And the privacy concerns around Mailbox / Dropbox
Actually, I have not thought of these before. Aral Balkan had amazing points that I'm going to try and embed here (Ghost doesn't have automatic oEmbed support yet, bear with us):
When you use @mailbox, you’ve decided that it’s OK for @dropbox to access your email and also the messages of anyone who emails you.
— Aral Balkan (@aral) August 20, 2014So ask yourself, do you have the right to make that decision on behalf of the people who email you? To trade _their_ privacy for a free app?
— Aral Balkan (@aral) August 20, 2014Your decision to trade privacy for a free service rarely affects just yourself: it's like second hand smoke; it harms those around you also.
— Aral Balkan (@aral) August 20, 2014Dropbox has a famously bad record of privacy issues. Not only have they appointed Dr. Condoleezza Rice to their board (which sparked outrage over the internet), a recent interview with Edward Snowden (go and watch it, now) revealed that Dropbox might not be a great idea.
An excerpt (starts at 7:21):
Ewen MacAskill: Do you think this is the end of cloud computing?
Edward Snowden: I don't. I think what cloud computing companies need to pursue in order to be truly successfull is what's called a "zero knowledge system", which means the service providers host and process content on behalf of customers, but they don't actually know what it is. That's the only way they can prove to the customers that they can be trusted with their information.
Alan Rusbdridger: What's a good example of that?
ES: There's a company called SpiderOak. SpiderOak is a competitor to Dropbox, but Dropbox is a targeted, you know, wanna-be prison partner. They've just put Condoleezza Rice on their board of directors, who is probably the most anti-privacy official you can imagine, so they're very hostile to privacy. SpiderOak, in response, has structured their system in such a way that you can store all your information on them, but they literally have no access to the content of that information. So while yeah, they could be compelled to turn it over, the law enforcement agency still have to go to a judge to get a warrant to actually get your encryption key, from you.
AR: Do you use Google?
ES: (laughs) ...no.
It goes on, you get the gist.
Most of the convenient things that surround us today are the result of apps and services being able to read our things. Google Now will give me a notification about an Amazon delivery, because they can read my email from Amazon. I can receive a notification about my flight with gate number, because Google will cross reference my comfirmation email with live flight data available through various APIs. I have all of these convenient (and amazingly cool) stuff, because I traded in some of my privacy.
If someone within Google would want to follow me though (let's put the legal bits aside), they could, because it is technically possible. And I've done this willingly.
The issue I have, which I'm becoming a lot more aware of thanks to people like Aral, is that some, if not most, people have no idea just how much information they're unknowingly but willingly leaking through misconfigured privacy settings on Facebook, Twitter, emails, etc.
There is no real point to this article. I'd love if people did some research, and became aware of what's buried beneath the terms and conditions and privacy bits that we blindly agree to, and perhaps change behaviours.
Myself? I'm replacing Dropbox with SpiderOak, and have since removed Mailbox and revoked access.
Note: yes, I am aware that by using Twitter, Facebook, Google I am also leaking personal information, but I'm familiar with these settings, and I am okay with what I share through these channels.