If you don’t manage your own keys, it’s not your data.
If you don’t properly manage your own keys, it’s also not your data.
Thanks for coming to my TED talk.
RE: https://infosec.exchange/@SecurityWriter/115969540425890734
To build on what was said below, your whole online existence is essentially three things combined:
1 - Your email account or mail server where you can get password resets.
2 - DNS that protects the mail server from being impersonated.
3 - Your domain WWW server that can publish records that your domain registrar or certificate authority trusts when issuing certificates.
If you lose control of your email account or mail server, people can password reset their way into all of your account unless you have some strong second factor as a security key. If you have a secondary email recovery account that would be vulnerable. It could possibly be used to bypass your second factor.
If you lose control of your DNS server or your registrar account, then people can impersonate your services such as your web server or mail server for account recovery. A DNS attack could completely remove your existing servers and point traffic to malicious ones as well.
Finally if you lose control of you web server then it could be used to publish .well-known files used for identity verification with certificate authorities, spread malicious files, your imagination is the limit.
As you can see DNS and email are critical. Today everybody outsources their DNS and email. Choose how you manage these as if your identity, finances, and company depend on them.
Basically no one controls their own identities. By running your own email or DNS servers the third-party doctrine would not apply to you, and you would get notice that something was going on with law enforcement.