Hacker News new | ask | show | jobs
by mehrdadn 2697 days ago
Sure, you're trusting their code is bug free. That's just (lack of) faith on your end. The fact that you decide not to trust their competence certainly does not logically imply that they are invading your privacy. It just means you need to trust their competence or take your business to some company you deem more competent. (Though exactly which company would be more competent in infosec is quite the question, but I digress.)
1 comments
prophesi 2697 days ago
No, it's a lot more than just trusting that their code is bug-free. It's trusting that they're actually only doing what they claim to be doing with your data.

The only solution is to have the code open sourced with reproducible builds and a checksum to verify it against. Pretty much every GApp has a free, libre, open-source alternative that respects your privacy in this way.

link
mehrdadn 2697 days ago
Even that: if you lack trust on your part, that does not imply what someone else is doing is an invasion of your privacy. If you claim someone is invading your privacy, that is an accusation... a serious one at that. To support it you need to actually describe how that is happening, not merely how you have problems trusting people who deal with your information. I don't see how this is not obvious.
link
prophesi 2697 days ago
It's why GDPR came into being, and California's recent data privacy law. We have no reason to have faith in these companies to keep our data safe, or to use it properly. After 10+ years of having our credit card numbers, social security numbers, emails, passwords, and so on leaked again and again, I fail to see how one wouldn't have trust issues at this point.
link
dataflow 2697 days ago
I never said you can't have trust issues or that GDPR isn't necessary, I'm saying neither of those implies they are invading your privacy when they show you ads based on your emails. This should be pretty clear?
link
prophesi 2697 days ago
The root of the issue is that if they _are_ invading your privacy, you wouldn't be able to tell.

https://en.wikipedia.org/wiki/Black_box

link
mehrdadn 2697 days ago
Yes, and if they aren't, you wouldn't be able to tell either, so all that means is you're willing to recklessly make unjustified accusations to defame a company without actual evidence.
link