Depends on the definition of "insecure". I think we mean "the user is a victim of the owner of the product" or "the user has no choice but to overconsent to invasion from the producer". When ssh has a vulnerability, that's not a problem of me overconsenting to something OpenBSD wants to do. It's a problem where some third party has managed to fool OpenBSD into believing I want them to do something on my behalf, when I issued no such instruction.
But the vulnerability that is Google Mail is that Google will read any email sent to or from a Google Mail account, even incidentally, and use it to build up a profile which paying customers can use to manipulate me into doing things which, in the absence of the profile, I wouldn't've have done. Moreover there's just massive risks from all that data.
But the vulnerability that is Google Mail is that Google will read any email sent to or from a Google Mail account, even incidentally, and use it to build up a profile which paying customers can use to manipulate me into doing things which, in the absence of the profile, I wouldn't've have done. Moreover there's just massive risks from all that data.