points
8 months ago
| 1 comment
| HN
When I save things to Google Drive, my data could legally be snooped on in three ways:

1. My national government, by court order or sketchy secret court order.

2. Google, who are in the business of tracking and profiling.

3. The US government, by court order or sketchy secret court order.

A person might hope cloud storage provided by a national government would reduce the snooping by two thirds.

Of course, that analysis ignores risks like the service getting hacked, my account getting hacked, and suchlike - which some would say are much bigger risks.

deadlydose
8 months ago
[-]
You really should be encrypting things before uploading to a cloud provider.
reply
michaelt
8 months ago
[-]
As an enthusiast I of course make encrypted on-site backups, which I then protect by syncing to a cloud provider, and I protect the encryption secrets with a password manager, and protect the password manager and cloud accounts with a U2F key, and protect the U2F key with two spare U2F keys in off-site secure locations.

I can understand, though, that most of the population doesn't want such complexity, and prefers to be able to reset forgotten passwords without losing their data.

reply
belorn
8 months ago
[-]
Treating your cloud provider as an hostile adversary is a useful security advice, through I would personally prefer to not give a hostile adversary my data in the first place.
reply