Until I inevitably burned myself with Google. I have no idea what happened but my account was terminated suddenly. No warning and no explanation as my backup address was no longer valid. This was two years ago. I lost documents, account details, contacts, calendars, email history, conversations between people on hangouts plus my phone decided to ask me to sign in again and became as useless as a dumbphone instantly.
Took about a month to reorganise my life and I lost contact with people, failed to complete tasks because my record was gone, lost control over my personal finances which were in Google sheets. Probably burned a week of my life on this as well.
Now using a cheap Nokia 106, POP3 box with gandi.net, mozilla Firefox and lightning, encrypted USB sticks for backup and LibreOffice. Never been happier.
I am genuinely afraid of going through this again. Everything remains portable between OS and provider now. Things are more volatile than we realise. I understand my father now.
I'm not against using all in services like Google but you need backups, an exit plan and a DR strategy explaining where all the services will go plus the time to carry it out. If you don't have these or it's too expensive to do this even for a personal user, don't even cross the starting line with the product.
Edit: Also beware of potential mergers, political whim and products being redacted or broken for long periods of time. All of these have affected me over the years.
It just seem not sustainable. If you would do this with paper in the past, your place would just be full of junk. Our cloud life is an horrific stack of garbage. We just don't need most of the things we store, keeping everything as proof of evidences for a potential event that will surely never happen, as if we were all super important targets of an improbable crime scene.
I hate this ideology. Thinking about getting out of it is perfectly sane.
 Yes I know storage is cheap, but then forget about ecology and climate change control, I have no proof of this but can't believe that all the Google servers of the world don't have an impact, even if it seems quite clean
That might be viable if Google had kept its promise about users never having to delete their emails. As it is, the total capacity (shared with Gdrive) is 15GB, which wouldn't be much of a life.
I was one of the first Gmail users outside Google and got to 14.99GB some time ago, just with email. And I delete loads of it.
But I don't worry too much about losing Gmail. First, all incoming email is forwarded to an Outlook.com mailbox (which never complains about lack of space). Second, I use my own domain name. As long as I never forget to renew that, I should be OK....
Great point, and I see a chilling effect in your file storages being used to determine your "character" should you be involved in a lawsuit of some kind.
As an innocuous example, perhaps due to my being a millennial, I save thousands of memes on my phone that I find funny and share them with friends on a daily basis.
I would be shocked to hear if myself, or someone I'm friends with, was deemed a "horrible person" by the courts because some Shutterstock images with overlaid text have some dark humor attached.
This is ridiculous reasoning. The best (though imperfect) proxy for the climate impact of a given service is how much it costs. If Google is giving away the service for free, it can't be costing them a lot of energy to run (or alternatively it's producing a lot of value for them).
Also, I am not sure to about drawing a correlation between cost and climate impact.
I tend to delete lots of things people might keep. I keep my inbox empty as well. Life is easier that way rather than deferring all the storage decisions later.
Google should not be allowed to cut someone off from all products without, at the very least, a reasonable period of time during which data is available in useful export formats, email still functions 100% so one can transition important accounts that use it, etc.
Consumers are getting hurt in a big way by these giants and nobody is doing a thing about it.
Nobody reads these things. Ergo, nobody agrees to them.
Let's get it in front of a Jury. What do you want to bet that not one person in the Jury has ever read these incredibly one-sided, purposely obscure, usually incredibly long and complex agreements? Nobody. Not the Judge nor the Jury.
Not to get political, this is precisely one of those things that earned Democrats a defeat. Demeaning and diminishing others eventually has consequences. Being completely insensitive to the needs and plight of average folks. To hide behind EULAs crafted by the powerful, for the powerful and damn you little insignificant people is disgusting. To think so little about people and users that it is deemed OK to upend their lives instantly by a mindless, heartless algorithm.
This is the behavior of a mean vindictive totalitarian dictator, not of a business that purports to be guided by Democratic ideals and concepts such as "first do no evil". The hypocrisy is deep and wide.
Nah, a Jury would destroy them.
It's been a while since I've looked at the enforceability of clickwrap class-action waivers, but it's either enforceable or not as a matter of law. No factual issues in dispute = no jury required.
I'd be surprised if these things could survive a well mounted legal challenge purely based on common sense. The intention of these companies is to take it all from the user and have exactly zero responsibility and exposure. Way too one-sided for companies that affect hundreds of millions of people, particularly if they claim not to do evil.
If public shaming won't do it maybe government intervention will.
Google provide data export from nearly all of their services in standard formats. Where no established open standard exists, they provide clean HTML or JSON.
As someone who has nearly completed their GExit, I'd say I found Takeout to be borderline useless as an export strategy.
On the other hand, please understand that there is no better option. Said differently: Google Takeout has made the BEST choice here. I giggled with delight when I saw they chose mbox.
[...] 1975 [...]
No idea what I'll do when Thunderbird eventually goes away - what is the replacement with identical functionality on macOS? I only want to grab mail and append to my existing mbox files.
You can donate to the project, I just did so today in fact:
eg. my Outlook PSTs and OSTs are useless to me as I have nothing that will open them.
Calendar data you can mainly download as .ics files. Addressbook data is somewhat trickier, a directory full of VCARDs is probably the gold standard.
Maildir is ok. Mbox couldn't be retired early enough.
There was a company called Power Ventures. They made it easy to export your Facebook data. They never stored anything the user didn't have a copyright interest in (that is, they only stored the user's own data, like their profile pictures and status updates). Nevertheless, Facebook took them to court and shut them down. The company had trouble retaining a lawyer after the shutdown (and companies must be represented by a member of the bar -- pro se is not allowed) and ultimately, the founder was held personally liable for $3 million in damages.
That's what happens if you look like even a remote threat to a major technology incumbent.
We need to fix our tech access laws.
Furthermore, they're not preventing you from reselling your phone at all - just deleting your account. Not "deleting your account if you do resell it" just deleting your account. First sale simply means they can't sue or get you arrested. They can do anything else with you, and refusing to do any further business with you certainly falls within that scope.
Without additional laws there's nothing to do here.
TLDR: never use your main Google, or Facebook, account for anything, not even buying a Google made phone, or buying Facebook ads for your own company, just never ever do that, so that at the very least, the pain is spread. They are businesses, and you do not want to give them a trivial way to retaliate or use this in a negotiation.
Be easy :) . I have 6 facebook accs for 5 of which I forgot passwords, 4 google accs out of which 3 got permalocked because sms confirmations simply never go through to half of Russian numbers, and I think 5 Paypal accounts all of which got blocked because "hey, you are the guy whom we blocked last year! you dared to register again? unforgivable!"
Yes, don't keep things online, you will be better off
Just because they claim it doesn't mean it's legal nor moral.
We, as you intimate, probably need legislation to protect the data of users, requiring companies to take due care of it and requiring they provide access to users leaving a service, etc..
Moreover I think work needs to be done on enabling products, including software, when a seller/manufacturer withdraws support. Phones could be required to have systems that enable interoperability across service providers. Games could be required to publish servers and/or protocols allowing them to be used when companies EOL them.
It's just that you have to be prepared before shit like this goes down.
Eg, a distributed access system like IPFS, but for personal use only (closed network, as best possible) would be ideal. Including distributed though, it needs versioning like Camlistore.
Ultimately i'll just go with Camlistore and likely build tools around the access UX. It's the best i've found, without rewriting it myself (too much work for too little gain atm, imo)
That's fair. I wonder if it would be worth it to write some type of camlistore extraction tool. Eg, plug in a USB, autoruns a script which mounts a blob store as a fuse FS.
Hell, the blob store could be packed with the USB.. a sort of way to backup Camlistore that your family can always access. I actually like that idea. Fuse may not be a good access model (it's tied to unix of course), but maybe just a couple binaries that will auto run and display the stored camlistore blobstore.
Sounds like a nifty project and nifty way to backup camlistore for family/non-tech oriented. No servers needed, no understanding of the tech you use. As fool-proof as you can make it.
Thoughts on this related to your model?
What if the ABI breaks, the CPU architecture changes or the project gives up at some point in the future?
Ergo, I prefer to leave just the data. The data is hard enough on its own: http://www.bbc.co.uk/news/technology-13367398
With Camlistore it's one level extracted. You'd need a tool to decrypt and scoop up all the chunks for a given file - but you could write that in Bash. The Camlistores blob store doesn't do anything fancy (that i recall! i could be wrong), it's just a bunch of json documents with the file contents in them.
Though, Googling it now, it looks like BitLocker comes with Windows, so i can see why you like that. Your family doesn't need any tool, it's built into Windows. Not sure how that works with OSX though.
> What if the ABI breaks, the CPU architecture changes
Totally valid - but i could throw what ifs all day long. What if your family isn't on Windows? Here is what i got for OSX (no idea if it's accurate).
Though this does raise a good point - while a binary is nice for dependency free solutions, having non-bin solutions might be nice too. Eg, a Pyhton solution included is likely to work on all operating systems. The user has to of course install Python, which is bad. A platform specific solution (bash or dos) might be handy too.
Binarys only would indeed be potentially bad, you are correct, thank you!
> or the project gives up at some point in the future?
Well in my proposal, the project is irrelevant. The exporter is already made. As long as the user can run one of the compiled binaries they could access/export it fully (in the concept, of course)
Will mull over your ideas; there are definitely things to be gained and there's always tradeoffs that need to be considered.
I do like Camlistore's approach to generic data storage though - ie, there is no organizing files/etc. Of course you can always go back and add metadata, but i treat it like a database dump - which is quite nice.
I think what i need is to find the simplest solution to export/expose the data within camlistore. Then i can encrypt like you are, and be sure that family can get data back out. Hmm, much to think on.
Appreciate the discussion :)
I am very sceptical about my ability of maintaining it on the long term.
Turns out the former is only around 22Gb of mainly code, documents, videos and photos. The latter is 250Gb of music, films etc.
The latter goes on a NAS with a mirror on the laptop.
The important stuff lives on the laptop protected by bitlocker, an encrypted USB stick protected by bitlocker that is on me 24/7, the NAS and another offline unencrypted USB stick that I drop off at my parents' and cycle every six months. All disks are replaced every three years. All USB sticks once a year.
All file transfers are done with Beyond Compare by hand and verified after.
~> A handful of manual steps you need to remember to do.
The only offsite you have is at your parents, and is only "uploaded" every 6 months.
Isn't it just better and easier (at least long term) to just use duplicity (or equivalent) and sync your NAS to any backend (Drive/Onedrive/Dropbox/Hubic/etc)? And then just use your NAS as your "true" storage? Then it'll just run until your configuration changes (NAS switch, service discontinued, etc) at which point you reconfigure it once.
If you make it a conscious scheduled process you know it's working.
I'm a relative expert with duplicity (I run a whole pile of stuff in AWS that uses the S3 back end for backups) and it's not a solution I really entirely trust. First you incur the wrath of configuration i.e. the initial ramp up to get it working, then there's the monitoring overhead which isn't trivial as it isn't the quietest bit of software known to man, and finally we have the complexity perspective which introduces a lot more code, network transport etc.
Plus it is horribly buggy, particularly with incrementals, metadata and corruption. The same is true with Google Drive, OneDrive, Dropbox which I have used.
Edit: comedic timing perhaps, but since I wrote this post I've just got a duplicity failure to deal with...
or.. put a box at your friends house with as much storage as you want. Back when I had FIOS (and it was fast & reliable) this is what I did. Put a NUC with a friend, had an external drive, we were each others offsite backup location. Quite handy.
Because the likelyhood of Google banning your access is way lower than
* Data corruption
* House fires
* Human error (Cleanup, house moves, random acts of brain farts, and suddenly you can't find your USB stick)
Google's data is presumably replicated across multiple AZs, and they have more automation invested in data integrity.
I am personally/professionally qualified to keep my data extremely safe and distributed. It's one of the things I do at work, at scale. But it's not easy. It is, after all, work. I don't have to worry about that using Google and other online services.
And, in order to mitigate against the extremely unlikely event of Google going haywire and perma-deactiviating my account, I run takeouts twice a month. These large data dumps don't need to be heavily redundant, since it's exceedingly unlikely I'll need them at all.
Granted, going from a takeout backup back to 80% functionality would be a ton of work, but I'd lose very little, and I could indeed become functional again in relatively short order.
I wonder if people who decide to ditch most things Google/cloud for no other reason than concern about the risk of said cloud providers terminating their access have truly considered the risk/reward. Bad news, like specific cases of 'unjust/surprising' account termination percolates up to wide visibility quickly and easily, and stays with the people who read such things a long time. The hundreds of millions of accounts that have no such problems escape our attention.
I don't know the odds of my Google account getting terminated, but I'm pretty certain that it's in the same magnitude as the number of people winning the lottery per year.
Having said that, there are a lot of other good reasons to think about ditching cloud providers.
So: 2 backups, from which one is off-site and archives, just in case - this should keep you going for a while with self storage.
There's bit-rot though: https://en.wikipedia.org/wiki/Data_degradation#Decay_of_stor...
I've worked in IT for over ten years, and have not once, once seen a blu ray in person, or ever handled a machine capable of reading one. It'd be incredible afraid to have my backups in something that requires some expensive exotic device to be written/read.
You'd be much better off with USB sticks.
They claim the discs should last 1,000 years. Obviously no-one has tested this.
This allows me to change the actual e-mail provider when needed. I already moved (successfully) away from Gmail, and I'm currently considering moving again as the spam protection of my current paid-for email service isn't that great.
I think the redirection service is ingenious. Sadly it isn't available worldwide, so I won't advertise it here, but I'm sure there are others like that.
I admit though, this is probably over the top for most people. I do it because email is my job, so it's useful to have my own servers for testing stuff.
Email is very portable if you keep it in a place you control. You're pretty much just paying for a collection and caching service if you use POP3/IMAP and store your important folders locally. That is portable in a couple of hours between hundreds or thousands of different companies who operate standard protocols.
And then there's the possibility of running your own MX with postfix/dovecot etc if you really want.
But why was Google unable to re-instate you? Was it because you had no way to prove your identity to them? Were you able to reach anyone?
for those in similar situation you can back up your email/calendar here: https://takeout.google.com/settings/takeout/custom/gmail,cal...
- Get a lawyer and have them contact.
- Know a Googler personally.
This leaves most people in two categories: those who haven't (yet) had a catastrophic, unrecoverable data loss, and those who have. Leaving it to others, or all your eggs with just one service is an invitation to the first group. What I can say is it's almost certain something unimaginable will happen, be it a data center, service shutting down, or something getting corrupted.
I want to echo my experience of losing 16 years of email with Hotmail over at Microsoft due to the wind blowing arbitrarily in a different direction for a few months. I had my MSN messenger log in automatically to keep my account active on Hotmail, a criteria which was quietly ended. Unforgivable for me. Had some of it backed up luckily in real email clients but lost some critical emails and photos with a friend who passed away.
People who either haven't generated enough of a digital footprint and lost it are going to be in for an inevitable surprise with the online services that they take for granted as being ubiquitous. While the cloud is awesome, it is still quite in it's infancy.
+1 for gandi.net - they are great.
And is this link by Google not an easy enough of a solution for backing up your Google stuffs?
Google takeout isn't or at least wasn't comprehensive at the time. There are other lock in items. Also it takes time and effort moving it somewhere else still, isn't instantly useable etc unless you can read vCards and iCal feeds..
If I can get Email, Document Storage (Docs, Spreadsheets, PowerPoints, Calendars) I'd move to a personal in-home solution ASAP. If it could integrate with Android via F-Droid apps I'd be even happier.
When you're relying on a company you cannot circumvent in a situation like this (email@example.com as primary address), you might end up not being able to use your primary account, which might effect your business.
EDIT: I'm not going to address the problems with the DNS system itself, which is similarly flawed - you are only leasing a domain, not owning it, and the company maintaining it has the power over it. In theory, this could have been addressed with .onion IDs, but those are impossible to remember and with namecoin's .bit, bit this is not supported by enough real life DNS systems, so there is no alternative to that (yet).
> f I am unable to pay my entire bill, what can I do to maintain local dial tone?
> The Arizona Administrative Code specifically states that a telephone company may not disconnect a customer for failure to pay an unregulated portion of their bill. To maintain local service, you must pay for the regulated (landline) charges on your telephone bill while you work to resolve problems with the other portion of your bill. If you fail to pay the unregulated charges on your bill, those services may be subject to disconnection and a deposit to reestablish. (R14-2-509)
> How much notice does a telephone company have to give before disconnecting service?
> A telephone company is required to give 5 days advance written notice before disconnecting service. (R14-5-509 Section E)
In this case, Google killed people's email without any prior warning, and in retaliation for an unrelated business transaction (selling smartphones). Having your email disrupted like that is at least as bad as getting your phone cut off.
I can't imagine being locked out of my fastmail account for anything other than abuse of my fastmail account. Or not paying my bill.
(I'm on third line ticket duty right now, so if you have something significantly more complex than RTFM, or an actual bug, you'll probably be talking to me this week)
The most common cause of getting locked out other than you abusing your fastmail account is having your credentials stolen and used for spam/fraud, which is why we recommend 2 factor authentication:
But yeah, even then we don't lock you out forever - just need you to reconfirm your identity and re-secure your account.
My gmail account (josephg@) gets a tremendous amount of email for other people. Earlier this year I was getting a lot of marketing trash from a particularly excited group of car dealerships in Illinois. Around the same time youtube suspiciously started advertising new cars to me. Its all way too creepy, and reading articles like this about people's gmail accounts getting locked out I'm very happy to reinforce my digital independence from google.
Requiring three accounts now for instance would cost $150 a year minimum for the size I would have needed and unfortunately because I needed to rearrange my old grandfathered plan to re-organise accounts I'd have lost my previous plan.
Basically, Fastmail is good (very good), and you can still do admin type stuff by creating your master account first and creating your 'users' under it, but do look around if you are price conscious.
NOTE - I know you can't please everyone and that doesn't detract from the fact Fastmail was extremely stable, fast and had excellent customer support so don't take this as a 'Fastmail is bad' type post, because it isn't. Just look around and make sure you're getting the rid price/value for your needs.
Damn. I was going to move to them at the end of this year when my VM (where I currently run my mail) is up for renewal. But if I now need to buy several Standard plans instead, and get several gigabytes of storage I don't need, then that's less appealing.
Runbox looks good. Any other suggested alternatives?
Zoho is actually very good too but they (like Gmail) enforce IMAP connection limits, so it you have a lot of folders etc or use mobile clients like K9 that open a connection per folder then you can get errors very regularly.
The above is true for Zoho on the free plans anyway, but it may be different for the paid ones. But the free ones have pretty much all you could need if you don't run into the high number of IMAP connections issues.
If you have enough accounts to make it worthwhile I think Rackspace is supposed to be very good, but last I looked you needed a minimum of 5 accounts (I only had 4) so it didn't work out:
They announced this on 18 August: https://blog.fastmail.com/2016/08/18/easier-user-management-...
Same with my josephb@. It's amazing how many companies start sending personal identifiable information to a random email address without validating it.
Doctors, real estate, universities, banks and the list goes on.
What keeps me from enabling 2FA again, is that there's always some kind of "I lost my 2FA device" function which essentially allows it to be bypassed. So whoever's determined enough could find answers to secret questions or whatever to gain unauthorized access. If it were possible to disable this attack vector I'd get another Yubikey & try again- if...
...The other thing that prevents me from going this route, which is: The fact that it's impossible to implement an additional Yubikey functioning as a "clone" of the one used to secure the account. I can't say I've never lost my (physical) keys. But when I do I just grab my backup copies, make new backup copies, & all is well. No can do with a Yubikey.
Sorry for butting in uninformed.
Wish you had a dark theme, that'd be my only feedback for now (Stylish also works). Appears to be very fast, but of course, my account is 100% empty.
Also, changes propagate faster even than gmail. If you have your inbox open on 2 computers and move an email out of your inbox on one of them, you'll see it replicated in near real time on the second computer. I don't know how they do it, but it works really well.
and how we do the initial load as well:
Was very easy in the end, but must admit I had forgotten just about everything I once learned about DNS. As such it was nice to get a little refresher.
EDIT: I would probably have gone for Google Apps / G Suite if not for this article. So, yeah, hope it served Google well to freeze those accounts with no warning.
CDN for unique items like mail probably doesn't offer tons of gain for the additional complexity.
And yeah, our core dev team is in .AU, so we know all about the latency. It's really not a big deal once you sync up the first time - all the static artifacts are cached and the dynamic data is loaded in the background, often before you need it.
"Flexible tamper-proof data retention policies with unlimited archiving space" - from the pricing page.
I am considering to switch to Fastmail, seems nice!
Unlimited is a bit buzzwordy, because we do have sending and receiving rate limits, so you can't grow the archive user faster than that.
Also if you go over about 850Gb of data right now you will make me very sad because I don't have facilities for splitting users yet, and we segment users across 1Tb partitions. I'm hoping nobody hits that point before I've got sharding inside users working - but worst case I spin up new hardware with larger individual partitions and put the user there :)
> Our main servers are located at New York Internet (NYI) in New York City, USA.
PS. I hope no-one reads your post now and takes it as "challenge accepted". :-)
So I guess it's better to leave the choice to the user, with an appropriate warning text.
—Another happy Fastmail customer
A Yubikey costs less than a year's FastMail service.
So no, we're not leaving this choice to the customer sorry, SMS sucks for too many reasons to consider adding back.
I would also be afraid one day if Google sees people fleeing to them, they'd come in and buy them. I'd almost whish there was a public trust or non-profit who would run an email server. Post office is a government service (for better or for worse), email is a bit like what regular mail was 100 years ago.
I've had zero deliverability issues.
edit: to be clear, the spam detection works well, and if you're going to make an error, it's far less annoying to bias (as they do) towards a few spam showing up in your inbox rather than actual messages getting lost in spam. Also, they show the spam score, and you can hand adjust your spam threshold if you want.
That's because it's not spam. I'm pretty sure there's a blog post coming soon about the difference between spam and "email I don't want to receive". If you just don't want to hear from a particular email address, the way to stop it is to put an explicit discard rule for that address in your Rules screen.
Likely changes for next year include making a much easier UI option for "don't show me email from this address again", because that's a fairly common request for situations like this where you have a vexatious sender. I suspect it will be implemented as an addressbook group - the anti-whitelist!
The student loan confirmation is sent to spam every month. I mark it as not spam.
In their defense, the message is full of all caps words that look like a sentence formatted from a sql query with little attention paid to formatting plus it has all sorts of spam words (bank, payment confirmation, loan, etc).
Issues: they've fixed many of them -- in particular, charging for 2fa at $0.1/sms and the settings area in the web client used to feel like a bad programmer's first js project ever -- but mostly it comes down to, across almost all experiences, they're slightly to mildly inferior to gmail. Google's apps are just best of breed. Fastmail is the best non-google I've found, and I looked pretty hard a couple years ago.
Things I miss from gmail are things like: fastmail is a hybrid conversation based email with folders rather than tags. I miss tags; some folder weirdness occasionally peeks through. Fit and finish like after a message is selected, choosing add rule from message doesn't offer to filter other messages in your inbox that match the new rule. Etc.
Paying $40-ish/year to have email that isn't used for ads and that is run by a company with actual support seems like a good deal to me. Particularly if you don't have a friend inside google or the ability to hit the front page of HN to get customer service.
You can see the improvements in fastmail even over the 3 years. So that's really promising.
Never been happier. Their Webmail UI is less cluttered and more intuitive than Gmail (at least to me - but I'm not a huge webmail user anyways).
Well worth the money.
So yeah, if I have my phone, I have a 2FA option already without SMS. I normally use the Yubikey because it's super easy.
"Basically, the current regulations require companies with utility poles in the public rights of way to provide access to certified telecommunications providers and to TV/cable companies," Paul Lewis, assistant manager of telecommunications and regulatory affairs in Austin, told Ars. "Google is not a certified telecommunications provider, and it's a video service provider as opposed to a television/cable company."
If Google were to apply to the Public Utility Commission of Texas to become a qualified telecom, "It would make them subject to all of the state and federal telecommunications regulations," Lewis said.
I think it's indicative of more than just Google being unwilling to be held to the legal responsibilities; it appears that even their Fiber arm doesn't want them as well.
You can essentially get locked out of your Steam account.
That's why I also feel uneasy towards all these number-based messengers. They're targeted at users who rarely leave their countries.
(Doesn't help, though, if you lose the phone number and your mail account at the same time.)
If Google has the only copy of some of this content, I wonder if a copyright claim might have any leverage. It's one thing to give Google a license; it seems like quite another for Google to deny you access to your own copyrighted material.
In the event that becomes reality, the time would have to be taken to define what minimum level of services the web site would have to offer. Simply saying Google must keep X service available would be archaic. Would other email providers be exempt from having to maintain these rights? If your job gave you an email address, would they have to maintain it after you leave the company? These are probably contrived questions, but ones that would certainly have to be answered first.
Also there could be a distinction in the law for mass communication, e.g. #users > 1M.
And it's actually harder to switch to a secondary. With my ISP, if they cut me off I can fall back on my cell provider within minutes. I have no such failover for my Google services.
Or use backups. Don't go crying to the government when you can handle it yourself.
If Google wants to have a monopoly on all of that stuff, they need to be subject to regulation that compartmentalizes their services and what they can and can't do arbitrarily.
Missed texts and phone calls? How did you even get into the position where Google controls your telephony? Missed emails? Why are you using gmail.com? Third-party authentication? Did they not have the option to use e-mail or a username?
You can't fix every problem by band-aiding regulation on top of it. Sometimes you need to step back and wonder how you got here, and solve that instead.
Of course they do. Every strategic decision the company has made over the last two decades is to try to secure a monopoly on your data.
You make it sound like it's easy to run your own full stack of all web-connected applications. It's not. The cost is INSANELY high. So your real choice is whether to use one company, or dozens of individual companies for every individual service. The latter protects you against the risk of something like this happening. But it comes at a day-to-day expense which will far outweigh the prevented risk for 99.9% of people.
I wonder if any G Suite customers had their accounts closed.
Absolutely not! That way you are slowly making people to lose any bits of the common sense they might still have. Perhaps losing data once or twice will make people look for alternatives.
Throwing in another regulation will just increase barrier of entry for companies offering emails and who knows what else some dumb politicians could come up with, maybe this will open the gate to even not being able to self host an email server.
I work in Spam & Abuse and it's possible that this is the result of some clustering algorithm that was trying to take down sharders / phone buying rings. It's very possible that the SWEs responsible didn't consider this possibility (that legitimate customers would be used to shard purchases) and I'm pretty sure if the affected customers appeal they'll be reinstated, maybe with a warning. I certainly wouldn't characterize this as intentionally punishing the individuals who purchased phones on Google's part -- notice that only users who directly sent their phones to the reseller's address were taken down. Smells like automation to me.
It really is unfortunate that FPs (or "mostly-FP"s) in Google's systems impact people so badly. FWIW for most Google services if you abuse them you usually get a service level suspension rather than your entire account suspended, probably for this exact reason.
"Very possible"? More like "guaranteed". Everybody who pays the slightest bit of attention knows Google has a gigantic blind spot when it comes to thinking through the consequences of algorithms and automation. And there's no sign that the company is interested in fixing that, ever.
All jokes aside, for those who remember, it's pretty amazing what Microsoft got punished for (bundling a browser with the OS, with no other restrictions) compared to what Apple and Google get away with.
EDIT: One more thing that everyone seems to confuse is that antitrust cases should protect CONSUMER rights not PRODUCER rights. A case can be made that Google and Apple are hurting other companies by offering free services with their products but they ARE NOT HURTING CONSUMERS.
And Producer rights are affecting Consumer rights.
Without a free market, we're all worse off — the only justified monopoly is a governmental one.
All of them were started before Google even started competing with them.
Show me a company started after Google had already established a presence in a market that’s either competing with Google (and having a positive prediction) or that has thrown Google out of the market at all.
Yes, it does, that’s the entire point.
Will we still see as much innovation in 10, 20 years? For that, this part is very important.
> The simple fact of bundling is not a problem when there are choices.
Google forbids OEMs from selling custom Android forks. That’s not choice.
As said, both the EU and US consider this anticompetitive, and are investigating it. If you believe you – which apparantly are unable to use correct orthography – are more knowledged than the top lawyers of the two largest economies, then, sure, go on.
Even Google has admitted they are doing anticompetitive bundling, their defense is that it’s required to fund Android at all. That alone should say everything.
Or even just delivers parts for such a device, as was threatened with SAMSUNG and Amazon.
We tend to forget that even natural monopolies can be broken by new technology and innovation. And even big companies can be beaten by smaller ones. Microsoft tried to beat Google at search while Google was smaller and much less powerful than it is today. They couldn't, because big companies have a priority to protect their cash cows and don't necessarily have the talent or the focus required to tackle new markets (i.e. the innovator's dilemma). Google tried to beat Facebook at social. They also failed by being too conservative, while at the same time fucking their users. Can you spot a pattern?
But hammering them for bundling a browser was just plain stupid. If they didn't bundle a browser, how would people download a competing browser? You'd have had to get hold of a browser on CD somewhere and install it manually just to use the internet. How would that have been an improvement for consumers? It was a misconceived, user-hostile decision.
"Sue, how do I get that browser thingie?"
"Erm, Jane wrote it down for me... here's the Post-It"
We survived OK.
I'm not aware of any popular OS that doesn't have ftp support on the main UI (except Android, which doesn't have a file management app anyways; not sure about iOS). Nautilus has ftp support. So does thunar, dolphin, konq, etc. You can type ftp addresses into the address bar in osx, iirc.
- Didn't want to open a browser one day but wanted to download the latest version of FF. Thought I'd try FTP. Ultimately gave up on trying to find the right path and Googled it.
Another time (later), I vaguely recall being at a kiosk with IE disabled in various boring ways, and I tried to see if I could download FF (just to see if it was possible) after successfully managing to open the FTP site. I might be misremembering, but I think the only reason I was able to locate the dir properly was because I'd previously made a careful mental note where it was. (It downloaded, but executables were disabled. Those sysadmins did a good job.)
> I can't do that, the hospital is within 50 miles of a school and you're banned from being within 50 miles of a school, because you commented "she's very pretty" to a picture of your 5-year-old niece and we've decided you're a paedophile.
Also, I must frankly admit my great curiosity at the fact that your last comment was posted 3.61 years ago. Alt account? Deleted comments?
It might be a very very good idea to lobby to get company policy instated that says "if the system thinks a user has gone rogue/bad, their account gets locked and all, but the data gets kept around until the user says to kill it, or for 6 months."
At the end of the day though, algorithms fail, and IMO this is a practical edge-case policy glitch in the business architecture that should have been countered for.
Or does "user account gone rogue" have to be interpreted as "delete me" for crazy obscure Reasons™?
If a user's data needs to be deleted for whatever reason, simply discard the user's corresponding encryption keys. That way you can effectively wipe the user's archive without needing to touch the tapes themselves.
(Whether German data protection law applies in Google's datacenters is a wholy different story though.)
Otherwise, any kind of backups would be unlawful for a company.
I think this may have changed since that talk. I think Google still doesn't technically guarantee full deletion (who knows if someone's GC process messed up or has a bug) but in practice it happens, at least AFAIK. It is expensive. And it does take time, I wouldn't expect all my stuff to be purged until at least 180 days (the 90 days they are supposed to delete after + ~90d for the delete to fully propogate).
It also drives every engineer nuts when they're asked is your service wipeout compliant and they realize omg I can't store this data longer than x days?! shit shit shit
European Privacy Shield compliance is yet another bag of legal worms every service has to deal with. More deleting, encryption at rest, etc.
Your data may still live out on some server - but it is effectively unrecoverable.
- Automation is going to be the end of your job. Not because your job will be replaced by an algorithm, but because overuse of algorithms is leading to the collapse of trust people place in Google. Major actions like the banning of someone's Google account should never be done by algorithms. If you can't afford the humans, you shouldn't be in the business of holding people's valuable data.
- The support and appeals process must be human. Ever tried Microsoft's Answer Desk? Talking to humans isn't difficult even with one of your largest scale competitors, even for free tier products. Humans want to talk to humans, and Google's customer base consists of humans. FastMail ticket support? Incredible. It feels like Google isn't even trying to treat customers well in comparison.
- Google shafted 200 of their customers, and from the looks of it, this thread has another 200 ready to leave. The Guardian just picked up the story, so expect this effect to continue. One bad behavior by automation can cost you multiples of damage, especially if someone writes a blog post about the incident.
Google can definitely afford the humans, especially with that princely sum they have stashed in offshore accounts.
Human decency dictates that, at the very least, someone be warned that their account is now headed for non-negotiable suspension and be given 30 days to clear out their stuff and move on.
I couldn't care less what algorithm decided what. At some point a person coded-in the rules and, for some incomprehensible reason, this person or people decided it would be perfectly fine to take the path of most damage to consumers.
Your company, Facebook, Amazon and others deserve to get hit with a massive class action lawsuit that results in equally massive financial penalties and requires corrective actions. Maybe then you'll learn how to behave like human beings.
I'm still puzzled that they take such a drastic measure automatically, without having one human checking whether the account is actually a real person's account.
I really want to see what comes out of this, if everyone gets his account reinstated and how long they had it suspended.
I had some sloppy ndk computer vision running there, maybe it triggered something? I have no idea really. It's not like you can appeal anywhere. I was very busy with other things and let it slide at the time. I got away with a very cheap lesson I guess
Naming storms like this is about rare they are. A "10 year storm" or "100 year storm" only happen once in that period. So they refer to a 10% or 1% chance that an X-year storm that would happen in any given year.
Is this cock-up is so bad that you don't expect a Google company to make a similar or more severe cock-up for DECADES? Then it's not a perfect storm. This was a common storm. In fact, I'm very doubtful it was as a "storm" inside of google at all. This is just another "whoopsie" bug fix, isn't it?
This right here is why people get the impression google thinks it's farts don't stink. Not only that you act as if this is a "perfect storm" but the arrogance it takes to design a system where just because an engineer didn't consider a use case, you're perfectly happy to assume it must be abuse.
Yes, this case will probably be fixed, but would it have been if it didn't pop up on the right back channels to get Googlers attention?
The goal of the project is to support OSS that can replace "free" services that subsist on our data. Interestingly enough the maiden project is tentatively called Tmail (short for torrent mail).
It works somewhat like TOR in that it will depend on volunteers to host nodes that will communicate with existing email providers (outlook, gmail, yahoo, etc) and relay the mail over 80 to RPis preloaded with MDA (mail delivery agent) software.
The goal is be able to expand the service to allow people to sign up for email accounts without running their own software (a la gmail).
It gets way deeper than that, but I'll leave it there. You can follow the project at https://github.com/freedatafound/. I've also bought http://freedatafoundation.org but there's currently nothing there.
Rule One: If you only have one copy, you have no copies. It is an act of faith to assume that a Youtube video or a file in Google Drive will remain available, just as it's an act of faith to assume that a hard drive will never fail. Anything from a hacker to a natural disaster could destroy your data. The "cloud" is made of servers, not magic.
If you follow these two rules, you have nothing to fear. Google could suspend my account tomorrow and it would be nothing more than an inconvenience. I change a couple of DNS records, restore some data from nearline and I'm back in business like nothing happened.
Same goes for YouTube videos. Content creators typically maintain copies of their work, but casual youtubers don't.
We can certainly do more as developers to make things easier, but I think we have a tendency to pander to an imaginary "AOL granny". We often present oversimplified advice, because we expect too little of users. To pick a random example, I think we're too eager to say "use Dropbox" rather than "use Dropbox, but buy yourself a NAS too because X, Y and Z".
I think that there's a substantial latent desire among ordinary users to have more control over their technological lives. People are increasingly worried about the power of big tech companies, but they don't know what to do. We aren't doing a good enough job of informing users; those big companies have an obvious incentive to keep users uninformed. We're not communicating the risks and benefits well enough, we're not providing clear explanations of the alternatives to the Big Five.
In the process of writing this comment, I've had several startup ideas. I hope that the people reading this are having ideas of their own. I think that there are substantial opportunities to start returning control to users.
From the risk of domain name takeover, to hosting provider takeover, to modern spam requirements (ip reputation, dkim, spf, dmarc), to just plain sysadmin ability and ideally run an HA system.
Agree that there are probably some startup opportunities, but the the reality is that you'll just be transferring the user's trust from AmaGooFaceSoft to you. You might be more trustworthy... or you might go out of business.
EDIT: To be fair, I'm probably missing a whole bunch of creative solutions that give the user control without requiring them to run a service.
We can make big steps towards trustworthiness and control in SaaS, it's just often orthogonal to profitability. Lock-in is the obvious example. Lots of vendors expend huge efforts to simplify data ingress, but create arbitrary obstacles to data egress. We worry about SaaS providers going bust because we're inured to the idea that getting your data back is really difficult. The interests of the user do not align with the interests of the vendor. Predatory practices are so normal that we've half-forgotten that they're predatory.
Many ISPs give out a domain name and email service for free with internet contracts — you can set it to redirect to gmail until you need it, then just switch it over.
Tada, problem solved.
My current ISP, for example, is actually a local company providing datacenter colocation and consulting services to the state’s government and local and national companies, but they also run a small ISP as side business.
Which means their small ISP business is something they wouldn't mind so much getting rid of, along with your account.
The point is, you'll always depend on someone else. Your data will always flow through someone else's network. The cloud is someone's computer, and the internet is someone's cable.
If your email address is "firstname.lastname@example.org", you're stuck with Google. If they suspend your account, you're in big trouble. If your email address is "email@example.com", you're a free agent. You can use Gmail or Fastmail or some random hosting company or a mailserver on a Raspberry Pi. You can use DNS or forwarding to send your mail wherever you like, you can transfer your domain name to any registrar you like. Rule zero.
If all your files are in Google Drive or Dropbox and nowhere else, suspension of your account could mean total data loss. If you have a local backup on a NAS or a mirror on Glacier or Backblaze, you're just mildly inconvenienced. Rule two.
Eliminate single points of failure wherever possible. Avoid vendor lock-in. Don't rely on a service unless you have a contingency plan if that service fails. Treat everything as if it were hopelessly unreliable.
Technology is already there, just need an easy way to order a domain and a server configured to use that domain. You control 100% of the data.
Well, yes. If I own a domain name, I can point that domain at any resource I choose. I might be technically "renting" the name from a registry via a registrar, but for all practical purposes I'm in control of it.
You do not own your domain name. It's better than using google.com, but your domain name can be stolen or seized just as well.
It goes without saying that this is only a small part of a bigger picture; using your own domain name is a good idea, but not a perfect solution.
I just don't trust DNS, domain registrars and all the things I would need to secure to have a custom domain e-mail.
I have everything in google: Drive, email, voice, docs, sheets, etc. I was actually about to sign up for Fi. The convenience of everything in one place is great. But I don't think I had quite thought through a disaster like this.
With this article in mind, need to reevaluate. I guess either regular local backups and/or diversification of service providers would be a good step.
2. For files, use a cloud solution and have 2-3 computers updating their local copy (home PC, work PC, phone, small Pi box acting as server). I have a Digital Ocean box running ownCloud, soon to change to nextCloud. Put your code or next essay on Git.
3. Don't trust any service provider, especially if they're not dependent on explicit income. You can still have everything in one place, but that place is many places at the same time.
4. Don't store what you don't need to. Complication and confusion also comes from hording. Don't need it? Delete it, and be assured it is completely deleted.
Get a domain directly through a NIC that offers that directly.
GoDaddy is probably the worst choice someone could make. 2FA is mandatory for email and domains.
Even if for some reason I lost my FastMail (pretty unlikely), I'd just repoint my domain to a new mail service, and I could easily recover all my other accounts. And of course, my email archive is backed up locally, so there's no risk of losing that.
Even this may not be sufficient. I had a domain name registered through my ISP (UKFSN). At some point I had a disagreement about payment with my ISP, who refused to discuss it. Instead of replying to my messages, they disabled all my domain records and my emails started bouncing. I think this was illegal (and eventually I forced an apology and compensation out of them - long story). Anyway, I would recommend only having a domain name registered through a dedicated registrar who you are not using for any other services.
Why the switch? A quick look at both hasn't resulted in a clear winner in my mind.
The problem is, they're so damn convenient.
And this is the crux of the problem. "Oh, that'll never happen to me" until it does. I've been asked several times, "why do you go to the trouble of [hosting your own e-mail | not having the same mobile # on SMS as on Hangouts | using ownCloud instead of Google Drive | and other greatest hits]". Stories like this are why. They're not at all uncommon, they're a disaster for the people affected, and they're clearly not a wake up call for Google to get any better about their free-to-the-end-user services, so I've no motivation to change my practices.
Sooooo many accounts to switch over though, probably will take a few days...
Owncloud / nextcloud provide automatic syncing of photos if need be. I sync up all my important documents but as of now I don't see the point of backing up my emails. The last missing piece is syncing my contacts which is also possible in my current setup.
With that said, I am still going to use Google services because of their convenience. I just like knowing that the data I care about is safe.
The original article is about how this is absolutely false in the case discussed.
Free stuff is never free, you end up paying one way or another.
I have long since migrated off Google Apps and am paying for FastMail and Dropbox (with the 1-year history add-on), which ends up being about $243 per year, or about $20 per month. Now that's kind of expensive. Along with other recurring payments for online services, I end up paying about $38 per month for online stuff.
Now I'm being a frugal kind of guy, having suffered from poverty in the past and I'm not paying for useless shit I don't need, but if you can afford it, then allocating about $50 per month for your online independence is worth it, because the alternative is to be held hostage by companies like Google.
These companies have lulled us into their systems with good intentions and free services, and now they wield tremendous power over our lives. I don't actually want to go back before the days where these services were fragmented and it was very difficult to juggle many closed services instead of a few. Still, its what happens when the company owns the whole vertical of individual user's data.
This is very imaginable. Facebook has never attempted to be privacy or user friendly; DO NOT USE IT. You are the only product they have of value.
In general, do not use third party login for anything personal you care about. It's not a password; it's nothing you control.
Anyway, I hope developers keep incidents like this Google one in mind and let people create standalone accounts. Certainly at the very least supporting more than one provider and allowing you to link another email address if they don't feel comfortable dealing with the very serious responsibility of managing and encrypting usernames and passwords.
I do. I'm sick of the giant web companies. Especially since they make their money off fucking ads.
Maybe you should encourage them to get on Signal Private Messenger, so that you aren't SOL if anything happens to Facebook.
Yikes. That is scary. A large part of my online life is tied to Google. I was even debating getting a Project Fi phone too. Because well it is convenient and cheaper, but it would mean sink everything even deeper into Google.
For fun though, let's imagine if Google or Facebook ran a country. They would control the news you read, the apps you can install, they know where you are at every single instant (via your phone), they know all your secrets (who you talked to, what sites you visit, how often), they know who you know (contacts), Nest thermostat at home even controls how warm or cold you should be. In return you get all the super shiny and new stuff: latest technology, watches which measure your cholesterol, VR games, best email experience, unlimited archiving of your photos, really fast tear-free rendering of web pages. But if you make a wrong step your plug is pulled and you have no recourse. You go to the store to buy something, you just don't exist in the system - no access to you account. Can't travel because it refuses to route you. You can't talk to email or chat to other people because they can't reach you.
Violating it often ends up in bloodshed and revolutions.
This is creepy as maybe it means they could mess with your sleeping habits!
The F!. You bought the phone with full retail price. You didn't break any laws (as far as I understand it). Why does Google has a say on what you can do with "your" phone.
2018: You can't sell your phone (as a used phone).
2020: Google Drone picks up user phone from his apartment as he is banned from Google.
Google does have a say on what you can do with their service.
These people were clearly trying to game the system. Google caught them red-handed and has now exercised their rights.
The Internet never seemed so small, closed, and locked as when we got our notice that our ads account was suspended (and we got no explanation other than that the reason was 'on a list they weren't allowed to talk about'). It suddenly became super clear just how much Google monopolizes the web and had the power to censor products and services and ideas they don't want.
Not evil, eh?
We live in the era of tech giants owning vast swathes of worldwide markets because they got there first and developed proprietary IP to make it work. Which they deserve plenty of credit and have been rewarded richly for but I would prefer to see the pendulum swing back at this point to businesses which have a more personal touch. Fewer giants, more mom'n'pop shops which might not ever make anyone a billionaire but would create jobs for people who interact with other people.
Customer service, consulting, service businesses built on open source IP, humans running the machine--that is one possible future. The other is a couple of tech giants controlling everything and the machine running the humans. I know which one I'd rather live in. One change we can all make to promote this is simply limiting the business we do with companies that make it hard for you to get in touch with a person. If the market starts to value the human touch more then these companies will improve or be replaced.
- Offer at least one properly decentralized authentication option. Do not force your users to depend on google/facebook/github/whatever authentication services.
- Provide a way for registered users to change their email address and/or authentication method.
- Even on your backend, try your best to avoid locking yourself in to the services of a single provider, be it hosting, storage, email or anything. By doing so, you are not only locking in yourself, but indirectly your users as well. Prefer open source and self hosted services.
The financial loss I would sustain if Google locked me out would be substantial. The emotional loss if Apple locked me out would also be substantial. My entire personal life is basically in iCloud in some form or another.
My situation might be a little extreme because I travel constantly and stay in touch with my family digitally but my tight coupling with a digital ecosystem will become the norm.
True enough, only for me it's just not stored only in iCloud, (something that is cumbersome to accomplish with Google services). If I get locked out of my iCloud account, everything (that matters) is right there locally on my Mac.
Bottom line: Never rely on a corporation.
The courts may have once done something about books with shrinkwrap agreements forbidding sale, but the same does not apply to software or things containing software.
Of course, maybe the answer is "we sell the phones at a loss, and you are only supposed to get one, so we have a tentacle around you". Who knows...
I had figured out everything when they closed Google Reader. I understood that they give no flying whatever about their users.
Because you, people, are not their customers. You are their commodity and advertisers are their customers. So yeah, don't mess with your owner.
Stories like this are why I didn't pick gmail for this service, which would have otherwise been my first choice.
I'm still in the process of trialling new providers. I'll be using fetchmail along with my existing procmailrc. The part I'm outsourcing is the spam filtering and availability on the MX.
1. Arch Linux.
This replaced a Postfix stack that I was using. I miss the use of Postgrey, the greylisting daemon, and I seem to get more spam because of this.
This article might scare me enough into trying again anyway, but if I can find any replacement for reminders (Fastmail or otherwise) that's as nice to use I'll jump over so fast.
While we're on the topic of wishlist items: I'd love to have sync in the app. It sucks not being able to access any emails when I don't have internet (on the subway or a car/train in some remote area, even in some shielded buildings, etc). It would be fantastic if I could tell it to store the last two weeks' emails (possibly even per-folder, "store all in folder X, last week in Y, last month in Z"). That's the feature I miss most from your app.
Other than that, keep rocking :) FastMail is awesome!
Besides, I'm the one he directly replied to, and I'm not complaining. Why do you care?
I've really enjoyed fastmail so far. Their UI is intuitive (after the first few days), and the service is very fast and stable.
A while back I set up email using my personal domain using Google Apps after discarding the idea of managing the while thing on a vps and after checking out a few providers like Protonmail. It basically came down to price and convenience; Google was on par with others for price and I really like the Inbox interface.
I don't know. When an email is delivered to the destination mail server, that counts similarly to having a letter delivered to your physical mailbox. The time of delivery is important for any deadlines mentioned in the letter/email. If I'm locked out of my Gmail for 4 weeks, and then find a 3-week-old mail that had a 2-week objection period, I'm out of luck. (Unless I've got a good attorney and the willingness to defend my case in court.)
Also, when a mail is bounced as undeliverable, the sender will notice that I won't be able to react to the mail, which might prompt them to contact me on another mode of communication if the matter is urgent.
My recommendation is to buy a domain name use that as the primary email.
It may cost in total around $100/year but it is definitely worth it.
Probably best to pick a TLD and registrar outside your immediate jurisdiction as well as that of the USA and EU, which rather narrows the choices. .ch or .me seem reasonable.
Little wonder 'normal' people don't bother with all this stuff.
The most comprehensive option seems to be https://takeout.google.com/settings/takeout, which offers to save data from almost all google services to a downloadable ZIP file. That is manual solution though, with no official way to automate.
Other option is to back up data from each service separately with different tools:
* offlineimap for GMail,
* goobook for Google Contacts (mainly for Android contacts),
* gdrive for Google Drive.
* other tools for other services.
DON'T BUY THE GOOGLE PIXEL.
DON'T USE ANY GOOGLE SERVICE.
It's probably best not to lean on a private entity like Google so heavily. People are literally giving them their whole lives. I've stopped using practically all of their services (maybe a search here or there), for this and many other reasons. I've hardly been inconvenienced at all.
In future, I'd hope some sort of digital risk management become a common practice, just like a fire drill or food storage in real life. They should also be taught in schools.
1. Use my own domain for email w/ Google apps to be able to reset it to different mail provider fast if something happens w/ Google access. Office 365 allows to use own domain--while paying for Office and cloud anyway why not connect own domain to the service.
2. Never use Facebook etc to authenticate anywhere--the same thing could happen w/ Facebook access. Access to services should not be directly connected to social activity. Now always password and email so access to a service could be easily recovered via email.
Wrong. Get off of google ASAP. I have my own email. Yes I pay, yes it is a little bit less convenient. But I don't have to worry about such stuff. I still use the search engine but should actually use startpage.com instead.
Gandi offers Email with domains.
If you have your own domain and need email services, you can also use this guys: http://infomaniak.ch/
Less than US$20 per year. And non EU non US jurisdiction as a bonus.
There are python scripts available that back up your google email data via IMAP. I downloaded everything before I moved.
I know a better rule: Organize your life and data so you don't depend on a company.
Many people forget that Google isn't some sort of official service provided by the government but a public for-profit company that's largely guided by shareholder value maximization. While there's no doubt that the latter has big advantages over the former in many areas, there's a lack of public education on this matter. People (unfortunately including me) trust Google with so many kinds of personal data, it's scary.
Quite unfeasible request. You'll meet companies at the end of one line or another. You have to trust some company. You still need server providers, you still need a domain name, you still need reliable hardware manufactured by a... company.
The American legal system is so stuck-up and disconnected from reality it would be funny if people wouldn't be screwed by it so often. Lawyers are given way, way to much power and common sense seems to be dead. Lawyers are paid humongous amounts of money for simple tasks, while big companies can and will pretty much screw whoever they like.
This is one of the biggest problems with these vertically-integrated ecosystems, your entire online life becomes managed by a single company, which can revoke your access at will, effectively deleting your existence from the Internet. Don't be the sort of person who falls for this. Get a domain you control, direct mail from it to a mail service controlled by a different company than the domain. Make sure you have a contingency for issues with either one. Ideally make sure neither of those services are run by Google.
I'm not super well versed in the details, but my suggested reading would be discussion of easement rights: https://en.wikipedia.org/wiki/Easement
It's not your data if they can take it away from you. Your data is their profit center so we should demand more of these companies or simply avoid them as much as possible.
The problem isn't the "profit" bit, it's the "everything" bit.
I don't see any reason to believe that there's anything other to it than sheer size: as a company gets larger, it becomes less driven by humans and more driven by its corporate structure, or whatever.
I use FastMail, and I don't imagine for a second that it would act any more ethically if it were in the same position of market dominance.
Right now we're very much driven by humans.
No user's data is ever deleted by Google (or any other company) ever, even if you have deleted your account.
If you run some hosting company, you know it. You have backups and backups of backups.
Once I contacted a website who frequently SMS'd me to scrub my phone number and to not do that again.
They did it right, but after a few weeks I began receiving SMS again. Probably they ran into some issues and some of their data were restored from their backup.
Some companies could even have read-only backups so that they can have their data saved even in a massive attack.
Some developers have argued me not to ever delete user data. Just mark it is deleted, and never show it to user again. Having a way to actually delete your data may be used by some attacker to bring your service down.
In the modern world it isn't acceptable to keep backups indefinitely. Big web companies keep backups for 14 days. When you close your account, 30 days later they delete it off the main servers, 44 days later they delete it from the backups, which might take 4 days in case of a national holiday or strike in the drive-crushing department, so 48 days.
It is insane how coarse grained Google is regarding all this. You would think they could shut down one part of the account without killing the whole account.
And for doing something that I believe the law mandates companies to allow their customers to do, i.e. resell their purchases.
Some excerpts from Wikipedia on DPA:
"Personal data shall be accurate and, where necessary, kept up to date."
- Would Google be allowed to discard emails sent to you from others? Would this constitute personal information?
"Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data."
- Would Google be allowed to prevent access to your personal information?
Seems like the DPA should protect against this...
And this does not apply to just Google. We've had run-ins with Google, Facebook and Amazon on different fronts and for different issues. And, in all cases, our clients had their accounts suspended forever, permanently, done, no more.
One case happened about six years ago. Google opened-up a product called, if I remember correctly, "AdSense for Domains". The idea was that, rather than park your domains with GoDaddy (or whoever) and have GoDaddy earn $0.02 and give you $0.005 on ads placed on your domains you could, instead, park them directly with Google and get paid directly.
One of our clients had over 250 domains on GoDaddy. They decided to move them ALL to Google. The process entailed moving them over to the Google provided DNS, followed by an automated approval process that took minutes. All 250+ domains got moved and all 250+ domains got approved.
About three days later: "All your Google accounts have been suspended due to fraudulent activity on your Google for Domains pages". Upon digging, it appears they claimed excessive clicks on ads. Well, nobody clicked on any of them. At least not our client. The domains were many years old and were logging ad clicks on a regular basis when parked with GoDaddy for years. In other words, normal behavior.
So, Google acted like a totalitarian regime run by an asshole and cut off our client. All for the $50 a month these parked domains were going to earn him. What really sucked was that his AdWords account got rolled into that as well, so they lost all ability to use AdWords to promote their legitimate business. No appeal. No email. No way to communicate.
Can't get more despicable than that.
Oh, wait, you can!
A different client. They had been advertising their products on Facebook with some results. Nothing great, but they were learning. Their product, for women, featured images of a woman wearing a normal bikini. No, nothing racy, just a normal looking bikini worn by a model. Facebook flagged the ads as inappropriate despite the fact that, during the same period of time, you could regularly see half-naked Victoria's Secret ads on FB all the time. So these guys, not wanting to get into trouble, changed-up their ads to simple graphics. No problem.
About six months later they decide to take advantage of a lucrative affiliate program for a business course. They decided on a budget and started to advertise it on FB. No scam, a course tens of thousands of people had taken. Legit through and through. About a week into this FB emails: "Your advertising account has been suspended permanently." No reason given.
They reached out to FB with their appeal form. No reply. Tried again. Snotty reply saying "Please consider this decision final. This will be our last communication".
And so, this company, a valuable and upstanding member of society, is now cutoff from advertising on Facebook forever. Done. For life.
This, in no uncertain terms, is pure highly refined bullshit totalitarian crap. This is NOT how business is done outside of the realm of games played by petulant children. It is disgusting, to say the least.
In the real world business people engage in conversations to find common ground. If a magazine doesn't like your ads, the editor will discuss them with you and seek modifications. They don't cut you off for life. That's some violent bullshit there.
No, I think it's high time the likes of Google and Facebook visit the receiving end of a good government style reaming. I'm so sick of it I am more than willing to get the ball rolling. What's the best course of action? Any law firms who read HN interested in a nice fat class action lawsuit?
Consumers can't be treated like this. It has been going on for many years. High time we put an end to it. Any takers?
I am talking about manners, caring, being considerate, respectful and not insolent, petulant and completely oblivious to what human decency and respect entail.
Places like Facebook are almost entirely populated by a generation of young people who are intellectually smart yet socially vacuous to an unbelievable extent. It is an insolent, immature generation where 27 year olds can actually behave like my 9 year old's do, or worst. And, in many ways, it's like Vulcans with shitty attitudes. No human part at all. An empty logic machine operating with a flawed and fucked-up version of logic they have created.
That's what's going on. They now rule the world and have very little in the way of human decency within them as a guide. And, of course, through intense age discrimination there are no adults to teach them how to behave in the face of real human beings, with real lives, kids, businesses, problems, bills to pay, concerns and needs.
This is the only context within which a person could possibly decide it is OK to utterly destroy someone's income without as much as a conversation.
And, since they don't seem very interested in correcting their behavior (or don't even understand why they should) it might be time to throw the only possible correcting factor people on the outside can reach for: Government goons.
It sure feels like it's about time. Too many of these stories out there.
@"good government style reaming", I just wanted to add that interestingly, a government (at least a democratic government) operates exactly the opposite of Google/Facebook.
By which I mean that there is democratic control over their policies, there is a hierarchy of courts and tribunals, there is a structured appeal process, and there are certain rights that no one, not even a court, can take from you.
It's almost as if at some point, people all around the world noticed that if an organization becomes so big that it's services might be considered "infrastructure", a different approach to decision-making is advisable. And they made that organization adhere to those principles, sometimes by force.
Google, Facebook and others need to experience this at a level 100,000 times greater than a typical contentious IRS audit. Maybe then they'll hire a few adults to teach the kids how to behave in the real world.
I went with A Small Orange, they have incredible support and they stay on top of abuse reports so their emails servers never get blacklisted. I've also used Tiger Technologies in the past and they are superb as well.
With that said, I'm still considering replacing Gmail with something like Fastmail even though I'm satisfied with the email service from ASO. Having a web-based account outside the reseller hosting umbrella makes two-factor auth a lot easier to manage.
How can I be resiliant to data loss? Job loss? Cognitive loss? There are ways I can mitigate these risks, and some ways I can test to see if my mitigation strategies will work in practice. But how do I do that without devoting my life to it?
It's nice to dream of some kind of antifragile existance going forward, but for now the easy conclusions tend to come down to the 'two is one and one is none' variety. Backup everything I can, including but certainly not limited to my data and services.
Is there an open-source cloud photo-management solution like Nextcloud or something?
If your life/internet usage is that simple i think you might need to take some computer/internet lessons in learning about alternative services that work just fine. There is internet beyond google and Facebook.
Anyway, I guess I'll probably end up with mail@[firstname][lastname].com, but with some disappointment. I suppose I can always keep the .email and just forward it to the other though.
I keep my data that matters locally on my disk. And a backup of it too on a removable usb-drive. Call me old fashioned.
(I do worry about dependence on Github, though. Github needs a mirror.)
Google didn't tell me that, of course, but I don't use that particular account for many things and it was the only thing I used that account for in a long time.
Likely part of the push by Washington to get information companies to guide what dialogue is acceptable to post online.
They could, of course, do something similar to what Google did here, but using your own domain mitigates some of that.
They probably justify it with some "you must train our network to accept your address" bullshit.
I don't want to ditch using Google, I'm too integrated, but I would like to back up everything to a second source just in case.
...I feel no pity for them. That's what backups are for. Real backups. Like, on HDDs that you have in your hands. It has never been cheaper to back up data than today.
Is there a paid service out there that just does it for me automatically?
I was in a similar situation recently where I lost my adsense account. My appeal got rejected, and once they made the connection to my other adsense account which was run by a business entity, they banned that adsense account as well for violating the terms with creating another adsense account. That it was linked to a YouTube channel that lost monetization and partner status didn't matter. That it was not even breaking the terms as it was owned by a legal entity instead of me as a person didn't matter either. Try to contact a human to get this mistake out of the way? Impossible.
It's important to know how fragile your entire online existence can be. Plan for these kind of things and backup often. Don't trust cloud services and have a emergency strategy ready.
For me, I took control over my domain, moved it to fastmail and would be ready to rewire the mx records to a different server anytime.
My dropbox account is getting auto-pulled to my NAS at home which is powered by a RAID setup, and once a week the files are compressed and stored somewhere else. It's setup in a way that if dropbox deletes a file, the NAS doesn't delete it unless manually given permission to wipe deleted files.
Same goes for Google Music - all files I buy or upload are getting auto-downloaded to the NAS and securely stored.
I have multiple Google accounts for different things: Music, YouTube, Analytics and all services that allow it have multiple account managers setup, just in case a account is getting terminated and login is no longer possible.
Then I still have 1 google account that I am using as login email for very important things, just because it's the least likely to get compromised.
After signing up somewhere with OAuth, I also immediately go into the settings and give myself a password and valid email to not rely on the OAuth provider.
Paranoid? Don't think so. Since knowing that my data is waiting at home for me and can't just disappear, I am sleeping a lot better. It was a bit annoying to go from the convenient "my google account is my life" to this solution, but the ease of mind is so worth it.
Good grief, I'm off to backup my shit now
2. If you are doing such shady stuff create a new Gmail account and do it
(1) Because the First Sale Doctrine is supposed to give people the right to resell their legally acquired goods. Retaliating against people who resell something they paid for already is extremely bad form on Google's part, even if they have found a tortuous way to legally do so.
(2) Regardless of whether Google was justified or legally within their rights to do so, cutting off people's email with no warning is alarming. Many people depend on Google's email and data storage services; if they're going to cut off your access because they don't like what you've done on something completely unrelated that may be a good sign that all of us should stop using Google's services while we can still do so gracefully. What if next they decide that they don't want to continue offering email service to people who bought an iPhone instead of an Android? Or people who voted for Trump? They could most likely determine both of those facts if you are using GMail as your primary email provider...
People here aren't really approving of what those folks out to make a quick buck were doing specifically -- they're concerned about the way Google does business.
Not that I am justifying Google's actions.
For (2) I look at it from a different point of view. I am glad that Google did not cut email for some random Joe - just using a random-number-generator. Only those that did something which _may_ be hurting their business. please note, I am not supporting G totally.
> What if next they decide that they don't want to continue offering email service to people who bought an iPhone instead of an Android?
But what is your problem then? If they do not offer please move away. It is the same with apple; unless you have a _actual_ apple hardware you cant open appleID or even watch apple live product launches.
While I am not condoning Google or apple, it is how they want to do business.
And, by cutting off the google account, they may have cut off other critical services for that customer. Off the top of my head:
- Google Authenticator 2FA (ouch, that could be messy)
- Google Voice, to the point where you might lose the phone number.
- Adwords, Adsense, Appspot, GCE, Google Domains, etc
In response, Google suspended all their accounts, without the option to download any their stuff, including email and drive data, etc.
Additionally, Google's Terms of Service also says you own your data, including IP rights: "You retain ownership of any intellectual property rights that you hold in that content. In short, what belongs to you stays yours." I would question if refusal to grant users access to download their own data could be considered theft.
Of course, IANAL, but if I were any of these people, I would seek the opinion a real one immediately.
The "right of first sale" means that you can't be sued (well, you can be sued but they would lose) if you sell a book you own. It doesn't say that the publisher of that book must continue to sell you additional copies or that the author won't give you a dirty look if you pass in the street or that someone may take steps that don't involve suing you for copyright infringement to discourage your activity.
This is, by the way, the same trick that powers RHEL – the binaries are all GPL, so you can totally redistribute them to anyone. If you do though, RHEL will cancel your account.
You own your data but not the servers on which that data is stored, so you can't compel Google to give you access to it, any more than you can compel me to produce your comment from my browser cache if you lose it. Refusing to give you access to their servers definitely isn't theft.
Very legal. Arguably unethical, but that's a different question.
> Under Section 4 of the Data Protection Acts, 1988 and 2003,
> you have a right to obtain a copy, clearly explained, of any
> information relating to you kept on computer or in a structured
> manual filing system or intended for such a system by any entity or organisation
Don't be evil. lol.
Anyone remember the glory days of the first sale doctrine? Before we started letting companies essentially make arbitrary binding rules at their whim.
The most likely outcome is Google will settle well before trial since they know the odds are against them, and the cost to fight it (just in labor) is much more than the cost of any Pixel phone.
Google deletes artist’s blog, a decade of his work:
This makes me laugh my ass off. This is a bit of a pet peeve I have with people and modern technology. They believe they have a right to use a service even though they're not paying for the usage of the service. Then they turn around shocked and angry when the free service is removed. `Why! why did they do this to me, this is the biggest injustice! How un-professional of them!`.
Kind of like the dicussion I have with my collegues that `shouldn't you know.... support the open source frameworks we use to make money with?`... `Why would we do that?` ... Kind of leaves me speachless.
Take a look here, his response is actually very thoughtful:
Sure, people should pay & support the tools they use, but there are a lot of clueless, inept people out there who have been trained by Google, Facebook, etc that everything is free.
Whatsapp with the $1 a year charge was a step in the right direction, but Facebook idiotically killed that (decent) business model. That could have made over $80 mil a month in revenue, while being a nominal amount for the average user to pay.
What a bunch of scammers. Not only did they deprive people that actually wanted the phones for their personal use, but they also engaged in a coordinated effort to profit from them.
That's pretty harsh. They weren't depriving anyone of anything. Selling the phone on means that someone who wants one for personal use, gets one. And there's nothing inherently immoral about coordinated efforts to make a profit. That's what businesses are after all.
All of that said, this is a perfect example of why you should diversify your online services and always, always have an offline backup.
At the end of the day, rules were broken. If you can't handle the repercussions then don't break the rules. Pretty simple.
For example it would not be considered just to cut off someone's foot when they are caught speeding. Yes, they broke a rule, but the punishment is a huge overreaction.
Google now has so many services, that so many people use for so many things (at Google's encouragement!) that cutting off everything for a minor violation of purchase terms seems like an unfair overreaction.
And it's bad business. I am most definitely going to think twice before putting data into Google now. In order to grow, Google needs its users to trust it. This seems like a gross violation of that trust.
However, Google is not only suspending their phone service, they are deleting the user's entire Google account. For some people that goes all the way back to 2004 when Gmail started. That's a hell of a slap in the face, and they are doing it without warning nor chance for appeal.
Even if you agree with Google's stance on this, you must realize that this is horribly negative publicity for them, right? There are people (myself included) who are immediately seeking alternative services and planning to drop Google altogether because of this. It's highly disturbing that they would so casually drop the hammer.
And that wouldn't even be as bad as this, because a lease is a far more legally applicable document unlike TOS's which no one reads. Further, at least your violation there is related to your apartment. The TOS being violated here was for a hardware device that isn't the service being disrupted. And the worst part is that the act that was in violation is one that governments want to encourage, to the point that owners are protected from being sued. Since Google can't attack them the ordinary way, they are using their leverage on those users with their other products to prevent them from conducting this act.
This whole thing is terrible in many ways.
So "why would people complain" ... it's a matter of perspective and maybe ideology.
I would say the other reaction is easier : make sure you have 5 google accounts. One is email and you DO NOT use it for anything even remotely business related.
Would you expect that to happen? Would you want a lot of sympathy from other people because he just cut you off without prior warning? No?
The whole thing is terrible only in the way that people like this and the dealer who buy up products that are high in demand and low in supply are the scum of the earth. They provide absolutely no value to the supply chain and make life more difficult for honest buyers.
Google not only cut off services, they cut off access to remove users' content. I don't see how that is defensible.
Countless governments across the world could literally, without any notice, delete all of your data at the drop of a hat on ANY public service. See: megaupload. It's not the job of a free service provider, who literally makes 0 promises of data integrity, to provide you unlimited access to your data until the end of time.
It seems reasonable to hold Google responsible for what they say.
Personally, I lost photos of my kid's Sep 1.
>We may suspend or stop providing our Services to you if you do not comply with our terms or policies or if we are investigating suspected misconduct.
>Using our Services does not give you ownership of any intellectual property rights in our Services or the content you access.
If that's where you're storing your "key" - you should probably re-evaluate your personal storage policies.
You're acting the same as Google. Cold logic, zero humanity. Go hug someone you care about. Maybe even a child or someone elder. Then run through through your head how it would feel telling them what you said.
B. ToS are just as legally binding as a lease (provided they are presented in the right manner, which is how Google presents them). No one cares of you actually read them or not. As soon as you check the box that said you read and agree to them, you're legally bound to follow them.
C. No one ever said that repercussions have to match the violation. As I said, perhaps suspending the account is the only way Google can comply or protect themselves legally.
D. Google has no interest in attacking anyone. They simply follow the protocol they set for this occurrence.
The common denominator here seems to be that people are getting outraged that they can't break the rules and get away with it.
Besides that: Google is digitally killing people here for doing something whose damage to Google is not obvious to a layperson, and honestly not even obvious to me.
Please do keep in mind: They digitally killed people here in something that looks like pure and petty spite from Google. Some of these people might have relied on their gmail account for their livelihood. (Think remote freelancers, etc.)
You can also look at it like this: The punishment is wildly out of proportion to the crime.
Example here? Someone abusing T&C and making profit on their phones... It's just like printing counterfeit money, stealing profit from the gov. No wonder why they got unhappy.