[mike_d]

> if you only need email and basics

It is worth noting one of the features you give up is any sense of security or privacy what so ever. Not in the "omg google is spying on me" paranoia sense, but in the real Zoho hires the absolute cheapest developers in the world to build everything sense.

I've literally stopped reporting bugs to them because they can't grasp the flaws I am trying to point out.

[netheril96]

Care to list some of the bugs?

[mike_d]

Publishing unpatched bugs is unethical, so no.

[com2kid]

If the developer refuses to fix the bugs, and if those bugs pose a risk to other users, there is a strong argument to make that public posting of those bugs is the ethical thing to do.

Sev0 security issues aren't secret just because people who mean well don't talk about them, any sufficiently high valued target is going to have well funded threat actors working to find vulnerabilities. By publicly disclosing the issues, you let other customers know their data is threatened, and then customers can work together to force vendors to fix issues.

[mike_d]

I'm well aware. I have enough other data points that I don't think public disclosure meaningfully makes the platform more secure.

A little bit of PR buzz and customer complaints can get a handful of issues fixed, but this is a bit more systemic.