
Our Firebase and Google Cloud project was suspended over suspicious activity - eashish93
https://medium.com/@amton15127/why-you-should-not-use-firebase-and-google-cloud-c05fe6ccdbe8
======
noad
The only time I ever got an email from a real human at google was when I tried
out google cloud for a weekend when it first came out. I had a detailed plan
to benchmark different instance types and compare them to AWS for an upcoming
project.

I got about two hours into this and my account was deactivated, one of the
cloud engineers sent me a truly nasty email saying that bitcoin mining is not
allowed on google cloud and I should stop abusing resources and being so
irresponsible. I replied and asked how on earth they came to the conclusion I
was a bitcoin miner and explained what I was actually doing, but never heard
back from them again.

It was so bizarre, I felt like I was back in the 3rd grade getting in trouble
for knowing more about the Apples than the computer teacher.

~~~
mayank
> I got about two hours into this and my account was deactivated, one of the
> cloud engineers sent me a truly nasty email saying that bitcoin mining is
> not allowed on google cloud and I should stop abusing resources and being so
> irresponsible.

This is a pretty big claim. It would be grossly inappropriate if true. Do you
have any evidence to back it up?

~~~
ThePowerOfFuet
I can say that crypto mining is prohibited during the free trial (and there
are heuristics to detect it).

------
euph0ria
The company I work for has banned the use of Google Cloud due to how they
treat their Play Store developers, in particular that there never seems to be
any human being that you can talk to and find out what you need to do to fix
the situation. We do not want the same to occur to our servers or if there is
an overflow from Play Store ban to GCP etc. We use AWS instead who has so far
been very good at the support side.

~~~
t0ughcritic
Yes exactly this. They ban you and shame you as if you are 5 year old. This is
why we don’t rely on Google either and are using less and less of their
services.

------
9nGQluzmnq3M
I suspect there's more going on here than meets the eye:

\- This is the first post on a new blog by somebody without a full name or any
social media presence that I can find (googling "amton gaming blockchain"
returns zero hits)

\- The company/site in question is never named or linked to

\- They used somebody else's credit card and don't seem to have matching ID
for it

Is "blockchain gaming" code for an online casino or something? If so, this is
likely against GCP terms of service.

~~~
blunte
You are completely guessing this based on very little information. There is a
strong chance that you are wrong. Is your goal just to throw mud?

You ignore the point of the post - that Google can and will shut some clients
down with little warning and even less recourse.

~~~
9nGQluzmnq3M
Do you disagree with any of the points I've raised?

I know it's a common trope here that Google does evil things just for fun, but
we've only got one side of the story here and there's been a number of
previous cases here of apps getting kicked out for what turned out to be
pretty understandable reasons.

~~~
blunte
No one said Google did this for fun. Google appears to prioritize automated
systems and bottom line over care for it's customers.

And whether any of your analysis about the customer is accurate is irrelevant
and not worth debate here.

------
julianlam
> They have full control of your project.

Correction, you _gave_ them full control of your project, when you decided to
use their APIs and tooling as the literal backbone of your application.

This is the tradeoff, and server administration is not something you can hack
at, DevOps style. Proper external backups would've at least made switching
away less painful.

If you wish to have full control of your data, you have to co-locate your own
servers and run things on bare metal. Though running things on the cloud is a
trade-off that many of us have made.

~~~
blunte
Nobody expects to be on the bad end of this situation, and the good side (all
the services and features) are very tempting.

Terms of service and other agreements do not justify the careless approach
that Google takes toward it's customers and customer service.

This situation should be resolved with capable humans in the Google
business/account management group, but as we have seen so many times here on
HN, that is not how Google operates.

------
syshum
>>We have some backup files, but it doesn’t enough, we’ve never planned to
have an automatic backup on Google Cloud because we’ve never thought about
this situation is occurring today

Many companies are going to have learn this lesson the hard way, time after
time see stories of companies under the impression that cloud == no need for
backups.. its the cloud why would you need to back things up

This way of thinking will burn many many companies, even worse when you use a
SaaS product that has no ability to export data so you are locked in... those
companies are screwed

------
dijit
Isn't this the price of doing business?

I'm not being facetious, but ops people have always decried giving up control
of the platform and especially buying into lock-in to services that only exist
in a particular cloud.

If there's no corollary to firebase, and your app is built entirely on
firebase, and they increase the price or change direction, you gotta go with
it. I mean it's the definition of vendor lock-in; and it applies too when the
political whims of the company change. IE; if you're making games and you're
hosted on Azure, you have to have some level of knowledge that Microsoft makes
games too, and that they could potentially subtly harm you if you're
outcompeting them.

Everyone knows that you "buy" time, you "buy" less burden of operation and you
"buy" the fact that you're living at a higher abstraction and can move more
rapidly; this is baked in to the extra cost of hosting with a cloud provider.

Maybe people don't really know (or grok) that you also "sell" not only your
competence, but your self reliance?

~~~
blunte
People go this route because they do not understand the potential
consequences.

If it were published up front that x% of Google customers will get locked out
and lose their business, I think you would see a lot fewer of these stories
because Google would get a lot less business.

People just are ignorant of the true risks here.

~~~
elmo2you
I think you are right. At least to a large degree. I will never do business
with cloud providers like these, but I know enough people who did and got
burned. The pattern and results are usually very similar.

While involving a different cloud provider, I recently read a long thread from
a Amazon (re)seller that got his/her funds frozen. There was a lot of
indignation, about how Amazon could treat him/her this way, while he/she was
making more than a million dollar each month. Personally, I think that the
level of arrogance, self-entitlement and hubris (not just of this seller, but
also the fellow sellers chiming in) was the most remarkable about it all.
Obviously very opportunistic, but suddenly full of moral judgment when
"screwed over" by Amazon. I'm not so sure it's just ignorance of the true
risks.

The classic tale of "the scorpion and the frog" always comes to mind, when I
read stories like these.

/m2c

~~~
scarface74
I have no personal experience on the Amazon retail side, but have you noticed
you never here about this poor customer support from AWS or for that matter
Azure?

As far as even how Amazon treats third party sellers, I’m not saying it’s an
excuse, but the seller isn’t the ultimate customer - the buyer is. Amazon is
very focused on good customer service for the buyer.

Google’s customer support is horrible.

~~~
dijit
Unless you're in an enterprise agreement (which I am), then GCP support is
above and beyond- even in one case identifying exactly where some open source
code broke and submitting an upstream patch for my specific use-case.

~~~
scarface74
In contrast, you don’t need an “enterprise agreement” to get great support
from AWS. The business level agreement that is $100 a month minimum or 10% of
your spend is excellent and affordable for small companies.

------
random_savv
This does make me think again that we should completely move off Firebase
(still using auth & storage).

~~~
blunte
It's not just about firebase, it's about Google services in general. We have
heard so many of these calls for help on HN that it is clear that relying on
Google services is like gambling with your business.

~~~
lima
Confirmation bias. GCP has millions of customers, these are very rare
instances and we only ever hear one side of the story. It's not reasonable to
make a business decision based on such anecdotes.

Any other provider suspends accounts too - everyone has the same kind of abuse
problem.

~~~
scarface74
Why are the stories overwhelmingly about GCP even though it has much less
marketshare than AWS/Azure?

------
unixhero
Why are people persisting to Firebase? Is is it still solving a pain point?

~~~
tehbeard
Mobile sync, if I understand correctly.

~~~
amelius
There's no open source equivalent?

Lock-in could be the reason they're still using it.

~~~
tehbeard
The closest I can think of that I've used is CouchDB..

But it's not a turnkey solution, particularly with how ACL works (read
granularity is at the database level)

------
mutant
Check out GunDB as a replacement for Firebase.

