I think these automatic suspensions are really alarming.
I got my whole Vimeo account suspended by some script that had the impression I was violating some of their ToS. I just uploaded 3 demo videos of an app I created. Then they told me I should click on a link to contact support, where they told me I have to log in to contact support, which I couldn't do because my account was shut down.
I just released a blog article that needed these videos, so I didn't have any time for these things so I quickly uploaded the videos to Youtube.
I mean that was just a small account with three videos, but they simply nuked the whole thing. That's just crazy.
I don't think I'm save at Youtube either, I just didn't have a better idea at the time.
> Then they told me I should click on a link to contact support, where they told me I have to log in to contact support, which I couldn't do because my account was shut down.
Gotta love Silicon Valley Customer Service!! The same thing happened to me with LinkedIn. Multiple Catch-22s and/or Chicken and the Egg.
Video can still cost a lot of bandwidth on your personal hosting. .. I've actually been meaning to rehost all the stuff I have on either Vimeo or YouTube on a personal PeerTube instance, change all my embeds on my blog to point to PeerTube with YouTube/Viemo removed and links under the video to those respective sites as mirrors.
None of my stuff gets enough attention for me to care about exposure, but big content creators who rely on YouTube ads really can't get away from it.
> Video can still cost a lot of bandwidth on your personal hosting.
Jesus Christ. Just pay for the bandwidth! You can't at the same time go "I dont want to be subjected to this automation stuff" and "I don't want to pay!"
More like use a dedicated server or vps host that bundles several TBs of bandwidth. It isn't hard to get ~20TB of bandwidth for $100-$200, compared to however much that would cost at aws/gcp.
The videos don't have to be on your standard host. You could stick them on S3 or something, which might be cheaper, and is more portable than Vimeo or YouTube.
One nasty implication is that adaptive bandwidth streaming as YouTube and Vimeo provide is tricky to get right. It’s definitely beyond “any other static file.”
It’s a nice feature to allow clients to stream the max bitrate they can handle without buffering. Without this, you sacrifice either quality of those with good connections, or the complete experience of those with poor ones. I ended up struggling with ffmpeg and JPlayer which is never a good day.
Additionally, you need to make sure you use the right codec, something supported on FF, Chrome, and Linux/Mac/Windows/Android/iOS. Due to codec power struggles, this is not self evident.
On Digital Ocean's S3-compatible service for example, $5/month gets you 250GB storage and 1TB egress. $0.02/GB additional storage and $0.01/GB additional egress.
So if you have 5GB of videos that ALL get watched 10,000 times you will be out $500, so maybe problematic. Or calculated another way, 2.2mbps is good for 720p and comes out to 1GB/hour, so your cost is basically $0.01 per hour of video streamed (plus $5/month).
You are not going to get even one video watched 10k times, not to mention all of those videos. 10K video views is pretty darn close to head rather than the tail.
If you did, you would be making a million a year like @BrunchBoys on IG and hiring people to build an independent platform so when Youtube/Google/FB shut you down you would still have a way to deliver your awesome videos and make money.
P.S. You can always proxy EC2 traffic through the Lightsail to have a cheap delivery.
Or, you might get a random HN/Reddit (Slashdot, haha) hug of love, and that's -500 USD for you, and no +1 000 000 at the end of the year, because it was a one time thing.
I heart a lot of these magic hugs of love and I can tell you excluding teen boy bands with a gaggle of screaming teenage girls using their phones to live stream from concerts or pirate pay per view boxing matches I have never seen anything close to it.
10K views of a video that's more than a few minutes long is a big deal. Having a hundred of those means a producer is either a celebrity or a real business specializing in video content.
The financial implications depend a lot on your provider. AWS has usurious prices at 90 USD/TB, with Google Cloud and Azure being similarly expensive.
While traditional hosters often include traffic with their offerings or charge a much lower amount. For example Hetzner (Big traditional German hoster) costs 1 EUR/TB and traffic is inclusive with most bigger/dedicated offers.
Nitpick: you mean either "extortionate" or something to do with ogliopolies, cartels, and price fixing; usury is when the perpetrator charges interest on a non-defaultable loan.
I think in this case this word was used for simple dramatic emphasis, and somehow usury seems like a more white-collar thing than extortion, so maybe felt like the better "analogy"?
Technically its pretty easy with the video tag and HTML5. Financially it will probably not be an issue unless their videos become very popular and at that point they could always move elsewhere or pay for more bandwidth. But discoverability is an issue. People search for videos on Youtube, but no one will know about your personal domain.
Technically, your users will get a sub-par experience.
Those on 3g will have to wait ages for the video to buffer. Those on an old device won't be able to play it at all if you used new codecs. Users won't be able to select playback quality, and on a slow connection, they'll get endless buffering.
You'll have to come up with your own systems for counting how many people viewed the video and which bits they bailed out on. You'll have to reinvent caption translations and go to extra effort to get captions working at all.
Self hosted videos have mostly died for the above reasons.
I managed to do adaptive streaming as a 14 year old (in 2014) and it worked for 10 000 people. It didnt cost me that much, given I made profit of 80$ off of adsense before being banned and almost sued but thats a different thing.
The point is with HLS or DASH and CloudFlare you can provide the exact same experience to all your users. You can easily automate the process, which I've done. All other problems are already solved by player software like Clappr, JWPlayer, VideoJS, etc. They all use HLS.js and Dash.js in the background...
Adaptive streaming doesn't seem to be a difficult problem to solve. Most cloud providers offer video streaming services that can transparently sit in front of your domain or you can serve something like HLS or MPEG-DASH files through an appropriate js player. I must admit though I have no personal experience with this and am sure any home-rolled solution will be vastly inferior to Youtube et al, but it is possible and may satisfy the use cases of many people who don't want to put all their eggs into one basket.
> Those on 3g will have to wait ages for the video to buffer. Those on an old device won't be able to play it at all if you used new codecs.
This advice is pretty stale: 3G is rather old by now – 4G came out in 2009 – and unless you’re still supporting IE8 HTML5 makes it easy to let the browser select from multiple sources (subtitles have similarly had wide support for at least half a decade). Properly hinted video will start playing pretty quickly — certainly not massively slower than someone with 3G on an old device is going to experience everywhere else, especially since that old device isn’t going to pick the 4K version anyway.
> This advice is pretty stale: 3G is rather old by now – 4G came out in 2009
When traveling to places with 4G or LTE coverage I'm often downgraded to 3G or edge. My parents' home has mostly 2G/edge connectivity, with some spotty 3G coverage on the second floor. They're "only" on the outskirts of a greater metropolitan area.
Just because some tech is old doesn't mean it's not very much still relevant.
You can’t look at this without considering the context: yes, there are areas with marginal coverage (I also have relatives in that situation) but if you’re in one of them you are either not watching video over cellular because the experience is unpleasant or you’re used to it being slow and an extra second to start is a drop in the bucket. The number of people who are on very slow connections who are also highly latency sensitive just isn’t a significant percentage of users for most sites, and most sites have many areas for performance improvements before they need to tackle that problem.
You can provide links for different qualities and let user decide which one is better. Subtitles are supported by HTML video tag, you don't need to invent anything.
People say google has good engineers, and that their systems have few bugs. However, their algorithmic bugs routinely de-platform people and often seem to take away people’s incomes (eg, the AdWords people losing accounts every other day). To me, that sounds like one of the most severe types of bugs possible and the Internet is rife with these stories
There's an easy way to tell that this did not actually happen. The person reporting this claims that they were notified that the account was suspended for "using 3rd party app outside of Play Store to go around Youtube ads".
Now think about any of the previous similar stories you've seen over the years. Doesn't even have to be about a full account being suspended. E.g. maybe it's about an app or extension being removed from a store, or about a site being removed from the search index, etc. The messages will always have been quite vague on exactly what happened, e.g. just saying that there was a violation of the terms of service.
The level of specificity claimed by the poster is just totally implausible.
This makes it especially hilarious. You can spot the fake by the utter implausibility of Google giving a single fuck about explaining their actions to a mere mortal. There isn't even a hypothetical mortal in hypothetical existence that could hypothetically expect such abundant largesse.
Every time an automatic google account suspension comes up, I like to let everyone know that my google adsense account has been suspended for 15 years. I’m still waiting waiting for my follow up on why.
Even 15 years ago right after they launched the service they were already having computers make decisions without human review or oversight.
For six years now I've been trying to use Google Play Music, but enter a comical loop of errors that neither the support staff nor their eng team shows any understanding of[1]. They always run through the same utterly useless script of suggestions, even when I make it painfully clear that I've already tried each of them multiple times.
I've had similar experiences with most of Google's services, including my phone nearly being bricked due to a cyclic error on Play Store. I keep a list of these little joys (on gdocs, ironically).
It was hard enough getting someone to look at these insanely frustrating errors and problems when I was a SWE there and could pinpoint someone who could fix them. Fixing these problems doesn't advance anyone's career, so nobody is incentivized to care. The idea of getting anything resolved from "out here" is just comical. Instead, I get to +1 a report on their forums, where one of their "community experts" gleefully tells us not to worry, someone will probably fix it someday. And in the meantime, have you tried power cycling? Because, Google! (Cue cute xylophone music.)
[1] Guess I'm not the only one with problems. Two stars for the Chrome app that's required: https://chrome.google.com/webstore/detail/google-play-music/.... Does anyone actually care at Google? I doubt it. Too many cool new features to build to worry about existing ones working. Someday I might even write up a piece on how I was shipped off to the Goolag (Google Seattle) because I insisted on having a team to keep our product's data up to date.
My adsense account seems to be permanently stuck in limbo too. Every once in a while I get an email that my payments are on hold because I have no payment method (a little over $100 sitting in there).
Attempts to add a payment method always fail and it won't let me remove the one that doesn't seem to be working. The help support articles linked on that same page 404 and I can't seem to find a way to get any assistance on the issue. It has been stuck like this for years, occasionally I try to remedy it and end up in the same loop. It is extremely frustrating.
Eventually Google will release it to your state as unclaimed funds which you can then claim. I think it took them 7 years to send my $70 over. never could cash it out as it wasn't at the threshold.
I have the same exact story, it happened about 10+ years ago. I had a banner on a small community forum and they banned my AdSense account for life for click fraud. Of course I never clicked on my ads and the revenue was few cents. They never replied - except for automatic replies that the decision is final.
To be honest this sounds like some fake story. NewPipe really don't use any Google credentials and even considering how little trust I have in Google I don't buy like they going to buy account this this kind of stuff. Like seriously think on it: why should they ban someone based off IP address alone that can be shared with many devices / accounts.
I'm inclined to agree because of one contradiction in the issue: they say they got an email when they were banned but then they say they can't access their Gmail to provide proof because they were banned. Either your account stays unbanned for a few minutes so your Gmail can sync in which case it should still be available offline, it's on another email which they can still access, or they're lying.
True, but the person in question was asked in the thread to provide a screenshot of the email.
To which they replied that they couldn't because the account was locked. That certainly doesn't seem to add up, though it might just be a mis-communication.
Same reaction. I'm skeptical this story is true. I've never heard of Google banning a user over blocking ads before -- frankly, even with the amount of crap I usually give Google, this feels out of character for them.
Lots of people use NewPipe with unrooted phones, so if it is an actual policy, we should see more widespread bans. If we don't, I'm going to dismiss it as, "we don't have the full story, or its made up entirely."
That being said, of course you should take steps to mitigate the impacts of being banned by Google. But you should have been doing that anyway, so I don't think this story changes anything.
I don't know anything about this specific story, and won't comment on it. But, this is actually a common attack vector that people with nefarious purposes use. They come up with a story that makes some company look bad, but leave out important details (like they were trying to hijack accounts, spamming, etc...). Some of these people will do this either to get policies changed in their benefit, or as a form of revenge for getting caught.
It's important to remember that all stories have 2 sides, and to consider other possibilities when you only hear one side of a story.
I used to work with Google's account abuse team. The company will never comment on suspensions, so you are right that you only get 1 side. Every consumer account suspension I ever looked into was due to severe abuse on the part of the account holder: folders full of child porn, account being used to spam or distribute viruses, etc. Every advertiser account that some jerk whined about being "wrongly suspended for no reason omg google is satan" was actually due to either click fraud or advertisers' sites distributing malware. Whenever you see one of these complaints you should reach for a massive, galaxy-scale grain of salt.
In this case however the account holder is being totally up front about their activities: they were using a proxy network to rip off YouTube. This is a bit like Trump committing treason on live TV and then later whining about impeachment on Twitter. What's in question is not the facts but the policy.
This is absolutely nonsense. My colleagues account was suspended for using PayPal and not Google wallet, one startup was suspended because their dev had multi sign-in, my account was suspended because of "app likeness" or whatever bullshit, people were suspended for reselling pixel, wrong credit card info, pseudo names on Google plus, dmca violation, copy right violation on YouTube, competitors hitting report, false copy right and the list goes on.
Out of curiosity, how did you notice folders were full of child porn? Do operators have access to mail folders and / or use to check randomly on people emails?
They shared it and someone reported it, 100% of the time. Complaints are verified by special contractors whose mental health is sacrificed for child safety.
My understanding is that hosting companies use hashes of known material in combination with automated scanning. Also, that some companies may not want to tell you much about how they do it, because the act of identifying it means looking at it, which is illegal (I have not researched this, I might well be wrong/inaccurate)
I'm pretty sure looking at it isn't the illegal part. Making, possessing, and distributing are the illegal bits. Maybe some other aspects too, like transporting or buying or some form of conspiring? I don't think the government (at least the US gov't) can actually make looking at anything illegal. But it's hard to look at something that's restricted in that way without doing at least one of the illegal things.
If just looking were illegal, you could shove it in someone's face on the sidewalk and they'd instantly be guilty of a serious crime.
Some commenters on the thread suggested that Play Protect reports to Google that your device (linked to your account) uses this app. I'm not sure that's true, but I disabled it nonetheless.
They wouldn't. But if there's enough secondary signal for them to determine what account is running the access that is grabbing videos but not ads (i.e. do NewPipe's requests carry the phone IMEI? Can Google correlate that IMEI to a user account?), Google could lock down the account.
What the user describes sounds like an account lockdown, not an IP ban.
It sounds to me like this user was banned for an entirely different reason. Like for example, someone stole his login credentials, fired up hundreds of VM's on GCloud, and started mining Monero.
User does claim they received a message from Google "saying that I was using 3rd party app outside of Play Store to go around Youtube ads." We haven't seen a copy of that message, but I'm assuming we can take it at face-value.
The culprit could be Google Play protect. You need to use a google account to use Google Play, and then Google Play periodically scans apps, even if they aren't downloaded from Google Play like F-Droid (even apps I loaded for testing using adb). So that scan, whose results are sent back to google could reveal NewPipe and associate that with your account.
There are multiple ways for Google to know that NewPipe is installed in a device. Play Protect scanning is one way mentioned in the OP’s github link.
Another method I can think is, when I download a mp3 file using newpipe, it adds the text “NewPipe” for the Album mp3 tag. and PlayMusic automatically uploads any new mp3 file downloaded to your device.
Also isn't there another setting to track app usage activity on Android? I'm pretty certain that also keeps a record of opening and using apps outside of just what's on the Play store as well. If anything I'd suspect that was used rather than Play Protect.
I can't stress this enough: Use FastMail (and pay for it), it's better than GMail and doesn't pull this kind of shit on you. The post is very alarming, but at least you have a better option when it comes to arguably the most important part of Google, your email.
It's super cheap (I prepaid for two years or something and it came out to less than $3/mo), faster than Gmail and won't kill your life.
EDIT: I hear Protonmail is also good, just use one of the two. They're great.
I recently started using Fastmail for a new project I'm working on. The web app might be the snappiest I've ever used. Way better than Gmail. Protonmail is painfully slow in comparison. I'm seriously considering switching everything to Fastmail, but there's always a ton a FUD about surveillance when comparing them to Protonmail. But there's always a lot of FUD thrown at Prontonmail, too. Hard to know how much is true.
I weighed this for awhile because it was a concern for me. I finally did end up moving my organization off Google Suite to Fastmail and I haven't looked back.
Australia's government sucks ass, yes. But Fastmail seems focused on its product and has been conveying their positions and opposition to such legislation. Google does not do this, they run Google Suite like it's an automated hobby project. I'm quite certain that it's more likely that our data with Google would be used to provide data sets that could be used for advertising or sold/adapted to state surveillance (sensorvault anyone?). Even if it wasn't, we're still worse off when they arbitrarily suspend accounts and only provide us with outsourced customer service lacking an escalation path that only takes calls overnight.
Seconded. Fastmail's support is great. I had some issue trying to sync emails with my laptop that messed up all the dates on my email (I don't remember the details) and fastmail support told me what I was doing wrong and wrote a script to correct all the dates on their server. I was blown away.
I'd like to, but none of the other services offer Priority Inbox. Even if they did, I've spent years training Gmail what is and is not spam. It's nearly perfect now. That would be super hard to replicate.
These are the two things I find more or less impossible to replace on android. For Pay, there is no alternative at all.
For Maps, there is Osmand, which is good as static map, but not for finding addresses.
Google Maps' map data can be replaced by Microsoft/Here/TomTom data, or OSM-based maps (OsmAnd, maps.me). Apple Maps seems to be unavailable outside of iOS, not even through third-party apps or a website, as far as I know.
Mapbox does realtime traffic these days, https://benmaps.fr can show this layer (I haven't found that button in mobile view though, might need to do a pull request), as well as your local traffic authority probably or some other local companies.
Business info can be found through regular search engines, or if that is really difficult, then you can always fall back to google maps every once in a while.
Street view is not available where I live anyway, and Mapillary is doing reasonably. They also have OsmAnd integration. OpenStreetCam is another alternative.
Satellite imagery is not exclusive to google maps either, there are lots of sources for this, and often also plane-shot imagery from your local government. You can configure a layer in OsmAnd. Personally I use Bing Maps most frequently for this (not the app, just bing.com/maps) since it is a lot more smooth/lightweight than the awfully heavy google maps website. (I don't really use sat imagery on mobile anyway.)
Trip recording ("location history" in google) can be done with OsmAnd or many other apps as well. I configured it to automatically turn on when routing: then I have GPS on anyway and I might as well store the data. Often fun to see stats afterwards (max speed, avg speed, asc/descend, or sometimes it's practical to see the time it took).
I think that should cover the functionality of google maps.
Google pay I never heard of, unless you mean paying for apps in the Play Store, in which case the solution is to contact the developers directly, though they usually don't seem to care enough to get you as a customer (I tried this four times, never got a reply, thus never became a customer since quitting google play).
Oh, that's right. Then I just don't know where (other than via DDG) to find their map. I do remember trying to use Apple maps via the Apple website and that didn't work (some months ago).
I haven't had a Google account for over 5 years now, after my account got suspended for no apparent reason. The only thing I can think of that raised the alarm at Google was that I created two other accounts using the same IP and device, and Google must have thought I was gaming their system and engaging in some sort of Sybil attack[0] on their network. Two other accounts is hardly grounds for suspension. But 100 or even 1000 other accounts and Google are within their rights to ban me.
Anyways I since switched to Protonmail for frivolous web signups & registering on sites, and then I use Fastmail for various business dealings / freelancing / anything related to finance like Paypal, online banking, etc. I simply can't afford to be arbitrarily banned by Google again.
I use to have three Gmail accounts (notifications, mailing lists and personal). After the 2012 domestic spying revelations, I deleted all of them, extracted all my Gmail and hosted my own. It's so much nicer than dealing with Google's fucking terribly broken IMAP interface and over aggressive spam filter (which has bitten me too):
..although e-mail delivery has seemed to be getting better in the past year.
My current Google account has no g-mail connected to it, which has lead to some interested bugs in Hangouts (you can't search for Google contacts once G+ went away, even if you clearly see them in current chats).
I also host my own Calendar/Contacts using Radicale + DavX (formerly DavDroid)
I want to emphasize just how bad the spam filtering has gotten. I didn't realize it for a long time, but now that I check the spam folder regularly I've realized that a LOT of legit emails get flagged by Google. Even ridiculously obvious stuff, like a non-automated reply to an email that I initiated sometimes gets flagged as spam.
Unless I'm wrong Google explicitly allows you to use multiple Google Accounts for different purposes, unlike say Facebook. Were all your accounts banned together or your main account was closed for creating the rest? In any case they should give valid reason for account closure... this is just unethical.
I was about to mention this. I've been setting up some things for a new business and somewhere along the lines Google explicitly recommended creating a new account.
Sounds like some trolling to me, especially since he can't produce the email. If Google was actually doing this they would have emailed other NewPipe users, not just this one guy.
I find it perfectly plausible that Google would suspend someone's account arbitrarily. Even if it's not true, it is a reminder that Google can and will suspend your account and fuck up your life because of some algorithm, and you should probably do something about it.
The most likely scenario to me is that Google did suspend the account, but either this is not the reason, or it was only a minor aspect of the algorithm's decision. People are often bad at figuring out what they did wrong when you send a message explaining exactly what it was, people are hopeless when they get no message at all, which is how these suspensions work.
The assurance that they've used no other apps I put little faith in; I've too often both delivered and received the incorrect "but I'm sure I did nothing else, it had to be this!" claim. We do a lot of things without forming strong memories of them all the time. No offense intended to the original reporter, it's just my experience says that's rarely a highly trustworthy claim, even when trustworthy people make it.
You're exactly right. It's been my experience from community moderation that you can give people an itemized list of things they did that led to a response, and often all they'll take away from reading it is the one item they have a strong emotional reaction to.
Their system isn't even likely detecting NewPipe. It is probably detecting signals indicating the ads it serves are being blocked and the user's account isn't a Premium account. Any client that failed to vend the ads (or failed to spoof the ads-vended signals) could trigger this.
Has anyone wiresharked its transactions to Google? If it's literally doing it like it's a browser, what cookies or storage API (or other) state is it leaking?
This seems like an argument from ignorance. eg. "Well, there's no evidence to support this hypothesis, but it could be x (no proof given), so unless we look into x, we won't know for sure".
Using the system browser or webview doesn't send any user identifying information (other than device type and version) in http requests. There's no plausible reason why using the download manager API would do it either.
I'm not sure I'd call it an argument, but the ignorance part was right (note upthread this began with a question as to whether anyone had attempted to packet capture on what NewPipe is sending in a session).
There isn't evidence other than the user in question's account apparently got banned and they claim to be using NewPipe. So it's one possible avenue of further investigation if one tries to figure out how Google would even know to ban a user that was using a tool that allows connection to YouTube anonymously.
If Google PlayProtect is enabled it'll be aware of the NewPipe app on the phone or any other Google components may track its usage. Alternatively Youtube could detect the newpipe usage on their end and cross check with the client IP adress collected via the regular YT app. It's certainly possible to detect it.
Google does not care about one user not seeing ads. It isn't worth even 5 seconds of an engineer's time.
But if that guy built a custom build of NewPipe that did a million simultaneous downloads, and that impacted service availability for other users, that would make Google ban him.
Not to be that guy, but do you have anything to back that claim up? I'd love to know if it's actually true or not; it seems like GDPR is often used as a catch-all magic wand for "I want my data therefore the company has to give it to me", but I'd love to know if it actually applies in the case of a terminated/suspended account and/or an account found to be in violation of the service's terms & conditions.
One of my GMail accounts was fairly recently disabled due to Google not recognizing any device logging into the account. I had to dig up some old Android phone to even attempt recovery which was unsuccessful. After I involved some of my Google contacts, the account was back within 2 days, yet while my phone can log in, none of my other computers are allowed to log in. I am guessing something in their ML system went seriously wrong in some corner cases (in my case, accessing the same account from >10 computers/phones/tablets on different operating systems via Firefox with private browsing, likely triggering their anomaly detection).
No enhanced security, I travel a lot abroad with different phones and can't handle SMS or some type of authenticator reliably.
I completely get it being flagged, I even wrote ML/DL-based anomaly detector for mobile stuff myself, but it really gets in the way, so I switched my primary account over to ProtonMail.
I had the opposite problem not too long ago; was away for a relative's wedding and had my phone die during the trip. Even after replacing the phone, getting back into my Google account on the new phone was a chore, because the phone that died was all my trusted devices (2FA key holder and receiver of phone calls for verification at the same time).
Yep after reading a very similar story a couple of years ago (Google account closed and no recourse given) I’ve migrated all of my important accounts and subscriptions away from gmail and into an email address associated to a domain that I own. Now Gmail and Outlook.com are only used for spammy stuff that I don’t care about
Never rely on a single cloud service for your backup. Always backup to at least one independent place such as a local hard drive or another cloud provider.
This. I suggest iCloud, Dropbox, Lightroom, OneDrive, or Ever. I often take advantage of “free trials” to upload all my photos to these services periodically. Once your free trial expires you can’t upload more photos but they hold onto the existing ones indefinitely.
I also use a NAS device (cheap!) and a lifetime Plex account for my viewer. Only iOS “live” photos are inconvenient to back up anywhere but iCloud so I don’t take many Live Photos.
I have all of my photos in a RAID 1 at home, and I regularly "rclone" all of them to Backblaze B2. I have all of them inside Google Photos because that's how I view them, but I don't consider it to be a backup. It's just a much more convenient way to access the photos from many devices, and share them with friends and family.
Apart from that, I keep a Google Takeout archive the same way (RAID 1, B2)
I seem to remember a website that helped people "de-google" (something like that), where it listed self hosted alternatives, or other cloud services with better customer service track records.
Any backup recommendations? Gmvault stopped working earlier this year, and for multi-gigabyte accounts via a connection that is prone to get interrupted every once in a while, I couldn't find anything that seemed as simple and robust (Gmvault allowed incremental backups, tolerated disconnections, ...).
You scared me for a second until I checked my gmvault logs.
FYI, it still works.
It's true that I had to create my own google console project[1] to have my own tokens some months ago, but I think that's a very good move in any case.
With all that GDPR stuff we have now shouldn't they actually be forced to let you download all your data in a simple way?
I don't use GM for anything relevant but I'd totally abuse the "get my data" thing to backup stuff.
Hmm, I don't see "Do you have to destroy another email account in order to set it up?" on the FAQ list. I suppose, arguably, a user would be impelled to use the service by witnessing the destruction of an account near and dear to them, perhaps enough to split their soul...
IANAL but with my 10 mins of googling I've found the following:
* Items/characters cannot be trademarked unless they are the source of goods or services (so therefore this service would have the right whereas JK. Rowling et al wouldn't) [1]
* Items/characters are copyrighted when featured in a copyrighted piece of fiction (which Horcruxes are). [1]
* JK Rowling et al are crazy litigious [2][3]
* JK seems to endorse/praise fan collections of stuff, but the team come down hard on people trying to sell that commercially. [2] That does, however, seem to be for publishing books eg. fan fact books.
Shouldn't you make regular backups of your emails anyway, whichever alternative to GMail you use? And then what do you gain by switching in practical terms?
I do find these account suspensions terrifying. It's the biggest issue I have with using GMail, but I treat it like any very low probability event of shit happening to my data.
> One very good reason to regularly download backups of gmail
And anything else you care about.
People were bad at backing up local data, but what they're worse at is backing up data that is in someone else's hands ("cloud").
Recently I was listening to a tech podcast (Tweakers, Dutch) and they discovered how dependent the presenters were on Spotify for their entire collection of playlists and library that they spent lots and lots of time gathering and curating. The reason I don't have this problem is because I already had this problem: Grooveshark happened to me. My music was all on there, including custom mp3s that I pulled from Youtube. So after spending some time importing all of that to Spotify from memory, I used the API calls to export my data from time to time. These days, people have it easy: just run a GDPR export from the Spotify website. (That reminds me, I should still email the guys at Tweakers.)
I guess I also grew up with data loss more than average. As someone who wrote code from ~12 years old, but who didn't understand the rest of their computer well enough to take proper care of it, the family computer guy had to reinstall it a bunch of times and I lost data every time for different reasons (he also didn't really give a damn). And I overwrote an external hard drive once when I thought that backup software would just put the backup there, not clone the disk. And 000webhost cancelled my account one summer. And a hard drive died, then (I actually had a backup!) the backup hard drive was accidentally destroyed by my little brother. In that summer, I lost all code, school documents, game save files, browsing history, chat history, nearly everything I ever did digitally. Taught me a thing or two...
Step Two: Set up gmail to forward all emails to the new email account.
Step Three: Stop giving out your gmail address.
Step Four: Start marking all emails that get forwarded to you through gmail that you don't want to see as spam in gmail.
Step Five: Start migrating all real-life contacts and online accounts to use your tutanota email account.
-----------------------
SERIOUSLY, start paying for email from an email-specialized company in some European country with extremely strict privacy (such as Germany). GET OUT OF GMAIL and OUT OF U.S.A. EMAIL-BASED PROVIDRES A.S.A.P.
A dollar a day is quite expensive, you can get a domain and a email prodiver for like 5€ per month.
See for example this [Dutch provider](https://www.transip.nl/webhosting/) that I myself use, but it includes webhosting. So you can probably find email providers for less.
The problem is how effective they are at killing spam. I'm sure most of us (I still use Gmail) would jump ship in a second if there was a decent alternative that doesn't force the user to spend time training a local antispam system. Admittedly, Google is really good at that.
I support this idea, but I wouldn't touch something like Tutanota or ProtonMail that doesn't support an open standard like IMAP (or doesn't provide it for the free tier or has "bridge" applications to install) for saving and archiving mails offline on a computer. Tutanota and ProtonMail are both walled gardens of their own making. I can't easily migrate out of Tutanota (or ProtonMail if I'm a free tier user) and take my emails elsewhere. I appreciate that they provide (or claim to provide) better encryption, but I like to have control over my data and where I have copies of in an easily accessible manner.
I'd suggest instead, for much cheaper, Posteo.de, Runbox.com, Mailbox.org, Mailfence.com or Migadu.
$1 a day for an email account? That's ridiculously expensive not just from an ad-paid perspective (gmail etc) but also compared to the market rate for reliable, feature rich fully paid by user services. Pay a tenth of that and you are already far away from the cheap end of that market.
I've used a similar process; my gmail has a vacation auto-responder that informs those contacting it that the address is not used for email. The auto-response does not include my actual email address.
Even still, I find that other people's address books are remarkably immutable and despite this auto-response having been employed for around five years I still have important emails directed at the dead address.
Serious question, which I'm hijacking this thread to ask since it's on everyone's mind:
- What's the best way to fully back up a G-Suite instance, so you could get back on your feet really quickly if something like this happened?
I use G-Suite for email and docs and a bunch of stuff for my company, and I'm willing to pay money to have it all backed up in real time and ready to switch in the event of a disaster.
What's the best way to do that? I know Spanning and Backupify are two popular solutions. Would be curious if anyone has experience.
Maybe the Google Takeout-Feature? It lets you downloaded all of your data. Mails are stored in mbox-files, I don't know which other file formats are used for other Google services.
This is frightening. I use newpipe and depend on Google for work, email, and data storage. I use Google cloud to host my websites, and Google domains to control their domain names. What's next? Will they suspend an account for using an adblocker on their website while using a browser?
The fact that Google would suspend their account instead of just blocking their access to YouTube is an abuse of their near-monopoly. I'll be taking steps to migrate off the Google stack for this.
I was similarly dependent on Google but started diversifying for exactly those reasons. Domains are with a third party, Email is (Fastmail with own domain, GMail still forwards), hosting is also a separate provider. If any provider now blocked my account this would still be bad but I could easily restore services.
Especially if your work depends on it, I would encourage everyone to do the same. No other company (including your bank) should be able to shut down your business and/or ruin you financially because they close your account temporarily.
At the same time, this also means you're less affected by discontinued products or price hikes.
At the very least, I recommend sharding your accounts for work, email, and data storage if you're nervous about those failing simultaneously.
The attack surface is larger than a TOS violation (someone could spear-phish your login credentials, or a coordinated attack on your account could lead to denial-of-service if Google can't disambiguate your legitimate attempts to login from attackers' attempts).
Yes. Whatever the real specifics of this particular case, some number of users will inevitably lose access to their accounts in a way that they can't recover from. Arguably, with business services, there will always to some way to reliably establish identity with fallback systems. But, at some point with free/ad-supported/etc. consumer services a provider is sometimes, if hopefully rarely, just going to go "Nope. Can't establish your identity or overlook this ToS violation. No recourse." and showing up in Mountain View with physical documentation isn't going to be an option.
It's not an ideal state of affairs. But the alternative would probably need to be more rigorous identity verification and locking down of systems.
I'm afraid I can't find the source, so take this with a grain of salt. But I seem to remember reading a few years ago about a small company having all their employee's Google accounts suspended because one of them had previously been banned for something, and his banned account then "infected" any other accounts it came into contact with, like common projects.
I question whether separate accounts would help, Google's automated systems probably connect them and bans all of them anyway.
This is pretty frightening. I have around 5 Gmail accounts that practically everything is filtered through, and while I don't use it, I did (just uninstalled it) have NewPipe installed on my phone, along with F-Droid, along with a number of apps I downloaded directly from github, that Google has no place knowing anything about.
If I lose those accounts, I'm pretty sure I'm screwed, there are many online services that require you to open an email and retrieve a temporary code, or require you to have access to the original email account in order to switch to a new one. I don't know what I'd do if I'd lost those.
This sucks, but... is NewPipe just a proxy to YouTube videos (and other services, it looks like) that excludes the ads?
After a few pages, the linked github issue devolves into discussions around "how Google could detect you're using NewPipe" instead of whether or not you should be allowed to use it. That makes me think it's more in the realm of "we know this is against the rules but you can secretly use it" rather than a grey area of what's allowed or not.
It's more of a controversial take, but I'm honestly surprised people don't get banned for using Adblockers in general. This seems even worse than an adblocker (in that it just flat-out steals videos from YouTube and puts it in its own ad-less interface), so I'm not surprised that 1) it likely violates YouTube's terms and conditions, and 2) that violating YouTube's T&C is grounds for terminating your account.
Yes. This could be against YouTube TOS but losing your Google account which also gives you access to email, phone (if on Android), GSuite + anything that uses your email for authentication, is a horrible measure. I don't understand how this is grounds for terminating your account?
Do you want to block me from using YouTube with this account? Fine. Do it, that's fair. But terminating the account, effectively blocking someone to access anything tied to that account is a "piece of shit" move.
I understand where this mindset comes from, but I think it (unfortunately) stems from YouTube originally being its own service and now being "part of Google" and sharing a single account now. I'm not sure if it's up to Google to remind users this is the case, but it'd certainly be helpful.
If you Do Something Bad in Facebook Marketplace, I'd expect the entire Facebook account to be banned -- not just restricting access to where Bad Thing happened (FB Marketplace). Or, if you broke T&C on Amazon's marketplace, I'd expect your AWS account to be banned also. If you cheat in one game sold through Steam, your entire Steam account gets banned/penalized, not just your access to that one game.
I can kind of understand why people think Google's services are different, but I'm not sure why that continues to be the case over time as we move further and further away from back when YouTube had its own accounts.
> If you cheat in one game sold through Steam, your entire Steam account gets banned/penalized, not just your access to that one game.
Actually it depends on the anticheat system used by the game. Anything from Valve will use VAC, and cheating in a game using it will ban you from all games using it. Other games uses EAC, others BattlEye, etc. You won't get banned from all multiplayer games that you own.
I use NewPipe because I was tired of YouTube's dark patterns, and addiction-building related videos/autoplay. In NewPipe those things, as well as the YT comments, can be disabled...
But well, maybe it's my way of justification. I already use an ad blocker on desktop and don't even notice that I don't get YT ads. Please don't ban me, Google!
This does not sound plausible, more like the work of an Internet troll. The user's GitHub handle translates as "Fuck you all, damn it!". When asked to provide evidence, he comes with excuses in the linked thread. He has filed some issues before with the same project, some of which got closed as dupes. My take is he was dissatisfied with the response from the GitHub community and came up with this story to discredit the project.
What do you mean? My understanding is most of the problems arrive with the various Google services, but LineageOS can be installed without all that noise, or can it?
MyActivity shows all play store apps and some non-store, pre-installed apps for me, e.g. the system launcher and WiFi drivers, but it does not show sideloaded apks.
If this story turns out to be what it seems, that might mean Google shows you only a subset of the app activity log that they actually keep, adding another layer of intransparency to the injustice.
This reminds me of a huge story last year where suspicious activity on an account got the whole company banned, including their personal gmail if they linked it as a recovery account: https://news.ycombinator.com/item?id=17115643
A company I know has lost the password for their info@company.tld google account. Google refused to reset the password - it asks for mail verification (passed), phone # (not passed, no one has an idea which phone number that was) and account age (not passed, this thing is ages old).
Google refused two letters by their legal counsel, now the company will attempt to file an emergency injunction / court order, but jeez it sucks that Google can not be bothered to have ANY place where you can contact an actual human.
That's exactly what happened to me just a few days ago. I got an email alerting me that a secondary Google account of mine had been accessed, password changed, secondary email changed and I think even some kind of security question also changed (I don't even remember Google having those). Ok, no problem, I'll just tell Google I own it for whatever means they ask and change the password back.
Recovery email doesn't exist anymore. There's no phone number attached (I haven't accessed the account since before I had my first smartphone). And the account must be like 12 years old or so, there's no possible human way to remember the precise month I created it (I don't even remember the year).
I have all my Google accounts connected through gmail, and I can even receive the emails that go to that account, since they go to my main account. I tried for a full whole work day to get the account back, but there's just isn't any human I can talk to, so the account now belong to some russian hacker or who knows. Luckily for me is not a very important account and I haven't found anything important attached to it, but it's very scary.
Wow and I had enough trouble getting an AWS Org root account deleted (created by an employee who no longer works at the company). AWS sub orgs require you give the sub org a credit card, then close them independently.
Be sure to close the sub org first, then remove it from the root org. If you don't and don't have the root login for the sub account, you're going to have a bad time.
Even though I think story is fake I encourage everyone to setup their own mail server using Mail-in-a-Box [0].
You just need one VPS with public IP and domain name and it's fully automated solution that works great.
I'm not entirely sure what the user expected was going to happen. Unless I drastically misunderstand, NewPipe lets a user see YouTube videos with neither ads nor a premium account. Of course that's going to be a TOS violation.
Itt doesn't render the ads, but Google should have no idea how to associate the downloads with a Google account that it can punish. The fact that (the poster alleges) Google has managed to associate his account with his NewPipe activity seems draconian of Google...
Even without ad blocking, simply circumventing CSRF and hitting API endpoints is usually a breach of any TOS by itself, especially one that provides its own clients (or has occasionally refused to, see Amazon FireTV).
Those downvoting the parent, can you add to the discussion?
By API I don't mean published API. I mean it subverts the normal client usage and makes calls directly, masquerading as the intended client. Internal API if you will.
This pretty much is piracy - streaming videos without paying for them to the creators.
For some strange reason not paying for YouTube content and bandwidth seems to be just fine here on HN as opposed to doing the same on iTunes or other services.
For those reading the comments first and getting confused as I did: This is not about a NewPipe developer getting their Google account suspended due of a ToS violation (which would already be a disproportionate sanction, considering the practical consequences of the suspension). It's a NewPipe user getting their account suspended. It's like loosing access to your Google account because you dared use an ad blocker.
And NewPipe doesn't even link to the Google account, so it's not clear how Google made the connection.
Absolutely no proof provided, N=1 for popular youtube pirating app. HN bullshit sense seems to be turned off completely when Google is accused of something bad.
If the TOS said you were only allowed to view while wearing a top hat, it wouldn't suddenly be piracy if you watched it hatless. A TOS doesn't define the general usage of the term piracy.
If people trust some random internet Finn who provides no evidence more than they trust Google, who does Google have to blame for that but themselves? It's their own fault they've trashed their own reputation this severely.
252 comments, featuring a proposal to break up the company, based an anonymous internet comment with 0 evidence, and thousands of NewPipe using people with counterevidence.
This has genuinely scared me. As others have mentioned, I'm completely dependant on my Google for so many things. Is there any service out there that can fanout email received to multiple providers like Gmail or Outlook? It's not a great solution but helps with the vendor lock in.
Entire lives are wrapped up in Google accounts! They're used for administering other accounts, taxes and payroll, subscriptions, keeping in touch with family, photos...
This could easily ruin someone's life.
What the fuck, Google.
We seriously need to break this company up into its constituent pieces. This is beyond unacceptable.
If ever there was a clear case for breaking them up, it's this. An issue with Youtube should not impact all other Google services you're using. If they don't like people avoiding Youtube ads, I guess they're free to block their access to Youtube. But don't block access to Android, GMail, Docs and whatever.
But YouTube and Search ads are what pays for all of the other services...
If you really want to break up Google, people are going to have to get used to paying for a ton of other services.
I’m not saying this is wrong, but it will come as a shock to many people when they have to start paying for email again (or start seeing ads in gmail again).
Something like Gmail should exist.. everyone should have free access to a basic web based email service.
However, it shouldn't be a corporate product. It should be a public service, paid for by the taxes everyone already pays and regulated to ensure privacy abuse and productizing of the user base doesn't happen.
This is how things used to be done - when a new technology became important enough to society, it became part of the national infrastructure, everyone was guaranteed access and no one was allowed to profit off of it. That's how the original telephone network came to be in the US.
Gmail and other private services have been allowed to take the place of something the government should provide so someone can make money off it it, and it's open to abuse and inequity. Some services are important enough that not having them makes you a second class person.
Imagine how you'd feel if the US post office told you that you couldn't receive mail any more because you had an unpaid parking ticket in another city? That's not punishment, that's behavior control. Maybe the parking ticket wasn't fair, or maybe it was someone else with the same name as you, or maybe you had a legal, legitimate reason for parking there.
The US government is required by law to treat people fairly and protect them (to some extent). More importantly, public services are (in theory) controlled by the people they benefit.
Private companies are not, and private companies should not be allowed to provide critical services without regulation to ensure equal treatment for everyone and a means to contest the actions of the company for every user.
The US government is far, far behind where it should be as regards updating laws and services for the computer age. It's time to clean out the dusty, old computer illiterate career politicians and replace them with technically adept younger people.
>everyone should have free access to a basic web based email service.
>It should be a public service, paid for by the taxes
No, that would lead to even worse abuses.
Cf the present day Hong Kong protests, and Yellow Vests protests - in both cases, the government would use snooping power to spy on the communications, dragnet style. Anybody seriously suspected of partaking would have the account shut down. Since the account would be "the official one", that would most probably render them unable to access other major services, like banking, judiciary, or healthcare records.
Having a corporate steward of email is one more level of indirection. While imperfect, the corporations do put up at least a bit of resistance against governmental over-reach. Even just the fact of having to create, send & monitor official correspondence to demand snooping & take-downs is slowing down the snooping a bit.
Moreover, it would be highly probable the government would mandate a "real name" policy, or otherwise tie the email service to your offline identity. Cue the abusers by online platforms like Facebook & other advertisers.
Lastly, it's more feasible to compete with corporate services than with tax-paid services. And it's competition that drives innovation, quality increase, and cost reduction.
I think there exists now a very pervasive and worrying conflation of "public control" with "the government". If you oppose expanding the sphere under control of one, centralized power with no day-to-day responsibility before anyone, I am with you. This is why republican countries were established in the first place. But this doesn't mean that private, feudal and corporate power is the only other option. You can establish institutions that are elected directly by the people, and/or are granted strong legal immunity from demands of the executive branch etc.
Secrecy of correspondence is one of the basic constitutional rights in many countries. And also there is a public postal service almost everywhere.
>You can establish institutions that are elected directly by the people, and/or are granted strong legal immunity from demands of the executive branch etc.
Any example you could name would be highly contested as to validity of the claim.
Specifically, "elected by the people" doesn't grant any immunity by and of itself; you would need a huge public protest or other such expression of public will. You may still be ignored by the media, which prevents you from getting anything done[0].
On the other hand, "strong legal immunity from demands of the executive branch" would take a constitutional amendment; anything less can be rescinded with a simple majority vote or a judicial decision.
>But this doesn't mean that private, feudal and corporate power is the only other option.
You would need to create a very strong legal shield around such institution. Right now the government (particularly the judiciary branch) considers every private contract to be in its purview, with ability & willingness to void, add, or rewrite any and all clauses it considers wrong. Even institutions like marriage are subject to retroactive change of the original terms&conditions. Even the media, with its oversized influence through gatekeeping the political parties & candidates, is still bound by various regulations regarding falsehoods, besmirchment, etc., while at the same time tied intimately to their insider sources. About the only exceptions I can think of is the internal dealings of the churches, and the diplomatic matters [1].
On the other hand, any NGO is subject to the wishes of whoever finances it. Whether it is public donations or corporate sponsorship (or outright corporate structure); whoever holds the spigot of the money gets a say. Another important say is held by the media; with ability to either prop up or sink any NGO or public figure.
As of recent, the social media mobs seem to be gaining the gatekeeping ability just as well.
--
[0] quick examples of media keeping mostly quiet: weekly Yellow Vests protests, Paris, France, 45+ weeks; annual March for Life, Washington DC, US, 45 years.
>Specifically, "elected by the people" doesn't grant any immunity by and of itself; you would need a huge public protest or other such expression of public will. You may still be ignored by the media, which prevents you from getting anything done
I'd say if you are an institution established by public law, you don't need expression of public will for your normal operation. Or you need it to control you, not to affirm you. You just exercise your legal powers.
But I agree that my comment was abstract, and by the pervasive conflation I mean not only in common perception, but also in practice. What I have in mind as positive example is Tocqueville's "Democracy in America", or perhaps Switzerland as states deeply amalgamated with their populations. Anyway, if someone is strongly pro-government or pro-corporate, it's in their interest to present those as binary options. I think this should be opposed in principle, whenever possible, even if the present state of Western democracies is not that great.
> Cf the present day Hong Kong protests, and Yellow Vests protests - in both cases, the government would use snooping power to spy on the communications, dragnet style.
The USG has been working quite diligently on that already. I don't think there's any particular reason to believe it can't read (almost?) any email it wants to. Very few emails are encrypted and host-to-host encryption is optional anyway. Various providers that have tried to resist USG secret warrants have just given up because it's not really possible.
It's exception, not rule. Even if they want you to give name, it's not something available for others if they only have e-mail address (unless address contains name).
You've got to pay, normally; and usually the options are PayPal (or similar) or bank payment card (eg Visa/Maestro).
In the UK I don't think it's possible to get a credit/debit card without giving up name & address that are backed by ID.
Gmail, IIRC, requires a phone number, which again is tied to your payment account (if you buy it in the UK). Though you could buy a stolen pre-paid SIM, so it's possible if you're not bothered about being legal.
In USA I understand you have pre-pay credit cards you can buy in a shop, in the UK you have to register those (using a phone number IIRC, thus tying it to a supposed real identity) and they're really expensive.
And, once more: my previous point was that even if providers know your id, it is not public. There is no service you can use to ask what is name of e-mail address owner (I'm ignoring "whois", which is domain-specific, not mail).
I would gladly use a US government sanctioned e-mail service. The US government and its allies already have access to Google data should they desire.
I just would not use it for everything (not for criticizing the West; for that you could use a Chinese or Russian e-mail service). They can already snoop all the metadata anyway.
And to add to that public telephone service couldn't exist without a heavy public infrastructure investment in telephone lines, and continued support of that infrastructure.
The costs of supporting an email service are probably not great enough that government intervention is necessary.
> everyone should have free access to a basic web based email service.
Everyone with internet access already has free access to email and to any of several basic web based email services [1], but, to get that free access the owner has to be willing to host their own email server on their own infrastructure.
Email (as in SMTP email) is one of the original free and open protocols of the internet. No one is required to have 'google' to have email, although a lot of people prefer to 'let someone else handle the plumbing', which is ok if they understand the ramifications of that choice.
Note -- I am deliberately ignoring the sad fact that SPAM has made 'running their own server' much more difficult than it used to be for many. But a lot of that difficulty stems directly from allowing a single giant corporation to hoover up too much of the service, such that the single giant corporation has gotten big enough to start dictating terms to everyone else who is not part of their system.
[1] some examples (note: just found these via a search, no suggestion of good/bad is being made, just the availability for free):
It's really not possible to run your own email server and guarantee to get MS to accept your mail. Even on a well established ISP (yes with SPF, dmarc and such) you can get your mail dropped. Google have been tricky in the past for me too.
IMO it's really not a workable option, the administration is time-costly too.
I'm interested in this idea. How could something like this exist and be structurally independent from the USG to avoid all of the good points in the comments below this post? And while I think they are good and obvious concerns, they don't exclude future thought on the subject.
But what would this take? If there were municipality-owned servers that allowed for basic email how could abuse be prevented? Make it an open source project with public inspection allowed to prevent abusive manipulation of data? E2E throughout the system? What would this take? Someone has to have thought about it before.
> Better would be a standardized, secure public service to store and retrieve data on top of which any protocol could be built.
Sounds like a good idea. Do you know if any public entity has made an attempt at this space? I don't even know how to begin a search for this kind of work let alone if it exists.
I have a friend who’s trying to work with state governors (in the USA) to establish a block-chain where each state hosts one node of the network. But, I haven’t keep current with what he’s doing.
No, it doesn't. Slightly less than half of the discretionary portion of the budget goes to defense programs. The discretionary portion is only about 33% of the total budget, meaning defense programs take about 16% of the total budget.
That would be great, but it would suck and everyone would hate it. Also, you have merely traded the big corporation devil for the government devil. The best compromise is to have the market decide on the platform (for quality control) with some government oversight (to keep abuse in check).
It seems that a lot of problems regarding email involve a lack of transferability between providers, and I don’t think that having a government-run mail provider would adequately solve that.
Instead, maybe an extension of existing mail protocols to allow for updating address information would be better - for instance, mailing a deactivated address would give a special response announcing the change in address, so that information stored about addresses can be updated without user intervention.
Something like Gmail... I'm not sure if you mean by this; a multi-billion dollar tech stack built by the leading internet company in the world, securing exabytes of data for its customers with redundant backup, provided in hundreds of countries (and languages?), hosted across dozens of data centers, offering easy access through native apps on every dominant platform, with 5-nine availability,...
> [E]veryone should have free access to a basic web based email service.
There are two issues here, first is internet access and second is services available via the internet.
I think it is a great ideal to state that everyone in the world should have the ability access to the Internet in some form, with the ability to benefit from the online learning and communications tools it provides. Governments should use tools like spectrum licensing, and eminent domain to promote fair and equitable infrastructure deployments which provide reliable high speed access at reasonable prices to their entire population.
I disagree that government should outright purchase internet access for its citizens. The market for internet access is fairly anti-competitive already, government subsidies for specific levels of access work out poorly in practice, and tend to provide substandard service at above-market prices. This means the taxpayer loses and the citizen getting subsidized access loses. It works out better in theory and in practice to ensure your population has good paying jobs and can decide how they want to spend that money, including, whether they spend it on phones or laptops with LTE or wired internet access, which service provider they use, etc.
As to "free access to a basic web based email service" -- and to be sure, there's nothing "basic" about Gmail at all -- the amazing thing is that there are already a plethora of choices that netizens can make when setting up an email account, and many good free choices. Each of these free choices are usually subsidized either by paying customers of a premium offering, advertisements services with the email, or other services that the company offers.
What's great about this model is that companies are competing to provide the best possible email interface, at the lowest possible infrastructure costs to them, and attempting to offer such a great experience that they can ultimately convert those users into more frequent [paying] customers.
Practically everything about this model breaks down when you try to have "the government" provide the service.
> Gmail and other private services have been allowed to take the place of something the government should provide so someone can make money off it it, and it's open to abuse and inequity. Some services are important enough that not having them makes you a second class person.
Gmail and other private services paved the way by spending their hard-earned R&D dollars to innovate and invent new delivery models for these services. To be sure, this was a public/private partnership at the most foundational level (ARPANET) and it has grown to be perhaps the crowning example of what private industry properly supported by government research and hands-off regulatory approach can achieve.
> Imagine how you'd feel if the US post office told you that you couldn't receive mail any more because you had an unpaid parking ticket in another city?
That unpaid parking ticket will mean, in many jurisdictions, that you cannot renew your registration or your license, which means the day will come when you cannot legally drive. That's the thing with State control of critical services; the day always comes when they will use a big stick to make you comply with their demands, or they will take those services away.
Private communication infrastructure must never be directly provided by the government, most especially. I'm sure you've heard of PRISM, or how a secret court allowed the government to vacuum up call meta-data for basically everyone in the United States for a period of time. Maybe you've heard of "reverse warrants" where the government pulls geo-location data from phones of everyone in an area that a crime was committed to create a list of suspects. Just this week the Courts rules [again] that government has trampled on the Constitution in wide-spread data collection.
Do you suspect that government provided email services will be instituted with the best-in-class end-to-end encryption algorithms? Do you suspect those troves of emails in a government server will be protected by government employees from overly broad subpoenas? Do you suspect the government will hire the best & brightest engineers to constantly push the envelope of how those services are delivered and the features they provide? Do you suspect government servers will consistently run on reliable, cost efficient infrastructure?
> Private companies are not, and private companies should not be allowed to provide critical services without regulation to ensure equal treatment for everyone and a means to contest the actions of the company for every user.
Who gets to define "critical services"? Email didn't even exist as such a widespread part of our lives until private enterprise invested the hundreds of billions of dollars getting us to this point. Now that the ecosystem is established, you think the government should step in and strictly regulate it because a private company offering a private service terminated the account of one of its billions of users.
What else do you suppose is a "critical service" beyond email? Should we include cell phones? What about the news? Email seems such an arbitrary choice, but it is a great example to illustrate the dangers of this approach.
To switch back to TFA - and Google canceling this pour soul's account... What we don't hear about are the millions of accounts which Google terminates due to actual "valid" ToS violations. What we have is anecdotes, but what don't know are the true and false positive rates, or even the true/false negative rates of their abuse detection systems.
I believe Google needs to do a lot better with dispute resolution when an account is flagged for termination. This is true across their properties -- Gmail, AdWords, Store, etc. But I don't have the context & data I would need to pass judgement on the anecdotal failures I hear about semi-regularly.
I'm glad for the services that Google has created, because they push the whole industry forward in many ways, and they also provide incredible value for both users and Google alike. The ecosystem Google has created is an extremely impressive technological achievement, and the scale that they operate on is boggling.
The past is littered with failed examples of governments taking over and then failing to innovate or maintain an industry, whereas the examples of when government works side-by-side with private enterprise to create opportunities where the incentives did not align to allow a fully private solution are equally numerous. Government works best when it builds the roads to allow private industry to innovate upon, but doesn't try to build the figurative cars and trucks too.
>As far as cleaning out “old” politicians — that’s ageism. One’s birthdate doesn’t determine technical literacy.
Statistically speaking, it very much does...
Would you bet your money, when age is the only available information, that 1000 randomly chosen people in the 60-80 bracket would have equal or more technical literacy than 1000 randomly chosen people in the 30-50 bracket rather than less?
I figure that the problems with •-isms are mostly when:
a) there is antipathy against a group,
b) one falsely infers a causal connection from the membership in the group to the thing,
c) or the •-ism otherwise causes undue harm to members of the group in some other way (I guess this option is just a catch-all to make me not wrong, which suggests that my splitting things up in this way may be a mistake.)
We acknowledge that infants do not have the capability to competently vote, yeah? We have a minimum voting age requirement, which shows that we don’t find all action based on correlation with age to be illegitimate.
I think I am probably forgetting the original context.
Suppose that you are running a class at a local library on how to use some software, and you intend for it to be accessible whether or not the people attending have some specific background knowledge, but it is easier and faster if they do, because you don’t have to explain the background first. Suppose you also have a note sheet that you give out for them to take home in case they forgot any details. You actually have 2 versions of the note sheet, because one version also includes an explanation of the background information, and therefore takes more pages of paper.
Every time you run this class, you find that some of the people attending need the version including the background information, even if all of them are young, but you also notice that people over a certain age are statistically more likely need the longer sheet.
Therefore, when you know that a particular session you are running has a greater than average number of people over that age, you print more of the longer version of the notes sheet.
Have you acted wrongly in doing so?
Is doing so “ageist”?
I don’t think so.
I would imagine in such situations, that the people with the largest amount of background in the topic would likely also skew somewhat older, at least for some topics.
But, seeing as I forgot the context outside of your comment itself, probably this hypothetical is quite unlike the situation in the context.
Edit: Ah, the context was politicians.
Ok.
Idk how to apply this to politicians.
I suppose I am not especially concerned for the individual politicians’ interests, as, aiui, politicians in the US tend to be fairly well off, have enough savings to retire, etc.
Therefore, the goal should be primarily based on how the choice of politicians impacts the rest of the populace.
There may be issues where a way of choosing politicians could cause or reenforce harmful stereotypes that harm other non-politicians?
>Imagine how you'd feel if the US post office told you that you couldn't receive mail any more because you had an unpaid parking ticket in another city? That's not punishment, that's behavior control. Maybe the parking ticket wasn't fair, or maybe it was someone else with the same name as you, or maybe you had a legal, legitimate reason for parking there.
I agree that it's draconian and goes too far but government very commonly screws people over over minor things by using monopolistic behavior like this and there are many people (including many people here) that endorse it when it (dis)incentivizes something they want (dis)incentivized. Point is this behavior will not go away if you have a public email provider. The list of triggers just becomes different. What Google doesn't like is different than the US government doesn't like is different than... you get the point. You may at least get due process though which would be good but the fundamental "this person has offended our organization so we're gonna screw them every way we can" behavior won't change unless society demands it.
edit: I'd be interested to hear why everyone finds my opinion so disagreeable.
> People are going to have to get used to paying for a ton of other services.
I and a lot of other people are fine with that. Patron et al. showed that people are willing to support things they like. From podcasts to open source projects.
The narrative that the only way to have nice things on the internet is via advertisers' money is pushed by the advertisers themselves.
You can pay for it now? The narrative in this thread seems to be that people are being forced to use Gmail against their will, and paid options don’t exist, both of which are obviously false.
While strictly speaking you aren't forced to use Gmail, the reason i gave up trying to run my own VPS and mail server was all the little issues that caused people with Gmail to not ever receive (or receive, but in their spam folder) mail sent by me.
I have a few people donating money to me on Patreon so I'm not arguing against that. I'm just saying that the majority does not actually want to pay for things, but that doesn't mean people can't make a living out of the minority that does. That's not the topic of this conversation though (see the line you replied to).
So many false dichotomies in this and the sibling posts that follow.
Email existed before Google. The email services didn't all used to be owned and controlled by giants. Remember Hotmail and Yahoo Mail?
Email doesn't have to be a Government-provided utility service as another poster claims. It doesn't have to be free or paid. The market will make it work.
I think this distinction is a bit blurrier than you suggest. For my personal email I pay for and use Fastmail. I think it's a wonderful option and I'm more productive in it. However, when starting a new company recently, we ended up use Gmail because it's required for many SaaS tools. Sometimes you can use something other than Gmail, but it's painful, and in other cases you really can't at all. And that's before you get into the ancillary services like calendar and contacts -- very few tools working with either support either CardDAV or CalDAV.
> but it will come as a shock to many people when they have to start paying for email again
I bet people will prefer "need to pay" as a shock instead of "locked out" as a shock (with no option of getting your stuff back). I certainly would prefer the former.
Not True, Google is living in Tax Evasion heaven. Their company is so big that they can hide YouTube as one company registered in the US and ADs is some tax haven. You only pay the taxes that you want and can never be regulated. Being Free is not worth considering the amount of crap that they do.
>But YouTube and Search ads are what pays for all of the other services...
Then charge me 1-2$ a month for gmail access... oh wait I already pay for extra storage. I'm quite fine paying if it means that if for some reason I offend them and they decide to suspend my service that I have a window where I'm allowed to exit their ecosystem.
Remove my ability to send email, allow me to receive email and give me a 1 week period to export everything and change contact info elsewhere.
Its not yet known whether its true or not. There are no proofs in the github thread. He could at least post his google email so some google employee could check since this thread got heavily upvoted
I pay yearly for G Suite to avoid this issue by using my own domain instead of @gmail.com. If I ever had an issue I can change my email provider (also backup email regularly using Takeout or in the past using offlineimap).
Unfortunate that it’s necessary but I think it’s a good idea for everyone who can.
The person in the bug post lost access to their email address. Just think of how many services you have tied into your email address. How many of those accounts would allow you to recover without email access?
By having G Suite and your own domain, you get to port that domain to another email provider if something bad did happen with Google.
But how is that different from simply having your own domain and sending email for that domain to your GMail box, and redirecting it somewhere else once you need to get rid of GMail?
But how do you send email from your domain? Last time I looked (a few years ago admittedly) you could set a reply to address but your email still clearly came from your gmail address.
If you have GSuite you@yourdomain.com is your gmail address. yourdomain.com's MX records will be pointed to Google.
This is different to the various techniques, such as IMAP/POP and forwarding, used to get them@theirdomain.com email (actually hosted elsewhere) into a theirgoogleacct@gmail.com mailbox
I have it set up so that Gmail sends the mail through my domain's server. The <from> field is my domain address, and my gmail address does not appear anywhere in the header.
I've had it this way for a long time, but I believe it was optional and it's also possible to only read the mail from the domain but send it via gmail.
I'm not using GMail's web interface. My mailreader (Apple Mail) allows me to select from which address I'm mailing.
Admittedly this doesn't work from my mobile GMail app, but I don't send a lot of work-related email (which my alternate address is for) from my smartphone.
Admittedly I haven’t used gmail for years now but from what I remember when I used to do this this is half right. If you change the From address in gmail, it will add a ‘Sender:’ header with your gmail account on it. Some clients will show that combination as the email being from ‘X on behalf of Y’ where Y is the from address and X the sender address and some will send replies, especially bounces, to your sender address. It may also set off some spam traps. I think it might also have required some form of verification that you have access to the address in question.
If you want to send from a different address without the sender header being set to your gmail account, I think you have to have Gsuite.
I just looked at the headers from some emails I sent this way. My gmail address does not appear there and both the <From> and Return-path are my domain address.
Thanks. Looks like they fixed this quite a while ago and now either you can verify an account after which it will accept your From header (and the web and app UIs let you select that) or, if you haven’t verified the address then if you send an email through their SMTP servers it will rewrite the From as your gmail address and sets a new X-Google-Original-From header to the address you put in the email originally.
You have to have added the other email addresses from your Gmail web page first, under Settings, Accounts and Import, Send Mail As. It will ask you for the server address and credentials etc.
Then when you compose a message from either the website or the Android app, your From address is a dropdown containing the addresses you set up.
You can't afford the Lamborghini? Here, try this Fiat Panda. They're both Italian cars!
Hyperbole but not by far. Google's filter is trained on billions of messages a day, tuned by their own systems and by other users. It's the single best selling point for hosted email. Nothing compares when you've got that sort of volume.
I've had about three spam come through in the past year and they've all been personally addressed, non-bot but unsolicited marketing emails. I have three catch-all domains in this account.
We used to run our one domain through a passthrough service (at the cost of hundreds of pounds a year). Gmail was always right, easier to correct and by the point you're paying per-user (not per address), much much cheaper.
I'm assuming to use all the google apps like Gmail. But in the case that Google suspends you, you can redirect your mail elsewhere and not be locked out from any other accounts.
You normally have an admin super user account as well as your normal one. The admin account can do anything to the normal account. Also has access to support, which is pretty quick.
I used the G Suite basic account in the past ($6/month), I was able to get a support ticket responded to within 24 hours. The issue got resolved by someone before their support team responded to me via email, but I was still happy an actual person got back to me.
It's been said many times before, but it's best to pay for stuff, even (and especially) when you can get a good product/service for only ~$5/month.
I realize I've never checked if my Android GMail app supports using my other address as the From address. I guess it doesn't.
I don't use GMail's web interface but prefer an actual mail reader which has no problem with using a different address. Maybe I should use an IMAP mailreader for GMail on Android as well.
You have to use the Gmail web page to set it up, but it is possible to use the Android Gmail app to send from non-gmail accounts. The 'From' field becomes a drop-down allowing you to choose from the accounts you have set up.
If you have your own domain name for your email, you can point it at any host's servers. Google in the case of Gsuite or Fastmail or Pobox or anyone else.
If you have regular backups, all you have to do is change a DNS record to switch to a different provider and you shouldn't lose any email in the process.
This is what I and many others do. I have had the same email address for ~20 years and have had it hosted on at least a half dozen providers over that time with no loss in data.
not the person you're responding to, but I have G Suite and I have my domain pointed at Google for mail. If for some reason Google came down hard on me, I could login to Namecheap and setup email to be handled by another provider (Microsoft, ProtonMail, whoever). So if someone emailed me at my email address, the only gap I risk is between the last time I read my emails and when I setup the new provider. Added bonus, "forgot password" on various sites will continue to work at this stage and I don't have to mass email people that my email address is now name@domain.tld.
I certainly don't wrap my life around my Google account, most of my important accounts have secondary emails tied to other service providers and other means of contact that Google has no control over (yet).
I'm always amazed at how quickly people jump into these massive corporate product/service ecosystems gung-ho as if we haven't learned anything about large business behaviors (including technology companies) over decades and decades of history.
You should always remember that a business has one goal: to make money for its shareholders. Anything and everything else is a side effect, so if you can forsee any goals you have utilizing a business product/service ecosystem not in direct alignment with a specific businesses' shareholders' interest in profit, then you should hedge your bets and have backup plans if you interconnect important aspects of your life with that business.
To me, this includes career paths which is why it's always fun to see businesses get heavily entrenched in AWS or some other ecosystem when their needs don't even require the benefits AWS actually provide. I'm singling out AWS because that's the case I'm dealing with on current projects at a current employer but it applies to any similar ecosystem.
The issue is that this massive corporations are buying stuff left and right. Google,Facebook,Microsoft are buying things left and right and you are forced(or tricked with dark patterns) to link your Google account with your YouTube account,your Skype account with your MS account etc.
This companies should not be able to suspend your account for everything, if my son broke some TOS rule on my console I should not have to have access blocked to anything except online gaming, my emails. my phone , my apps should still work.
It’s not just TOS violations... I can’t get into my google account because they locked my password and don’t recognize any of my current devices. The account isn’t even suspended, they just have no support team so I can’t recover my account in any “algorithmically approved” way.
Btw. what usually works is just giving them a phone number, ideally a number that is associated with with one gmail account that is still in good standing.
Which of course completely defeats the "security" of this "security feature", but that's probably not the point of it anyway, they just want your phone number for meta data collection.
Alternatively, one should probably break up one's interface to Google into a personal Gmail account and a professional Gmail account.
I don't disagree that Google could do a better job firewalling TOS violations in one service from blowing up all your interaction with Google, but in the short run, defense in depth.
Until you link them in some way, in which case Google might suspend the linked account too. There are some nasty stories about those things going around.
I've heard from one Android freelancer developer, that he creates pristine VM for new project, uses it via VPN, creates new Google Account, uses it only inside that VM and does not use that VM for other tasks, so there's no correlation between his accounts.
Technically they're already linked - it's an android, it can query the bluetooth mac address, the wifi mac address, the hostname of the device and the serial number / imei / esn of the device.
There's no "unlinking" it unless you manually modify the serial numbers on the device, which is possible, if you have qualcomm diagnostic tools (QPST/QXDM) and are able to communicate to the modem softband directly.
That's generally true, and the solution is to avoid linking them.
It's a rock-and-a-hard-place problem, since the most common scenario Google is dealing with is criminal enterprises trying to obfuscate their activity behind dozens of "independent" accounts (so of course they have to try unifying accounts). But this is analogous to the scenario one deals with separating concerns when forming an LLC; you keep your work and personal stuff separate, including finances and capital (i.e. don't do work stuff on your personal computer; that's riksing having your LLC status collapse if someone has occasion to sue you).
This will not work. There are stories of entire companies being locked out of GSuite because one of the admins got their personal account locked out for a spurious reason.
I just discovered a mission critical bug in their 2FA flow as well. Gist of it is if you switch phones, verifying the new number, it still prompts to the old number. You cannot login to update to the new number, without the old number. It then locks you out of your account for hours.
The kicker is I am authenticated on the new phone! But cannot make changes because of the 2FA bug. So at some point, randomly, it decided to revert to an old phone number. Even though I am certain I disabled it!
I feel even submitting a detailed report, it would take quite a while to pierce the layers of bureaucracy and come into contact with a technical human that can diagnose and understand the nature of this issue ;(
It's entirely possible the banning had nothing to do with NewPipe. No other NewPipe users seem to have had this issue. But of course it's fun to yell at Google.
We know nothing about this person. Isn't it very possible he was actually violating Google's terms in some way?
As has been proven by other companies recently, so long as there is a "catchall" clause in the terms, anything you do has the potential to be against their terms.
All you can ever really do is hope to not be caught up in something Google (or its bots) considers "bad".
EDIT: A few catchall terms from YouTube's TOS:
"YouTube may, in its sole discretion, modify or revise these Terms of Service and policies at any time, and you agree to be bound by such modifications or revisions."
"You agree not to access Content through any technology or means other than the video playback pages of the Service itself, the Embeddable Player, or other explicitly authorized means YouTube may designate." (There go all New Pipe accounts)
"YouTube reserves the right to discontinue any aspect of the Service at any time."
"YouTube reserves the right to decide whether Content violates these Terms of Service for reasons other than copyright infringement, [...]. YouTube may at any time, without prior notice and in its sole discretion, [...] terminate a user's account for submitting such material in violation of these Terms of Service."
I find that to be a possibility too. If none of the other newpipe users in the thread got suspended for "using 3rd party app outside of Play Store to go around Youtube ads", chances are newpipe isn't on the app blacklist.
It might also be possible that someone was violating terms while imposting as the user in question using snooped access tokens or whatever. There won't be a trial where the reason might come to light.
With so much tied to a Google account, there should be some means of dealing with it. With this person being in Finland, they should have some means of at least extracting all account data thanks to the GDPR or other protection laws.
Except that, if your account is cancelled, the datas are deleted (or should have been)... so there's nothing to download, even from a GDPR point of view.
So the probleme to be able to use that GDPR feature... is to still have an account
Is there a way to get your data out if your account is suspended? In the very least there needs to be some recourse and a way for users to export their data if their account is suspended.
I'm aware of the threat of Google's decisions and moved the bulk of my email onto self-hosted. Quite the learning curve but a valuable exercise. Then I did a takeout and dumped it all into <a href="https://notmuchmail.org/">"notmuch"</a>. I can search old emails in seconds.
If you live in the EU you could threaten them with GDPR, also you have a right to not have decisions made by algorithms without recourse. If you live in US you are pretty much fucked.
GDPR requires them to answer your request within 30 days. They are allowed to give you your data as it appears when they process your request.
Google's policies, as required by their privacy policy, are to delete all data associated with a suspended account in 30 days.
That means any GDPR request submitted after the account is suspended will be responded to on the 30th day, and the response will be "we hold no data about that account".
> We should be able to port emails like we are with phone numbers.
We already have that if the e-mail address was "yours" to begin with, you can buy domains and keep using e-mail addresses pointing to them, moving to whatever e-mail provider you prefer this decade.
From a consumer perspective the phone number model is much more usable though. You buy the service from a carrier but you can still keep your number when you change carrier due to it being regulated. No need to buy phone numbers separate from the service.
Those hundreds of millions of users would not switch providers anyway. Breaking protocols that lasted for decades for the sake of achieving nothing seems like an ineffective reaction to stupid corporate policies and a total lack of customer support.
You're speaking from a position of knowing how the technology works and understanding how difficult this would be to implement.
But your attitude seems to convey that you find this behavior acceptable.
The majority of people don't have the tech know how to do what you're saying. Are we to leave them unrepresented and vulnerable? How many other people has this happened to that haven't been able to file bug reports on Github?
The solution here isn't a fine. Companies just laugh at those and continue on with business as usual. The real fix is to take Gmail (and the domain) away from Google.
I'll be voting for legislators with the nerve to do this.
I must assume that you built your own cell phone, erected your own service towers, wired them to the rest of the grid, and have service agreements with other providers allowing you to connect @josteink's homegrown phone network to everyone else.
What natural monopoly? I have a choice of mobile phone service providers, so you can’t have meant that. If any of the phone companies had made themselves free, I’d ask if they really had a viable business or if they were instead trying to undermine any potential competitors in order to create a monopoly.
The US has 4 mobile network providers. Sprint is useless, Tmobile is okay in certain areas, but really, the 2 with nationwide coverage are ATT and Verizon. In my experience, Verizon coverage is more solid than ATT, but in general these are the 2 networks that provide the most comprehensive coverage.
A natural monopoly exists anywhere there are extremely high infrastructure costs, such as running pipes and wires to every home. The same thing exists with mobile networks, as it requires towers everywhere.
> You have no ownership claim to the domain gmail.com. You are merely renting it, and for free no less!
Irrelevant, and also true of phone numbers (not accounts, numbers).
> Stop acting entitled. If you want ownership, the option already exists, and it’s easy: get your own domain.
You and I can do that easily. Doesn’t mean other people can. Division of skills and focusing on what you’re good at is a foundational principal of our global economy.
On the other hand, making a thing available at below cost so as to push the competition out of business sounds to me like an “unfair monopoly”.
This is one of the reasons why I ditched google, especially gmail a few years ago.
Yandex, pretty decent email web interface, and I can have my own @domain.com emails for free, if I ever need to move away from Yandex I can do so without telling everybody I "changed my email".
But I doubt Yandex will ever "inspire" me to move away form them, I think they dont even think of me at all, unlike Googles algorithms.
I don't disagree but it's not just Google. Apple is doing the same thing. In fact agressively with their new login system that they require that if you support any 3rd party system you must support "Sign in with Apple"
AFAIK Google has no such requirements for apps on Android.
As more and more people use "Sign in with Apple" it will end up being the same issue. If Apple locks your account they'll ruin your life.
I generally use neither. I don't sign into things with Google nor Apple nor Facebook. The exception is I do sign into a few dev related things with github but only of they are related to my github account (example, Travis CI). I also have my own domain as I learned the hard way in the 90s that losing your email address to your ISP is no fun.
An app that exclusively offers third party sign in.. not all apps. Apple is forcing choice: it isn’t going to allow an app that only allows Google for sign in (and not email.) That’s a win. Apple is saying that you can’t only offer Google sign in. If you allow standard email/password you don’t have to allow Sign In with Apple. Apple says: “either allow normal sign in or, if you only allow 3rd party, then one of the choices should be Apple.
Basically Apple says: you are required to offer choices and you can’t force users to only use Facebook/Google. A big difference and a big win for choice.
I agree that maintaining some independence from a central provider with little accountability is a Good Idea(tm). But Apple is far less dangerous than Google. Partly because you're actually a customer to begin with, rather than just a data source. And partly because there are well-known ways to get ahold of humans at Apple, one of which is to walk into the local Apple Store.
What I find most ironic is that outside of Search, Youtube is probably the least linked Google service to your account that springs to mind. Ban your account? Private mode and/or VPN and you can access YouTube again. Can't get the curated lists thing that your data can provide, but you can still access the site.
Whereas Drive, Mail, etc. are all deeply connected to it. So seems the punitive measure is specifically setup to have the most impact on you. Within their right, granted, but I feel for anyone who shares a device with someone who wants to circumvent ads in YouTube while they're logged in as they could be the person punished for reasons they don't understand.
Completely agree. Unless Google can assure some amount of access to accounts, even in cases of potential abuse, the behemoth threatens to destroy lives with ever scratch, sniffle and scare that it gets.
Unfortunately this will not work. Google must stay until lawmakers figure out all the walkarounds company can use and close all the loopholes. One by one, law by law. Or there is going to be another google company stepping the same steps.
But this is just the beginning. Cloud is next, raising prices, preventing people from leaving by crating apis you cant simply rewrite... Mainframe history all over again.
(disclaimer: googless for a decade, once I prediceted where this is going I became completely self hosted, learned to build my own roms without gms etc. Today is much easyer with microg, newpipe, aurora, apktool, ... On the other side, people are less and less knowlidgable as a result of helpers from companies and dependant to them. I am eager to see how this will end)
Hey, it's really easy: do not rely on a Google account. There are choices, and it's your decision in the end. Google is actually rather clear in the terms of use that you have no rights whatsoever and that they can use your data for training their algorithms.
I was more thinking of a kind of "Right to keep at least a basic service"... a bit like a kind of GDPR
ANY identity provider (meaning email, facebook, ...) can terminate any account BUT MUST provide a temporary (maybe 1 month) minimum service (maybe only replying to incoming emails for example, with a cap) to allow identity migration out of the platform... because identity can't be owned by anybody.
It doesn't need to apply to ANY website, ONLY to website providing some identity service (like email or auth provider).
And this could be quite a simple law. It wouldn't forbid the website to cancel accounts, only would they have to give enough time and functionalities to properly manage the cancellation and its impact on the user digital life
I have been using email and password instead of Google SSO for a while now, never been fan on concentrating so much power on one single company, who just proved to be unreliable.
It's harder and harder, Sign-up UIs are hiding it. Sign-in with Google or Facebook is really the norm nowadays.
It is possible to not use google for payroll, subscriptions and keeping in touch with family. That people allow Google to have prongs in every aspect of their life — that’s on them. Just because Google enables you to put all of your eggs in one basket doesn’t mean you should.
I wonder how decentralized Google accounts were before the Google+ unification process. Funny that management of that project is still having long lasting negative affects!
There should be a law like GDPR that forces them to justify account terminations, provide feedback, and even be sued for doing so, whatever their EULAs saw (and make that part illegal to enforce).
If losing access to Google would ruin your life I’m pretty sure you’re doing something wrong. To be sure, many don’t have the knowledge to put in place fallback plans. But if you think that about yourself you really ought to do something about it.
While I have no idea if the original github comment is real, I have wondered what I would do if Google decided to shut down my Google Voice-then-Hangouts phone number. I mean, I've experienced the loss of Reader, and others have lost beloved services in the past, so it's not like it seems completely incomprehensible.
As an American living in Europe, the Google Voice number hugely makes my life easier (give GV# to bank, to friends, etc). Being able to call and text to the US for free on wifi or using a little bit of my own plan data is so very nice.
I don't see anything there actually indicating that this is a troll attempt. It seems like people there are just discussing and speculating about the github issue like we are doing here on HN.
For this and other reasons, I don't use my Gmail account for any sort of long term storage. It's not sometime I own. I could be locked out of it, and lose a lot.I try to keep fewer than 30 emails in there at any given time. When my life is going well and up to date, I make sure to keep it at zero messages.
So surprising, because, let's face it, Google is the paragon of reliability and trustworthiness and has never done anything like this before. I really do wonder why not more people base their entire well-being, health, life, wealth, not to mention their very existence, on the whimsical good-will of Google.
Sorry this happened to you. It is a nightmare to think of losing an account on a platform with little customer support.
I try to use my ProtonMail account for friends, family, and important business email. I do use gmail for stuff like travel reservations and as a junk email for registration on sites I don’t much care about.
People give Google too much credit. It was never a good idea to give them so much undeserved trust with your personal information. They are an advertising company, and should be treated as such.
Move your account(s) elsewhere because they are ephemeral and untrustworthy.
whats most surprising to me is that no big companies has a workflow for putting everything public in regard of the account suspension.
i.e. something like replacing every logged in view with a consent form akin to "i hereby permit google to publish the reasons why the account was terminated"
every claim and bad publicity like this would end in "use the consent form", which i doubt basically anyone would use... but would still destroy the legitimacy of these claims.
its probably for liability reasons, which i still don't understand... how would they be held liable for terminating a service offered for free? i just cant comprehend it. but i guess thats just my insufficiency
I wonder whether paying for multiple Google services (e.g., Google One, Google Cloud, having a Pixel), increases the odds of being able to speak to a human and get the account reinstated or at least be given a reason?
Well that's terrifying. I always ensure that any third party YouTube apps I use are only logged into a secondary account but it seems like Google went searching through his phone and burned every account on it.
A few years ago, I lost my primary Google account to a mishap with two factor authentication.
It was a stupid mistake on my part. I didn't save any of my backup codes, and then ended up doing a factory reset on my Android phone. Well, on a fresh device, I no longer had the Authenticaor app that spits out the 2FA codes. And that was all.. she... wrote.
My primary e-mail. All of my play store purchases. Everything... gone. I tried the accounts recovery process. Followed everything to a 'T. Even directly identified recent e-mail in my inbox as they asked. But it was not sufficient, and I have never been able to get it back.
I'm not trying to protect against a governmental entity, so I'm happy to use an US based provider. I provided the extra info in case any US provider requires additional steps for non US customers.
I've been extremely happy with zoho.com for all my business email. If I had any problems with Gmail I'd probably move everything over, but if there's one other service I'd recommend it'd definitely be Zoho.
Woah that is so enormously stupid. I never watch a single ad (granted, I use laptop) and have never gotten into trouble nor plan to stop blocking the ad.
You can’t trust google with you’re data. Even if they were well intentioned that doesn’t make sense but not only with they just dump your stuff on the floor because someone else told you to, they’ll do it if they decide they just don’t like you for some random reason and there’s nothing you can do about it.
Go get a droplet or a shell account, make sure it’s backed up automatically, and keep your stuff there.
with how much of the Internet relies on giants like Google and others as an identity service, it is worrysome that a minor infraction like this can lead to be locked out of your emails, apps purchase, and files.
My thoughts now: one of the reasons I use NewPipe is because it have no need for Google accounts (i.e. correlation to emails, no tracking of data gathering).
If evilG banned an account, it means the event that triggered it was a correlation between YT usage and IP addresses. Interesting.
Doubtful, the youtube-dl python library is used by thousands of people and sites to download youtube videos and while API changes break it often, I've never heard of anyone getting their IP banned or an associated account banned from using it.
Even though I have Youtube Red (through my google music subscription), I watch most of my Youtube videos through mpv which uses youtube-dl to download the videos. There are no ads and it requires no account to use yet I've seen no reports on their bug tracker of getting banned.
Has anyone Wiresharked the data that is sent when NewPipe makes a video request?
I wonder if it's leaking things Google could use for correlating signal (IP address is an obvious one, but I wonder if the phone is sending IMEI in a header, or if YouTube is setting a cookie / using a storage API that NewPipe honors, but then that cookie / API tag is also readable from the browser when the user uses their regular account).
One feature NewPipe has is to import your list of subscribed channels, after you've exported the list from YouTube. So if a NewPipe install queried YouTube to "give me updates for the following channels", YT could "fingerprint" which account the channel list came from. And match the IP of these NewPipe requests to the IP of the account (since the GMail app would also be talking to Google from the phone), and Google can be certain it's the "abuser".
NewPipe is free software so I don't thing it will be able to send some covert information (even if the author is attacked /compromised).
Android is designed to not allow an app to read information from another one, so it should prevent the second scenario -- except that Google has root-level access to our phones so it can spy everything anyway.
NewPipe's free-software-ness is less relevant if it's relying upon OS-supplied APIs to send network requests and nobody has Wiresharked the output of those APIs.
For example, if it's fetching data from YouTube via a WebView, the HTTP requests made to the server will carry all kinds of cookie state and enable all kinds of APIs that can be used to tag a client in a cross-session fashion (though I don't personally know what WebView's state-sharing model is).
Remember, the security model for web sites isn't "app"-based; it's domain-based. Hypothetically, if YouTube were setting a cookie via NewPipe's interactions onto the youtube.com domain that says "Hey this user-agent used NewPipe," then if some other piece of Android (such as the browser) were sharing the same cookie jar, it would vend that cookie back and Google could correlate it to a logged-in user. The question is whether the cookie jar gets reused.
If Google is providing an API to easily download things through (e.g.) HTTPS, it may also intercept and poison these requests when they are directed to one of their services and get some extra information from it!
Soon in a theater near you: Google account blocked for using uBlock origin or jsblock. Citizens shall not opt-out of being relentlessly bombarded with advertising on penalty of digital purgatory.
I migrated to Fastmail (it's a one click to import all the mails) and bought an own custom domain + set up IMAP from gmail to fastmail. And I bought an iPhone. I don't have a need for a Google account anymore.
so it's an app that lets you watch youtube without using the youtube app? I don't get on what grounds can google ban you for this - esp. if you could very easily download youtube videos using youtube-dl...
Why not use firefox, and install ublock origin to block the ads?
According to GDPR I think he can still request data that Google collected about him. Also as per GDPR he can request to delete all data about him and open new account with same username. Google must comply with EU law.
These huge TOS agreements are akin to governmental authoritarian control. Everyone has broken something in them, we are all a criminal. Knowing this, we all live in fear knowing that it's not a matter of 'if' but 'when' the government/corporate overlord can cancel everything we've been working on or living for because of an obscure clause that no one has ever read, which was created for this very purpose.
> ”because of an obscure clause that no one has ever read, which was created for this very purpose.”
I don’t like that OP was locked out of his email.
But besides that, it’s not as if he broke some obscure TOS clause. He actively subverted the company’s revenue model to take its product for free. That’s about as obvious as it gets that you’re risking being blocked from a service.
Google linked the usage of New Pipe with the Google Account (despite the person not being logued into their account in New Pipe) and blocked it from all Google services.
Imagine you using adblock in the CNN website without being logged in and they block your access to all Time Warner services (for example HBO).
That sounds like it could only be a good thing, to help you free yourself from the intellectual pablum and misleading narratives they produce. I for one encourage these companies to ban all of us from everything, the sooner the better, so we can be effectively galvanized into making real alternatives instead of the Tivoized bullshit Android has become.
Legally? It isn't really. (Your question was rhetorical, wasn't it?) Sure, maybe courts could separate these two issues on other grounds (such as using a side-channel for banning people based on the mere existence of an ad-blocker versus detecting the exact instance of blocking the ad from showing/playing somehow) - but from the point of the ToS, it's a clear deal. You get to access to YT but you have to watch ads. No ads, no YT.
That said, fuck that. It's not like people haven't been subverting ads for ages. (From the simple pause recording when the ad starts, rewind just a tad bit and resume-recording when the movie continues to Pi-Hole and Blockada on Android.)
pretty sure even with my adblocker, I still see the "watch 5 seconds and skip ad" ads. May've configured it that way, not sure, been a while.
But to your question, if the ad blocker is subverting the company's revenue model and they can detect it, you risk the company blocking you. Per the Issue, it looks like the service that is there to scan for bad actors on your device may've picked up that NewPipe was installed on their device which may've caused them to look (speculation on all counts).
It does seem similar. If you don't want to see the ads, don't use the service.
I don't use an ad blocker, and if I don't want to see ads I pay for the service, such as with Reddit, Ars Technica, Windows Live Mail, Netflix, and YouTube. Technically, I quit Netflix once they started showing me ads, even though they were for their own shows (general dark patterns were the more significant factor though).
Where do you draw that line though? If I take steps to ignore/block ads that don't involve software -- like muting during ads or flipping the phone over -- am I subverting the company's revenue model? How much do I need to "see" ads?
A very good question. Muting a TV seems OK on the surface to me, but only because it is normal to me. When actually thinking about it, I realize that muting TV ads is similar to web ad blocking.
So in principle I would have to say that one shouldn't mute TV ads, or skip them using +10 second buttons. Of course I will not always live my life up to that principle...
> It does seem similar. If you don't want to see the ads, don't use the service.
That just doesn't make sense. Not using their services has zero advantages compared to blocking ads. But by using them, you raise their costs, making their business model less viable.
> I don't use an ad blocker, and if I don't want to see ads I pay for the service, such as with Reddit, Ars Technica, Windows Live Mail, Netflix, and YouTube.
By paying for services, you show that you have disposable income. You cannot escape ads that way except in the short term.
And given that emails are akin to a home address these days, you can be locked out of your entire life. Google can wipe a person off the map. Bank accounts, health care, billing, everything is tied to email accounts and phones tied to google accounts.
Google isn't nearly old enough to have the vast web of cross-contradictory regulations that a government does. I sincerely doubt most users even interface with it enough to risk violating the TOS.
I hope I will never have to go to a country that is so badly run that a private, non-democratic company without any rule of law and a customer "support" bureaucracy that could be greatly improved by making it kafkaesque looks good in comparison.
I see this meme a lot on the internet, especially when the US political justice system comes up lately, and it shows just how little our generation and younger care about how government works, is intended to work, and what to do when it doesn't work, the latter point being the most important. Going to social media and complaining, for example, is a good example of what not to do.
The control is only authoritarian if those being controlled by it have no recourse. As applied to governments, authoritarianism has strong central power and limited political freedoms. In the US, we believe in the principles of limited central power, and many political freedoms. (Whether or not this is the situation depending on who you are is the topic of another day because this is how it should be, and the only way it may have become not that is if we have allowed our complacencies to kick in and allow it to happen. I am a firm believer in the concept of "people get the government they deserve in a democracy." ) Ultimately the governmental authoritarian control is beholden to the people and can be eradicated. The only reason we feel as if it can't be is because we have allowed the power to creep up over the years and it seems like an insurmountable mountain, but rest assured if you pick up that pick axe and start chipping away rock by rock you absolutely can tear it down.
Likewise, authoritarianism applied to a corporation implies strong central power, and limited consumer freedoms. This is also patently false in the US. The US has anti-trust laws to prevent centralized control, consumer protection agencies, and the free market. The consumer ultimately always has the freedom to choose another option. If the corporation loses too many consumers, then the corporation goes under. I understand there is a lot of nuance, but this is the basic principles of how things should operate in this country, and the mechanisms for things to operate are in fact there. The question then becomes what are it's people doing about it?
> the only way it may have become not that is if we have allowed our complacencies to kick in
Just wanted to observe that this belief presupposes the US ever lived up to the principles you outline. US history shows that the country has never quite lived up to its touted values.
> The US has anti-trust laws to prevent centralized control, consumer protection agencies, and the free market. The consumer ultimately always has the freedom to choose another option.
Those are called "election". The entire idea of an electoral democracy is that you have them once in a while, so the government stays aligned with the public wishes.
I got my whole Vimeo account suspended by some script that had the impression I was violating some of their ToS. I just uploaded 3 demo videos of an app I created. Then they told me I should click on a link to contact support, where they told me I have to log in to contact support, which I couldn't do because my account was shut down.
I just released a blog article that needed these videos, so I didn't have any time for these things so I quickly uploaded the videos to Youtube.
I mean that was just a small account with three videos, but they simply nuked the whole thing. That's just crazy.
I don't think I'm save at Youtube either, I just didn't have a better idea at the time.