"If other browser engines were allowed in iOS, Chrome/Blink would take over the web browser market"
Pick one, folks. Either Safari is the best, in which case the WebKit monopoly is unnecessary; OR the iOS monopoly is the only thing preventing users from switching to a better browser.
It doesn't matter if you like PWAs or WebUSB. Or what you think about new web standards. The best browser is the browser regular users choose to use. Good web standards are standards that enable sites/apps that users want to use.
Right now, we don't know any of that because the lowest common denominator for the web is not what users want, but what Apple allows users to have. Claiming that those two things are the same sounds a bit weird to me.
It's surprising that people think that Chrome pushing web standards forward means that "everyone has to do what Google wants", while the only true gatekeeper between users and developers these days is Apple's iOS policies.
If you think that's not true, please answer: if a user in any configuration (device+os) WANTS to access your app and you WANT to develop for them, what set of device+os are mediated and by whom? Whose policies you MUST follow to have access to a (major) set of users?
(disclaimer: I'm a Chrome blink engineer involved in web standards)
I agree. I honestly think she deserves a Nobel Peace Prize for the contributions she has already made toward the advancement of science. Among other types of people who can nominate an individual for a Nobel (mostly elected government officials), there's also the category of: "University professors, professors emeriti and associate professors of history, social sciences, law, philosophy, theology, and religion; university rectors and university directors (or their equivalents); directors of peace research institutes and foreign policy institute." (https://www.nobelprize.org/nomination/peace/)
I do not meet that qualification. But I'd be willing to wager that at least one person frequenting this forum does. If you meet the qualifications to nominate a person for a Nobel Peace Prize, please consider nominating Alexandra. The deadline is midnight CET, Jan 31.
We have to stop this madness of thinking that "John READS my diary" means the same thing as "The function fread() READS nitems objects". Those don't mean the same thing except in a metaphorical sense. It's insane.
It's not about who reads it, it's about who has access. If a system has access to read my email as plain text, it means anyone who owns or can get access to that system can read my email.
Some one wrote fread, it could've been john, and john absolutely could be reading your email. Look at the what happened with ubers god mode.
That said the value of gmail for me exceeds the risk of people I care about reading my email getting access or having access. However my(and probably your) subjective view on the value of your emails is absolutely subjective.
But then again, in the context of the story, it doesn't change anything. Google still has access to your email. That it is not "reading" for the purpose of ads is just a minor thing that doesn't impact your privacy/security in any way (in the terms that you are describing).
why does it matter? Google has access to read my email, and if they want (or are pushed to), they can single me out and then go and read them. Sure, 9/10 times it's a bot reading my emails, but there's nothing stopping them from doing it.
it matters exactly because of what you are saying.
You do have protections against someone reading your email at Google. Both from a expectation of privacy, but also from a company perspective. You also do have some non-expectation of privacy (if, for example, the US government wants to read your google email, they can ask for it and they eventually will).
The day someone with a brain and an opinion on Kim Kardashian at Google reads your email, there is a HUGE difference from when Google is "reading" your email for ads/spam/spelling/whatever.
You don't want to blur that line being wishywashy with language. You want to know that difference. The fact that it could happen is why you need that clear separation between "machine reading" and "a person reading".
> You do have protections against someone reading your email at Google.
And those protections are bullshit.
I have no guarantee that they are not reading my email. If a bot has access, a person has access, and people abuse their access all the time.
In fact, there have been cases of googlers reading peoples email. And I'm not blurring any line, I'm stating: Gmail can, has been, and will be abused. To pretend that is not the case is, frankly, naive.
I know this is cold comfort, but every single production data access is audited at Google, and that's after one signs more NDAs than you can shake a stick at to even get logs access in the first place. Each incident, with David Barksdale being the worst, has made them lock down logs, PII, and production access at a level unprecedented of any I've seen (including HIPAA shops).
You're correct that the possibility exists, but any Googler inhales heavily and makes sure their paperwork is in order before accessing prod. The warnings that are displayed are not unlike those when you're removing a nuclear core on a starship. It's scary. They want it that way. You need a damned good reason to even look at subject lines in the inbox (like fixing a bug involving subject line rendering that only appears with a user's specific subject line, for instance), and clicking a message is almost certainly a walk. Like, within the day.
They do take this seriously. I wouldn't call it bullshit. The protections I observed were in place before Snowden, so I imagine it's even more rigorous now.
You're calling bullshit on what, exactly? I'm providing you perspective on the very thing you're hypothesizing about from firsthand experience.
What is your technical solution for operating Gmail without any Googler having the ability to access some aspect of your data? It's email on the Web. Handling that e2e is pretty much intractable, and cleartext or nearly-cleartext with online keys has to exist somewhere even without the Googley things they do to data. I might posit that building a functional service with that requirement would be impossible for the Gmail case and many others (but I'm ready to be proven wrong).
>> They do take this seriously. I wouldn't call it bullshit.
> You're calling bullshit on what, exactly?
really? your firsthand experience is nice, but your ignoring that those methods don't work.
> What is your technical solution for operating Gmail without any Googler having the ability to access some aspect of your data?
They can use any of the current zero-knowledge encryption methods. This isn't anything new and has been around for a long time. There's no need for Google to have those keys.
Encryption isn't a new problem for email, it's already a thing.
what's the use case you are worried about? Tell me a story. Who is accessing your date, for which purpose, when, how much, etc... and explain how Gmail is a bad solution because Google "can read it".
Yes, Google does not offer you protection against the Government. That is a true statement. But that doesn't mean that it's all or none. There are so many privacy rights before "a warrant request". And news flash, unless you are extremely good at securing your own mail server, even then you are not protected against a warrant.
Those checks are not bullshit. Every single security system "can be bypassed".
The use case is pretty obvious by now: people trying to manipulate me (ads), overreaching government intrusion, and invasions of privacy.
I never said that Google just sends everything over to them, but they can come and access my data without me ever knowing, and that's a problem. Just because there are (imo broken) checks in place does nothing to negate that fact.
Those checks are provably bullshit by the previous breaches. If they weren't bullshit, there would never have been breaches.
as I said, government intrusion can't be defended as is. Name one web technology that is government intrusion proof. Fuck that. Name on technology that is so. Air gapping isn't. Granted, air gapping allows you to at least know about it. But that's that.
"invasions of privacy" is not a use case. Give me details. By whom? Your partner? Your coworker? 4chan? Your mayor? Russia? What information are they getting from you? Why? It's very likely that whatever use case you come up with, you are better defended with 2auth gmail than with whatever other solution.
That's a problem with the web. In 15 years, and not counting legal government requests, there were what? 3 cases of email data breaches that were caught? 5? That's your "provably bullshit"? What do you use on your life that has a lower failure rate than this?
> as I said, government intrusion can't be defended as is.
yes it can. zero-knowledge encryption is already a thing.
> Name one web technology that is government intrusion proof.
Apparently the iPhone is. pgp encryption is another one. I'd suggest brushing up on basic security before saying things like that.
> "invasions of privacy" is not a use case.
Why not?
> By whom?
By anyone that I don't authorize. Sure, that could be my partner, coworker, any government authority, etc.
> What information are they getting from you?
Are you serious? If you don't even understand that threat model, then again, I'd suggest looking in basic security models.
> you are better defended with 2auth gmail
2auth gmail is orthogonal to the issue. That's an security method. Currently Google does that but still can grant access to anyone they want. That's a problem that 2auth doesn't address.
> not counting legal government requests
Why not? Why remove a legitimate security issue from the discussion?
> 3 cases of email data breaches that were caught
I have no idea how many have been caught, once again, that's orthogonal to the issue. How many examples doesn't matter. It's that they do have access and can do it whenever they want.
> What do you use on your life that has a lower failure rate than this?
That's a completely illogical argument. "We shouldn't ensure privacy/security because other things in life fail more often" makes no sense.
If you are referring to the San Bernardino phone thingy, the FBI withdrew the request exactly because they did access the phone by themselves. It just cost more money.
> pgp encryption is another one
lol. Isn't there tons of reports claiming that PGP leaks too much metadata? And that the NSA is collecting those? And that there's no reasonable way to use PGP without leaking those (like hidden-sender whatever).
> > "invasions of privacy" is not a use case.
> Why not?
Because I want specifics. Just saying someone "invaded your privacy" doesn't tell me anything. Tell me a full story: entity X did Y to know Z from W. And show me how using gmail made W more unsafe on that case. And what I'm trying to tell you, is that there are two cases:
- legal government related. In which case Google can't (and won't) protect you. It's a fair claim. If you are doing something that the US government wants to know about, don't use gmail. But most things won't protect you from that anyway. Ask Dread Pirate Roberts about it. :)
- non-government related. In which case you are better protected with gmail than most things you can reasonably do. Ask Hillary Clinton. :)
> That's a completely illogical argument. "We shouldn't ensure privacy/security because other things in life fail more often" makes no sense.
Where did I say we shouldn't ensure privacy/security? What I'm refuting is your claim that "it's bullshit because it failed once". Gmail does a better job than most other things. Most things in your life fail more often than that. And most things don't evolve security/privacy wise as well as gmail does.
> the FBI withdrew the request exactly because they did access the phone by themselves
As far as I saw, that was just speculation. Any source on that? I'm inclined to believe it, but if true: why do they want the encryption removed rather than just snooping that data on the sly? It's better if your victims think they are secure.
> lol. Isn't there tons of reports claiming that PGP leaks too much metadata? And that the NSA is collecting those? And that there's no reasonable way to use PGP without leaking those (like hidden-sender whatever).
Possibly. But if so, I haven't seen them. Sources please.
While meta-data is absolutely useful, contents are even more useful. Just because something has one security issue doens't mean that we should give up security altogether.
This isn't anything new. Having access to communication is pretty much the basis for espionage. If you don't see how that applies.... I'm not sure I can help you.
> legal government related. In which case Google can't (and won't) protect you
That's my point. They can protect you, they choose not to. Zero-knowledge encryption is still a thing. Just because Google doesn't use it doesn't mean it's not possible.
> non-government related. In which case you are better protected with gmail than most things you can reasonably do. Ask Hillary Clinton. :)
Only if Google can't access that data. If they can, it's much easier to bypass encryption and just ask Google to hand it over. Google can solve this problem but chooses not to.
> Where did I say we shouldn't ensure privacy/security?
When you say that gmail should be trusted. There are clear privacy/security holes with their model that you are ignoring. That's what this whole discussion is about.
> What I'm refuting is your claim that "it's bullshit because it failed once"
A) It didn't just fail once.
B) Failing just once proves that the system is not secure, and needs to be fixed. Failing multiple times from the same attack vector proves that they aren't taking security/privacy seriously, because they won't fix the root problem.
> Most things in your life fail more often than that
... so? Whether thing A fails more often than thing B has no bearing on whether thing B can and will fail.
