![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
timDropbox, as I documented previously, states that they will permanently lock you out of your account if you have 2-factor authentication enabled and you lose your phone.
This isn't really true, though -- they make an exception if you know somebody who works for Dropbox. I was able to find someone in my social network who does, and was thus able to get all of my files back.
If you don't think it's fair for a company to treat users with friends who know people who work for that company one way, and everybody else a different way, probably don't use Dropbox.
It's interesting to me that the effect of the utter lack of regulation that the software industry suffers is that companies basically act like traumatized kids. As a traumatized kid, I understand (from extensive experience) hypervigilance: when you become focused on one type of threat and obsessive about avoiding it, at the potential expense of being unaware of other types of threats.
Imagine that your bank refused to grant you access to your life savings because you had 2-factor authentication enabled on your account and you lost your phone. Unimaginable, right? But it's only unimaginable because the banking industry is regulated. We consider it normal for cloud software providers to lock customers out of their accounts because the software industry is unregulated.
In the absence of external regulation, children don't learn to develop self-regulation, which is why kids raised in chaotic environments (hi) sometimes have trouble taking care of themselves as adults. Likewise, in the absence of external regulation, businesses can't self-regulate. We see that in software: inappropriate concern for one particular type of threat (a lawsuit due to someone fraudulently accessing account that isn't theirs) outweighs another, just as legitimate threat (the threat of paying customers not being able to access their own data).
The software industry can't regulate itself. In an age where more and more data are getting centralized (what we call "cloud computing" actually refers to the consolidation of power over ownership of information in the hands of just a few big companies -- perhaps, after all the mergers have happened -- just one), it's more and more important for us to organize to stop companies like Dropbox from setting our priorities for us.
This isn't really true, though -- they make an exception if you know somebody who works for Dropbox. I was able to find someone in my social network who does, and was thus able to get all of my files back.
If you don't think it's fair for a company to treat users with friends who know people who work for that company one way, and everybody else a different way, probably don't use Dropbox.
It's interesting to me that the effect of the utter lack of regulation that the software industry suffers is that companies basically act like traumatized kids. As a traumatized kid, I understand (from extensive experience) hypervigilance: when you become focused on one type of threat and obsessive about avoiding it, at the potential expense of being unaware of other types of threats.
Imagine that your bank refused to grant you access to your life savings because you had 2-factor authentication enabled on your account and you lost your phone. Unimaginable, right? But it's only unimaginable because the banking industry is regulated. We consider it normal for cloud software providers to lock customers out of their accounts because the software industry is unregulated.
In the absence of external regulation, children don't learn to develop self-regulation, which is why kids raised in chaotic environments (hi) sometimes have trouble taking care of themselves as adults. Likewise, in the absence of external regulation, businesses can't self-regulate. We see that in software: inappropriate concern for one particular type of threat (a lawsuit due to someone fraudulently accessing account that isn't theirs) outweighs another, just as legitimate threat (the threat of paying customers not being able to access their own data).
The software industry can't regulate itself. In an age where more and more data are getting centralized (what we call "cloud computing" actually refers to the consolidation of power over ownership of information in the hands of just a few big companies -- perhaps, after all the mergers have happened -- just one), it's more and more important for us to organize to stop companies like Dropbox from setting our priorities for us.
(no subject)
Date: 2015-06-03 11:17 pm (UTC)Incidentally, I like nearlyfreespeech's way of dealing with this, they have a handful of account verification actions you can configure and you can select how many ones need to work in order to get your account back so the account holder can choose the right tradeoffs for them (http://i.imgur.com/roeoiIr.png and http://i.imgur.com/GJ95Lbb.png show the interface, https://faq.nearlyfreespeech.net/section/login/losteverything#losteverything is the FAQ entry about this subject)
Also like, a bank not granting me access to money in my account is...less unimaginable than you make it seem, really. Paypal and banks and payment processors / money transmitters / whatever the correct term is for that line of business routinely do things like that under the aegis of AML/KYC (anti-money laundering / know your customer) regulations or fraud prevention. Paypal's notorious for freezing/closing accounts of people that are or were involved in the sex industry, for example, and Chase Bank did a bunch of similar and widely-publicized account closures in like 2014. Regulatory requirements for financial institutions aren't perfect and often cause (or are engineered or used to cause) very significant collateral damage on marginalized people.
(no subject)
Date: 2015-06-04 03:51 pm (UTC)I do use dropbox, I need it for work, but I don't keep the *only* copy of any data in it, they might lock me out, or they might go bankrupt, or they might have catastrophic data loss...
(no subject)
Date: 2015-06-04 04:18 pm (UTC)(no subject)
Date: 2015-06-04 05:42 pm (UTC)