Comment by sgdesign
4 years ago
I’ve heard great things about Google Domains but this kind of story is exactly why I probably won’t be using that service. It’s just too risky if you lose everything at once.
4 years ago
I’ve heard great things about Google Domains but this kind of story is exactly why I probably won’t be using that service. It’s just too risky if you lose everything at once.
Honestly: don't upload unencrypted content to anyone, for exactly this reason.
I have cloud backups of family photos, but they're all through restic or rclone with the crypt filter applied. Privacy is about the right to put yourself in context.
> Privacy is about the right to put yourself in context.
Wow. This is a brilliant. Did you come up with this?
Maybe from here?
Six Words on Privacy
https://safecomputing.umich.edu/six-words-about-privacy
The problem with personal encryption for long term storage is that it is easy to loose private keys and passwords.
For this type of encryption, I think the password could be “password” and that would be good enough. The primary goal is to frustrate automated scans, not targeted brute force attempts.
That's a problem with very easy solutions, considering what's at stake. Use a paperkey, NFC card, smartcard or even a printed data matrix sheet to store the keys and/or password DBs. The reason why all these aren't popular enough is that people don't consider privacy to be important - until something goes seriously wrong, like in this story.
Sorry, 99.99999% of the general population don't know what restic or rclone is. In fact, I won't be surprised if 90% of software engineers have never heard of them. These things aren't really know outside circles like hacker news.
As software engineers and the stewards of modern technology, we have a responsibility to build tools which enable capability for the rest of the people - particularly in the open source world.
People can't run their own encrypted messengers so we have Signal. People should be provided with interfaces, and advocated too, use cloud services for their data in a safe way.
Privacy is about the right to put yourself in context.
Very well said.
Yeah, the way Google likely ties your accounts all together a wrong decision on any Google account even if not the same account for your domains could end up having all your domains stolen by Google.
What I'd like to know if if they actually deactivate multiple linked accounts when any one of them gets flagged. I have three accounts, one more for personal things, one more professional, and a third one with my current country as a location for getting local apps in the Play Store.
Google knows I am the same person, even though they are different accounts, so are the two other accounts safe when one of the three gets flagged?
They certainly do sometimes. Play Store developer accounts seem to be particularly vulnerable, but I would not rely on it being restricted to that.
No they are not safe in general, but sometimes they only enforce it if you are trying to circumvent the reason for the original ban.
As a basic consumer storing somewhat not important things on Google is potentially risky for the content on it but you aren't paying them anything so its probably worth the trade off. For a business or for something you pay for Google's support is atrocious and its not worth the hassle given all the horrendous failure modes it can put you in. One thing Google consistently is teaching people is do not pay them directly as they don't know how to treat their customers.
Using Google for anything at this point feels like a ‘told you so’ waiting to happen.
Not sure where you'd upload the photos to Google domains?
Assuming, of course, that you don't use your personal account for your domains - that'd be crazy!
If it’s personal domains, then it would make sense to use a personal account.
Not to mention Google will link accounts and ban across them.
1 reply →
Never ever use your personal Google account for anything you don't want to lose. You haven't seen all the horror stories the past few years?