
“My Google account got suspended because of NewPipe” - nuxdie
https://github.com/TeamNewPipe/NewPipe/issues/2723
======
k__
I think these automatic suspensions are really alarming.

I got my whole Vimeo account suspended by some script that had the impression
I was violating some of their ToS. I just uploaded 3 demo videos of an app I
created. Then they told me I should click on a link to contact support, where
they told me I have to log in to contact support, which I couldn't do because
my account was shut down.

I just released a blog article that needed these videos, so I didn't have any
time for these things so I quickly uploaded the videos to Youtube.

I mean that was just a small account with three videos, but they simply nuked
the whole thing. That's just crazy.

I don't think I'm save at Youtube either, I just didn't have a better idea at
the time.

~~~
abbadadda
> Then they told me I should click on a link to contact support, where they
> told me I have to log in to contact support, which I couldn't do because my
> account was shut down.

Gotta love Silicon Valley Customer Service!! The same thing happened to me
with LinkedIn. Multiple Catch-22s and/or Chicken and the Egg.

~~~
masonic

      Silicon Valley Customer Service!!
    

Vimeo is in NYC.

~~~
abbadadda
The HQ does not need to be in Silicon Valley to adopt the ethos.

------
jsnell
There's an easy way to tell that this did not actually happen. The person
reporting this claims that they were notified that the account was suspended
for "using 3rd party app outside of Play Store to go around Youtube ads".

Now think about any of the previous similar stories you've seen over the
years. Doesn't even have to be about a full account being suspended. E.g.
maybe it's about an app or extension being removed from a store, or about a
site being removed from the search index, etc. The messages will always have
been quite vague on exactly what happened, e.g. just saying that there was a
violation of the terms of service.

The level of specificity claimed by the poster is just totally implausible.

~~~
guiambros
_(Disclaimer: Googler here, but no relationship with Android team other than
as a normal user)_

Another pointer leading to a probable troll on this one: the original OP's
nick is just a bunch of profanities in Finnish [1].

Oh, how can they receive an email stating the account suspension if the
account was suspended in the first place?

[1] (careful; NSFW)
[https://translate.google.com/#view=home&op=translate&sl=auto...](https://translate.google.com/#view=home&op=translate&sl=auto&tl=en&text=haistakaavittukaikkisaatana)

------
jedberg
Every time an automatic google account suspension comes up, I like to let
everyone know that my google adsense account has been suspended for _15
years_. I’m still waiting waiting for my follow up on why.

Even 15 years ago right after they launched the service they were already
having computers make decisions without human review or oversight.

~~~
monktastic1
For six years now I've been trying to use Google Play Music, but enter a
comical loop of errors that neither the support staff nor their eng team shows
any understanding of[1]. They always run through the same utterly useless
script of suggestions, even when I make it painfully clear that I've already
tried each of them multiple times.

I've had similar experiences with most of Google's services, including my
phone nearly being bricked due to a cyclic error on Play Store. I keep a list
of these little joys (on gdocs, ironically).

It was hard enough getting someone to look at these insanely frustrating
errors and problems when I was a SWE there and could pinpoint someone who
could fix them. Fixing these problems doesn't advance anyone's career, so
nobody is incentivized to care. The idea of getting anything resolved from
"out here" is just comical. Instead, I get to +1 a report on their forums,
where one of their "community experts" gleefully tells us not to worry,
someone will probably fix it someday. And in the meantime, have you tried
power cycling? Because, _Google_! (Cue cute xylophone music.)

[1] Guess I'm not the only one with problems. Two stars for the Chrome app
that's required: [https://chrome.google.com/webstore/detail/google-play-
music/...](https://chrome.google.com/webstore/detail/google-play-
music/fahmaaghhglfmonjliepjlchgpgfmobi). Does anyone actually care at Google?
I doubt it. Too many cool new features to build to worry about existing ones
working. Someday I might even write up a piece on how I was shipped off to the
Goolag (Google Seattle) because I insisted on having a team to keep our
product's data up to date.

~~~
wlesieutre
In the meantime, can I interest you in a new social network and/or chat
platform?

------
SXX
To be honest this sounds like some fake story. NewPipe really don't use any
Google credentials and even considering how little trust I have in Google I
don't buy like they going to buy account this this kind of stuff. Like
seriously think on it: why should they ban someone based off IP address alone
that can be shared with many devices / accounts.

~~~
shadowgovt
They wouldn't. But if there's enough secondary signal for them to determine
what account is running the access that is grabbing videos but not ads (i.e.
do NewPipe's requests carry the phone IMEI? Can Google correlate that IMEI to
a user account?), Google could lock down the account.

What the user describes sounds like an account lockdown, not an IP ban.

~~~
londons_explore
It sounds to me like this user was banned for an entirely different reason.
Like for example, someone stole his login credentials, fired up hundreds of
VM's on GCloud, and started mining Monero.

~~~
shadowgovt
User does claim they received a message from Google "saying that I was using
3rd party app outside of Play Store to go around Youtube ads." We haven't seen
a copy of that message, but I'm assuming we can take it at face-value.

~~~
lonelappde
Why would you assume one sentence of an anonymous person on the Internet
should be taken at face value?

'shadowgovt owes me 12.3 BTC.

~~~
shadowgovt
If we don't assume that on average, we have very little to talk about. ;)

------
StavrosK
I can't stress this enough: Use FastMail (and pay for it), it's better than
GMail and doesn't pull this kind of shit on you. The post is very alarming,
but at least you have a better option when it comes to arguably the most
important part of Google, your email.

It's super cheap (I prepaid for two years or something and it came out to less
than $3/mo), faster than Gmail and won't kill your life.

EDIT: I hear Protonmail is also good, just use one of the two. They're great.

~~~
pmlnr
\- google pay

\- google maps

These are the two things I find more or less impossible to replace on android.
For Pay, there is no alternative at all. For Maps, there is Osmand, which is
good as static map, but not for finding addresses.

~~~
lucb1e
Google Maps' map data can be replaced by Microsoft/Here/TomTom data, or OSM-
based maps (OsmAnd, maps.me). Apple Maps seems to be unavailable outside of
iOS, not even through third-party apps or a website, as far as I know.

Mapbox does realtime traffic these days,
[https://benmaps.fr](https://benmaps.fr) can show this layer (I haven't found
that button in mobile view though, might need to do a pull request), as well
as your local traffic authority probably or some other local companies.

Business info can be found through regular search engines, or if that is
really difficult, then you can always fall back to google maps every once in a
while.

Street view is not available where I live anyway, and Mapillary is doing
reasonably. They also have OsmAnd integration. OpenStreetCam is another
alternative.

Satellite imagery is not exclusive to google maps either, there are lots of
sources for this, and often also plane-shot imagery from your local
government. You can configure a layer in OsmAnd. Personally I use Bing Maps
most frequently for this (not the app, just bing.com/maps) since it is a lot
more smooth/lightweight than the awfully heavy google maps website. (I don't
really use sat imagery on mobile anyway.)

Trip recording ("location history" in google) can be done with OsmAnd or many
other apps as well. I configured it to automatically turn on when routing:
then I have GPS on anyway and I might as well store the data. Often fun to see
stats afterwards (max speed, avg speed, asc/descend, or sometimes it's
practical to see the time it took).

I think that should cover the functionality of google maps.

Google pay I never heard of, unless you mean paying for apps in the Play
Store, in which case the solution is to contact the developers directly,
though they usually don't seem to care enough to get you as a customer (I
tried this four times, never got a reply, thus never became a customer since
quitting google play).

Hope this helps!

~~~
Doctor_Fegg
DuckDuckGo has Apple Maps, and there's an API.

~~~
lucb1e
Oh, that's right. Then I just don't know where (other than via DDG) to find
their map. I do remember trying to use Apple maps via the Apple website and
that didn't work (some months ago).

------
octosphere
I haven't had a Google account for over 5 years now, after my account got
suspended for no apparent reason. The only thing I can think of that raised
the alarm at Google was that I created two other accounts using the same IP
and device, and Google must have thought I was gaming their system and
engaging in some sort of Sybil attack[0] on their network. Two other accounts
is hardly grounds for suspension. But 100 or even 1000 other accounts and
Google are within their rights to ban me.

Anyways I since switched to Protonmail for frivolous web signups & registering
on sites, and then I use Fastmail for various business dealings / freelancing
/ anything related to finance like Paypal, online banking, etc. I simply can't
afford to be arbitrarily banned by Google again.

[0]
[https://en.wikipedia.org/wiki/Sybil_attack](https://en.wikipedia.org/wiki/Sybil_attack)

~~~
djsumdog
I use to have three Gmail accounts (notifications, mailing lists and
personal). After the 2012 domestic spying revelations, I deleted all of them,
extracted all my Gmail and hosted my own. It's so much nicer than dealing with
Google's fucking terribly broken IMAP interface and over aggressive spam
filter (which has bitten me too):

[https://battlepenguin.com/tech/how-google-and-microsoft-
made...](https://battlepenguin.com/tech/how-google-and-microsoft-made-email-
unreliable/)

..although e-mail delivery has seemed to be getting better in the past year.

My current Google account has no g-mail connected to it, which has lead to
some interested bugs in Hangouts (you can't search for Google contacts once G+
went away, even if you clearly see them in current chats).

I also host my own Calendar/Contacts using Radicale + DavX (formerly DavDroid)

~~~
rurp
> over aggressive spam filter

I want to emphasize just how bad the spam filtering has gotten. I didn't
realize it for a long time, but now that I check the spam folder regularly
I've realized that a LOT of legit emails get flagged by Google. Even
ridiculously obvious stuff, like a non-automated reply to an email that I
initiated sometimes gets flagged as spam.

------
sigmar
Sounds like some trolling to me, especially since he can't produce the email.
If Google was actually doing this they would have emailed other NewPipe users,
not just this one guy.

~~~
shadowgovt
Their system isn't even likely detecting NewPipe. It is probably detecting
signals indicating the ads it serves are being blocked and the user's account
isn't a Premium account. Any client that failed to vend the ads (or failed to
spoof the ads-vended signals) could trigger this.

(Obvious solution: use the approved clients.)

~~~
sigmar
You can't log in with an account to newpipe though. It is pulling videos off
youtube as if it was a browser on the phone.

~~~
shadowgovt
Has anyone wiresharked its transactions to Google? If it's literally doing it
like it's a browser, what cookies or storage API (or other) state is it
leaking?

~~~
sigmar
It's all open source. Not sure what info it is leaking tho.
[https://github.com/TeamNewPipe/NewPipe#Description](https://github.com/TeamNewPipe/NewPipe#Description)

~~~
shadowgovt
NewPipe itself is open-source. It's using the OS infrastructure to make
requests
([https://github.com/TeamNewPipe/NewPipe/blob/ce17ccad27af0aba...](https://github.com/TeamNewPipe/NewPipe/blob/ce17ccad27af0aba72b25913ffc6e6dba9d770d0/app/src/main/java/us/shandian/giga/service/DownloadManagerService.java#L136)).

One would have to do a deep-read of the implementation of those APIs to know
what they might leak (or toss a packet sniffer in the network stack).

~~~
gruez
This seems like an argument from ignorance. eg. "Well, there's no evidence to
support this hypothesis, but it _could_ be x (no proof given), so unless we
look into x, we won't know for sure".

Using the system browser or webview doesn't send any user identifying
information (other than device type and version) in http requests. There's no
plausible reason why using the download manager API would do it either.

~~~
shadowgovt
I'm not sure I'd call it an argument, but the ignorance part was right (note
upthread this began with a question as to whether anyone _had_ attempted to
packet capture on what NewPipe is sending in a session).

There isn't evidence other than the user in question's account apparently got
banned and they claim to be using NewPipe. So it's one possible avenue of
further investigation if one tries to figure out how Google would even know to
ban a user that was using a tool that allows connection to YouTube
anonymously.

------
bitL
One of my GMail accounts was fairly recently disabled due to Google not
recognizing any device logging into the account. I had to dig up some old
Android phone to even attempt recovery which was unsuccessful. After I
involved some of my Google contacts, the account was back within 2 days, yet
while my phone can log in, none of my other computers are allowed to log in. I
am guessing something in their ML system went seriously wrong in some corner
cases (in my case, accessing the same account from >10
computers/phones/tablets on different operating systems via Firefox with
private browsing, likely triggering their anomaly detection).

~~~
shadowgovt
Yeah, unfortunately, that smells a lot like a coordinated attack on a specific
user's account.

Do you have the enhanced security features turned on? Google's systems trust
the logins more if you have to 2-factor them against a phone or somesuch.

~~~
bitL
No enhanced security, I travel a lot abroad with different phones and can't
handle SMS or some type of authenticator reliably.

I completely get it being flagged, I even wrote ML/DL-based anomaly detector
for mobile stuff myself, but it really gets in the way, so I switched my
primary account over to ProtonMail.

~~~
shadowgovt
I hear that. :)

I had the opposite problem not too long ago; was away for a relative's wedding
and had my phone die during the trip. Even after replacing the phone, getting
back into my Google account on the new phone was a chore, because the phone
that died was _all_ my trusted devices (2FA key holder and receiver of phone
calls for verification at the same time).

Oops. :-p

~~~
a1369209993
> was _all_ my trusted devices (2FA key holder and receiver of phone calls for
> verification at the same time).

That's not actually two factor authentication anymore. Also that's pretty
typical of 'two' factor authentication systems IME.

------
shadowprofile77
One very good reason to regularly download backups of gmail inbox, and if
possible simply stop using it eventually.

~~~
rohan1024
What's the point of Google Photos if I've to keep backup. They may choose to
lock me out and I've lost all my memories.

~~~
javagram
Never rely on a single cloud service for your backup. Always backup to at
least one independent place such as a local hard drive or another cloud
provider.

~~~
jquery
This. I suggest iCloud, Dropbox, Lightroom, OneDrive, or Ever. I often take
advantage of “free trials” to upload all my photos to these services
periodically. Once your free trial expires you can’t upload more photos but
they hold onto the existing ones indefinitely.

I also use a NAS device (cheap!) and a lifetime Plex account for my viewer.
Only iOS “live” photos are inconvenient to back up anywhere but iCloud so I
don’t take many Live Photos.

------
really3452
Step one: Sign up for a [https://tutanota.com/](https://tutanota.com/) email
account for $1 a day.

Step Two: Set up gmail to forward all emails to the new email account.

Step Three: Stop giving out your gmail address.

Step Four: Start marking all emails that get forwarded to you through gmail
that you don't want to see as spam in gmail.

Step Five: Start migrating all real-life contacts and online accounts to use
your tutanota email account.

\-----------------------

SERIOUSLY, start paying for email from an email-specialized company in some
European country with extremely strict privacy (such as Germany). GET OUT OF
GMAIL and OUT OF U.S.A. EMAIL-BASED PROVIDRES A.S.A.P.

~~~
samoa42
it's actually ~ $1 per month

~~~
semiotagonal
The commenter above has done a real dis-service to Tutanota if they've really
quoted it at 30 times the price.

~~~
really3452
Yes, my mistake. If I could edit the post I would.

------
CPLX
Serious question, which I'm hijacking this thread to ask since it's on
everyone's mind:

\- What's the best way to fully back up a G-Suite instance, so you could get
back on your feet really quickly if something like this happened?

I use G-Suite for email and docs and a bunch of stuff for my company, and I'm
willing to pay money to have it all backed up in real time and ready to switch
in the event of a disaster.

What's the best way to do that? I know Spanning and Backupify are two popular
solutions. Would be curious if anyone has experience.

~~~
TheChaplain
Googling gave me this;
[https://support.google.com/a/answer/100458?hl=en](https://support.google.com/a/answer/100458?hl=en)

You should also run your email on your own domain, and make sure the registrar
isn't Google nor requires them for logging in.

------
drankula3
This is frightening. I use newpipe and depend on Google for work, email, and
data storage. I use Google cloud to host my websites, and Google domains to
control their domain names. What's next? Will they suspend an account for
using an adblocker on their website while using a browser?

The fact that Google would suspend their account instead of just blocking
their access to YouTube is an abuse of their near-monopoly. I'll be taking
steps to migrate off the Google stack for this.

~~~
shadowgovt
At the very least, I recommend sharding your accounts for work, email, and
data storage if you're nervous about those failing simultaneously.

The attack surface is larger than a TOS violation (someone could spear-phish
your login credentials, or a coordinated attack on your account could lead to
denial-of-service if Google can't disambiguate your legitimate attempts to
login from attackers' attempts).

~~~
ghaff
Yes. Whatever the real specifics of this particular case, some number of users
will inevitably lose access to their accounts in a way that they can't recover
from. Arguably, with business services, there will always to some way to
reliably establish identity with fallback systems. But, at some point with
free/ad-supported/etc. consumer services a provider is sometimes, if hopefully
rarely, just going to go "Nope. Can't establish your identity or overlook this
ToS violation. No recourse." and showing up in Mountain View with physical
documentation isn't going to be an option.

It's not an ideal state of affairs. But the alternative would probably need to
be more rigorous identity verification and locking down of systems.

------
michannne
This is pretty frightening. I have around 5 Gmail accounts that practically
everything is filtered through, and while I don't use it, I did (just
uninstalled it) have NewPipe installed on my phone, along with F-Droid, along
with a number of apps I downloaded directly from github, that Google has no
place knowing anything about.

If I lose those accounts, I'm pretty sure I'm screwed, there are many online
services that require you to open an email and retrieve a temporary code, or
require you to have access to the original email account in order to switch to
a new one. I don't know what I'd do if I'd lost those.

~~~
amdavidson
Sounds like you have a good incentive to spin up a domain and start
transitioning away from Google.

~~~
apexalpha
I use G-suite for my domain... Just uninstalled NewPipe too, just to be sure
for now.

------
drusepth
This sucks, but... is NewPipe just a proxy to YouTube videos (and other
services, it looks like) that excludes the ads?

After a few pages, the linked github issue devolves into discussions around
"how Google could detect you're using NewPipe" instead of whether or not you
should be allowed to use it. That makes me think it's more in the realm of "we
know this is against the rules but you can secretly use it" rather than a grey
area of what's allowed or not.

It's more of a controversial take, but I'm honestly surprised people don't get
banned for using Adblockers in general. This seems even worse than an
adblocker (in that it just flat-out steals videos from YouTube and puts it in
its own ad-less interface), so I'm not surprised that 1) it likely violates
YouTube's terms and conditions, and 2) that violating YouTube's T&C is grounds
for terminating your account.

~~~
whoisjuan
Yes. This could be against YouTube TOS but losing your Google account which
also gives you access to email, phone (if on Android), GSuite + anything that
uses your email for authentication, is a horrible measure. I don't understand
how this is grounds for terminating your account?

Do you want to block me from using YouTube with this account? Fine. Do it,
that's fair. But terminating the account, effectively blocking someone to
access anything tied to that account is a "piece of shit" move.

~~~
drusepth
I understand where this mindset comes from, but I think it (unfortunately)
stems from YouTube originally being its own service and now being "part of
Google" and sharing a single account now. I'm not sure if it's up to Google to
remind users this is the case, but it'd certainly be helpful.

If you Do Something Bad in Facebook Marketplace, I'd expect the entire
Facebook account to be banned -- not just restricting access to where Bad
Thing happened (FB Marketplace). Or, if you broke T&C on Amazon's marketplace,
I'd expect your AWS account to be banned also. If you cheat in one game sold
through Steam, your entire Steam account gets banned/penalized, not just your
access to that one game.

I can kind of understand why people think Google's services are different, but
I'm not sure why that continues to be the case over time as we move further
and further away from back when YouTube had its own accounts.

~~~
m-p-3
> If you cheat in one game sold through Steam, your entire Steam account gets
> banned/penalized, not just your access to that one game.

Actually it depends on the anticheat system used by the game. Anything from
Valve will use VAC, and cheating in a game using it will ban you from all
games using it. Other games uses EAC, others BattlEye, etc. You won't get
banned from all multiplayer games that you own.

------
vesinisa
This does not sound plausible, more like the work of an Internet troll. The
user's GitHub handle translates as "Fuck you all, damn it!". When asked to
provide evidence, he comes with excuses in the linked thread. He has filed
some issues before with the same project, some of which got closed as dupes.
My take is he was dissatisfied with the response from the GitHub community and
came up with this story to discredit the project.

------
user091816
Google logs all apps you use on Android. Start time, how many times was used,
device, OS etc.

You may disable history but that don't mean they will stop logging.

See the history at
[https://myactivity.google.com/myactivity](https://myactivity.google.com/myactivity)

Edit: get out of Google now!

~~~
jaynetics
MyActivity shows all play store apps and some non-store, pre-installed apps
for me, e.g. the system launcher and WiFi drivers, but it does not show
sideloaded apks.

If this story turns out to be what it seems, that might mean Google shows you
only a subset of the app activity log that they actually keep, adding another
layer of intransparency to the injustice.

~~~
TheChaplain
I think if you are an EU citizen, you can use GDPR to find out.

------
throwaway_bad
This reminds me of a huge story last year where suspicious activity on an
account got the whole company banned, including their personal gmail if they
linked it as a recovery account:
[https://news.ycombinator.com/item?id=17115643](https://news.ycombinator.com/item?id=17115643)

------
sharpneli
This is rather harsh punishment.

Do note that if the poster had some apps published on google play those would
be gone too.

~~~
dx034
And work accounts could also be banned by affiliation I believe?

------
mschuster91
A company I know has lost the password for their info@company.tld google
account. Google refused to reset the password - it asks for mail verification
(passed), phone # (not passed, no one has an idea which phone number that was)
and account age (not passed, this thing is ages old).

Google refused two letters by their legal counsel, now the company will
attempt to file an emergency injunction / court order, but jeez it sucks that
Google can not be bothered to have ANY place where you can contact an actual
human.

~~~
Unai
That's exactly what happened to me just a few days ago. I got an email
alerting me that a secondary Google account of mine had been accessed,
password changed, secondary email changed and I think even some kind of
security question also changed (I don't even remember Google having those).
Ok, no problem, I'll just tell Google I own it for whatever means they ask and
change the password back.

Recovery email doesn't exist anymore. There's no phone number attached (I
haven't accessed the account since before I had my first smartphone). And the
account must be like 12 years old or so, there's no possible human way to
remember the precise month I created it (I don't even remember the year).

I have all my Google accounts connected through gmail, and I can even receive
the emails that go to that account, since they go to my main account. I tried
for a full whole work day to get the account back, but there's just isn't any
human I can talk to, so the account now belong to some russian hacker or who
knows. Luckily for me is not a very important account and I haven't found
anything important attached to it, but it's very scary.

~~~
djsumdog
Sounds like someone was specifically targeting you?

~~~
Unai
No idea, why do you think so? I could see a bot doing all that.

------
yread
Their username means "Fuck you all, Satan!" according to google translate

~~~
mastazi
OP states they are from Finland, and Saatana is typical Finnish swearing, as
you can see here:
[https://en.wikipedia.org/wiki/Finnish_profanity](https://en.wikipedia.org/wiki/Finnish_profanity)

Fun fact: the reason why I know a lot of Finnish swear words is that I used to
play this videogame:
[https://www.amistech.com/msc/](https://www.amistech.com/msc/)

~~~
netsharc
My Summer Car! Vituun saatana!

For me, Funhaus' play of this game is more fun than playing it myself. (Look
it up on YouTube, but is it safe to use NewPipe?)

------
SXX
Even though I think story is fake I encourage everyone to setup their own mail
server using Mail-in-a-Box [0]. You just need one VPS with public IP and
domain name and it's fully automated solution that works great.

[0] [https://mailinabox.email/](https://mailinabox.email/)

[https://github.com/mail-in-a-box/mailinabox](https://github.com/mail-in-a-
box/mailinabox)

------
fogetti
This sounds like simple accusation and speculation without any proof to me.

------
shadowgovt
I'm not entirely sure what the user expected was going to happen. Unless I
drastically misunderstand, NewPipe lets a user see YouTube videos with neither
ads nor a premium account. Of course that's going to be a TOS violation.

~~~
tanilama
Yeah, it is unfair to their paid users, similar to piracy

~~~
izacus
This pretty much is piracy - streaming videos without paying for them to the
creators.

For some strange reason not paying for YouTube content and bandwidth seems to
be just fine here on HN as opposed to doing the same on iTunes or other
services.

------
inputmice
I call BS on the story. But the fact that this is somewhat plausible and
probably within Google’s rights is telling.

------
Funes-
My humble advice for anyone who comes across this thread:

\- Delete your Google account (if you can);

\- Install NewPipe [0] on Android;

\- Install gtk-youtube-viewer [1] on your computer;

\- Install mpsyt [2] if you'd like a terminal client.

\----------------------------------------------------------------

[0]
[https://f-droid.org/en/packages/org.schabi.newpipe/](https://f-droid.org/en/packages/org.schabi.newpipe/)

[1] [https://github.com/trizen/youtube-
viewer](https://github.com/trizen/youtube-viewer)

[2] [https://github.com/mps-youtube/mps-youtube](https://github.com/mps-
youtube/mps-youtube)

------
cbolton
For those reading the comments first and getting confused as I did: This is
not about a NewPipe developer getting their Google account suspended due of a
ToS violation (which would already be a disproportionate sanction, considering
the practical consequences of the suspension). It's a NewPipe _user_ getting
their account suspended. It's like loosing access to your Google account
because you dared use an ad blocker.

And NewPipe doesn't even link to the Google account, so it's not clear how
Google made the connection.

~~~
b-zee
It is not clear Google made the connection at all. The report does not contain
enough details to make it convincing this is just because of NewPipe.

------
tobigr
This might be a troll. Be careful. We do not have any evidence that these
claims are correct

------
pennaMan
Absolutely no proof provided, N=1 for popular youtube pirating app. HN
bullshit sense seems to be turned off completely when Google is accused of
something bad.

~~~
whamlastxmas
This isn't "pirating"

~~~
pennaMan
I maintain and use my own private android app that only plays the audio stream
from youtube via youtubedl. I openly refer to that as pirating.

Does NewPipe circumvent the YT ToS in any way? Then it's pirating.

Please don't bend reality to align with your morals. Bend your morals instead
:)

~~~
whamlastxmas
If the TOS said you were only allowed to view while wearing a top hat, it
wouldn't suddenly be piracy if you watched it hatless. A TOS doesn't define
the general usage of the term piracy.

------
lonelappde
252 comments, featuring a proposal to break up the company, based an anonymous
internet comment with 0 evidence, and thousands of NewPipe using people with
counterevidence.

[https://github.com/TeamNewPipe/NewPipe/issues/2723#issuecomm...](https://github.com/TeamNewPipe/NewPipe/issues/2723#issuecomment-541726437)

------
villgax
I'm surprised they even explained it. So it sounds BS too.

------
adriancooney
This has genuinely scared me. As others have mentioned, I'm completely
dependant on my Google for so many things. Is there any service out there that
can fanout email received to multiple providers like Gmail or Outlook? It's
not a great solution but helps with the vendor lock in.

------
echelon
Entire lives are wrapped up in Google accounts! They're used for administering
other accounts, taxes and payroll, subscriptions, keeping in touch with
family, photos...

This could easily ruin someone's life.

What the fuck, Google.

We seriously need to break this company up into its constituent pieces. This
is beyond unacceptable.

~~~
woodgrainz
It's entirely possible the banning had nothing to do with NewPipe. No other
NewPipe users seem to have had this issue. But of course it's fun to yell at
Google.

We know nothing about this person. Isn't it very possible he was _actually_
violating Google's terms in some way?

~~~
djsumdog
With so much tied to a Google account, there should be some means of dealing
with it. With this person being in Finland, they should have some means of at
least extracting all account data thanks to the GDPR or other protection laws.

~~~
olivierduval
Except that, if your account is cancelled, the datas are deleted (or should
have been)... so there's nothing to download, even from a GDPR point of view.

So the probleme to be able to use that GDPR feature... is to still have an
account

------
checkyoursudo
While I have no idea if the original github comment is real, I have wondered
what I would do if Google decided to shut down my Google Voice-then-Hangouts
phone number. I mean, I've experienced the loss of Reader, and others have
lost beloved services in the past, so it's not like it seems completely
incomprehensible.

As an American living in Europe, the Google Voice number hugely makes my life
easier (give GV# to bank, to friends, etc). Being able to call and text to the
US for free on wifi or using a little bit of my own plan data is so very nice.

I suppose there are some alternatives?

------
rajesh-s
Do you guys think Vanced for YouTube and ViperFX could be next? It could be
that it's happened to a lot of people but gone unreported.

------
politelemon
This appears to be a 4chan troll attempt, see:

[http://archive.is/r8BlM](http://archive.is/r8BlM)

~~~
resoluteteeth
I don't see anything there actually indicating that this is a troll attempt.
It seems like people there are just discussing and speculating about the
github issue like we are doing here on HN.

------
everdrive
For this and other reasons, I don't use my Gmail account for any sort of long
term storage. It's not sometime I own. I could be locked out of it, and lose a
lot.I try to keep fewer than 30 emails in there at any given time. When my
life is going well and up to date, I make sure to keep it at zero messages.

------
classified
So surprising, because, let's face it, Google is the paragon of reliability
and trustworthiness and has never done anything like this before. I really do
wonder why not more people base their entire well-being, health, life, wealth,
not to mention their very existence, on the whimsical good-will of Google.

------
mark_l_watson
Sorry this happened to you. It is a nightmare to think of losing an account on
a platform with little customer support.

I try to use my ProtonMail account for friends, family, and important business
email. I do use gmail for stuff like travel reservations and as a junk email
for registration on sites I don’t much care about.

------
xedarius
Is there a credible open source version of G-suite that you could drop onto a
self hosted VM (similar to how you might host GitLab)?

It would offer email, photos, and office. Would also receive all the necessary
security updates.

There has to be a business in there as gitlab seem to have done quite well
with this model.

Then we could all move to that.

------
anonymouswacker
People give Google too much credit. It was never a good idea to give them so
much undeserved trust with your personal information. They are an advertising
company, and should be treated as such.

Move your account(s) elsewhere because they are ephemeral and untrustworthy.

------
xorand
On another thread [0] "China's New Cybersecurity Program: No Place to Hide".
No place to hide.

[0]
[https://news.ycombinator.com/item?id=21241712](https://news.ycombinator.com/item?id=21241712)

------
y4mi
whats most surprising to me is that no big companies has a workflow for
putting everything public in regard of the account suspension.

i.e. something like replacing every logged in view with a consent form akin to
"i hereby permit google to publish the reasons why the account was terminated"

every claim and bad publicity like this would end in "use the consent form",
which i doubt basically anyone would use... but would still destroy the
legitimacy of these claims.

its probably for liability reasons, which i still don't understand... how
would they be held liable for terminating a service offered for free? i just
cant comprehend it. but i guess thats just my insufficiency

------
mirimir
Is there any advantage of having a Gmail account for just watching YouTube
videos?

~~~
m-p-3
A premium subscription to watch YouTube ad-free.

~~~
mirimir
OK, but NewPipe + no account = no account to lose, right?

------
Danieru
What not-GSuites service do people recommend for hosting one's domain email?

------
copperx
I wonder whether paying for multiple Google services (e.g., Google One, Google
Cloud, having a Pixel), increases the odds of being able to speak to a human
and get the account reinstated or at least be given a reason?

------
Causality1
Well that's terrifying. I always ensure that any third party YouTube apps I
use are only logged into a secondary account but it seems like Google went
searching through his phone and burned every account on it.

------
walmandurebu
This could easily ruin someone's life. Stop fucking around Google.

------
guilhas
I frequently export my data just in case. 'Google Take out'

------
bfrog
Moved my email to Tutanota for $12/yr... well worth the $

------
40four
A few years ago, I lost my primary Google account to a mishap with two factor
authentication.

It was a stupid mistake on my part. I didn't save any of my backup codes, and
then ended up doing a factory reset on my Android phone. Well, on a fresh
device, I no longer had the Authenticaor app that spits out the 2FA codes. And
that was all.. she... wrote.

My primary e-mail. All of my play store purchases. Everything... gone. I tried
the accounts recovery process. Followed everything to a 'T. Even directly
identified recent e-mail in my inbox as they asked. But it was not sufficient,
and I have never been able to get it back.

------
justplay
That scared sh*t lot of me.

I am using android only because i get freedom to do anything i want. If this
type of thing will happen to me, my entire internet life will be ruined.

------
gpderetta
I have a lot of third party accounts tied to gmail.

I don't really want to host my own mail server, what's a good mail alternative
(free or paid) for an European user?

~~~
amdavidson
By commenting that you are European, are you trying to stay out of the US
hosting megalith entirely?

Fastmail has been a great provider for me but, despite being Australian, I
believe they are US hosted.

~~~
gpderetta
I'm not trying to protect against a governmental entity, so I'm happy to use
an US based provider. I provided the extra info in case any US provider
requires additional steps for non US customers.

------
Aperocky
Woah that is so enormously stupid. I never watch a single ad (granted, I use
laptop) and have never gotten into trouble nor plan to stop blocking the ad.

------
The_rationalist
So that you know, kiwi browser is a chromium + extensions for Android. It
allows to have uBlock on mobile AND to play YouTube on the background <3

------
mixedbit
Maybe this was some social engineering attack, and the victim wasn't blocked
by Google, but lost the account to the attacker?

------
rajaganesh87
I'm not able to install new pipe from f-droid anymore. I don't remember
uninstalling it either. This is worrying.

------
Hoasi
Regardless of this particular case, it should be the other way around: suspend
your Google accounts unilaterally.

------
swiley
You can’t trust google with you’re data. Even if they were well intentioned
that doesn’t make sense but not only with they just dump your stuff on the
floor because someone else told you to, they’ll do it if they decide they just
don’t like you for some random reason and there’s nothing you can do about it.

Go get a droplet or a shell account, make sure it’s backed up automatically,
and keep your stuff there.

------
michaelmrose
It's been time for a while to migrate off centralized platforms that can lock
you out.

------
frankzen
This has class action written all over it and I'll definitely take the bucks!

------
m-p-3
with how much of the Internet relies on giants like Google and others as an
identity service, it is worrysome that a minor infraction like this can lead
to be locked out of your emails, apps purchase, and files.

------
Paianni
So as long as I'm using NewPipe without Gapps on my phone, I'm fine.

------
gaius_baltar
My thoughts now: one of the reasons I use NewPipe is because it have no need
for Google accounts (i.e. correlation to emails, no tracking of data
gathering).

If evilG banned an account, it means the event that triggered it was a
correlation between YT usage and IP addresses. Interesting.

~~~
shadowgovt
Has anyone Wiresharked the data that is sent when NewPipe makes a video
request?

I wonder if it's leaking things Google could use for correlating signal (IP
address is an obvious one, but I wonder if the phone is sending IMEI in a
header, or if YouTube is setting a cookie / using a storage API that NewPipe
honors, but then that cookie / API tag is also readable from the browser when
the user uses their regular account).

~~~
gaius_baltar
NewPipe is free software so I don't thing it will be able to send some covert
information (even if the author is attacked /compromised).

Android is designed to not allow an app to read information from another one,
so it __should __prevent the second scenario -- except that Google has root-
level access to our phones so it can spy everything anyway.

~~~
shadowgovt
NewPipe's free-software-ness is less relevant if it's relying upon OS-supplied
APIs to send network requests and nobody has Wiresharked the output of those
APIs.

For example, if it's fetching data from YouTube via a WebView, the HTTP
requests made to the server will carry all kinds of cookie state and enable
all kinds of APIs that can be used to tag a client in a cross-session fashion
(though I don't personally know what WebView's state-sharing model is).

Remember, the security model for web sites isn't "app"-based; it's domain-
based. Hypothetically, if YouTube were setting a cookie via NewPipe's
interactions onto the youtube.com domain that says "Hey this user-agent used
NewPipe," then if some other piece of Android (such as the browser) were
sharing the same cookie jar, it would vend that cookie back and Google could
correlate it to a logged-in user. The question is whether the cookie jar gets
reused.

~~~
gaius_baltar
Well, that makes perfect sense!

If Google is providing an API to easily download things through (e.g.) HTTPS,
it may also intercept and poison these requests when they are directed to one
of their services and get some extra information from it!

------
Aeolun
Why the hell does Google get to decide what I install on my phone?

~~~
drusepth
From this story, it seems they only get to decide what apps you access their
services through, which seems entirely reasonable, no?

------
jacquesm
The sooner Google gets broken up the better.

Soon in a theater near you: Google account blocked for using uBlock origin or
jsblock. Citizens shall not opt-out of being relentlessly bombarded with
advertising on penalty of digital purgatory.

------
Daniel_sk
I migrated to Fastmail (it's a one click to import all the mails) and bought
an own custom domain + set up IMAP from gmail to fastmail. And I bought an
iPhone. I don't have a need for a Google account anymore.

------
villgax
So if I use Adblock then am i screwed as well?

------
lanevorockz
Google obviously want to kill all competition

------
retpirato
not using the official api & not showing ads would be a TOS violation if it
were on the play store.

------
chii
so it's an app that lets you watch youtube without using the youtube app? I
don't get on what grounds can google ban you for this - esp. if you could very
easily download youtube videos using youtube-dl...

Why not use firefox, and install ublock origin to block the ads?

~~~
m-p-3
It also doesn't show ads, and basically make it convenient to use by the
average user. I prefer YouTube-DL, but I also like NewPipe.

~~~
FerretFred
torsocks + youtube-dl FTW...

~~~
m-p-3
didnt knew about torsocks, thanks

------
xhruso00
According to GDPR I think he can still request data that Google collected
about him. Also as per GDPR he can request to delete all data about him and
open new account with same username. Google must comply with EU law.

------
acollins1331
These huge TOS agreements are akin to governmental authoritarian control.
Everyone has broken something in them, we are all a criminal. Knowing this, we
all live in fear knowing that it's not a matter of 'if' but 'when' the
government/corporate overlord can cancel everything we've been working on or
living for because of an obscure clause that no one has ever read, which was
created for this very purpose.

~~~
freyir
> _”because of an obscure clause that no one has ever read, which was created
> for this very purpose.”_

I don’t like that OP was locked out of his email.

But besides that, it’s not as if he broke some obscure TOS clause. He actively
subverted the company’s revenue model to take its product for free. That’s
about as obvious as it gets that you’re risking being blocked from a service.

~~~
superwayne
> He used specialized software to subvert the company’s revenue model and take
> its product for free.

How is this different than using an ad blocker in the browser?

~~~
aaronax
It does seem similar. If you don't want to see the ads, don't use the service.

I don't use an ad blocker, and if I don't want to see ads I pay for the
service, such as with Reddit, Ars Technica, Windows Live Mail, Netflix, and
YouTube. Technically, I quit Netflix once they started showing me ads, even
though they were for their own shows (general dark patterns were the more
significant factor though).

~~~
CathedralBorrow
Where do you draw that line though? If I take steps to ignore/block ads that
don't involve software -- like muting during ads or flipping the phone over --
am I subverting the company's revenue model? How much do I need to "see" ads?

~~~
aaronax
A very good question. Muting a TV seems OK on the surface to me, but only
because it is normal to me. When actually thinking about it, I realize that
muting TV ads is similar to web ad blocking.

So in principle I would have to say that one shouldn't mute TV ads, or skip
them using +10 second buttons. Of course I will not always live my life up to
that principle...

------
apexalpha
Wow. This is not about the author of Newpipe! This is about a user! Jesus, wtf
Google?

It just flashed through my head how much Google services I rely on. I even use
G-Suite for my own domain.

