I will never forget that the Christchurch shooting video was automatically deleted from users' PRIVATE Google Drive and Dropbox - no warnings were given and no explanation was presented.
I wonder if in the future we'll need a "unique-inize" app that will make trivial changes to pictures and videos that change their hash and their size by a few bytes to defeat this kind of nonsense. Changing even one pixel's hue on one frame by a small amount should make the whole thing encode (depending on codec) to a different size and hash.
There are other kinds of hashes besides cryptographic hashes, which tolerate differences, e.g. you can change things around and still get the same hash. This is what Apple does (or rather did) for their cloud scanner.
Then there are other non-hash methods, similar to how Shazam determines a song in a noisy room. Poles, zeros, FFTs, there are many other strategies that are fault-tolerant.
Sure but it becomes an arms race. There is also a lot of people that have shown that you can make images of dogs and cats that hash to Apple's hash detector. At some point a white hat is going to start making memes that cause hash collisions. When 300M all violate some hash trigger, it will cause a stir and restart the game.
Sure, but just compress and encrypt. It won't play in place, but otherwise it's nondetectable (other than by out of band timing/metadata or very rough size estimates).
...which is what floors me when Google made this statement. I thought the whole benefit of their Google drive system was deduplication of common files to minimize storage space costs. If they start tinkering with private files then people have no choice but to encrypt everything.
This will cause their storage requirement to explode. However, if the goal is only to prevent public sharing of content in contravention of the user agreement then I'm surprised it took them this long to implement this.
How many people have the wherewithal to encrypt their content? Even if some have the technical capability, how many are willing to take the reduced quality of life required for what is probably a low probability risk?
Came here to say this. Only an idiot (should say people without knowledge) would upload any personal data to the "Cloud" without encrypting it first. That includes pictures.
As for size, you can always tar/encrypt its dir and include dummy files to modify its size.
To battle the Cloud storage paradigm with uniqueness is always going to be a cat and mouse game.
I wish the future is a NAS that is simple, fault tolerant ( Bit-Flip protection, Error Correction, Drive Redundancy ) and extremely affordable. That is something the Apple Time Capsule should have been.
Right now I cant even get a 2x 2.5" 2TB HDD and a NAS enclosure for under $200 RSP. I was hoping Kobol would be it someday. But chip shortage and many other things had them canceled the project.
Synology isn’t the cheapest, but they’ve made it “just work”. Every few years - both for home, and for work, I consider getting a “more serious” storage system or building one; and every time I do a serious comparison and end up choosing Synology over building my own FreeNAS/TrueNAS/etc for home, and preferring Synology over NetApp for work.
I do have a couple of NetApps for mission critical stuff; and one of my customers runs an Isilon which I have to support; for almost every workload that can tolerate a few minutes of planned downtime per month, the Synology wins bigly as long as you have knowledgeable IT staff.
And no, you don’t want an Isilon or a NetApp if you don’t have knowledgeable IT staff around - you want a synology (or to get better IT)
> Right now I cant even get a 2x 2.5" 2TB HDD and a NAS enclosure for under $200 RSP
You can get comparatively much more for much less if you look carefully at the used market and spend some time building it for yourself. My 5 bays home NAS cost me just a bit over €130, excluding disks of course: €46 for a SUPERMICRO X7SPA-L mainboard and €88 for a Ultron RPS19-G3380 case, power supply included. All purchased from ebay sellers. I already had the memory modules plus an additional slow SATA controller I use for a non RAID disk, so had to buy only the disks locally. It runs XigmaNAS and has been rock solid with multiple 1 year+ uptimes interrupted only for maintenance or disk upgrades.
> These files will be flagged to their owner and restricted automatically, which means they can no longer be shared with other people, and access will be withdrawn from everyone but the owner.
all articles always say that but non-verifiable comments around the internet say the file is removed from everywhere.
I'm trying to confirm this comment:
> They removed it after they began using GIFCT to ‘prevent terrorists and violent extremists from exploiting digital platforms.’ All hashed versions of that video was removed from user accounts.
It would have been interesting if any of those users who got their video file deleted would have been directly attached to the shooter (like an accomplice, let's say), afaik that would have meant that Google Driver and Dropbox had tampered evidence.
Apologies for directly contradicting you, but it's false that Google don't delete. Google do delete in a timely fashion (which is required by law in many places!), it's just that for technical reasons, it becomes unavailable or possibly also crypto erased* first.
On an aside, such a setup is also a layer of defense-in-depth protection against a certain, uncommon class of bugs.
That eliminate both options for journalists and lawyers. There are professions which could have legitimate reasons for having the material and as terrible as it is, is it actually illegal?
From the legal standpoint, using those sort of services for storing sensitive case data like that is a bad call. too much media in those situations violate the terms and services of most platforms paid or not, and too many of those platforms have too many liberties with the usage policies on the media.
If you are dealing with case data, you should be have those policies reviewed carefully, and should likely be encrypting before storing anywhere anyway.
I say should because I almost never see case data stored to standard.
I was actually trying to watch that video the other day. Google would not find it, Bing listed the actual video as the top result. Never thought I'd start to respect bing over google.
Yes users of a service, whether one is paying with one’s personal data, or whether one pays with their personal data AND a yearly fee for a bit more storage, as I do— they are users.
They removed it after they began using GIFCT to ‘prevent terrorists and violent extremists from exploiting digital platforms.’ All hashed versions of that video was removed from user accounts.
I haven't had my coffee yet, but I'm having trouble understanding your claims (about Google Drive deleting TVEC content) and how they relate to the OECD document you linked. That document does not state that Google (except YouTube) is a member of GIFCT. Further, on page 124 (in "Policies") of the document it states that Google Drive will prevent sharing of files it finds violating, or maybe ban an entire account in some situations.
The policy going back to at least 2014 does mention not being allowed to "store" violence and gore. They even say that if it's shocking enough, then no artistic, scientific, educational, or documentary exceptions will allow it to remain on their platforms. I assume that means deletion. It's a different Internet than what many of us grew up with. https://support.google.com/docs/answer/148505
Yes, I would feel the same if the deleted document was a plan for a nuclear weapon.
If it is not shared with anyone, why should a cloud provider get to decide what I can and can't store?
I want to be able to use that storage as an extension of my local hard drives/SSD's with the ease of use of accessing it between different devices. I still consider it my data.
That those bits and bytes happen to represent a document for a nuclear weapon shouldn't matter.
Now if you were to ask if I believe people should store a video of the Christchurch shooter? No, I full-heartedly believe its kind of sick that someone would want to store/archive that, but I don't want a cloud provider making that decision.
Because it's their ToS, their hard drives, their business. Doing it without at least a day prior notice seems to be a very big no-no, but it obviously did not matter to their bottom line. The general public does not care about these issues enough, because there are other issues in society that seem to be more important for the plurality. (Just to name one crazies shooting people.)
We had that sort of thing in 'real property' too. Today most jurisdictions limit the supervision landlords can decide to implement over tenants (who in fact have a 'property right' in many cases over the property as well as the freeholder, and the right to 'peacefully enjoy' (without intrusion) their home) .
It seems like eventually the law will have to change so that these companies have to start treating users like tenants rather than serfs.
Recently I have discovered that google has nuked hundreds of North Korean videos. This upsets me as needless destruction of the historical record. I wonder how people would feel if something like google was around after world war II and censored hundreds of videos of nazi atrocities. It is wrong for a public forum like Youtube or public resource like google drive to restrict content based on subject matter with very few limited exceptions. All political and war footage should be free from restriction.
Well it kind of is too late when the historical videos are pulled down and you do not have another source besides Youtube. I am sure that academic and even possibly open source intelligence researchers are similarly frustrated assuming they did not all download the videos many of which had been on the platform for many years.
Nuclear weapons aren't all that complicated, it's the enrichment that is hard. It's a large scale industrial process that requires a well equiped specialized facility. We can detect these activities from space, that's how big we are talking.
You can get a rough idea of what is needed from Wikipedia. They are simpler machines than a automobile engine, at least in the sense that there are fewer parts involved.
Yes, and you can legally and readily get all the information for all steps of the manufacture.
As far as encryptions and data go I just echo that "not your drive, not your data" remains true and that encryption is not going to stop a cloud provider from deleting your encrypted content. Feels like I've been saying this for 10 years now (I have) but I truly do not believe cloud use is the future for computing. Drives and mass storage are always getting cheaper.
A analogy, you can probably find full schematics of a Tesla, or close to it, but that isn't the problem. The car factory is the problem. How do you get one of those? If you have the resources to obtain one, you also have the resources to hire engineers to design a car for you.
> would you feel the same if the deleted document was a plan for a nuclear weapon
Those two situations aren't even remotely comparable - nuclear weapon plans are straight-up illegal for individuals to own in the US, so by removing one of those, Google would be complying with federal law.
The Christchurch shooting video was not illegal under any law that I'm aware of, so Google was not legally required to delete it, and it was a primary source for a historical event, so Google shouldn't have deleted it, especially not from users' private drives that they weren't sharing (as then you can't even claim that they were spreading extremist material).
Yes, for US citizens the right to information is almost unlimited. Even plans for (nuclear) weapons is protected unless it’s stolen classified material, you intend to develop a nuclear weapon, or you intend to export that information.
I hear you, even though you are downvoted. Right here in the ~10 comments you have from Americans we can see the "double standards" that people adopt. There was no outrage (actually some "anti-outrage") when Apple, Google and AWS censored Parler, an app that allowed "freedom of expression".
People draw the line when it affects their beliefs, in that case they say it was justified for Google, Apple and AWS to censor an application that potentially can be misused. But they get outraged at the thought of removing a video of a massacre, and also they outrage at the thought of limiting their access to tools that are made for the main sole purpose of killing people.
If you want to compare apples and apples, no American would think to remove videos of 9/11 or the Floyd murder.
But it's not even about Americans, I'm from France and it's the same, no one would think to remove videos about the 11/13 except to keep it off Facebook so that kids would not see it.
Video of a tragedy, while deplorable, is not on the same planet as plans for a nuclear weapon. Are you also of the opinion that thing like live leak should not exist/be accessible?
It is a very slippery slope. Would you feel the same if it was a genomic sequence of a novel respiratory virus? Would you say it is a plan for a bioweapon and hence must be forbidden?
It is like arguing against capital punishment using Ted Bundy's case as example. Generally that works the other way with most people and that's the kind of person they enthusiastically support the state murdering.
Similarly the reaction of most people to Google removing that video is going to be "good" and you're going to have a very uphill battle convincing them otherwise, and you're probably going to lose.
If you talk about university researchers that study pornography and Google nuking their research or their ability to share their research with other institutions, you'd probably make more headway.
It is only on a site like HN where the most upvoted commment is "OMG they deleted practically the worst video imaginable from a mass shooting incident can you believe those fascists?" and everyone votes it up to the top.
it's not a bad example at all - the point is that even if the video is vile, it is not and should not be google's mandate to delete private files by applying some extra-judicial moral judgement.
Let the law work - possession of illegal material should be enforced by the police, not by a corporation that the user cannot hold accountable.
You will not convince anyone to agree with you who does not already agree with those principles already, and you will lose 90% of the rest of the people who find that video horrific and never get past it.
Aside from legitimate DMCAs what I'm worried about is losing backupped files of any sort because some rogue individual files a complaint on stuff they don't own or because of an ML error and an inexistent customer service by Google. Also I don't really like the service to sneak onto any files I upload. What alternatives do we have for cloud file backup? I already do full backups, need something to sync files between devices.
I use an S3-comptaible hoster with the rclone client which supports encryption/decryption on the fly. That is, I don't even need to trust my S3 provider.
For syncing between devices, I guess `rclone sync` should do the trick.
You're leaking quite a lot of information to the provider if the encryption is per-object. Not saying this necessarily matters in your use case, but good to be aware of the limitat a lot can be deduced from file sizes, timeline of accesses, and access pattens of files. And most importantly of course you're still trusting the provider for availability.
For example if you saved a folder of mp3 files using the rclone crypt functionality that you downloaded from a known BitTorrent, it would be easy for an adversary to match that set of known sized objects with high confidence at the storage provider end, or from observing encrypted network traffic (which in the S3 case leaks object size through traffic patterns) and deducing object sizes from there.
There's methods to use S3-like platforms without leaking data. Restic does this by packing blocks of data together and encrypting them instead of doing it on a per-file basis. This allows for deduplication at a block level and functionally making the contents ambiguous noise.
Thanks for the advice. I didn't know that. In my case, it does not matter much (my data is mostly produced by myself). But, sure, it is good to be aware of that fact!
An owncloud droplet or owncloud on a VPS. Or an owncloud paid instance. All depends on your budget and your needs and your time.
I totally switched off Dropbox when they limited the number of devices. Self host owncloud on a VPS, am very happy. From time to time I have to occ:upgrade something et voilà. Used for syncing, not backing up.
It helps that I can install and maintain it though, wouldn't recommend it to anyone without a bit of wed/IT experience or the time to lean some basics.
Just installed nextcloud, an owncloud fork today. Be warned, while server side encryption works, e2e is completely broken and has been for non brand new accounts for quite a while judging by the github issues.
I'm not sure how much should I trust a vps host. I can mess around with encryption all day long but they can compromise my mail server without me ever knowing.
> I'm not sure how much should I trust a vps host. I can mess around with encryption all day long but they can compromise my mail server without me ever knowing.
Basically, you can't. It all depends on your threat model.
Maybe have a look at cryfs and encfs ? One of them is `optimized` for always on syncing and small chunks (can't remember which) and the other is deprecated (or a third one, can't remember at the moment).
But yeah, if you have a business... don't self host too much sensitive stuff, delegate if you can.
You wouldn't lose the content just the ability to share it, if I read it correctly, which is something I wouldn't normally want anyway. My backups are done with restic so Google can't tell what's present since it's encrypted.
Honestly, if you're keen to share something you shouldn't, it's pretty trivial to host it via https://rclone.org as an http server. The only person accessing it off of Google drive is the original owner and gdrive can't tell that it's being shared beyond that.
It is not announcing new content restriction policies. Those have already been in place. What's new are the user notifications:
Not new: "When a Google Drive file is identified as violating Google's Terms of Service or program policies, it may be restricted."
New: "Now, the owner of the item in Google Drive will receive an email notifying them of the action taken, and alerting them of how to request a review of the restriction if they think it is a mistake. For items in shared drives, the shared drive manager will receive the notification"
I've been a Google Fi customer for 6 or 7 years now and what constantly scares the hell out of me is the subreddit where about every 3-6 months you see someone saying:
"Google Fi did me wrong, so I reversed the charges on CC - now my entire Google account is locked / all photos / all files in drive"
This seems... like it's going to get regulated soon. Just going to take blocking the wrong account some day and boom, here we go, legislation.
Ironically, craping the web can result in termination of your account:
“we reasonably believe that your conduct causes harm or liability to a user, third party, or Google — for example, by hacking, phishing, harassing, spamming, misleading others, or scraping content that doesn’t belong to you”
Given that a search engine needs to scrape the whole web to exist, I can't understand how they can stand against a user scraping unrelated third-parties, like it's some sort of grand evil they need to stand up against.
Talk about a pot calling the kettle black. I can't believe they put that in their terms.
Think of it more as Google defending its turf. They want to be the only ones with access to data in bulk, so that if you want to find something, you have to go through them.
And the cycle repeats. It starts with the obvious malware or hollywood movie takedown, but the actual policy is anything which goes against an opaque and subjective acceptable use policy, which means the entire world's files now need to conform to discourse within the narrowly defined Overton window controlled by a tiny group of likeminded people.
Fast forward a few years, and we can all predict which content will be "hate speech" and which almost identical content will be allowed. Detection of copyright protected content will be automated, but appeals for fair use will be manual, slow and difficult. Double standards will abound where the liberal ideals of the company run up against corporate interests, favored politicians or powerful governments.
And of course- someone will make a competing service which doesn't police content, and that service will in turn become a cesspool as all the worst offenders will be massively over represented there compared to merely the good netizens concerned about protecting a free internet.
Maybe a massive move to decentralization is the only thing that can save us. 100 different services with 100 different policies on which content is allowed seems far better than the direction we're headed. I'd rather at least have the easy choice and understanding of which ideology and set of interests I'm being filtered through.
I have, uh, mp3 backups of all the music I have owned from my, um, ludicrously massive CD collection. Is it worth the risk that google might one day decide I am a pirate and block my account?
For reference, I use FLAC instead of MP3. Your collection may be larger, but my ~12,000 FLAC files take less than 500GB. So I'd say it's a question of value: You could have redundant copies of your music for ~$300 CAD with a pair of Samsung T5 SSDs, or you could someday lose every email, contact, photo, document, Youtube playlist, and MP3 you use Google for.
I'm not saying it's likely, but it only has to be a one-in-100-million chance for it to hit a couple Google users.
How redundant are SSDs actually? I've been doing offline backups, but the OCD kicks in and I start wondering how many I should actually have and how often I should replace them...
I think the general consensus is that you shouldn't just leave them on a shelf for more than a year and that there is some temperature dependency in there.
If you really care about the data, two+ backups stored in different places is completely reasonable. Note that "places" is not limited by physical as trying to maintain independent dependency chains (e.g. a durable storage provider may decide to cut off account access so maybe a second independent storage provider using a different credit card makes sense)
Your OCD may also be helped a bit by having some way to verify you backups (e.g. use ZFS and scrub regularly and/or separate hash manifests of the files).
It is not worth the risk. Encrypt those - you don't have to choose a particularly secure key or encryption scheme, just one that's good enough that it's computational infeasible for Google to brute-force that scheme+key size for every one of its users.
Actually, it might be a good idea to encrypt everything on Google Drive - I wouldn't be surprised if they analyze your files and use the results to augment their internal profile about you (or, even if they don't now, they could very easily do so in the future - remember when they scanned your emails to target ads at you?).
And tar/pad them, encryption if not done carefully when combined with compression suffers from the same kinds of problems as ECB.
AKA, it wouldn't surprise me at all, if given a disk with 100 folders, each with 8-15 encrypted files each, that someone couldn't figure out which albums comprise a good number of those directories simply from the resulting file lengths.
Risk is something you have to answer. What are you going to have to do go to get your data and find:
* A few songs have been removed, here and there, such you can't easily determine what has been removed.
* Whole albums or your collection is removed.
* Your account is disabled and you loose everything related to Google, including all other stored files, email, calendar, Android apps, music and video purchases, etc.
It's not your service, it's Google's. You're only renting access until they decide you're not.
If you are going to use cloud for backup, always use an encrypted backup so they have no idea what you're storing. I highly suggest considering using `rclone` to mount Google Drive. I've had mixed luck with using the encryption module. I would highly suggest `restic`, as it's very easy to backup and restore files.
rent a gcp instance for a bit, rclone mount your drive instance, create another rclone encrypted mount, copy from the unencrypted mount to the encrypted mount. delete unencrypted content.
go to your local pc and rclone encrypt mount your drive. now you have your linux isos and they are encrypted upstream
I was once responsible for ripping 250,000 CDs, legally, on behalf of various record labels, from tiny to the big 5. I would love to store a backup of all that data in the big cloud services and see which ones deleted my legally-owned data.
What I'm trying to find out is what happened to the 250,000 CDs. They were put in storage unit. What happened to the storage unit when the company was liquidated? Did anyone even remember the CDs were there? Did someone bid on the unpaid storage unit and come across the biggest cache of music ever seen?
If you ripped those CDs while contracted by these record labels, I don’t see how it is legal for you to keep the files after the job and call them yours.
You assume that once the job was done, he washed his hands of it and it was over.
I once digitized a large media collection for a company (not audio, though), and it regularly used me as a backup source of last resort for when the files failed/got lost/needed to be transferred in bulk to another company/whatever on their end.
Is there a legal requirement to do a DMCA take down of something the copyright holder doesn't know about?
If you put something on Twitter mentioning certain cryptocurrency keywords (e.g. MetaMask), you'll get reply tweets from bots in a few seconds with fake support documents hosted on Google drive.
My sense is that this is what they are trying to stop.
I feel a big push behind this new policy is to remove the large amounts of commercially-broadcast TV content that is shoved into Google Drive and openly shared to 0.0.0.0/0 (e.g. via TV subreddits). Google has had fairly aggressive rate-limiting on viewing/downloading fully-open shared-to-all videos hosted within Drive for a long time, but there have generally always been ways around these limits. In the last few months, I have noticed several fairly large TV subreddits that used Drive for video distribution being closed due to too many DMCA takedowns, as such I feel that this policy change is G formalising their intentions to stanch this avenue of piracy, more than it may be a move to chase off malware/phishing ne'er-do-wells.
A lot of their takedowns come from user-flagging. If a user flags something, so that the item is now on the hosting site's radar, are they now responsible for it? They're only not responsible for things they are not aware of.
Totally misleading headline and all these comments are commenting on the headline without reading the article. Google has _always_ had anti-abuse systems that will restrict sharing for content that violates ToS. The new feature is that the content owner will now be notified when their content has been restricted, if that owner has a Workspace account.
'our' files comrade. At this point it makes 0 sense to keep files in drive, since if the magical algorithm has any issues you have 0 ways of combating it.
You can encrypt your files with Cryptomator[1] if you don't want Google looking at your files. I'm not sure about their policy on that though? I mean if it's encrypted, then they can't scan for piracy / Christchurch videos and other contraband, right?
What __is__ your recommendation for setting up remote backup for private use? I am thinking of something that can be used to sync and / or backup different devices for people of differing tech affinity.
I think this question deserves re-examination now, since recommendations likely change due to the facts in the op.
As far as I know, it used to be that one should either "roll one's own cloud" (whatever that means for a non-technical user), or simply use the best-integrated tool like Google Drive, DropBox, Apple for the devices at hand and live with the fact that the company will train whatever AI model du jour on your private data.
The reason for this binary recommendation was as follows: while services like SpikerOak exist, who say they encrypt your data, the believability of that was never exactly high. Most likely, your data might still get mined. Most likely, the NSA still scans all your docs. However, now you pay extra for "security theater".
Instead of paying for such questionable offerings, the decision was rather binary: decide to either go full-hog (if able) and do your own, or just upload it to Google Drive and stop caring about who reads your private documents.
But now, if Google starts actively reading, policing and deleting your data without even pretending to give you privacy, I think encrypted services start to have a use case again.
I'm sorry, Google will scan my personal files for hate speech now? When exactly the the first amendment become toilet paper? Certainly feels like it happened in the last 2 years.
obligatory mention that the first amendment doesn't apply to private companies, only governments. Then reply and say, "I mean the spirit of the first amendment" and then I'll agree with you. better to just say "free speech principles" rather than "first amendment"
The first amendment does apply to companies. As in they have the right to not associate with you for any reason. However, there are plenty of cases where that right has been taken from them when their services have been deemed so necessary that they must do business with the general public. e.g. the electric company can't cut you off if they don't like your politics. And until recently we had net neutrality. There is no reason that a platform neutrality policy couldn't be legislated in the same manner without violating the constitution.
> Net Neutrality was very shortlived in the USA though, like, a few years only ?
That is...not accurate.
Net neutrality was FCC policy enforced by case-by-case action from 2005 until a couple such actions were struck down by courts in 2010 as requiring regulation. After that,the FCC adopted them as regulation in the 2010 Open Internet Order (which had been being drafted before the ruling); certain parts of the 2010 order were struck down by the D.C. Circuit in 2014, saying such regulations could not be applied without reclassifying ISPs as telecommunication providers under Title II rather than information service providers under Title I of the Telecommunications Act. Subsequently, the FCC adopted regulations reclassifying ISP and again imposing Net Neutrality regulations in 2015, which (with new leadership because of the Trump Administration), they withdrew in 2017.
A number of states have since adopted various net neutrality laws, including California.
While the FCC has not yet acted on it, the Biden Administration made bet neutrality executive policy in Executive Order 14036.
Very well, you are right. I did mean the spirit, and free speech principles.
It just feels like every big tech company simultaneously and suddenly decided to crank up censorship. There are even examples of hosting providers and payment processors refusing service to other companies that don't follow certain "guidelines".
It's a censorship cartel. When all these companies suddenly decide to turn the screws on certain viewpoints, it is effectively limiting free speech on society. And I shouldn't have to say this, but free speech is a good thing.
On a technical level: I assume they'd be finding files they want to block by looking for a hash, right? Are these guaranteed to be unique or are collisions possible? And any organized and genuine bad actors can work around some kind of hash filter by altering files slightly, right? I'd hate to think that Google's abject arrogance is going to result in false positives that are going to nuke normal peoples' livelihood with no recourse while again barely having an impact on real bad guys.
On an ethical and moral level: my opinion is subjective, but this puts an undesirable amount of control over people in the hands of a company that has demonstrated that it cannot be trusted. If Google cannot provide actual human customer support to avoid wrecking lives with bad algorithms that make wrong decisions, then their policy should be to merely allow everything that's not blocked by law/court-order.
You seem to be under the impression that either of those imply end-to-end encryption, which they don't. (And in Drive's case, AFAIK, E2EE is not an offered nor advertised feature.) The data was encrypted during transmission to Google's servers, sure, but it was encrypted to them; similarly, yeah, they store it encrypted … and they have the key.
(This isn't atypical either, sadly. E2EE is the exception…)
Encrypted at rest and transfer just means that if an unauthorized someone gets ahold of their backend systems, they can't read the file. It doesn't mean that Google can't maintain the key and use it to process and inspect the files. If they didn't have and use the key, they would never be able to create previews for files they keep, nor would they be able to offer a search function.
Backups and sharing are rather different use cases. There's no mention of deleting the file (though it is something Google has done before) in this announcement.
I switched to a self-hosted Nextcloud instance some time back. Backups GPG encrypted and shunted to S3 for opaque offsite backup. It works quite well, and I don't have any concerns that a mistrained algorithm is going to lock me out of my files.
Someone has been running a massive fake DMCA notice bot targeting website contact forms with links to Google Cloud Storage files for the last year. I wonder if this is in response to this ongoing campaign?
Along these same lines - I'm looking to leave Dropbox. Has anyone used Tresorit or SpiderOak? I use it basically for cold storage - just a place to store images, files, etc. that I only access very, very rarely. I generally use iCloud for accessing images taken on my phone. The files I keep on Dropbox are just there as a redundant backup.
It works with anything that you can mount as a folder - Dropbox, Mega.nz, Box, GDrive, Backblaze, etc.
It creates an encrypted file/folder for each decrypted file/folder you create. So when you change a file, only one encrypted file is uploaded into the cloud.
Well, 15 years ago I told some people from Czech Pirate party that they are basically marxists. (At the time, they still wanted a fair copyright reform.) I didn't mean it pejoratively in the least, but seriously, as a historical warning.
I pointed out that fight for fair copyright and culture in public domain has a historical analogy in fight for public lands, that were enclosed by capitalists by the end of the 18th century, to get people to the manufacturing plants. People didn't take me very seriously, because, we are white collar professionals, not some stupid peasants or communists, right? And of course, information wants to be free and are simple to copy, so they can obviously always be free.
I think digital enclosures are coming, and the digital "public sphere" is shrinking. Some (Varoufakis) even say they are already there. Unless people fight the trend, most of the digital stuff you "own" today will be someone else's property, and not public (similar to land today). Access to it will be limited by laws and controlled by mandatory digital devices.
Why not just have everything synced. If you are using Google Takeout, you'll likely never be that type to figure out how to get your data back in somewhere else.
[Those] files will be flagged to their owner and restricted automatically, which means they can no longer be shared with other people, and access will be withdrawn from everyone but the owner.
they have made no official announcement but all new rack stations as of feb lock in. the new 12bay disk station units also now do confirmed by support & user reports (thou it is possible to hack around it it seems) - lots of chatter on r/synology
If you're concerned about it, encrypt your files before uploading them.
Have fun explaining to your grandmother how she has to encrypt and decrypt her family photos so that yet another bad Google "algorithm" doesn't delete everything she holds dear because of a copyright troll.
