Hey, My mother is a non-technical person, she’s a sole trader. She has been using Google services for many years and is probably used to them. A few months ago, I was able to convince her to set up an online password manager and calendar (up until now, she had been saving all her passwords in a handy paper calendar).

Should I convince her to withdraw from Google services? If so, how should I do it so as not to put too much pressure on her?

Thanks for all the answers.

  • glowie@infosec.pub
    link
    fedilink
    arrow-up
    3
    arrow-down
    1
    ·
    1 year ago

    Tutanota. Or any other e2ee email provider that still has a good reputation of not spying on behalf of a gov request.

    • QuazarOmega@lemy.lol
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      That’s a fair suggestion, but still, that’s not “spying”, that’s just called “complying with the law”, if any service didn’t, they’d risk shutting down.
      The problem is at the root, it is that they have or can have the data passing through your address (unless you encrypt everything you can with PGP, but who uses that realistically? I wish it were more popular…). When they have the power to get relevant data on you in any way, you can’t ever fully trust them.
      The only sure way to protect yourself from such threats is by using a whole different kind of platform where the provider couldn’t ever get the data, not even if it wanted, all private instant messengers are what PGP wishes it could be and way way more and meets exactly that purpose

      • glowie@infosec.pub
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        1 year ago

        For sure, email is an insecure means of communication. But, that wasn’t the request of the OP. They’re not asking for an e2ee messenger recommendation, but thoughts on PM. And I provided an honest suggestion that they simply cannot be trusted, regardless of whether or not they complied because “it’s the law”.