Missing option: I trust Google, but I still want to reduce my exposure
Google is awesome in lots of ways. At least for their core services like Search and Gmail, they are the epitome of reliability and trust. I check whether the internet works by loading Google. I trust they have good internal controls and won't just read my email.
However, just because they are competent and trustworthy doesn't stop governments from stealing data off of their servers, or compelling them to with a secret letter.
I don't want to use "another service". For example, switching from Gmail to Yahoo Mail because you don't trust Google is tomfoolery. Using PGP is cool. Google is not the problem--the lack of end-to-end encryption is the problem.
People already understand that we can't trust routers and access points with our plaintext--that's one reason we use HTTPS. I think we should start thinking of servers the same way--as untrusted messengers--regardless of how much you trust the company that's running them.
Google is awesome in lots of ways. At least for their core services like Search and Gmail, they are the epitome of reliability and trust. I check whether the internet works by loading Google. I trust they have good internal controls and won't just read my email.
However, just because they are competent and trustworthy doesn't stop governments from stealing data off of their servers, or compelling them to with a secret letter.
I don't want to use "another service". For example, switching from Gmail to Yahoo Mail because you don't trust Google is tomfoolery. Using PGP is cool. Google is not the problem--the lack of end-to-end encryption is the problem.
People already understand that we can't trust routers and access points with our plaintext--that's one reason we use HTTPS. I think we should start thinking of servers the same way--as untrusted messengers--regardless of how much you trust the company that's running them.