More worrisome, "Your message has been added to your permanent record at wholesale data storage and may be used against you, in perpetuity, by current and/or future regimes, partner corporations and other select criminal organizations (tax-funded or independent) for reasons including but not limited to financial or political gain, manipulation, incrimination, assassination and personal entertainment."
Which is different from any other email provider in any substantial way (including your local ISP or personal server) because... they have a reasonable hope for reliable storage?
Seriously: this is calling out Google in a way that's comical since it's equally applicable to your own computer.
> Which is different from any other email provider in any substantial way (including your local ISP or personal server) because...
Single point of failure.
Government entities have to go through physical work to seize multiple mail servers distributed geographically. This keeps the cost of fishing expeditions high enough that they won't just do it by default.
With everything at Gmail, Yahoo, and Microsoft, you only need to serve 3 entities, who already are known to roll over.
However, far more concerning to the HN crowd should be this fact: Do you want the companies most likely to buy you out for a large value to be the ones holding all of your internal emails?
At this point, Google probably knows more about the quality of business than the businesses do. It would be an interesting question as to whether Google could be considered a corporate insider for a vast number of companies.
> Government entities have to go through physical work to seize multiple mail servers distributed geographically. This keeps the cost of fishing expeditions high enough that they won't just do it by default.
Except they seem pretty seize-happy and the only thing protecting your house is the say-so of a judge.
> With everything at Gmail, Yahoo, and Microsoft, you only need to serve 3 entities, who already are known to roll over.
That seems quite unfair, as at least 2 have been very public about their expenditures to try and make such attacks impossible in the future, and have vocally fought subpoenas.
> Do you want the companies most likely to buy you out for a large value to be the ones holding all of your internal emails?
Yes. The lawsuit should I discover it would probably make me richer and more famous than all the buyout events I've experienced.
> Except they seem pretty seize-happy and the only thing protecting your house is the say-so of a judge.
You're being obtuse. Even if every judge rolls over, if you have to seize multiple email servers in multiple jurisdictions, the paperwork represents expense and time that law enforcement simply will not do unless they have a really strong reason. "People are lazy" is the universal constant. We fear computerization of things precisely because computers aren't lazy.
> That seems quite unfair, as at least 2 have been very public about their expenditures to try and make such attacks impossible in the future, and have vocally fought subpoenas.
That's what they say publicly. However, if they roll over for governments like China, they're going to roll over for the US who can genuinely affect their revenue stream.
> The lawsuit should I discover it would probably make me richer and more famous than all the buyout events I've experienced.
Your naivete is touching. Google wouldn't do anything actionable. They scan your email store and know not to invest. You'll never prove anything for a passive non-action like this.
Even for positive action failures, it's very difficult to prove. This is the whole point of "parallel construction". You dragnet to find something incriminating, and then build the legal path to what you now know to search for.
Your trivial additional inconvenience running what sounds like a non-trivial geographically dispersed non-cloud-service email system warrants not calling out services with poor mail transit security. So millions of customers improved security vs you figuring out how to use LetsEncrypt. Because Google subsidizes the free service with ads.
I do not follow this logic, but what's more:
> Google wouldn't do anything actionable. They scan your email store and know not to invest. You'll never prove anything for a passive non-action like this."
Yeah well having sold a few companies to a few mega-nationals, we try to be honest and deserve the acquisition, as opposed to trying to fleece people. Lame-duck acquisitions shit on employees for investor gain, often for investment clawback and exit.
But also, if you are a paying edu or org customer, they stop scanning for and serving ads.
So forgive me if I don't feel a ton of empathy towards your strong desire to be dishonest in a hypothetical google acquisition where they hypothetically do this.
> You can use full disk encryption on your own server. Not every country has laws that force you to forfeit your crypto passwords
It won't count for anything if the emails your server is sending/receiving are not encrypted, which exactly is what Google is advocating. I don't understand GP's smug rejoinder, as if encrypting emails in transit is a bad thing.
Well, no, it really isn't. None of that really occurs on a personal server, and local ISPs probably don't do wholesale data storage because that's not their business, but it is Google's.
Well, you have no reliable way to assert your personal mail server is not bugged and observed right now.
You're one judge's pen-stroke away from having personal property seized and then it's just a matter of how real your machine's physical security measures are.
> Well, you have no reliable way to assert your personal mail server is not bugged and observed right now.
Quite true. If you, personally, are a target of the NSA, you are totally fucked. We know that they will make up evidence if they cannot find some.
However, we put locks on our doors even though most of them can be picked very easily. Why?
Security best practice is "defense in depth". You defend at each level to make it more expensive for an attacker. The goal is to make attacks against your stuff more expensive.
If you make the government have to dispatch someone physically, there is a vast amount more friction. There was an inspector from Scotland Yard who once commented that "If your drives are encrypted such that it takes us more than 40 hours of work, your drives are not going to convict you. We will spend our time on gathering other evidence." Physically seizing a server is annoying paperwork.
So, the goal is to prevent them from being able to dragnet low-level offenses for cheap. If you're a murder suspect and they have good reason to come after you, then they're coming after you irrespective of the cost.
You have no reason to suspect it either. Yes, in this hypothetical scenario your mail server or your ISP's server might be compromised, and yes, in this scenario, there wouldn't be a big difference. But we don't live in hypothetical scenarios. Paranoia is great and all, but let's be real. An average Joe's personal mail server is more than likely not bugged nor observed, and if communication happens in TLS, then there'd be no reason to suspect the delivery either.
What, precisely, do we "know" Google/Microsoft/FUDCo is doing? Certainly not willingly collaborating with every quasi-legal search and seizure presented to them.
Do you even know what you originally replied to? Because it's right there. We already know Google stores a great big swath of data about you for various purposes, including advertising. We know that one of the many sources of this data is what is gleamed from scanning emails for advertisements. Don't act like it's not common knowledge.
Yes - it is common knowledge that Google (and others) use email for advertising.
But you (or perhaps upthread) are implying that Google willingly hands over data to government authorities.
The evidence would point to the contrary: Google (and Microsoft I might add) are complying with the law, but are not simply rolling over and handing out whatever is asked of them.
Their ability to fight back against unwarranted requests is probably much better than someone running their own mail server in their basement.
