As per mentioned Ghisler page: "The security assessment would have to be performed by a specialized company, and costs up to $75'000 per year and program (so $150'000 for 32bit+64-bit). This is not sustainable even with a subscription." [0]
This is death kiss to indie developement.
But paradoxically it is great. Killing interoperability is nail to coffin. This brings more and more focus to alternative solutions out of Google market, especially in independent software area. Like yt-dlp, FreeTube, F-Droid - actually all my family uses them and I recommend it to everyone. I can't wait to get some alternative GDrive client lib which simulates browser to throw data over that garden wall, and I don't care if it nags with captcha. The more hassle the more people are going to hate that ivory tower.
This is what everyone said they wanted after Cambridge Analytica! For platforms to exercise due diligence before allowing users to delegate their access to third parties.
Yes, the situation superficially resembles Cambridge Analytica, but there's a few differences here. People aren't building detailed dossiers of themselves on Google Drive like they were on Facebook, and Transmit is a client app that is honest, open and up-front about how it uses your data - to move it in and out of Google Drive.
To be clear, the problem with Cambridge Analytica was not Cambridge Analytica. The problem was - and still is - Facebook's habit of getting everyone to overshare and self-surveil. There needs to be some control and vetting over the apps that have access to your data but not so much that actually honest developers are quitting the game.
My guess is that Google just doesn't want third-party clients (you can't shove "AI" or "Investor Advertising" into it), so they're slowly turning up the heat by abusing the data scare.
There is some massive confusion around the types and costs of audits required for full Drive permissions scope (and I definitely blame Google for the lack of communication/direction on this). I had to get this audit for an app and it was nowhere near 75k - I believe it was well under 10k. Another commenter said they had it done for $4k: https://news.ycombinator.com/item?id=41781325
That still sucks and is prohibitive for indie developers. As the post mentions, in reality this program adds very little value for any of the involved parties.
Transmit is as "easy" as one could imagine software of that type being.
You do have to know what a file is and what a directory is, mind you, which is something I can non-ironically say does rule out half of GenZ or anyone else raised in the postmodern era, where 'content' just lives 'in' an 'app' and can be searched for (and if you're lucky, found). But I don't think people of that minimum level of sophistication are in the market for products like Backblaze or S3 - they're just out there paying for more iCloud storage (or new laptops) because Apple said they are out of space.
Its the kiss of death for google drive support, and eventually when many apps don't support using google drive people who are on it will switch to other cloud storage providers.
> The more hassle the more people are going to hate that ivory tower.
This is a bit naive, a very small percentage of people would be interested in these alternative solutions. Most people don't even install any third party software on their computer and just use the browser for everything.
Even the "audit" they require for increasing something simple as your YouTube API quota is already annoying and a massive waste of time, and this is not even close to the one they are requiring from Panic.
The quota increase process is roughly:
1) Fill out the same form every year from scratch
2) Send it into the black hole that's Google "support"
3) A few weeks later receive a reply from someone asking a irrelevant question to our use case
4) Two weeks later another person replies asking for screenshots of the "implementation", so you send a screenshot of "func storeTrailerMetadata()"
5) Another two weeks later, another automated person replies that you got approved.
The Google "support" black hole even exists for their high budget ad customers. I've seen a case where things went into the Google support black hole for a company spending a few million per month via DV360 / Google Ads. Nothing anyone could do about it, campaign blocked, work with "support" to fix it.
Have the same experience with Microsoft support. The difference is the timeline is much shorter and when our issues don't get any traction our rep intervenes and escalates to engineers.
I understand that level-1 support for these orgs are basically documentation librarians. Cool. We pay an incredible amount for premium support, but whatever. It's fine. What matters is that we have a rep that is engaged and cares about us being unblocked and isn't going to let us flounder for issues their support team is not going to solve. Have never seen this level of commitment from Google.
Any tier of Google Support is 100% a black hole. I had an extremely unusual issue with a service in Google Cloud, tried to debug it and failed. I filed a ticket and waited because P1 was only for “production” issues, but our issue was for development.
A few days later, the Google engineer assigned notes to us that we can escalate to P1 if this is blocking our workflow, even when not in production. I take this to my manager and they agree that it’s time to move it to P1.
We move it to P1 and immediately get traction, only to be stonewalled by a support engineer confidently asserting that the code throwing the error, which only existed in a private Google-maintained container, which only interfaced with our app through launching a cloud job through their platform, was actually our responsibility.
No joke, they actually said “As stated in my prior message, this issue is due to your code”, despite our code being a thin wrapper around their demonstration code to run it from the command line.
In my most business professional tone, I tell them off for lying to us about them debugging on their end and inform them that I will be immediately escalating because of this dissatisfactory response. This finally gets the ticket moving and a few weeks later, a bug fixed version of the entire platform is deployed.
Total time from start to finish:
- P2: 2.5 weeks of daily updates
- P1, until we’re told that it’s our fault: 8 hours
- P1 escalated until issue was completely fixed: 5 weeks
We paid for premium support. I cannot imagine how bad free support is.
When we filled ours out for a CRM they wanted a video of the CRM. So we showed them a video (from dev with fake data). We appealed the process explaining that Mickey Mouse is a not a real person. They rejected that appeal. So after going back and forth for a week or two we uploaded a video with basically everything but the navmenu blurred out and they finally approved it.
Just another reason to not deal with Google. Eventually, gravity is going to catch up with them, and they will never recover, because their business culture is shit. Zero interest or focus on the customers.
I know everyone loves to dunk on Google, and I definitely agree their communication and customer service to app developers is shite, but this change to permissions scope is a good thing. If you have full, unfettered access to large number of people's Google Drive data, you're a huge target for malevolent actors. If you can't afford the new audit requirements (which I've done and are quite easy - if anything I'm sympathetic to the argument that they're more "box ticking" than valuable security audits), then I'd really question your ability to appropriately safeguard so much critically private data. For reference, these audits are about 1/20th as complicated as a full SOC 2 audit, for example.
FWIW I'm not previously familiar with this Transmit app, but based on their use cases (e.g. backup) it sounds like the limited "drive.file" scope wouldn't work for them. Still, if you want complete, unfettered access to my entire Drive account, I don't think it's a bad thing that Google is enforcing some minimal security standards.
The problem with Google’s security certifications, especially when compared to competitors like Salesforce and Microsoft, is how disorganized the process is. While these companies all require security reviews, Google’s approach seems particularly disorganized: if something goes wrong, there’s almost no one to contact for help.
The certifications themselves are valuable, but Google’s main issue lies in its poor communication and support.
Third-party developers, even those paying $60k annually for re-certification, struggle to get timely responses or any at all.
What’s ironic is that the very partners handling these certifications often avoid using Google themselves because it’s “unreliable if something unusual happens.”
And that’s the crux of the issue—when things do go wrong or something unusual happens, it’s incredibly difficult to resolve.
100% agree. Again, my position is that Google rightfully deserves all the criticism they get around communication and customer support. I just think it's a mistake to confuse that criticism with Google's change to enforce better security for highly sensitive permission scopes.
> if you want complete, unfettered access to my entire Drive account,
Panic never got complete or unfettered (or any) access to my Google Drive. I got access. I used their application, which can easily be supervised with Little Snitch or other software to prove that is not sending a copy of my credentials or my files to Panic. If it were OSS it would be even more categorically provable that it's not giving access to anyone but the end user, but these draconian requirements would still apply.
The point is, Google is telling THEIR users, not Panic, that they aren't qualified to use their own judgment to select a client. It woudl be just as bad as Microsoft saying that if you want to check your email or access SharePoint you can't use anything but Edge (insert jokes about how they basically did do that 20 years ago with MSIE, but let's be serious, that sort of thing would be rightfully mocked today).
> I don't think it's a bad thing that Google is enforcing some minimal security standards.
These certification programs are 100% a moneymaking program to engage in a lot of box-checking, which I'd wager has zero correlation with a positive outcome for anyone other than the shareholders of the "labs" that do these audits.
> The point is, Google is telling THEIR users, not Panic, that they aren't qualified to use their own judgment to select a client. It woudl be just as bad as Microsoft saying that if you want to check your email or access SharePoint you can't use anything but Edge (insert jokes about how they basically did do that 20 years ago with MSIE, but let's be serious, that sort of thing would be rightfully mocked today).
Isn't Google doing the same thing today with YouTube? Isn't that what led MS to give up on EdgeHTML and adopt Blink instead?
That seems like a poor argument for an app which doesn’t mirror data or accept commands remotely (if I can control your app on your device, I can control the official Google Drive app) but there is a general point about full drive access. However, I think the answer there is for Google to improve the security model for Drive - for example, allow the user to select a non-root folder which Transmit or iA Writer can use and have some UI indicating that it’s shared. Instead, this process serves as a competitive moat and isn’t very effective – all of the large companies that we’ve seen getting breached are going to pay KPMG to spend time on performative box checking, and your data will still be exfiltrated but they’ll at least say they’re very sorry.
> However, I think the answer there is for Google to improve the security model for Drive - for example, allow the user to select a non-root folder which Transmit or iA Writer can use and have some UI indicating that it’s shared.
The oauth scope https://www.googleapis.com/auth/drive.file [0]basically allows this. If memory serves the app can use this scope, create a folder, and have access to things within that folder, it can certainly have access to all files created via the app (which should in general be true for iA and probably also Transmit). Offhand, I don't actually see what iA or Transmit are doing that needs the broader scope, though TotalCommander, trying to be a replacement file manager would still need the biggest scopes.
How do you know it doesn't mirror data or accept commands remotely, or that it has no vulnerabilities/backdoors which can make it do so? Perhaps you could do an audit of it or something...
If you can't afford to buy starbucks every day, I'd really question your ability to buy a private jet. However, that doesn't mean that being able to afford to buy starbucks every day is sufficient to being able to afford to buy a private jet.
They're my files in Google Drive. If I've made the choice to buy a product from Panic, and I trust Panic as a company personally, it should be my right to decide to give Panic access to my files in Google Drive. It is not up to Google to shuffle money into the pockets of their security partners under the guise of doing it for my safety. My safety and the safety of my files is my responsibility, not Google's, and it's oddly convenient from a monetary perspective (both for Google itself and their partners) for Google to suddenly care a lot more about this than they used to, so it does not seem particularly altruistic in any way.
For the plebs, no, they do not have the capacity. Out there is 7 billion meatbags who have had of a million years of selection for a tribal savannah environment, ten thousand years of selection for an agrarian lifestyle, two hundred years of selection for life in cities, and ten years of selection in the information era.
They're fucking children. They are savannah monkeys. They fall victim to rudimentary scams. They are unable to make an informed choice.
When you get into the billions of users, you become a parent to those users. Parents don't let toddlers get into the knife drawer.
Google's not my dad. It's not their responsibility (or their place) to audit every piece of software I use to interact with their services. I'm tired of being treated like a child who needs every sharp corner ground down for my safety.
Edit: Next logical step is auditing every IMAP client before you can connect it to Gmail. Ridiculous.
They're the ones who will take the blame when a third-party app gets compromised and is used to siphon off people's data.
This isn't a theoretical concern. It's pretty much exactly what happened with Cambridge Analytica. Facebook didn't really do anything wrong; they provided an API for data access, people explicitly authorized an app with broad access their data, and it turned out that the app was basically a trojan horse for data collection. And politicians, the media, the general public, and even the technologically savvier people who should know better all blamed Facebook for this.
> Edit: Next logical step is auditing every IMAP client before you can connect it to Gmail. Ridiculous.
Actually .... They're not that far away from that, if they're not already implementing it. Office365, and Google, if they haven't already have disabled basic Auth for IMAP/SMTP, and only supporting oauth2. Which requires a AppId/ClientSecret handed out out by registering your app with Microsoft/Google.
You say that, but I've been in plenty of situations where people say they're comfortable taking on the risk themselves, but then when shit blows up, they come and blame the biggest actor (with the biggest pockets) they can. I mean, just check out some sob stories that made the front pages of NYT and Washington Post when people got scammed out of a lot of crypto money - I've read a bunch of those and always the first thing I think is "lord, there is no way these people should have had a dime in crypto in the first place", but then when they lose their money they're the first to blame everyone else but themselves.
I think it's relevant that Transmit is a local native app. There's no hosted app exposed to the internet to hack here. Google made one lengthy process that doesn't fit this use case.
Panic runs a cloud-hosted sync service that syncs your credentials and connection info between different instances of Transmit you may have.
No idea if that's what google is targeting here, but that is a cloud service, that presumably gets a copy of people's Google Drive OAuth keys if they use Google Drive with Transmit and the sync service.
The problem is that if you want to provide a full-featured file picker, and not rely on Google's limited browser-based version, your app will require the full "drive" scope. (We do, and we do, for our InDesign-to-Google Docs connector plugin.)
If you use some of the lower-tier CASA labs, it's not that expensive (4K/year), but it is definitely a nuisance for a pure desktop plugin like ours that has absolutely no cloud component (other than connecting to GDocs).
This assumes that Google can be trusted with my data and other apps can't, and that I'm ok with Google assessing the safety of other apps. It's something that is automatic, and right now it needs to be explained.
Yes, assessing the trustability of apps is important. No, I don't trust Google to do it properly. Maybe I didn't choose Google because I find them the best, but because I have to (because Google, surprise surprise, forces itself down the throat of everyone, so the people I want to collaborate with use it).
Did my apps certify Google as a trustable provider ?
That makes no sense - if you don't trust Google Drive, don't use it.
Google is not "forcing itself down the throat" with Google Drive, and even my Android phone comes with 3 cloud providers.
And yes, your apps certified Google as a trustable provider when they added support for it. Such support is not automatic, it requires non-trivial effort, and presumable no one would do it for services they do not trust.
> which I've done and are quite easy - if anything
Did you read the part where it took multiple months to continue because of slow replies and non-working tooling from Google's side?
It's also pretty expensive for a relatively niche app, it might be fine if you are Dropbox or a big VC funded Mail app but for smaller companies it's not "easy".
> I don't think it's a bad thing that Google is enforcing some minimal security standards.
How would Google find out if the version that they are "scanning" is the same one that gets uploaded to the app store on every small app update? Zero, so there's no security benefit.
> But then… a couple of months later, Google completely removed the option for us to scan our own code. Instead, to keep access to Google Drive, we would now have to pay one of Google’s business partners to conduct the review.
What a racket. Smells downright anti-competitive The EU will have fun with this when it catches up.
Just as a data point, we paid $750 for one of these engagements (scan + some discussion about use cases etc) to one of Google's preferred providers. There were multiple options for providers.
The EU absolutely loves adding requirements for certifications, so no I don't think they would get involved here. In fact, it's something they are pushing for in general.
I live here, I have a fairly good idea. The EU has quite aggressively pursued different big tech companies over the last few years. The fines have become quite material.
> Smells downright anti-competitive The EU will have fun with this when it catches up
What? The EU wants to introduce certifications for all products and services, further kneecapping local innovation through regulation and costly certifications.
Seems more like a harmonization effort than what Google is proposing here? Or maybe I'm reading it wrong.
If I don't get one of these mandarin-approved certifications, will I no longer be able to do business? [The Google audits are a hard barrier to connecting to their cloud platform]
It's perhaps a difference between prescriptive and descriptive.
There is a clear subtext to this and the Play Store changes: everyone interacting with the Google ecosystem is going to be pinned down and deanonymized with rights assigned based on legal identities. This will be done in the name of security. There is no freedom in who you trust here.
The big question here is if all this was preemptive or the response to something.
All monopolies do this. Once they're past the point where the government can effectively regulate them they essentially take over and regulate the market for their own interests. Google is very good at this. They're probably better at this than actually writing code these days.
Which is why anyone and everyone should flat out avoid them as a company.
Man... this stuff sucks. If I were panic, I would do the same... but I also wouldn't want to be the one at google to navigate this.
With Google Drive now being at the center of so many companies for storing business data, I am certain it is a juicy target, and third party access with full access to read and write to that big hard drive full of proprietary data is one that I would understand want to lock down... but not like this?
I don't think the market is anywhere near to shifting where business are going to dump google drive en masse, but as the ecosystem shrinks because so few companies can afford the cost to play in google's backyard, it does make me wonder how many companies are going to absolutely resent google, comparable to the way they resented oracle.
> With Google Drive now being at the center of so many companies for storing business data, I am certain it is a juicy target, and third party access with full access to read and write to that big hard drive full of proprietary data is one that I would understand want to lock down... but not like this?
Could be a Google Workspace policy where you can just set that employees can't access the corporate Drive account through third party apps, while it continues to work for personal accounts.
Entire companies have been destroyed because they rely on Amazon, Google, or some other service, and then have the rug pulled. Sometimes companies have even been destroyed, notably by Amazon, for having the wrong political viewpoints.
My rule of thumb is: Only use open source components, and only run my stuff on Linux. So that way I maintain full control over my stack, and stay mostly immune from the political rug pulls, and other kinds of rug pulls.
> Sometimes companies have even been destroyed, notably by Amazon, for having the wrong political viewpoints.
Ok, I'll ask: what company did Amazon destroy for having the wrong political viewpoint?
AWS hosts some pretty vile stuff without blinking. The last time a company made a big "woe is me, my ideas are being suppressed" claim against Amazon, it was Parler, and they weren't kicked off for their viewpoints. They were kicked off for operating a crime-ridden site with zero effective moderation.
Not too long after Parler was kicked off AWS, I was on a call with hundreds of representatives from power utilities about a modeling tool we were transitioning to. It was mentioned that the tool was hosted on AWS and someone suggested they have a fallback plan in case they got kicked off like "other companies".
I don’t know about the political stuff that poster is talking about but this is true for quite a few small stores that transitioned to mail order as Amazon really took off. If you couldn’t handle complaints quickly enough or had too many flagged listings (stuff Amazon didn’t want to allow on the platform for one reason or another) you could get kicked off without much recourse except trying to open a new account and hope you were not caught.
You could see this as good for the consumer in cases where the abuse is bad but the store I was at in the 00s got kicked off for selling some Martial Arts equipment legal in 47 States but on a naughty list we were unaware of. We listed it in a few colors and that was enough to get kicked out.
Look, they were kicked off for their content. I hesitate to call their content "viewpoints" but it's become roughly synonymous with speech so I guess it kinda fits. Regardless, I'm happy they did it. I think there is room for "exception that proves the rule" type behavior. When the bridge too far is literal Nazis I'm okay with considering AWS to still be politically neutral. No ToS violation (which was flimsy at best) needed.
Sure integration points to all that are great. The mistake is when your entire company can no longer function at all without Amazon AWS for example. I've worked at a place like that.
EDIT: Of course if you're sure your politics are completely left-leaning you'll have no censorship worries, because these platforms are mostly Silicon Valley run. Also since conservatives basically don't play dirty in this way, the conservatives won't censor stuff just because it's left-leaning. We're for protecting freedom of all legal speech and actions.
My concern is that people aren't building their own horses the minute it becomes feasible. The farrier now seems mystical and occult to a generation even though they're more than capable of picking up the tools themselves.
Worth mentioning Stripe among the destroyers. Sure a percentage of those who complain on r/stripe are breaking ToS, but it's evident that a substantial % are not. Stripe ToS allows them to profit from investing held funds. Once funds are held, nobody at Stripe responds. Has taken years for some to get their funds returned. I wonder how much funds they have on hold at any one time and how much they're making on it.
That's not really relevant to the problem at hand, which is the ability to integrate with the large and widely used tech giants' platforms. Customers do use Google Drive (unfortunately) and thus the need to integrate.
Readit News
This is death kiss to indie developement.
But paradoxically it is great. Killing interoperability is nail to coffin. This brings more and more focus to alternative solutions out of Google market, especially in independent software area. Like yt-dlp, FreeTube, F-Droid - actually all my family uses them and I recommend it to everyone. I can't wait to get some alternative GDrive client lib which simulates browser to throw data over that garden wall, and I don't care if it nags with captcha. The more hassle the more people are going to hate that ivory tower.
[0] https://www.ghisler.com/googledrivehelp.htm
To be clear, the problem with Cambridge Analytica was not Cambridge Analytica. The problem was - and still is - Facebook's habit of getting everyone to overshare and self-surveil. There needs to be some control and vetting over the apps that have access to your data but not so much that actually honest developers are quitting the game.
My guess is that Google just doesn't want third-party clients (you can't shove "AI" or "Investor Advertising" into it), so they're slowly turning up the heat by abusing the data scare.
These are illegal otherwise, but very useful for journalists reporting on political matters.
I would love for as user friendly way to just use Backblaze or some other S3 compatible provider as my drive.
Edit: I guess that's sort of exactly what Transmit does, but I want something that is simple enough that anyone can use it.
You do have to know what a file is and what a directory is, mind you, which is something I can non-ironically say does rule out half of GenZ or anyone else raised in the postmodern era, where 'content' just lives 'in' an 'app' and can be searched for (and if you're lucky, found). But I don't think people of that minimum level of sophistication are in the market for products like Backblaze or S3 - they're just out there paying for more iCloud storage (or new laptops) because Apple said they are out of space.
Google is a drag.
You can do that self hosted or via fastmail or similar
This is a bit naive, a very small percentage of people would be interested in these alternative solutions. Most people don't even install any third party software on their computer and just use the browser for everything.
The quota increase process is roughly:
1) Fill out the same form every year from scratch
2) Send it into the black hole that's Google "support"
3) A few weeks later receive a reply from someone asking a irrelevant question to our use case
4) Two weeks later another person replies asking for screenshots of the "implementation", so you send a screenshot of "func storeTrailerMetadata()"
5) Another two weeks later, another automated person replies that you got approved.
I understand that level-1 support for these orgs are basically documentation librarians. Cool. We pay an incredible amount for premium support, but whatever. It's fine. What matters is that we have a rep that is engaged and cares about us being unblocked and isn't going to let us flounder for issues their support team is not going to solve. Have never seen this level of commitment from Google.
It's rarely a complete black hole, and I have spoken to product engineers and owners for multiple lines.
A few days later, the Google engineer assigned notes to us that we can escalate to P1 if this is blocking our workflow, even when not in production. I take this to my manager and they agree that it’s time to move it to P1.
We move it to P1 and immediately get traction, only to be stonewalled by a support engineer confidently asserting that the code throwing the error, which only existed in a private Google-maintained container, which only interfaced with our app through launching a cloud job through their platform, was actually our responsibility.
No joke, they actually said “As stated in my prior message, this issue is due to your code”, despite our code being a thin wrapper around their demonstration code to run it from the command line.
In my most business professional tone, I tell them off for lying to us about them debugging on their end and inform them that I will be immediately escalating because of this dissatisfactory response. This finally gets the ticket moving and a few weeks later, a bug fixed version of the entire platform is deployed.
Total time from start to finish:
- P2: 2.5 weeks of daily updates - P1, until we’re told that it’s our fault: 8 hours - P1 escalated until issue was completely fixed: 5 weeks
We paid for premium support. I cannot imagine how bad free support is.
The entire process was awful.
I know everyone loves to dunk on Google, and I definitely agree their communication and customer service to app developers is shite, but this change to permissions scope is a good thing. If you have full, unfettered access to large number of people's Google Drive data, you're a huge target for malevolent actors. If you can't afford the new audit requirements (which I've done and are quite easy - if anything I'm sympathetic to the argument that they're more "box ticking" than valuable security audits), then I'd really question your ability to appropriately safeguard so much critically private data. For reference, these audits are about 1/20th as complicated as a full SOC 2 audit, for example.
FWIW I'm not previously familiar with this Transmit app, but based on their use cases (e.g. backup) it sounds like the limited "drive.file" scope wouldn't work for them. Still, if you want complete, unfettered access to my entire Drive account, I don't think it's a bad thing that Google is enforcing some minimal security standards.
The certifications themselves are valuable, but Google’s main issue lies in its poor communication and support. Third-party developers, even those paying $60k annually for re-certification, struggle to get timely responses or any at all.
What’s ironic is that the very partners handling these certifications often avoid using Google themselves because it’s “unreliable if something unusual happens.”
And that’s the crux of the issue—when things do go wrong or something unusual happens, it’s incredibly difficult to resolve.
Panic never got complete or unfettered (or any) access to my Google Drive. I got access. I used their application, which can easily be supervised with Little Snitch or other software to prove that is not sending a copy of my credentials or my files to Panic. If it were OSS it would be even more categorically provable that it's not giving access to anyone but the end user, but these draconian requirements would still apply.
The point is, Google is telling THEIR users, not Panic, that they aren't qualified to use their own judgment to select a client. It woudl be just as bad as Microsoft saying that if you want to check your email or access SharePoint you can't use anything but Edge (insert jokes about how they basically did do that 20 years ago with MSIE, but let's be serious, that sort of thing would be rightfully mocked today).
> I don't think it's a bad thing that Google is enforcing some minimal security standards.
These certification programs are 100% a moneymaking program to engage in a lot of box-checking, which I'd wager has zero correlation with a positive outcome for anyone other than the shareholders of the "labs" that do these audits.
Isn't Google doing the same thing today with YouTube? Isn't that what led MS to give up on EdgeHTML and adopt Blink instead?
The oauth scope https://www.googleapis.com/auth/drive.file [0]basically allows this. If memory serves the app can use this scope, create a folder, and have access to things within that folder, it can certainly have access to all files created via the app (which should in general be true for iA and probably also Transmit). Offhand, I don't actually see what iA or Transmit are doing that needs the broader scope, though TotalCommander, trying to be a replacement file manager would still need the biggest scopes.
[0]: See https://developers.google.com/drive/api/guides/api-specific-..., the drive.file scope is non-sensitive so it needs a much more cursory approval process
Because large companies that can afford it have proven to be exemplars at safeguarding private data?
For the plebs, no, they do not have the capacity. Out there is 7 billion meatbags who have had of a million years of selection for a tribal savannah environment, ten thousand years of selection for an agrarian lifestyle, two hundred years of selection for life in cities, and ten years of selection in the information era.
They're fucking children. They are savannah monkeys. They fall victim to rudimentary scams. They are unable to make an informed choice.
When you get into the billions of users, you become a parent to those users. Parents don't let toddlers get into the knife drawer.
Edit: Next logical step is auditing every IMAP client before you can connect it to Gmail. Ridiculous.
This isn't a theoretical concern. It's pretty much exactly what happened with Cambridge Analytica. Facebook didn't really do anything wrong; they provided an API for data access, people explicitly authorized an app with broad access their data, and it turned out that the app was basically a trojan horse for data collection. And politicians, the media, the general public, and even the technologically savvier people who should know better all blamed Facebook for this.
Actually .... They're not that far away from that, if they're not already implementing it. Office365, and Google, if they haven't already have disabled basic Auth for IMAP/SMTP, and only supporting oauth2. Which requires a AppId/ClientSecret handed out out by registering your app with Microsoft/Google.
It seems that you can still steal thunderbirds appid/clientsecret from their open source code, for now ( https://simondobson.org/2024/02/03/getting-email/ ) , but ......
No idea if that's what google is targeting here, but that is a cloud service, that presumably gets a copy of people's Google Drive OAuth keys if they use Google Drive with Transmit and the sync service.
If you use some of the lower-tier CASA labs, it's not that expensive (4K/year), but it is definitely a nuisance for a pure desktop plugin like ours that has absolutely no cloud component (other than connecting to GDocs).
Yes, assessing the trustability of apps is important. No, I don't trust Google to do it properly. Maybe I didn't choose Google because I find them the best, but because I have to (because Google, surprise surprise, forces itself down the throat of everyone, so the people I want to collaborate with use it).
Did my apps certify Google as a trustable provider ?
Google is not "forcing itself down the throat" with Google Drive, and even my Android phone comes with 3 cloud providers.
And yes, your apps certified Google as a trustable provider when they added support for it. Such support is not automatic, it requires non-trivial effort, and presumable no one would do it for services they do not trust.
Did you read the part where it took multiple months to continue because of slow replies and non-working tooling from Google's side?
It's also pretty expensive for a relatively niche app, it might be fine if you are Dropbox or a big VC funded Mail app but for smaller companies it's not "easy".
> I don't think it's a bad thing that Google is enforcing some minimal security standards.
How would Google find out if the version that they are "scanning" is the same one that gets uploaded to the app store on every small app update? Zero, so there's no security benefit.
It raises the bar for low effort hackers and improves security.
I disagree with the op. Sorry mate go through the casa audit and get the access .
What a racket. Smells downright anti-competitive The EU will have fun with this when it catches up.
There's nothing like a racket here. The list of certification agencies goes from KPMG at top end to smaller companies.
You don't get to interop with one of the biggest cloud providers in the world unless you complete commercial audits with one of their partners.
Given the kind of collusion Google's shown itself capable of [1] do you really think this is all fair?
[1] https://en.wikipedia.org/wiki/High-Tech_Employee_Antitrust_L...
I don't think you know how the EU works.
What? The EU wants to introduce certifications for all products and services, further kneecapping local innovation through regulation and costly certifications.
https://digital-strategy.ec.europa.eu/en/policies/cybersecur...
If I don't get one of these mandarin-approved certifications, will I no longer be able to do business? [The Google audits are a hard barrier to connecting to their cloud platform]
It's perhaps a difference between prescriptive and descriptive.
The big question here is if all this was preemptive or the response to something.
Which is why anyone and everyone should flat out avoid them as a company.
With Google Drive now being at the center of so many companies for storing business data, I am certain it is a juicy target, and third party access with full access to read and write to that big hard drive full of proprietary data is one that I would understand want to lock down... but not like this?
I don't think the market is anywhere near to shifting where business are going to dump google drive en masse, but as the ecosystem shrinks because so few companies can afford the cost to play in google's backyard, it does make me wonder how many companies are going to absolutely resent google, comparable to the way they resented oracle.
Could be a Google Workspace policy where you can just set that employees can't access the corporate Drive account through third party apps, while it continues to work for personal accounts.
Entire companies have been destroyed because they rely on Amazon, Google, or some other service, and then have the rug pulled. Sometimes companies have even been destroyed, notably by Amazon, for having the wrong political viewpoints.
My rule of thumb is: Only use open source components, and only run my stuff on Linux. So that way I maintain full control over my stack, and stay mostly immune from the political rug pulls, and other kinds of rug pulls.
Ok, I'll ask: what company did Amazon destroy for having the wrong political viewpoint?
AWS hosts some pretty vile stuff without blinking. The last time a company made a big "woe is me, my ideas are being suppressed" claim against Amazon, it was Parler, and they weren't kicked off for their viewpoints. They were kicked off for operating a crime-ridden site with zero effective moderation.
You could see this as good for the consumer in cases where the abuse is bad but the store I was at in the 00s got kicked off for selling some Martial Arts equipment legal in 47 States but on a naughty list we were unaware of. We listed it in a few colors and that was enough to get kicked out.
we can have better standards for speech and platforming than "you didn't moderate enough".
Dead Comment
> Only use open source components, and only run my stuff on Linux
Most people don't have the luxury of never having to interact with Google Drive, MS Teams, Slack etc.
EDIT: Of course if you're sure your politics are completely left-leaning you'll have no censorship worries, because these platforms are mostly Silicon Valley run. Also since conservatives basically don't play dirty in this way, the conservatives won't censor stuff just because it's left-leaning. We're for protecting freedom of all legal speech and actions.
Though this was a nice and welcome feature, it wasn’t Transmit’s only feature nor even its main one. I don’t think this sentiment applies, exactly.
I assume the retail side, not the AWS?
"End of the Road for Google Drive in Transmit"
The being unfamiliar with Transmit the "and" gave me a startle