I could be a lot happier if they gave me access to the analytics data (which they most definitely do log). It would let me freak out if there's an unexpected amount of traffic or any referrers from crawlers/reddit/social media.
But otherwise, this seems like another story about how nontechnical people are being surprised by underlying details behind technology. In the sense of "omg we are being tracked" except in this instance it's just realizing that even if you have an unguessable url, someone can access it if you accidentally give it out... big whoop.
That's presumably part of it, but dotcom wealth mostly comes from gaining centralized power over people.
So most energy of the last 20 years has been focused on creating and entrenching middlepersons, rather than on developing decentralized approaches.
And most of what decentralization you hear lately is mostly cryptocurrency-style scams, attempts to ride blockchain hype for an incredibly crappy database, and solutions focused on the priorities of people doing illegal things.
Rather than very simple ideas from the original Web, like "everyone can have their own Web servers, and we build from there," for example.
Dat/Beaker Browser and many others can do all you described.
They're just not popular because only us geeks care or understand the value of esoteric and worthless stuff like privacy and data ownership.
Also, unfortunately if someone shares a photo and then turns their computer off, the recipients then can't download the photo. If you share a photo from your phone, then accidentally drop it into the toilet, the recipients then can't download the photo. Those are inconveniences.
The popularity of facebook despite it's innate, deep-rooted and well-publicized privacy horrors makes it obvious that convenience and inertia always wins.
So the geeks need to produce something compelling that includes privacy and decentralization at its core, and only then will people switch. Pretty please?
OK, so I'm working on something that could be like that, and looked at dat and ipfs, but only IPFS is reasonable for filesystem access, and both have decidedly nontrivial access latency. DAT/IPFS experts: how would you apply it to something like a Google photos app, where the majority of assets are private, and subsets of assets are shared? How do you propagate edits (like adding and removing assets or changing asset metadata, like "hidden" or reactions) with reasonable propagation assurances?
Why are you assuming you can't do that? Google will index your page if you want, Facebook and Twitter will share your links if you want. Nothing prevents you from making anything you want (Google will even sell you servers to do it!).
Most people have simply realized that isn't any fun. But if you want to, go ahead.
Convenience and mobile devices happened. With Google photos and similar I can share photos from my phone within seconds from pretty much anywhere. For example while I'm still on vacation in a foreign country. It's much lower friction than uploading the photos to a server, likely creating some kind of album, generating looks work tokens in them, etc.
These are not incompatible with private servers. I can imagine a world where, on setting up your phone, you set up the location of the backup server, which can be a server that you own. On taking a picture, instead of syncing with Google/Apple photos, it syncs with the server that you have chosen. When you share a photo, it indicates that that photo should temporarily be moved from a private folder to a public folder on the backup server.
I'm always greatful for the people who so dedicate so much time to reverse engineering and hacking products so I can install a custom firmware or homebrew on them.
But otherwise, this seems like another story about how nontechnical people are being surprised by underlying details behind technology. In the sense of "omg we are being tracked" except in this instance it's just realizing that even if you have an unguessable url, someone can access it if you accidentally give it out... big whoop.