[mnvrth]

(Disclaimer: I'm part of the crew building https://ente.io)

I hope someone at Google takes a look at this and uses their internal tool to help OP.

That said, this oft repeated story is one of the most compelling reasons why I think Google alternatives (like the one we're building) will catch on in the mainstream population. Not privacy. But the fact that we offer human support, whilst Google doesn't.

[davidmitchell2]

From: https://ente.io/privacy#account-data

> Data security is very important to ente, whether that is your personal information or any other data. That is why we publish our client-side browser and mobile app software and why we have provided information in this Policy on collection and storage of all data whether or not it is personal information.

How does this prove Data security?

> And what is this: our architecture has been reviewed by cryptographers and engineers from IBM Research, ETH Zurich, IIT Delhi, Google, Facebook, Amazon, Microsoft, ...

Any white-paper?

[mnvrth]

> How does this prove Data security?

You're right, that by itself doesn't prove data security. But what we try to do is follow the example of other privacy-first Google alternatives like DDG, Signal, and try to structure our organization/processes/code in a similar way.

> Any white-paper?

https://ente.io/architecture/

Not quite a white paper, but I feel https://ente.io/architecture/ covers the practical aspects of what we do in a human readable way (we wanted this page to be understandable by people with a non-cryptographic background, I'm just mentioning the intended audience, a few of our customers have reached out to us and have mentioned they found it useful too).

[domdomfanfare]

Why did your reply started with an advert?

[Nexxxeh]

Because disclosure is part of the culture here. If you're working for the competition or have some other relevant source of bias, it's polite and ethical to disclose that.

[4ggr0]

As much as I appreciate people like you doing new things, the same will happen to your project if it grows.

There will be a point that your service will simply have too many users to handle all of their requests in a satisfactory way.

If you disagree I'm interested why you think y'all can make it differently.

[mnvrth]

I agree, scaling support is a hard problem. But Google has set an extremely low bar, they've just given up, and they can just blatantly do that, because of their effective monopoly/duopoly.

I'm sure we (if not us specifically, some other project like us) can do better.

[tjoff]

Why?

If it is economically viable at small scale why wouldn't it be more so at a larger scale?

Google thinks their algorithms for suspicious activity is more important than their users data. Just removing access altogether.

[4ggr0]

> If it is economically viable at small scale why wouldn't it be more so at a larger scale?

Well, because of scaling. Let's say 1% of your users create a support request every month (no idea if this is way too high or too low). Trying to KISS.

If your service has 1000 users, that makes 10 support requests per month. One person can handle them alone, probably.

Google Drive alone has 1b users, but let's cut that by 50%, after all this is the number which Google reports themselves. Still, with half a biillion users you would suddenly receive 50 million requests. Let's be even more generous and say that these requests are opened over the span over a year, not month. That's still 4.5 million support requests per month.

Don't even know if my calculations serve any purpose, what I am trying to say is that the amount of users and support staff your service needs do not scale 1:1. At a certain point(no idea what the cut-off is) your service will create so many requests that it will become impossible to handle them all with care and humans. To add to this, the more users your service has, the bigger your infrastructure has to be, meaning that you need more people maintaining this infrastructure.

Maybe I am to pessimistic or whatever, could be. Just my 2cts.

[tyrfing]

How does your human support handle a user forgetting their password?

[davidmitchell2]

Assuming they have cryptography all data is lost.

[tyrfing]

Exactly. Seems like poor support. "We're amazing because we'll put a human on the line to tell you that you're fucked and we can't do anything" doesn't seem like the status-quo-busting human support the "mainstream" wants.

[davidmitchell2]

That is what it means by encrypted data storage. Only the user has access. If they managed to see/recover your files then it is not encrypted.

(at the end, people will complain at both ends - some want convenience and do not care if companies see data. Others want total encryption and do not care if lost.