IFTTT (short for If This Then That) is a very powerful service that one can use to hook a number of different cloud services together in cool ways, and it’s a service I make a fair amount of use of.

Like many of us who make use of cloud services, the Snowden revelations, that the US and UK intelligence communities had hooks into all the major cloud services (or perhaps a better word would be “confirmations”, since many of us suspected this was going on for a while), have given me pause to re-evaluate the services I use and trust.

So then, what of IFTTT?

With all the hooks it has into other services, it does seem to represent the ultimate in back doors. Out of necessity of function, the permissions granted for each service are quite wide ranging, and we only have it on faith that they won’t be abused. Ok, so it’s not as bad as them knowing my password, since I can click a button and revoke access at any time, but until then IFTTT have full access.

As a US company, and through no fault of their own, IFTTT are compromised when it comes to security, since they’re all backdoored by the patriot act. I suspect that if they haven’t been forced to share access to accounts, it’s only because they are still relatively small fish (when compared to the likes of Google) and are only really used by the technical subset of internet users. But as they grow, it’s only a matter of time before they appear on someone’s radar.

In addition, their business model has always been a little bit of a head scratcher. I suspect the whole service came about from a “wouldn’t it be cool if…” kind of conversation, rather than a set agenda to make money (quite right too), but servers don’t pay for themselves, and I do wonder how long it will be before In-Q-Tel come calling.

Of course, it may be moot, since most of the services that IFTTT connects to are also US based, and for that matter, other countries are almost certainly forcing backdoors into their cloud services too.

Still, it’s got me pondering self hosted alternatives… any nice #indieweb projects out there?

2 thoughts on “Reconsidering @ifttt in the light of #snowden

  1. Hello!
    I have reached this page searching for the exact same thing you are pondering: A self hosted IFTTT alternative.

    I am saddened to see there are no comments with a possible answer.
    I hope one such alternative arises and is open source.
    If it does please let me know and I will do the same if I find it before you.

Leave a Reply