still let my e-mail provider read all my mails. How else does anyone think that spam filters work? You can't filter out spam without reading the e-mails.
What choice do you really have? You could run your own mail server through dyndns but non of the major ISPs will take your mail or send mail to you. Because of this, you are forced to use an ISP of one sort or another. They same things can be said about encrypted email. Without M$ and ISP "support" encryption will remain something restricted to a very few people who will be harassed.
"Reading" your mail for spam filtering is not the kind of profiling privacy experts are worried about. What you should be worried about is a profile based on your buying and reading habits that can be used to smear you, have you watched as a criminal/terrorist, denied health insurance, employment, credit and housing. Even if you are not the sort of person who would end up on a list for challenging some power that is, you should care to protect those other people because they are fighting for the rights of the rest of us.
Now, of all the ISPs, I'd trust Google before the rest but NO ONE should be doing this kind of thing. Your grocer, for example, should not report your purchases to others because it's none of their business. The fact that the grocer can make money that way is irrelevant but does not make up for the greater social harm that is done. People can make money through armed robbery and murder but society protects itself from that kind of thing.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.