[deleted]
[deleted] I don't see how being logged into your google account is a security breach?
[deleted] I don't see how being logged into your google account is a security breach?
[deleted] a security breach
who said it was "a security breach"?
What I think @[deleted] said was whatever security that "advanced protection" provides, you're still exposed to Google itself collecting data on you and your usage.
f13a-6c3a then for this problem there are solutions like cryptomator https://static.cryptomator.org/android/1.8.1/Cryptomator-1.8.1.apk
[deleted] You seem to be either misunderstanding or beings purposefully obtuse - Cryptomator will NOT SHIELD YOU FROM GOOGLE SPYING ON YOU & YOUR ACTIVITES via whatever means they can, like trackers, telemetry, and other "diagnostic & usage" data.
We are talking privacy here, not security
f13a-6c3a How do you want Google to know the content of your cryptomator protected folder
f13a-6c3a And we are talking about security, read the first post above^^
[deleted] how secure to do feel when you have no privacy, answer me this
[deleted] Yeah, you seem confused
and with statements like this:
> @"bouledeneigeofff"#p25283 You'll brick them if you do that. **Google is life**.
you might be in a wrong forum
Simply because most people won't care if google knows at what time you connect, the size used on the cloud, what device you are using, etc, as long as cryptomator allows to hide the most important : Your files.
Google drive is reliable and secure.
Most alternatives, which offer end-to-end encryption, don't have the infrastructure resources of google, and many have security problems about encryption.
I won't use it personally, but I don't see the problem. Also, there are only few clouds, as bouledeneigeofff pointed out with google advanced protection, that offer connection with fido as a second factor.
f13a-6c3a
I don't think GrapheneOS is ideological, but rather pragmatic, regarding security.
Evoking google drive, especially with cryptomator, doesn't seem inadequate here.
Security is probably the least concern when using Google stuff. You should be concerned about privacy since Google knows about the stuff you upload to its services and may continue to improve the profile they already have of you. So, regardless of your threat model, I personally dislike that very notion of someone else sniffing through my stuff without my explicit consent to do so (arguably by using Google drive you give that consent, willingly or not).
You could keep using Google drive and start to encrypt your stuff with very strong algorithms and passwords. That way at least, Google needs to put in some work to get to you stuff, you know.
Can we stick to the facts, please? If I install sandboxed google play + google drive + cryptomator, perhaps with a dedicated google account, what data is google able to collect other than some limited metadata like any other cloud provide would?
Well, let's see. In their general Privacy Policy Google states:
We don’t show you personalized ads based on your content from Drive, Gmail, or Photos.
That's cool. Seems ok to me.
Then there's this Google Drive Terms of Service which reads pretty ok to me, too. There's this line:
[...] We will not use your content for marketing or promotional campaigns.
Cool. I mean, yeah, they could but they chose not to, so, yeah. Cool.
Also:
[...] As described in the Google Terms of Service, your content remains yours. We do not claim ownership in any of your content, including any text, data, information, and files that you upload, share, or store in your Drive account. [...]
Looks pretty good, I don't give up ownership when using their services. Important to clarify.
Then there's the next paragraph:
We may review content to determine whether it is illegal or violates our Program Policies, and we may remove or refuse to display content that we reasonably believe violates our policies or the law. But that does not necessarily mean that we review content, so please don’t assume that we do.
So, in order to distance themselves from any content that's hosted on their servers, Google reserves its rights to, occasionally, look through your stuff an check whether its good or evil. Cool. But please, I mean, pretty please, don't assume that Google ever does that.
Don't get me wrong, I do not condemn Google as evil nor do I believe that some actual human being every lays eyes on my stuff that I forget on my Google Drive account. They state they don't use my stuff on Drive to profile me. Good enough. I have to take their word on that plus I have to trust that their Privacy Policy retains its Status quo. This, to me, is a lot of trust I have to put into a company that's known to profile me whenever I come anywhere near one of their services; its most precious product is not some tech but me, the user and its data, after all.
The fact that Google chooses to not go through my stuff is, to me, not good enough, though. So, if i choose to use Google Drive, for whatever reason, I prefer to know that Google cannot touch my stuff, ergo I use strong encryption. It's not tinfoil hat thinking, I just prefer control over trust.
Just to be clear - I am not stating that Google actually goes through your files on your Drive account. But the fact that they might choose to do so at some point in the future creates some level of discomfort in me.
[deleted] For security activate APP, for privacy on Google drive create folder on cryptomator. Any other questions?
f13a-6c3a You are talking nonsense. Many security researchers advise Google. They have world-renowned security engineers. Like many, you are fighting the wrong battle but that's how it is.
Phead This is nonsense... Why would Google look into your encrypted file?! To begin with it simply cannot. And it doesn't have the financial means to do this kind of thing. You are completely out of touch
Titan_M2 Google will not be able to look into your encrypted folder by cryptomator. It may know the size of the folder and the time you put it on drive...
[deleted] Google doesnt have financial means? Mate, come on... The biggest ad company in the world have that and the largest computing power (and interest) to do whatever they set their mind to. Oh yes, their cloud may be secure but I would not bet my life on the fact that they would use my data for charitable purposes. Calm down mate, dont get so defensive, I never said you cant use it, in fact here is my 15GB of storage, go on and use it.
They would not, they cannot, they do not. I've never assumed they would. Why would they? Then, why encrypt at all? I mean, obviously Google has no interest in your files, encrypted or not. The last line of my comment was more of a joke and meant as nod to the conspiracy theorist in me and maybe others.
To begin with it simply cannot. And it doesn't have the financial means to do this kind of thing.
They simply can. I know, I know, tinfoil hat, but let me speak. Every encryption can be broken with enough time (like a lot of time) and energy and CPUs and enough raw brute force power. I am not saying anybody would (especially not Google, since it's illegal and pointless), but since you stated Google simply cannot, I would like to object. And financial means ... Google appears kinda rich to me.
[deleted] You make up so much... Create an encrypted folder with a 256 character password and don't worry. Even the NSA won't waste time breaking the password. On that note I'll leave it at that.
If people cannot have a civil conversation, we'll have to close the thread. Let's do better guys, please.
Google Drive is a pretty good choice if you're just looking for a generic cloud to upload your files, in my opinion. That said, I wouldn't upload my files unencrypted (without using a tool like Cryptomator, that is). Not because I think Google would specifically look at my files or because I think it generally looks at people's files. Them having the option to do so is the issue.
Peoples' needs differ; there's no one-size-fits-all solution. Some people may not mind Google technically having the ability to look at their files, or they may not be uploading personal/sensitive files in the first place (think e.g. schoolwork). Others may want to use a product like Google Drive to upload more personal files and don't want the service provider (in this case, Google) to have the option to look at their files. Since Google Drive doesn't use end-to-end encryption, in those cases, it makes sense for something like Cryptomator to be used, which paired with a strong password to secure the vault (which you can store in your password manager) makes the files inaccessible to them.
Being able to secure your Google Drive account with a hardware security key (as is the case with advanced protection program) makes it an attractive option for a generic cloud service compared to others, though it is important to note that other mainstream cloud service providers allow you to secure your account with a hardware security key (I believe Dropbox is among those, to name a big one). However, it's not the only option, and it's not even necessarily the best option either.
If you are someone who doesn't want to bother with a tool like Cryptomator (such as if you're primarily using Android - the Android experience with Cryptomator is currently far from ideal), and you want to obscure your files from the service provider, a provider that implements E2EE itself may be a better choice. Options that I can think of include Proton Drive and Tresorit.
All in all, I'll re-iterate that there are no one-size-fits-all solutions, and there is no need for things to get heated or for us to enter into arguments - we're all on the same side! :)
Finally, let's remember to try and refrain from extreme statements with no basis in reality. No, Google (or anyone) can't just arbitrarily break strong encryption; that's not how things work, and even if it was how things worked, rest assured that if strong modern encryption could be broken, Google (or anyone else) decrypting our cat photos on the cloud would be the least of our concerns.