[arxpoetica]

I agree 100%.

That said, the need for something like this almost outweighs the cost. But I so agree w/ what you're saying. That was my first thought—uh—so. much. access.

Before I sign up, I'd want to know what's safe, where, and why.

And more realistically, why not.

[ashusyal]

Hey there, happy to answer any questions you might have.

Diamond's working to make permissions more granular and transparent with each release. Some quick points: * we don't store the files themselves, only the metadata the service provides (e.g. file names, collaborators, paths) * we don't store service passwords (authentication is handed back to the service itself * we do on-prem installs for corporate customers and we'd consider a version of it for pro as well.

We take our first impressions on security and privacy very seriously. Happy to take some feedback on how we can improve trust.

Disc: I work for Diamond

[mbesto]

Hi! Great reply - this is how you earn early adopters trust. At the potential cost of giving away your "secret sauce", I'd highly recommend being as transparent as possible about what you do and what you don't do to people's data. There's a huge need for your service, but as most of the comments here point out - be f'n careful.

> We take our first impressions on security and privacy very seriously.

This statement is unforutnately, NOT how you earn people's trust. Presumably your early adopters are technically inclined. Guess what, they don't care if you say "we take it seriously", they want you to show why you take it seriously. Furthermore, any large financial institution (for example) is going to say the same thing. Sure your sales guy says "we take it seriously", but you're not going to win any deals if you don't pass their security audit.