Hacker News new | past | comments | ask | show | jobs | submit login
Unable to deal with Chrome Extension Team, Kozmos is shutting down (kodfabrik.com)
1178 points by roadbeats on May 23, 2020 | hide | past | favorite | 513 comments

I definitely feel for the author - the Chrome Extension team has been growing increasingly developer-hostile recently. My own open-source extension HabitLab ( https://habitlab.stanford.edu/ ) that I've been maintaining for the past 3 years is going to be removed in 2 days (got a 14-day removal notice for permissions even though all permissions it requests are used and needed, and every update I try to submit is rejected by their system after about 3-4 days) and I feel utterly helpless. It's only used by about 12,000 users so unlike PushBullet I probably don't have the visibility to get a human to intervene, so will be going the way of Kozmos most likely.

Dealing with Google these days seems a lot like dealing with an authoritarian government. To operate safely on Google's platforms, you need a friend who works at Google who can vouch for you as their over-eager police keep trying to put you in jail.

I'm not sure how this would work legally with employment contracts, but it would be worth it to get your employees hired at Google so they can professionally execute that role for you. We have joked before about not poaching friends from Google since they are more valuable working there than at your company.

Ah, this might seem like a joke but it's true.

I was part of a student association when I was an university student.

Part of the activities was to host gnu/Linux courses record them and upload them to YouTube.

One day, out of the blue, the channel goes dark and nobody knows why.

We all panicked. We had received no warnings and there was no way to appeal.

In the end, we asked some former students that were employed by Google to pull some levers internally, and we managed to get our channel restored.

This is bordering on dystopian monolithic megacorp nightmare.

Ugh. We get the cyberpunk dystopia but we don't get the cool cyber-limbs and neural AR interfaces.

Worst of both worlds. Can I get a refund?

All of the dystopia, none of the cyberpunk. Instead we get a business services dystopia. Spreadsheets are the last refuge of the BS Underground, fighting for their right to maintain their email inbox and browser extensions, while risking all revenue to MonoCop.

And its one of the reasons people should stop using google products, or it will get worse.

I am 99% on DuckDuckGo and other search engines, Firefox (which is great), Lots of mail providers these days which excel on every front, lots devtools that don’t need any Google infrastructure,

I really hope one of these days we get a message from Google (btw Google is really the most faceless organization out there, I really need to think hard to give you any names) that they will change their tune, but until that time, its best to leave.

Yup, DuckDuckGo's been my default browser search engine for quite some time now. I'm quite happy with the results. I'm reaching out to google.com less and less every day.

The last straw will be abandoning Gmail :)

I don't if this will help you make that decision, but Fastmail's alias system is a godsend for me when it comes to filtering incoming emails and protecting myself from spam.

With every account you get a finite number of aliases you can create, but in practice that number is high enough that I just use a new alias for every site I visit.

Unlike in Gmail, these aliases don't contain any references to your original address. So if you're signing up for a dogwalking service, you can create an alias for `ilovewalkingdogs@fastmail.com`, and then if you start getting spam to that address, you know where it came from, you know that there's no chance your real address will be reverse-engineered from your alias, and you can auto-reject or sort everything to that address into a separate folder without affecting any of your other emails.

I have separate email aliases I distribute to friends and family members so that if I ever run into a doxing situation or for some reason need to go nuclear on my email, I can turn everything off except for them. I also have my email linked to my own domain of course, but when I sign up for most commercial services, I use @fastmail.com aliases. That way I know that there's no way for those services to track me across accounts/websites via my personal domain name.

And everything gets organized in the same inbox, same account. I consider it to be a killer feature.

I don't want to spoil any joy of yours but this is in my experience pretty standard with most email providers.

With some you can do the + trick (which gmail probably still does) but i just have my domain as catchall and it works pretty great with blacklisting.

The reason Fastmail's feature matters is specifically because it's not using the + trick or a catch-all domain. They're 'real' aliases, not just Regex filters or wildcards.

If you're using the + trick, you haven't gained any privacy, because I can strip the + and get your original address.

If you're using a catch-all domain, you haven't gained any privacy, because the domain remains a unique identifier for your all of your accounts. It's good for organizing, but not for privacy, because you're still publicly attaching your identity to every email you send.

With fastmail, I don't need to do myaddress+walmart@fastmail.com or walmart@danshumway.com. I can just do walmart@fastmail.com. That's a really large privacy win, since it gets rid of one of the biggest and least regulated unique identifiers that services can share with each other.

I don't know if other providers like Outlook are also offering 'real' aliases. I'm happy if they are, I think this should be an industry standard feature. Either way, switching to any provider does will be a pretty significant feature upgrade over Gmail, even if you're currently using a paid Gmail account with your own domain.

I see so the only difference is that they provide 600 aliases on their domain compared to lets say 25 of other providers. I wonder how they deal with poluted namespace.

So It so different from random domain catchall?

The reason why i would be worried about Fastmail is that they have are Australian company with servers in US. Both of those mean that Law enforcement can simply ask for users emails.

Now i am for sure not target of Law enforcement or goverment so i dont care but i am not sure why i wouldnt use service thats in better juristiction and is privacy focused.

And a fairly common trick used by those who want to mask how they got your email address is to strip everything between + and @ in the email address you gave them.

I believe outlook & yahoo mail also have real aliases.

I’ve been looking at Office 365 this weekend as an alternative to my (single person) GSuite account. I’m actually pretty impressed. It feels much more polished than than Google’s software (to me, anyway). Teams also looks like a good slack alternative, I’ve already got good use out of OneNote, and all the Mac desktop software launches very quickly (definitely not the MS Office I remember!).

I think I may actually migrate all my email over today. The idea of having a different interface to GMail is pretty exciting. I’ve been staring at that (increasingly slow) interface for too long.

20 years ago I certainly wouldn’t have imagined myself doing this, but it actually seems like decent software now. Sure I need to jump into bed with MS, but that doesn’t bother me nearly as much as Google.

I agree, Google is not forcing anyone to use their browser, yet people are complaining that Google is evil and immediately after continue to use their products/services. I don't understand the human psychology behind this..

The tech giants seem to operate on a law of averages, where automating everything and having essentially zero support system for those using their services is worth it despite the (apparently quite frequent) failures that may break accounts and cost the giant some money as a result.

I've seen similar situations happen with Facebook, where entire businesses with what you might think were significant ad budgets were completely shut out of advertising on FB because its system for advertisers was broken yet again. I guess if you have a very small number of channels that are totally dominant, as Google and FB now are, you can afford to throw away a thousand here or even a million there if it saves you millions in support costs.

Whether organisations that have become so dominant should be legally allowed to do that, given the unfair adverse effect it can have on others operating in the ecosystems they create, is a different question. Just as we have laws about monopolies and limit what they can do in other contexts, maybe it's time for the handful of businesses that dominate online advertising or marketplaces to be regulated for the protection of everyone else.

> Dealing with Google these days seems a lot like dealing with an authoritarian government.

It's more like dealing with a blind automaton, and that's becoming more common outside of Google, too. Automation support scales well because the fixed costs are high but the marginal cost is low, human attention scales poorly, with a high marginal cost.

To a first approximation authoritarian bureaucracies are blind automatons too.

To a first, and second, and third approximation, bureaucracies are distributed computing systems; procedures, laws and bylaws are code, bureaucrats are the computing units. A lot of "fat" in bureaucracy comes with dealing with the fact that the computing units are buggy, unreliable, and sometimes actively malicious.

> To a first, and second, and third approximation, bureaucracies are distributed computing systems; procedures, laws and bylaws are code, bureaucrats are the computing units.

Having spent a fair amount of time working in various bureaucracies, and studying law and government administration, that's very much not true. It's very much the idealized view that many people outside of bureaucracies have of them, especially people in computing, but it's very much not a good approximation of most real bureaucracies, or their governing law and regulation, because the latter usually is written in a way which deliberately relies heavily on discretion within (often deliberately fuzzy) constraints rather than seeking to provide deterministic rules for outcomes, and in many systems regulation is actually written by the bureaucrats enforcing it (who also tend to have disproportionate influence on shaping the actual law).

You'll see down in the subthread that I essentially agree with what you wrote here. However, I still maintain the analogy to a distributed computing system is good and revealing. It's particularly the observation of the flow of forms and documents in and out of bureaucracy, as well as within it, that makes me think of it.

As explained below, I don't agree that it's a good idea to replace bureaucracy with code. However, I think the lessons our industry has learned in architecting software systems could inform designing efficient data and request flow within a bureaucracy. At the very least, it gives us language to talk about bureaucracies as systems.

> However, I think the lessons our industry has learned in architecting software systems could inform designing efficient data and request flow within a bureaucracy.

This I definitely agree with; it's kind of disappointing the information systems engineering knowledge has tended to become siloed within organizations dedicated to information technology, because you get much bigger gains if you apply that knowledge to broader processes, not just within computing systems supporting the processes. OTOH, with people who have that knowledge generally getting paid more to apply it in IT (and getting listened to more there), it's kind of understandable if unfortunate that the knowledge gets stuck in IT.

And so the next step would be to actually throw out the written word and replace it with actual code.

I'm serious.

Why let "government code" be subject to all the shortcomings and pitfalls of natural language when you could just use cold hard logic and exact math instead?

Natural language is just programming for humans, anyways.

That would be a very wrong move. I'm serious.

This unreliability that comes from agency of the individual compute nodes has some very important benefits: the system is much more resistant to bugs in code[0], and much more humane. Software, as it is today, doesn't understand morality. That's e.g. you wouldn't want to automate away judges in the justice system - the law is code, but it's buggy, and isn't complete enough to handle all cases in all contexts. You need case-by-case judgements, and that's why it's good to have human bureaucrats who can independently think and override the system as needed. Otherwise, the system would just grind people that fell into it.


[0] - Like, "you have to deliver document X before 14th to get something done, but the document is only available from 23rd". Happened to me during university, where some scolarship depended on a government document that you could procure only well after deadline. Of course, the secretary at the university knew this and let you fill in incomplete application; she'd wait for the whole allowed processing time, then send you a letter asking you to bring in missing documents and giving you 14 extra days. Given that this was a bug at an intersection of two bureaucratic systems, if this was software, it would likely go undetected for a while, until someone started to wonder why nobody is applying for scolarships anymore.

I'm just going to hook up on your example of the document and the deadline, and state the following: You're assuming a (very) pessimistic scenario (that you likely justify with your experience of IT systems and their bugs, but Apollo 11 had IT too, and got it done, and everyone back).

Allow the benefit of doubt that a "software-based" system would only be implemented, if it were superior in such a way, that such a situation doesn't even occur in the first place. That is the benefit. It alleviates the necessity for the "human-wiggling-around-laws-that-actually-make-it-illegal-what-you're-doing,-but-those-laws-are-stupid,-so-whatever,-we-don't-care-about-that-specific-law".

It's most likely a very unknown concept for anyone presently, since it doesn't yet exist, but I believe, if human civilization works more on the aspect of creating a universal law that is language-agnostic, we would have a better solution than the ones we currently have.

Also, tax filings and the like are basically automated. It's just about expanding such automated concepts for more efficiency as well as removing the language-bias laws exhibit. I'm fully aware of the shortcomings of automation, and also do believe that a human "arbitrator", or judge, is required and preferred.

But in essence, my goal in stating my opinion was to plant the idea of language-agnostic law, for which maths, code and logic can form a solution. It's philosophical pondering towards a global government policy in a very long-run.

> but Apollo 11 had IT too

So did the Mars Climate Orbiter.

Anything can go wrong, anywhere. Still, I think the IT guys and gals in space-tech have (necessarily) one of the best track records in reliability.

> And so the next step would be to actually throw out the written word and replace it with actual code.

That is, indeed, that natural conclusion of the deeply flawed premise that law and regulation are basically computer code written by programmers who have to contend with buggy, sometimes malicious, computing units.

But other than the fact that the word “code” is often used in reference to each, law/regulation and computer code are not the same kind of thing.

> Why let "government code" be subject to all the shortcomings and pitfalls of natural language when you could just use cold hard logic and exact math instead?

The fuzziness in law and regulation is very rarely anything close to minimum required because you are dealing with natural language, and very often deliberate to create room for flexible application. And there is a strong overlap between the places that that is least true and widely perceived gross injustices in the law.

> Natural language is just programming for humans, anyways.

No, it's not.

So true. It's maybe not intended, but no fat shaming please.

I don't think that's really true. Authoritarian regimes are, if anything, more prone to personal foibles of individual decision-makers than others.

Having friends (software engineers, SREs, etc) at Google used to be the way to get a human to look at something but these days it gets you nothing.

You’re better off with a highly rated news.yc post.

It depends how highly placed they are (and how much money you spend/ make them).

This is a manifestation of O'Sullivan's law as applies to corporate culture and it's a spot on assessment

Zomg good thing this is visible.

s/these days/always/

Here, fixed it for you.

This feels like 1994 all over again. In 1994 you had one dominant software monopoly in Microsoft. Today you have several: Microsoft, Google, Apple, Facebook with dominance in individual spheres of influence. Power corrupts. Absolute power corrupts absolutely.

In 1994 Microsoft didn't arbitrarily ban applications on their OS.

They had different knobs available to them, and it's not clear given the opportunity that they wouldn't try it. E.g. it was less common for PCs to be connected to the internet and receive OS updates, so they wouldn't have an effective way of using a policy like that.

They certainly did their best to prevent any other OS from being on your hardware.

They still are not doing it right? You just get the "downloaded from internet" warning.

I think you can argue that current day MS is a little more afraid of anti-trust action than 1990s MS. Game developers were legitimately scared that MS was going to do this for windows and start taking their own 30% cuts from all PC games. I'm not sure if Valve confirmed it, but it seems likely that SteamOS/Steam machines were at least partly a backup plan for ensuring there was a place to sell games without MS skimming off the top.

No, but there was that whole “Windows won’t run on DR-DOS” scandal. https://en.wikipedia.org/wiki/AARD_code

They made PC makers pay a license fee per computer even if the computer didn’t ship with Windows.

They coined the term embrace, extend, extinguish. See the history of Internet Explorer.

Also, as far as I know, even couldn't.

They would have loved that though!

I mean Steam was made as a panicked reaction when Microsoft announced its Windows store. People in the industry knew very well what they were trying to do.

Steam predates any windows app store stuff by almost a decade, it wasn't a "panicked reaction" to anything.

Yeah, grandparent is misremembering a real event. Steam did do a panicked reaction to Windows store: a hard pivot to Linux support and the linux-based SteamOS.

Steam was nowhere near the app store we know today when it was created. It was Valve's auto-updater and match-making service. They had a few partner games using it as well.

I may recall it badly but I am pretty sure they opened it to general companies and indie studios as a reaction to Windows 8 built-in app store:


I've been on steam since a while after it's genesis. IIRC the store aspect of steam started in 2006-2007, which is way before even windows 8 which only came out after 2011-2012

It's time to switch to Firefox and advocate for Firefox usage.

That's very sad to hear, I've been an avid user of HabitLab. Thank you so much for developing this tool! I wonder if you've ever considered doing a Chromium fork with the HabitLab interventions integrated deeper into the browser? I think there's a lot of potential and interest for a productivity-oriented browser that helps stay focused and develop good time management skills.

A Chromium fork is going to be a pain to maintain. My contingency plan if it gets removed from the Chrome store is to try to get it accepted into the Edge and Opera stores, and ask users to switch to either Edge or Opera (and provide sideloading instructions for those who want to stick to Chrome).

Why not, might I ask, Firefox?

Edit: no need to reply, I've seen your answer below, thanks.

Good luck getting drm content to work on a chromium fork.

I'm really sorry to hear that--it looks like a useful extension and I'm sure you've put a lot of hard work into it.

Naive question to you and to other extension developers here ... how does Firefox do when it comes to this issue? Is it just that the market share is so much lower that it's not worth developing for FF? I ask this as a happy FF user on mac, linux, ios.

I tried porting the extension over to Firefox when Firefox switched to WebExtensions, and at the time there were tons of incompatibilities, mostly with Firefox's Shadow DOM implementation (HabitLab is a huge and complicated codebase, porting it is non-trivial - I had an issue tracking it at https://github.com/habitlab/habitlab/issues/137 ). I'm sure it's a valid option for smaller extensions however. At the moment I'm trying to get it accepted on the Edge store, as Edge is much more compatible with Chrome extensions than Firefox.

Have you tried again with Firefox recently? I'm the developer of an extension that makes extensive use of the Shadow DOM for UI components in content scripts. I recently ported our Chrome-only extension over to Firefox and had a few minor issues but none with the UI. I'm even using React for Shadow DOM UI components and it's been working well in both browsers.

I wonder if others are thinking the same re: Edge and whether this will eventually lead to chrome losing users to Edge as useful extensions find a home there.

I work for Microsoft on a moderately complex chromium extension. We've investigated porting it to Firefox (we've had a small but nonzero minority of users ask about it, and several of our engineers have a personal interest in it), but it's really hard to estimate ahead of time how much effort it's going to be. Most of the issues are not so bad to fix individually, it's just an unknown-length onion peeling exercise. It's especially challenging when a library/framework you use is impacted by a difference and its maintainers aren't motivated to improve compatibility; some examples of this we've run into include "Firefox's RegExp implementation doesn't support named capture groups" (but the library author doesn't want to make the code less readable by not using them) and "Firefox's auto-size behavior for extension popup UI (what you see when you click am extensions toolbar icon) sometimes sends spurious window resize events when the DOM is modified" (the UI control library we use has behavior to dismiss context menus on window resize, which this breaks).

The most painful incompatibility I've read about was in the Bitwarden extension, which basically doesn't support most operations in Firefox private windows because Firefox intentionally doesn't support getBackgroundPage() from there, and Bitwarden architected their extension to use that for all IPC between their frontend and backend layers. You can avoid that incompatibility by using runtime.sendMessage for that purpose, but they didn't know that at the time they wrote it (there's a warning about it in the MDN docs for getBackgroundPage now, but that warning wasn't there at the time). We happened to have gotten lucky in our extension in that we use sendMessage for the same purpose, but we certainly didn't know about that incompatibility at the time we were making the architectural decision.

Beyond just making it work, our team would also want to be able to automate regression tests against Firefox if we were to officially support it. For a long time, selenium was the most realistic option for that, but we switched away from selenium to puppeteer a year ago due to reliability issues with the former. Now that Firefox support in puppeteer is very recently starting to stabilize, we're hopeful we'd be able to use that, but we haven't tried it yet and it's new enough that we wouldn't expect it to be fully compatible/stable yet.

While the notice probably comes from some automated system resembling authoritarian governments as described below, it looks like your extension would be undesirable to Google's business model and metrics they would want to optimize anyway. I hope you can find a different platform to run the extension, it seems more friendly than the screen time features in Apple.

I haven't used Chrome since I've left Google and would recommend everyone to move to an alternative non-Chrome-based browser for a more balanced ecosystem. All the bad behaviour can be avoided when companies actually need to look after retaining users and taking care of not so frequent cases and I hope better business practices can come up without the need for government intervention.

I used to feel impressed when someone told me they worked at Google. Now i just wonder if they're apart of the teams that make these horrendous decisions and force terrible UX on us and deprecate features that users love.

Make your extension available on Firefox

> Some anonymized data will be sent to Stanford for research purposes. See our privacy policy for details.

Maybe this text on your front page is triggering someone at Google extensions department?

When you are detained by the police, you don't have to do the guesswork of what you did wrong.

The police should/would tell you.

Is there a workaround for users? Old builds of Chromium?

It works fine with the current versions of Chrome (and Chromium-based browsers like Edge), you'll just need to sideload it once it gets removed from the Chrome store. Alternatively, if/when I manage to get it accepted into the Edge store, you could switch to Edge.

I thought Google banned sideloading unapproved extensions on Windows and Mac.


Well, you can enable developer mode, extract the extension, add it manually, re-enable developer mode every time Chrome starts, and manually update to each new version...

No need to re-enable it every time Chrome starts.

I meant distribution as a zip file that you can load in developer mode, like the installation instructions for Bypass Paywall ( https://github.com/iamadamdev/bypass-paywalls-chrome ). It's not a very user friendly installation process but it still works. But yes, CRX-based sideloading no longer works on Chrome.

I believe CRX-based sideloading is still a Chromium feature. For example, if I turn on developer mode in Vivaldi, I can drag a CRX onto the extensions page and install it without a problem.

Would be great if you ported HabitLab for Firefox

I get it, Google loves to automate stuff to save money. Makes sense, I agree. But I'm seriously wondering if all the people in charge of automating such processes are those delusional ego-programmers who think they can solve anything with machine learning, aka "AI". Really, I cannot understand that there aren't basic safeguards in place like "hey this extension got repeatedly flagged and when a human finally reviewed it we found it was a mistake each time, so maybe set a flag on this extension to double-check next time". Or maybe, have such incidents automatically bubble up to the team responsible for the automatic screening. But why do that if you're a wunderkind programmer who never makes mistakes?

Sorry, this is the only explanation I have for this, I've worked with this kind of person twice. Once they got the first version of something running they are done, no further testing, no sanity checks, no asserts or logger.warn() for "this can never happen" branches.

The other explanation is that they don't really want users to have most browser extensions. The browser extensions either become features that google wants to embed in the browser, or things they don't want, for business reasons. In either case it is better if the extension dies after a year or so.

BTW, this doesn't have to be a conscious choice of anyone at Google, it could just be the way the incentives turn out.

I think this is unfortunately close to the truth. I think Chrome only entertains extensions on desktop since desktop browsers are somewhat competitive. On Android where their bundling deals ensure Chrome is the default browser, they don't really have to bother. They can just disable extensions and therefore ad-blockers.

> The browser extensions either become features that google wants to embed in the browser, or things they don't want, for business reasons.

Exactly. This is basically a replay of the way Microsoft treated developers of third-party Windows programs in the 1990s. Only the time scale was different; you typically had at least a few years before MS either integrated your killer feature into Windows, or changed something about the Windows internals that broke your program, either way killing your business.

A bookmarking service sounded to me like something Google wanted to operate themselves, and I was thinking maybe that was related to why it got taken down.

At the same time, it seemed to not have had that many users yet, so, a bit early for Google to pay attention?

Imagine all the semantics you could extract from lists that people curated. The early web used to be human curated content and then Google came along and extracted all the associations they could out of those curated lists (links) and became the juggernaut it is today.

So your theory about Google wanting to run a bookmarking service I think is correct. Human curated links continue to be the only source of semantically relevant content. Everything else is algorithmic extraction of the relevant associations created by humans.

Google already has a bookmarking service at https://www.google.com/bookmarks/

I have stuff saved in there dating from 2007 to 2015. Used to use a Firefox extension to load them in the sidebar.

I was surprised to see that is not the same bookmarks synced in my Chrome Browser. That's the case with https://passwords.google.com/ . Is their a webview of synced Chrome bookmarks (I couldn't find one) and what use case is google.com/bookmarks?

Oh that is trippy, not only does the link from the GP not include my Chrome sync'd bookmarks, all the recent activity on it is places I've starred in Google Maps (!).

Exactly, they have a competing service. They also took down Podcast Addict while keeping their competing podcast app which violated the same terms https://news.ycombinator.com/item?id=23219427

I think it's exactly this.

Chrome supported/promoted its extensibility early on because it was seen as a competitive feature when compared to IE and Firefox at the time. At the time, FF supported a huge library of extensions, and Chrome's job was to eat FF's market share (and IE's). Thus, extensions were an obvious thing for them.

Now, extensions present pretty much nothing but problems for Google:

* Features that compete with Android * Features that compete with their own offerings, like Pushbullet * Features that actively harm their offerings, like adblockers * Features that actively harm their enterprise customers, like anti-paywalls

There's NO upside now for Chrome to support extensions, and ALL downside. They certainly don't need them in order to keep browser share. Too many people use it now.

By the way that description is one aspect of a monopoly (no, I don't want to start that discussion. Just pointing out that that behavior isn't possible in a competitive environment).

Given all the recent postings on HN lately about the DoJ sniffing around google re: anti-trust.... You'd think this would be a really bad time to be doing this...

Isn't one of the 'main' criteria around anti-trust how a company impacts the consumer ? this sort of thing sounds harmful to the consumer (fewer choices, actively taking down products consumers use, etc.)

I agree, maybe the DoJ should ask why it is so hard to make an extension? A little pressure would act against the forces that make them decide when in doubt, shut down extension.

User friendly features are only incentivized in a competitive environment.

Until Firefox or Edge catches up in both performance and implementation compatibility to make Chrome-first sites work, extension support isn't incentivized

Tbh I can’t even think of a place where competition solves user-friendliness—user friendly software is highly uncommon in commercial software, let alone more broadly (i’m eying you, canonical).

There are a large number of user-hostile behaviors that stretch across industries: ad-funded software, app stores pushing microtransactions, wildly inconsistent interfaces and behaviors across DOM-driven software, opt-out behavior for things like arbitrary internet access.... user unfriendliness is the default state of software and even the most user friendly software still neglects the needs of many of their potential users.

This is a fact of software built in bounded time to be resold for passive income and “support” (which means “bug explainer” and possibly “refund-giver” in most corporate cultures).

I'd hazard to say that what you're describing (which I agree with) is true actually because in most spheres, there really ISN'T meaningful competition.

Building software is hard, generally, and takes time, generally. Just because you can throw up a set of microservices in a day doesn't mean you can build a properly competing product that quickly. And as time goes on, the standard of competition gets higher and the barrier to entry gets higher, because user expectations grow over time. So most software isn't competitive.

Chrome-first is a fancy way of saying not compliant with standards. Much like UE back in the day.

This is why I try very hard not to rely on Google, with the exception of Gmail.

I don’t use Google extensions on Chrome, and increasingly I don’t use Chrome.

Search engine?

That's what finally started bothering me enough, I don't feel comfortable keeping my search history and email in the same basket.

I'm currently in the process of switching to protonmail.com, which has been a positive experience so far.

I think you'll find the people in charge of automation have no programming background at all. They're likely new grad product managers hopped up on Adderall with no incentive to reflect on the unintended consequences of their decisions

I maintain a paid Chrome extension (https://chrome.google.com/webstore/detail/shortkeys-custom-k...) and I've had a very similar experience with the frustrating repeat automated shutdown emails, except that so far my extension hasn't been actually shut down. I'm just waiting for the day that it happens at this point. I'm surprised it has not happened before now, since my extension requires a lot of permissions to do its job.

In my case, I make a nice little side income from that extension so it would be a noticeable income hit. But I'm not sure of anything I can really do to prevent it from being shut down if and when Google's robots decide the time has come.

An interesting extension but I am a bit surprised - it seems the target users are developers, which generally have the wherewithal to download the repo and install themselves - how does this result in a "noticeable income"?

Sorry, not trying to be obtuse, just curious from a side-income perspective.

It surprised me too. I started charging a few months ago after it was free for ~7 years. Now I'm making $600 a month off of it.

Paying users seem to be part productivity nerds who maybe aren't technical enough to grok installing from the repo, and part people who just choose to pay for the automatic upgrades or to support the developer. Also, lots of users are web gamers who use it for in-game automation.

I wrote a post about it 1 week after monetizing, if you're curious: https://critter.blog/2020/01/14/week-1-of-monetizing-my-chro...

> Google (Robot): We'll take your extension down

Me: Hey, this must be a mistake

> Google (Robot): No mistake, review these policies, your extension violates one of them

Me: It does not violate any of them, this is a mistake!

> Google (Finally human): Oh, sorry, a mistake.

Obviously someone just needs to create a robot that automatically replies to the takedown notices and disputes them, thus closing the loop!

Somehow I expect that using a bot against their bot violates user TOS part #63836370 section YQ, and they will immediately lock your accounts, associated business accounts, delete the data and offer zero recourse.

And laugh about it, because they think it's funny.

I had the same reaction. But then the individual programmer/founder won't risk their robot messing this up, while for google it's a numbers game.

Also, someone would have to program that bot and can you even imagine how dead inside you'd feel if that was your life?

Using AI to suggest a reply or to use human approval seems like a low risk approach.

Would you feel dead inside if your tool helped developers keep their projects online? Sounds rewarding to fight the big guy and keep cool projects online.

I am opposed to any job that I feel shouldn't (need to) exist

Step 3 doesn't happen usually. If it did, no one would be upset.

Happened to me twice. Still upset.

Donotpay probably would if you passed the idea

I have a side-project that is partially a browser extension. I use a single codebase for both Firefox and Chrome.

Even with my trivial side-project and a grand total of two releases so far, Google ar itrarily rejected one release for being "spammy" when there was literally a 5 line diff between it and the previous release. Thankfully just finding the depreciated dashboard and uploading an icon (the "new dashboard" doesn't have this feature yet apparently) got it through after resubmitting it.

It feels like they've set themselves as gatekeepers of Chrome extensions (Windows users can only install from the "store") but they aren't actually interested in doing the job even though you pay an admin fee for the privilege of developing a free extension for their browser.

Your best course of action is to drop chrome support, and make your extension as good as possible and make a point of marketing that it's firefox only. Most won't do it due to worrying about market share, but alas IMO it's the best option available

>make a point of marketing that it's firefox only.

This is a great but only a temporary solution. Firefox is taking jabs at extensions not on its recommended list with slightly scary warnings.

Firefox as a privacy focused browser should give users the ability to limit permission or sites extension can run on - including click to run option.

Without this, they'll soon go the way of chrome.

Heck Chrome started locking down extensions when they started catering courting enterprises. And they included the ability to make extensions uninstallable.

Bad actors took advantage of it, forcing chrome to tighten things further until extensions could only be installed from the store.

I use Firefox personally and originally made the thing for myself. I added Chrome support because Chrome is much more popular (not far from ten times more popular these days :() and people I would like to use this, eg friends and family, mostly use Chrome.

I couldn't ask them to switch browsers for my little side project. I have to co-operate with Google's bureaucracy. For what it's worth, so far it seems like Mozilla is not exactly streets ahead, but at least they didn't charge me and they seem to be fairer and more helpful to extension developers (they have a "self-distribution" mode with relaxed oversight I used while in private alpha, and their tools and docs are better).

I think it would be perfectly reasonable to promote Firefox to your friends and family as "simply the better choice" irrespective of your own interests.

When Chrome was better, I suggested friends and family use Chrome. Now I think most people would benefit from using Firefox as their primary driver.

Are you including the change cost here, which will be many times higher for most of the population vs. HN? Even if I thought that Firefox was a better choice, I'd recommend to my friends and family to keep using whatever they are using unless they have to switch for some reason.

What, precisely, is the cost?

Lazy web devs that only test in Chrome and maybe safari that constantly break things in other browsers. I don't mind sending the angry support email and using chrome for a single task here and there but others might.

I never used Chrome and never encountered a website that didn't work on Firefox. I think this concern is a bit overblown.

Bank of America didn't work for the better part of last year. Chase Rewards are currently broken since last week. Its easy to drop small sites that don't test but my experience has been they actually bother testing and it's the major sites that actually have problems.

I've had Firefox fail to work properly on the sites of Slashdot, Amazon, Newegg, Chase, BoA, GE, Walmart, the IRS, PennDOT, Mozilla's own org site, WaPo, NPR, Fox, Disney, and a whole host of others.

Effort, time, unlearning workflows and re-learning them in Firefox, etc. Switching costs would probably have been a better term to use.

I got my retired mother to switch to Firefox without her hardly noticing the difference. And she's happier now that she gets fewer ads.

I think we as developers overestimate the resistance to switching.

I think this is because programmers have very specific and personalized workflows for all the tools they use so they assume other people are the same way when in reality a browser for most people is just a tool to get what they want.

Man, I haven't updated my extension for years because it's already feature complete (at least for my use case) and at this point I'm afraid when I push an update, Google would outright ban it because the extension requires full access to all sites and tabs (it's an automatic tab suspension extension).

The worst outcome of the iPhone is the general move of programmers from people who write software for a platform the user fully controls to people who write software for a platform controlled by a company that the user borrows a device from.

Yeah, everyone's known that platform dependence is risky, and every decade or so we "learn our lesson" but then forget the moment the next cool platform comes along if it has enough users.

Developers go where the money goes. The money goes where the users go. The users don't know the difference between a walled garden and a free ecosystem.

its not so much forgotten as aggressively dismissed and mocked as tin foil hattery.

It’s almost like the companies with more money than governments and complete control over what content users see might shape the world to keep their profits high.

One way to tell if a conspiracy is crazy is if it doesn’t benefit rich people. This pretty clearly passes that test.

You don't have to believe conspiracy theories to think centralization is bad. Sometimes bullshit "they" don't want you to know about is still bullshit.

Maybe they're still angry with him about leftpad.</joke>

Yes, it really is the same guy: https://kodfabrik.com/journal/i-ve-just-liberated-my-modules. And, joking aside it would be wise to bear in mind that we're reading only one side of the story here. As with leftpad, there's another side to this.

With leftpad he told Kik, "fuck you" (https://medium.com/@mproberts/a-discussion-about-the-breakin...), and then wrought global havoc on npm users. Now he's claiming the Chrome Extension Team "continuously troll developers", and is pulling down something he's created... again.

I only have two data points, so the behaviour here is a coincidence rather than a pattern, but I will guarantee you whatever you think of Google there is more to this than meets the eye.

I'm not without sympathy for the author, but neither am I about to uncritically take his side.

> With leftpad he told Kik, "fuck you"

In response to a threat starting with "We don’t mean to be a dick about it" and ending with "our trademark lawyers are going to be banging on your door and taking down your accounts and stuff like that", I did say "fuck you" to Kik.

If that makes me the character in your mind, enjoy your imagination.

It seems that lots of people are missing that part. The Kik guys were doing their corporate double-speak b/s about ‘let’s find a solution’ when the only solution is handing over the name. All while threatening with door-banging lawyers.

And he did offer them a solution: $30,000 dollars, to which they promptly - albeit indirectly - replied with fuck you.

The guy made a very valid point:

We must pursue our trademarks or risk losing them. We must. So can we make this amicable instead of hostile?

The maintainer could have requested things like "Okay can I make some blog posts and you help me with some SEO to make sure people are aware of the changes to my project name?" etc. Sounds like Kik was willing to be reasonable and help where they could. Clearly they could have gone in with an opening statement saying "this is the lawyer, I am sending trademark takedown notices, fuck you, go to hell" but they clearly did not.

This is one person trying to make the best of an awkward situation, and one person just saying "duces".

“We must” is nonsense on the part of Kik. That’s part of the corporate b/s where people make it seem like things are “out of our hands.”

If he was releasing a messenger app called KikAss, then sure, they “must” enforce the Kik trademark.

But if I release a brand of shoes called Kik, with an api that allows users to poll how many steps a user has taken that day, that’s not a trademark violation.

Trademark violations require intent to mislead, or they could be unintentionally confusing (for example, if Kik has been talking about releasing shoes for a while or if it’s a well known brand of soccer balls).

Neither of these things have occurred, so the trademark doesn’t have to go through a (futile) enforcement process.

This is it, really.

Not long ago I was involved in a company that defended their trademark. The other group said to us 'f- you' and refused to comply. They then continued to do marketing and interviews with our brand name and an almost identical logo. It's like they were trying to dig a hole.

So that behaviour actually just created more evidence of infringement. We contacted their partners and explained the situation and they started pulling their support. They lost half their board members. So eventually their own lawyer said "Hey guys, we really should comply." and that was it.

No money exchanged hands and we only dropped 30k into a lawyer. I assume they sunk money into rebranding, lawyers, new partners, and a whole bunch of things because they were being petty.

> Trademark violations require intent to mislead

No, they don't, only probability of customer confusion.

Criminal counterfeiting charges require intent, IIRC.

If you see the second half of that sentence, with an example of how...

> or they could be unintentionally confusing [to the customer]

We see the second half. Your sentence reduces to:

> Trademark violations require intent to mislead, or they do not require intent to mislead.

You are trying to assert that this makes sense and that the second half makes the first half correct. Neither is true.

I’m not sure what you’re trying to achieve by leaving multiple successive comments threads about the same topic. I will reply to this message and will withdraw after this.


The sentence reduces to “trademark violations are considered to have taken place regardless of when there is either an intention to mislead or if a customer was unintentionally misled.”

If the grammar was poop and you can’t make a good faith reading of it (to go so far as to follow me around on this post) then by all means feel free to comment away but I won’t be responding to it.

Another expression of your stereotype: https://news.ycombinator.com/item?id=23360585

We don't need you to respond. You have made it clear that there is nothing anyone can ever say or do to convince you that you are wrong.

> Neither of these things have occurred

How do you know unintentional confusion did not occur?

> Trademarks require intent to mislead

Is this a legal requirement?

I meant trademark violations. My bad. I edited the post and added the missing word.

As someone else mentioned, your correction is also incorrect. One can violate trademark unintentionally.

No, my correction is fine. It helps if you read the sentence in its entirety rather than stop reading at the comma... you know... where I specifically go on to say "or" followed with a whole bit on how it can be violated unintentionally and give an example of such.

The next sentence also goes on to say that either one of those two needs to take place - again, referencing more than one way a trademark violation could take place.

Maybe my English wasn't clear. English isn't my first or my most recent language, so my grammar sometimes goes a bit funky.

Your correction is not fine. English is my first language, and I am telling you that the way you wrote the sentence makes it incorrect. It's probably your grammar more than your misunderstanding of the facts. Another commenter said the same.

The sentence taken as a whole does not make the wrong part right. That you think we must not have noticed the rest of the sentence demonstrates that you don't know why it is wrong. You are choosing to get defensive instead of accepting a correction to your grammar that you acknowledge as being funky.

> Maybe my English wasn't clear.

What is the effective difference between your English being unclear and the correction being written in a way that makes it wrong?

This trademark thing must be the next biggest popular HN misunderstanding after the whole "act in the shareholders interest" debacle.

Could you explain the trademark misunderstanding in a bit more detail?

According to GitHub [0]:

> Using another's trademark in a way that has nothing to do with the product or service for which the trademark was granted is not a trademark policy violation.

Many people think that if you have a trademark, you have to sue everyone who uses your name no matter what capacity they're using it in, which doesn't seem to be the case. If their usage is unrelated to yours, you have no authority to prevent them from using it however they want.

There are some exceptions to this, like the American Red Cross's logo of a red cross on a white background (nobody is allowed to use this except the red cross in any context, although it isn't always enforced) [1].

[0]: https://help.github.com/en/github/site-policy/github-tradema...

[1]: https://www.bradley.com/insights/publications/2012/04/one-cr...

Also people get carried away with how estoppel works. Estoppel is a basic principle in civil law that says if Alice tells Bob it's fine for him to do X, then even if Bob is infringing on Alice's lawful rights by doing X, she doesn't get to come back later and tell a court "Hey, Bob was infringing my rights by doing X".

And that's where it definitely stops, but people get carried away and imagine now if Alice tells Bob, "Enough, I need you to stop doing X by this reasonable time" and Bob says "Fuck you Alice" and keeps doing X the court will rule for Bob. Nope. And they imagine Bob's friend Charlie might show up too, and do X and Alice has to accept that because she told Bob previously it was fine, again Nope. As a result some businesses become convinced that unless they pay lawyers to threaten every hobby project starting with the same first letter as their product the terrible "estoppel" will destroy their business.

Also just as a general principle lawyers are for avoiding disputes first, fixing existing disputes as a last resort. If you're actively paying lawyers to start shit you are probably Doing It Wrong™.

well, friendly solutions don't charge per hour, unlike lawyers...

With regards to the trademark issue:

> and we’d have no choice but to do all that because you have to enforce trademarks or you lose them.

They aren't threatening him for the fun of it, this is classic trademark stuff.

Also the "solution" he offered them was:

> Yeah, you can buy it for $30.000 for the hassle of giving up with my pet project for bunch of corporate dicks

Would _you_ give this guy $30,000, after he calls you a dick multiple times and tells you in no uncertain terms to fuck off?

No one comes out looking good in this interaction, don't get me wrong, but Azer was super unprofessional and nasty during those interactions. He gets no sympathy from me.

Good luck trying to enforce trademark law for namespace on a public code repository.

It’s “classic trademark stuff” insofar that people classically don’t understand what a trademark is or how it’s enforced.

Consider reading through Github’s policy on trademarks[0] to better understand why a casual fuck off should be given whenever you get misleading, threatening emails.

[0] https://help.github.com/en/github/site-policy/github-tradema...

I agree with you. And I don't understand this normalisation of threatening.

And just because it's a lawyer does not make things better. If you want me to cooperate, try to be nice. If you threat me, don't be surprise to hear a 'fuck you'.

> but Azer was super unprofessional and nasty during those interactions

Does he even have to be “professional“? Even though two of the parties involved happen to be corporations, he owes no allegiance to them and the exchange does not take place in a corporate context. I mean, we are talking about corporate overreach, why should we be assessing his words by corporate standards? “Professional” usually means “don’t show emotions and suck up the abuse”. I’m glad he was both showing his protest and standing up to the overreach.

Does he have to be? No.

Can others judge him harshly for said decision? Yes.

It’s not the judgment itself, it is by what standard he is judged. Everyone could judge him by their religious, cultural, personal standards. But in a solo dev vs. corporate overreach case judging him by corporatist standards bring a framing that further empowers the overreach.

There was a time when hacker culture was associated with rebellious and playful values. Such an irony on Hacker News we are discussing if he should be penalized for saying “bad words” in the face of corporate unfairness.

Don't be confused by the "Hacker" in hacker news. Paul Graham found a cool label to get impressionable youths to want to work for him, nothing more.

Because they didn't have to pay him $30k. They had a registered trademark and a right to use the name. And in the end, they didn’t have to spend nearly that amount. All they had to do was send a few emails to the npm maintainers.

I’d say they made a logical decision.

The right to use that name in a certain context. Kik was a dick. 30k is a lot, but lawyers would’ve cost way more than that

An initial consult is often free, and even a $500 consult would have been worth every penny because the lawyer would have (correctly) told him to back off and let them have the name.

In any event, escalating - even when you think the other party is being a dick - is never the right answer.

An initial consult is often free

If you're hiring a lawyer off a television commercial in order to make a quick buck off of a fender bender. Corporate law is different.

When I was sued I was able to get an hour with many of the initial attorneys I called. The biggest challenge in most cases was ensuring there were no conflicts.

And as an attorney, if I go back into practice someday, of course I’ll do the same.

I have a hard time seeing your position here. Because of their actions they broke their own build and made a lot of folks in the open source community upset. Was it even worth it to waste the time fixing their broken build? To investigate the failure and replace a dependency of a dependency? To lose credibility in the community they've evidently just decided to become involved with? I really don't see how that's not worth 30 grand. They have a right to use their name but they don't have the right to use someone else's work.

It is a principle of American and English law that the person who uses someone else’s property unlawfully is responsible for the foreseeable injuries caused to others by its use - not the lawful owner of the property.

You are being downvoted because you fundamentally misunderstand and mischaracterise the situation you are referring to.

I am referring to naming an npm module “Kik” that has nothing to do with the service of the same name. What do I misunderstand?

About twenty years ago, I learned a lesson the hard way I received a much more strongly worded cease-and-desist letter. I responded much the same way as you (though without the salty language), and a few weeks later, I got slapped with a multi-million dollar lawsuit for copyright infringement.

You're lucky you were treated as nicely as you were. It could have been a whole lot worse.

Lessons learned:

1. Hire an attorney when you get a takedown notice if you think you are likely to decline, and seek counsel before responding.

2. Telling people "fuck you" doesn't get you anywhere, and it doesn't matter how impolite or wrong you think the other person is.

That's really sad that that's good advice. I can't help but sympathize with him, and with you 20 years ago. Basically, your advice boils down to: "when a larger company tells you to do something, do it".

That's essentially what the lawyers at my friend's company told them as well, as they're dealing with a similar problem. Just because you have lawyers doesn't mean the answer will be any different; you very likely won't be able to deal with a lawsuit from a much larger company.

No need to feel for me. Growing up is about making mistakes, taking your licks, learning your lessons, and moving on. I was on the wrong side, legally and ethically.

If anything, it made me feel both unwise and ignorant, so I addressed that by going to law school and passing the bar. I have a great career and I keep my nose clean.

I also have a different perspective now - one of the creator instead of the consumer. And I disagree that Goliath always has to win. Sometimes the big guy is wrong; and thank goodness we have folks like EFF to help out when they abuse their wealth and power. When the little guy is on the right side of the argument, I will also stand up for them.

Keep in mind, too, that Kik doesn't exactly have overflowing pockets. They can barely pay their bills and nearly shut down last year.

So what happened with with the lawsuit in the end?

I entered a judgment on consent and had to pay restitution to the plaintiffs over a number of years. Most expensive mistake I ever made.

I just wanted to say, thanks for standing up for what you believe in. It took courage to do what you did.

Did it though? This seems to be his MO.

Vote with both of my hands

> I only have two data points, so the behaviour here is a coincidence rather than a pattern, but I will guarantee you whatever you think of Google there is more to this than meets the eye.

You seem to want us to question the narrative based on the likability of the developer, but is it really relevant? Can you really imagine a data point that we don't know that will change the narrative of "solo developer getting steamrolled by corporate machinery"? Because that is what is happening in both cases. I want to be clear, this is not even about the solo developer actually being in the right, it is about the process or lack thereof that takes place to reach the conclusion. You might not like this particular guy, but I guarantee you a more likable guy would be/will be/is being equally strong-armed in these lopsided processes. Transparency, accountability and fairness would make all of us happy and not left guessing who might be right based on who writes the most likable emails or has the most popular brand.

To add to this, I think the reason this particular developer is seen negatively by some is that he does kick up a lot of dust in these situations. Most developers would (understandably) feel like this wasn't worth their time and just silently give in to the bigger company's wishes.

So while his "likeability" is completely irrelevant, how else would we even hear about these issues if he didn't make a big fuss about it? I think that also might explain why we heard of this story twice from the same developer. The truth is people face similar issues every day but no one hears about it. I'm glad that some people kick up a lot of dust and make the issue visible to everyone.

>this particular developer is seen negatively by some is that he does kick up a lot of dust in these situations

Developers are often pushovers (no disrespect, I'm often one myself). Anyone who isn't gets passive aggressively labeled with terms that make them easy to conflate with actually bad people.

Give 'em hell, Azer.

I believe that in the left-pad case, NPM severely violated the overall trust put in their management by handing over a package name (that other people might depend on) without a legal process. Now that NPM has faltered like that once, you basically need to verify yourself that every package that you use is still the same one by the same author, i.e. that NPM hasn't silently transferred the name to someone else.

I maintain quite a few high-traffic packages on npm and have done so for years. Npm is really bad about handling any sort of situation with any amount of grace.

Per my anecdotal experience, they are really good at choosing the outcome that benefits them the most/harms them the least - which wouldn't upset me since most companies do this, but it's Npm's "we're here for the community" type of fake attitude that has always bothered me.

In the links you've shared, I thought the author (Azer) was on the right to behave the way he did. I don't see it as a reason to discount his current experience because of that either.

They would have no case if they actually tried to go after him to "defend" their trademark. His mail was just empty threats.

You can't just trademark 3 letters in a way so that nobody else can use them. In fact there's hundreds of trademarks that are the letters "kik" in various logos[1].

What they trademarked is a bunch of specific logos containing those letters. Doesn't prevent other people from also using those 3 letters in some other way.

In fact when he wrote "kik", my first thought was the he was talking about the German textile discount store - which is the first result for me when I google those letters.

[1]: https://trademarks.justia.com/search?q=kik

What is the cost to defend against a lawsuit where the person suing you has “no case,” especially in the USA where the American rule for lawyer fees governs?

BP, BMW, and GE (among countless others) disagree and would be happy to haul you into court to prove to you that you are wrong if you misuse their trademarks.

It's easy to be an armchair HN lawyer when you have no skin in the game.

> BP, BMW, and GE (among countless others) disagree and would be happy to haul you into court to prove to you that you are wrong if you misuse their trademarks.

As an attorney, do you think he was misusing the "Kik" trademark?

I know this sounds like a cop-out answer, but as an attorney, I would zealously represent my client on either side.

I don't know all the facts here, but I do know that as a practical matter, it comes down to a whole bunch of factors, among them, use in commerce, possibility of confusion, etc. But I can say that judges take a dim view of people who tell others to "fuck off" and who appear not to have a justifiable reason for using a name nor a long history of doing so.

I also know that bullies don't always win - Nissan Computer still owns nissan.com, not the motor company.

I'm tempered to rename my packages with a prefix "kik" just to fuck with them. I don't live in the US, so good luck enforcing their empty threats on me ;)

Actually if anyone behaved poorly, it was npm not Azer.

I'm shocked to see that something like this could happen on npm - where a single threat of getting lawyers involved can get your package transferred away from you. It really wants to make me not publish anything on npm too actually.

Totally agree. I'm shocked to see that people actually think less of Azer because of what he did. Why keep your work on a company that bullies you like that?

Just came here to say the same thing. He didn't need to swear and be so bratty about it, but yeah it seems to me he was not wrong.

"Integrity" is not a desirable trait in this day and age. A developer is of little use if they don't respond to short term individualistic incentives.

Au contraire. A developer with integrity will become a senior with integrity, and when you're dealing with people -- which you will be if you are not already -- you get a reputation for being fair and just. People will not deal anywhere near as favourably if you have a reputation for displaying a severe lack of integrity.

On the other hand we've seen this kind of behavior from Google time and again, even on its flagship platforms like Android and YouTube. The Chrome Extensions store is likely the bottom of the barrel when it comes to priorities, so I have no trouble believing things would be even worse there.

If you're referring to the recent controversy around Pushbullet - I thought that was revealed to be them asking for all access to any HTTP/HTTPS websites you viewed...which is a major security breach.

They removed that permission to limit it to only Pushbullet, and then were able to get back on.

I'm not saying there couldn't have been more hand-holding - but it wasn't exactly like it wasn't for a fairly egregious security breach.

(Disclaimer: I work for Google, but not in any Chrome/Android/Store team, or anything even vaguely related to that - this is purely my own opinion).

They removed that permission and were denied again. Only after the story got a lot of publicity did Google decide to accept it.

Did PB fall through the cavernous CS cracks or are they competition?

Chrome + Android are busy building a competing feature and that's part of the narrative about Pushbullet - this was seen as an attempt by Google to kill a competitor through nebulous "rules violations".

If the PB team hadn't gotten it to be as visible as it was, they very likely would have gotten away with it.

I believe Pushbullet needed it's permissions for the features it offered, they even tried removing features and permissions just to appease Google.

Regardless of that, just tell people what they've done wrong, developers are surely jaded by being told absolutely nothing about what or why some faceless mega corp is trampling all over their day.

Is it any wonder people like OP lash out in frustration and just pull all of their work when one has no means to obtain a straight answer? The man has a young child, and that is work enough, but it also puts things into perspective, and honestly, as a father of a months old child, I'd probably respond to this in the same way and think "fuck it, one less frustration" and just pull it too.

I believe Pushbullet needed it's permissions for the features it offered

The PB post describes them removing permissions they realized they didn't need, you can check their writeup. Google's handling of this was poor but PB had real problems.

In this extension's case, we haven't even seen what notices Google sent.

I'm all for enforcing strong privacy rules, in fact, I stopped using PB very quickly after trying it for the first time, because of the _feeling_ of a lack of privacy/security it gave me (based on no actual evidence), so I'm not defending PB.

That said, calling Google heavy handed is an understatement, and there have been several cases which have made it clear that kicking up a fuss online and being big enough to get some attention is the only means for recourse.

I didn't call it 'heavy handed'. I'm just correcting your assertion that PB didn't have unnecessary and overly-broad permissions. This is in their writeup.

This might be okay as long as you give clear and specific points to correct.

But Google just said "you're asking too much permissions". After the first fixes the extension got rejected again, without explanation.

I'm not really trying to re-litigate the whole PB thing. It's just not the case that they got dinged for nothing which is what the comment I replied to was suggesting.

And the other (I think more important) point was that we know even less about whatever happened to Kozmos.

Oh, I understand your point. I was calling Google heavy handed.

FWIW, someone workin on things related to it felt like it was something that needed apologizing for: https://twitter.com/DotProto/status/1261047663669084161

Rejecting a fixed version is not lack of "hand-holding", and far-reaching permissions are not by default a "major security breach" (unless Google has a policy of shipping products with major security breaches built in?)

They were only allowed back on after they've turned it into a big story online.

The perspective of the other side is not hard to guess here: support costs money, it's way easier and cheaper to automate it, and if it hurts a few people here and there no one really cares because there're millions of other users (and no much alternative anyway).

We all know that Google's support sucks, even they know it very well, just they don't give a shit. Everyone's pissed about this for years - anyone who ever tried to debug adsense, gmail or youtube account getting blocked out of the blue, or android app being flagged for no reason has gone through pretty much the same process this guy describes. Internet is full of horror stories of this kind, it's very well documented.

The only difference here is that most of us goes "c'est la vie" ¯\_(ツ)_/¯, and we continue using their services because - well - everyone else does it, what else could we do... while this guy doesn't mind giving them the finger... which will, and of course he knows that, hurt him much more than Google - but that's a move to be respected imho...

What was the "other side" of leftpad? As far as I remember, the broken system wrought havoc, not the developer who chose to withdraw his modules. I don't think the developer's reasons are much relevant when discussing how reliable their word is.

The broken system allowed him to be a dick.

OK, so the is more to it than that and he did have a genuine grievance (I forgot exactly what) bit in dealing with that he caused a pile collateral damage for innocent bystanders.

(Innocent bystanders who errantly put too much faith in dependency oriented programming which brings us back to the broken system)

It's his work, and he had every right to pull every module he hosts there in protest. If this was a walk out or some other form of protest, nobody would be calling him a dick, I think that's a little out of order.

That said, the system is definitely broken.

His reaction to the Kik thing is probably where he was at fault, I think it would have been reasonable for him to back down there; companies, in the US at least are obligated to protect their IP in order to retain their rights over it (as far as I have understood from various discussions on HN), but perhaps the forceful lawyering got his back up?

Also I have no idea of jurisdiction of any parties involved, I just assume US.

It's always safe to back down if you don't have the guts to go on, but you can't say it's a fault not to back down.

> Innocent bystanders who errantly put too much faith in dependency oriented programming

and who need an external package to leftpad a string... the most fascinating part of that story to me...

> too much faith in dependency oriented programming

Which is why it's a distraction to even consider this particular person's track record.

Even if this same person pulled one critical package a month for the next year, the fundamental problem is still that the ecosystem in general relies on parties with no obligations to manage critical dependencies.

Sounds like he's a pretty prolific developer who's sick of dealing with mega-corporate bureaucracies screwing him over.

You've remembered that the author has written another article at some point that is completely and wholeheartedly unrelated to this story; and the point it attempts to make. Why is this the top comment?

We have a lot more than two data points for Google screwing Chrome extension developers.

He's got a pretty good shitbird radar.

Npm not only didn't realize that this guy was more important to their community and NodeJS on the whole than a one off from Kik, but they sold out to GitHub / M$FT.

All that for something that hasn't been updated in 2 years https://www.npmjs.com/package/@kikinteractive/kik

Nobody can uncritically take his side but what you are implying here is that we should consider him "less" because of an unrelated story.

Why can't you uncritically take his side? Because company good, developer mean? If you want to say kik has a right to the three letter package name so be it but absolutely no one has the right to continue using someone else's work for their own gain. Especially not a company that threatened him with lawyers within three emails.

To me it sounds like both sides had their own (though different) tone-deafness.

"Oh I didn't know there was a company with that name" well, now you know. How would you like to go into NPM and find someone has created a package with your or your company's name?

At the same time Kik's answer of "we're nice people but we're sending the lawyers" does not come across as friendly.

And yes, NPMs response is not surprising. They're going to side with the trademark owner, unless there was a very good reason not to (like the MikeRowSoft case)

Note to npm (or some future package repo site): create package namespaces. Allow renaming and maybe aliases.

> Note to npm (or some future package repo site): create package namespaces. Allow renaming and maybe aliases.

I have a friend who encountered a similar scenario with a company claiming trademark on a name. In their case they simply changed the package name. It was frustrating but it meant everybody was able to move on without any drama. Subsequently, as far as I'm aware, the trademark holder has never even published a package under the original name. So I suppose that makes it doubly irritating, but such is life.

I think your suggestion would have neatly avoided a lot of these kinds of issues in the first place.

In my opinion, the party that behaved the worst in that exchange was npm. Why do Node developers trust such an unprofessional institution?

Perhaps your position might be better understood if you shared your own story about a project that you have invested so much time and energy creating and building. You may have tread a different path when confronted with such obstacles. The community would be enlightened by your experience.

This comment is just straight ad-hominem.

Not true at all. I'm saying we don't know the whole story. That's not to say that what he's saying is untrue but that, without some corroboration, or hearing from the other party (Google), it can't be relied upon.

Granted, all I know of the author is based on what I've seen of his past behaviour. That does make me a little sceptical that his account of events represents the sum totality of truth around the situation. I don't believe that's an unreasonable perspective.

It does not mean the account is false, or that I lack sympathy for him[1], or that I'm unwilling to see or understand his point of view. What I was concerned by is that in the comments I was seeing nothing but unalloyed support, which I did not think was warranted based on what we know. I think I've been pretty clear about that.

I also think it's a shame that he's chosen to yank the extension, but that's obviously his choice and I can understand why he made it.

[1] Different context entirely but I've had my own issues with Google's algorithms, along with the sense of being left in the dark about why. I made some, actually useful, changes but I've still no idea if those are the reason the issues were resolved. Regardless, I'm glad that they have been resolved.

How true!

Your own comments come out as one-sided as anyone can be...

Is it possible that Google writes code to automate the moderation (for lack of better word) of the extensions in the Chrome Store because they are trying to avoid paying hundreds of people to do it manually? I know it's easy to say "Google doesn't care about you," and generally it as a company may not care, but they also are not in the business of putting us out of business.

It feels like to me that they have just become a sprawling mass of interconnected yet disjointed divisions but without any real customer service department that can handle the amount of requests or situations like in OP. I am not on their side in any way, but Occam's razor and all, it just seems the most likely explanation to me is that they are just too cheap to pay people to handle the volume of customer issues they have? Or would it not be economically feasible? What do y'all think?

[Edited to divide into two paragraphs for slightly easier reading]

> Is it possible that Google writes code to automate the moderation (for lack of better word) of the extensions in the Chrome Store because they are trying to avoid paying hundreds of people to do it manually?

Undoubtedly, for the Chrome Store as well as all of their other properties.

Ultimately, Google's business model is about earning fractions of a cent per view/download and making it up in volume. Their profit margin depends on relentless cost optimization, and humans are inevitably the most expensive part of their support/maintenance systems.

Google undoubtedly doesn't want to put extension writers out of business, but if they adjust their procedures to give cases like this real human attention then they will undoubtedly allow a few dozen spammers/scammers to also receive human attention.

(Note: I present the above without judgement. If I were to add my judgement, I'd say that I don't think that this state of affairs is a good thing, and in the long run we may need to reconsider whether algorithmic promotion of content without human oversight is viable.)

I'm still a bit surprised they're not offering a paid support tier. That'd still suck for non-commercial extensions, but at least help with the "extension filtering is killing our business!" cases.

I'm afraid is more complicated than that. If they were to add non-mandatory paid support, any time someone were at risk of losing its extension would feel/believe it's an extortion scheme to force him to pay for support (whether that's true or not).

I can’t see how a healthy browser extension ecosystem would help Google. Without Google getting any real value out of it, it makes total sense they do a poor job managing it.

I somewhat agree, yet wouldn't a healthy extension ecosystem (excellent term, btw) attract more users to Chrome and in turn keep users more entwined in the larger Google ecosystem? I guess there is a cost/benefit analysis done. They put just enough effort into it to get the return or results they want. The little guys like OP (who arguably make the best content because it's open source and not full of trackers or other junk) just get stepped on along the way.

I don’t know at all, but if I had to guess extension usage is pretty low. I’m not sure the average user really sees browser extensions as something they need. They aren’t as obvious as say mobile apps. On the flip side, extensions like Honey seem to suggest at least enough people use them to be of some worth.

Some of the more popular extensions have thirty+ million users, and this is for trivial fluff functionality. When you hit up the extensions dealing with adblocking or say, interacting with Instagram, they can hit 100+ million easily.

If people increasingly head back to FF or other alternates?

It's clear that Google don't want to hire humans and run customer support centers. According to reports, this has bit them in GCP adoption as well.

That's fine but at least have a human review before taking disastrous actions like taking down extensions, lockdown Gmail accounts. If you can't afford even that at least have an appeal process where human would review the case. If you can't make the economics work even for that maybe just don't run the app store.

GCP does have support engineers who work with you on things.

It does? Haven't used it yet and have no near future plans to change that. As long as there's a single account, the support of each part of Google matters, because it could cause your account to be closed.

GCP most certainly does have support engineers available!


There's a variety of different tiers to suit your required level of support, and some products (e.g. G Suite) come with free in-built support.

(I work as part of Google Cloud support organisation).

The problem many people have is that they're (rightfully given the horror stories on HN) afraid that anything they'll run afoul of GCP guidelines (i.e. some AI flagging "fraud" or "spam") may also close down their personal and all other Google accounts with no way of reaching a human.

If GCP wants more adoption then you have to fix this shit. Seriously.

Hi, I currently use Azure which has strict lines between organisation tenancies/domains/accounts and personal ones. This means I know that my liability is limited to my business.

Can you assure me that if I move to GCP, have a VM get infected and you ban my GCP account, my personal account will never get banned too? Or that of my next employer? Because I keep reading about that happening...

Well, in general - would you use your personal email account for work?

So for example - say I have a personal Gmail account (e.g. cute-boy-88@gmail.com)

But if I was working for a company that had spun up GCP infrastructure - my work would likely provide me with a work email address (e.g. trevor.jacobs@bankofengland.co.uk) - which I would use, rather than cute-boy-88@gmail.com.

This also covers the use-case that for example, you leave the company (in which case the company still controls those accounts), or an employee goes rogue and tries to takeover their work account.

In general, you would try to keep your work/personal accounts separate - you're not going to put your personal account as the recovery email for your work account for example. Your system administrator (or IT team at work) is going to be the one who resets your password, or recovers your account - and they're not going to send private work passwords to a personal email account (or they shouldn't).

Hopefully the above helps.

No, of course I wouldn't, but my understanding is that Google (unlike any other company I know) will "pierce the corporate veil" and ban people not accounts. It's not hard to correlate accounts, my chrome is logged into both my personal and work accounts. My computer has a unique ip address. My phone has both accounts logged in as users.

Is that enough for the ban to follow through and hit both?

If you sign into multiple google accounts in the same browser window, then those accounts are linked behind the scenes. You do not have to explicitly link them together. There are plenty of stories on reddit of devs whose company accounts got into trouble because their personal account was in trouble.

> they also are not in the business of putting us out of business

Actually, the way they've expanded their range of products I'd wager they've put quite a few people out of business. It's especially bad if your business happens to not be one of the ones they acquihire, but one of their competitors, as evidenced by a handful of antitrust lawsuits.

You'd need to hire more than "hundreds", especially since people get mad about false positives and false negatives. How long do you think it takes a reverse engineer to completely and thoroughly vet a browser extension or mobile app? A day maybe if you are doing it quickly and longer if you are doing it thoroughly.

Now do that for every app and extension. And repeat it for every single version that is ever uploaded.

As someone who's Google ad account was mysteriously suspended for no given reason (even before a single ad was run) and am now up to 4 days waiting with no reply nor phone number I can call, I hear you..

It is disgusting that no one from media asks Sundar Pichai touch questions like:

1. Non human (AI) usage for termination google accounts. 2. No repeal process

At least some employee from Google here in hn must do things and understand mentality of other people.

It increasingly looks like - well... we employees live in bubble but if you are unlucky then you are screwed. Do not ask us?

What kind of programmers wrote such code that terminates account without human intervention? Please do not blame it on Project Managers.

You are human - so is some one that was affected by your code.


So it's easy to think with a human customer service agent, all will be well. But then I think about all the customer service calls I've made or emails I've sent, and I almost wish that they did not exist so I don't get my hopes up and waste my time. Most customer service is worse than a computerized flowchart.

And even if they do understand your situation, and have authenticated you, and aren't just reading a script, then most of the time they can't offer you anything else besides what's possible on the website anyways. Sometimes we just like having someone to complain to.

That's not my experience of call centres. While they are generally reading from a script and often they have no more information than you do, they crucially have the ability to recognise when things aren't working right and escalate your issue.

With Google's bot approach that can never happen. The only way to escalate issues is to be famous and write a blog post or tweet about it.

Sure thing, but I still prefer to talking to the worst human, than the best KI avaible.

Also, I bet no one think all will be well, without KI, but it will be better dealing with incompetent, overworked and underpaid call workers, than dealing with a "smart" KI, with you cannot talk at all. In the first case there is at least the hope, that someone escalates the problem to someone with more knowledge who can finally solve your problem.

>>What kind of programmers wrote such code that terminates

The Human mind has an infinite capacity to justify any manner of things as "just doing my job" or "just following orders"

This has been seen in all industry, in all types of roles and at all times in history

There is nothing more dangerous than a group of people "just doing their jobs"

Also hubris. Hubris is a hell of a drug.

Not surprising, given the amount of so called "engineers" they hire, some of whom don't really have a background in CS, just studied for the interviews, or came from a coding school. It's astonishing how many fresh code bootcamp grads that companies like Google pick up and pay 6 figures for.

I just created a Google Voice account for the first time. A few hours later I asked 3 different friends to send me a text message to see if it worked. I didn't get any of them or any warning that it takes time for the number to activate.

I tried again the next day, same results. That was 4-5 days ago, and still nothing. I'm abandoning Google Voice because I assume Google has abandoned it. It's not like there's anyone I can ask.

This is just an inconvenience to me. I can't imagine what it's like to have a service I actually rely on and then lose it.

Gaslighting is the worst.

It's getting more common, too. Just the other day I found out that posting links in a youtube comment makes the comment invisible to everyone else. In hindsight, disallowing links is almost certainly a good policy and it's easy to understand and appreciate why it was put in place, but why the gaslighting? Just pop up a box explaining that links aren't allowed. The gaslighting isn't going to fool spammers for long enough to be a meaningful deterrent, but it is going to trip up legitimate users enough to meaningfully degrade their experience.

Time to visit my bitwarden and port another account off gmail (my late new-years resolution is to port an account off gmail every time I get myself worked up about something google did -- funnel the useless frustration into something worthwhile.)

I think the term is shadow banning

They invented the term shadow banning because "gas lighting" has very negative connotations.

Shadow banning is 100% a form of gas lighting, and IMO should be considered just as unethical. If you are going to ban someone, words, or actions be upfront and clear about the rules and bans

Shadow banning, hellbanning, slowbanning, error banning -- it all falls under the umbrella of gaslighting in my book.

Happens on other platforms, too

I had a Firefox plugin that would tweet all my bookmarks. Years later I noticed all the tweets were hidden from search

Shadow banning is a form of gaslighting because users expect their comments to be seen and responded to, however they are invisible. This is confusing and an abusive practice.

I have had hn accounts shadowbanned without explanation or opportunity for appeal (I did try and was ignored) and largely stopped participating here because of that.

It's completely fair to stop participating as a result.

That said, I'm sympathetic to the idea that in small communities admin time is at a premium and gaslighting, even if it's occasionally abused, is a force-multiplier that can make the difference between a community having enough moderation to survive vs spinning off into toxicity and turning into a ghost town.

What I object to is that it seems to increasingly be used as a "best practice," to be applied universally without weighing pros and cons, rather than as a shitty reality to be applied minimally. For instance, in the case of youtube, we can place a very low upper bound on the value they're getting out of this tool, because it's being used to enforce an automated blanket policy that everyone already knows about (certainly everyone intent on link spamming, in any case). HN's shadowbanning is going to be good or evil on a per-instance basis, which makes it difficult for me to judge, while youtube's shadowbanning (as it relates to enforcing obvious automated blanket policies) cannot be good and is therefore much easier to judge.

gaslighting doesn't mean hiding.

Hiding = post is invisible to you and everyone else

Gaslighting = post is visible to you, and unbeknownst to you, invisible to everyone else

gaslighting also doesn't mean lying, or cheating, or fraud. it involves some of these things, but that doesn't mean that all hiding and lying is gaslighting. to quote wiktionary:

To manipulate someone psychologically such that they question their own memory, perception and sanity, thereby evoking in them low self-esteem and cognitive dissonance. The verb sense derives from the 1938 stage play Gas Light, in which a husband attempts to convince his wife and others that she is insane by manipulating small elements of their environment.

in what way does hiding one's post cause them to "question their own memory, perception and sanity"?

>To manipulate someone psychologically such that they question their own memory, perception and sanity, thereby evoking in them low self-esteem and cognitive dissonance.

I suspect a lot of people caught up in "shadow bans" already have a tenuous grip on reality in the first place. What a disgusting, mean spirited and wholly pointless thing for them to be engaged in. Why couldn't they just tell said individuals they've been auto moderated or banned? It's not like it will result in additional support being required - Google already make a point of ignoring their users.

while this is arguably true, it has nothing to do with the misappropriation of the original word. something can be terrible and yet not justify using words commonly agreed to mean different things. it reminds me of the recent trend to use "assault" when referring to all types of harassment, regardless of whether physical violence was carried out or even implied. you can argue that shadow banning is bad, but if you go say that it's "literally raping their identity" or something like that then you just sound like an idiot.

Voice was a really frustrating product for me because it was so clearly years ahead of its time and also ignored by Google for so long that everyone else caught up and passed them.

In 2010 I was able to have one number ring multiple phones, automatic transcription of voicemail, text people from a web browser (!), switch between network providers without having to deal with number porting, it was great.

What killed it for me was that MMS was silently dropped, no images, but worse group SMS was handled by MMS so if people added you to group chats you just wouldn't get any of the messages and they would have no indication that you weren't getting them.

This went unsolved for years.

Eventually iMessage, Signal, WhatsApp, Facebook - basically everyone else took this market. Then Google started some anemic work on it again, along the way making and killing a bunch of other chat products that all sucked in different ways.

Along with google plus and cloud, this is probably one of their biggest strategic failures.

Google is a proverbial a jack of all trades, master of none.

If you need to depend of them for a specific service, don't. Go with an actual business that cares and have the focus on what's important, and more importantly a customer service that listens.

I went with a dedicated VoIP provider, and the service has been excellent

Can you suggest an alternative to Voice? I need SMS and voice, and prefer data being optional (Voice can forward to a dumbphone, or even a landline). Happy to pay, just haven't found an obvious direct competitor.

Perhaps I'm missing your actual requirements (based on what's been suggested below), but I've been using voip.ms for years now. They support voice and SMS, and even my bank's SMS "2FA" works with them now. They don't support MMS, however (though you may have meant that when you said SMS).

SMS is available as a FLOSS app (I use the F-Droid voip.ms app), or through another portal - able to be sent/received through email, another number, or a web interface.

I honestly have only good things to say about them (despite being a consumer of their seemingly B2B product). As a disclaimer, I don't work for them, have no affiliation with them, and made a point of not using any kind of referral link.

I like the Unlisted app https://www.unlistedapp.com I got it a few years ago and haven't had any problems. I think it might be iOS only. There are plenty of other burner phone number apps which work on both Android and iOS.

Thanks for using and recommending Unlisted! We added an Android version last year and both apps are under active development. I'm happy to answer any questions (or receive feedback about what we could do better) - erik@unlistedapp.com

Dialpad is useful for this. They're one of the few alternatives I've found that allows for routing calls over POTS.

> What kind of programmers wrote such code that terminates account without human intervention? Please do not blame it on Project Managers.

One who gets paid half a million a year to not question the policies and their consequences and just does what they are told?

It’s pretty apparent that they think people who don’t work for google are vastly inferior human beings. It honestly runs counter to their “social justice” facade.

I really think this is unreasonable. Even at google there are different subcultures, including many with an anti-corporate streak. Furthermore I’m not going to blame an employee for not sticking out their neck for client businesses who also don’t give a shit about them. This isn’t a problem of individual providence.

Google needs a damn union just to get some reason in the building.

> Google needs a damn union just to get some reason in the building.

The problem is not mainly with how Google treats their employees (though there's definitely something wrong there), but with how they treat their customers.

I was referring to the use of a union to give employees say about the products they make. They provide collective leverage far more broadly than in the negotiation of work conditions and compensation and can negotiate directly with the board, who would normally go to great lengths to avoid speaking to their own employees (in my experience).

Hell, I’ve met more investors footing my salary than board members per se, and they definitely have zero interest in employee negotiations—that’s what management is for.

Its true - they believe themselves to be so damn smart they behave with rank condescension towards everyone else as the "top 1% of intelligence".

If they were so smart their lunch wouldn't be getting eaten by the likes of Amazon.

> including many with an anti-corporate streak.

So basically the worst form of slacktivist hypocrites.

I was not looking to start an argument; you are entitled to your opinions, at least.

I’m not arguing either. But dude, google? Google!? Its business is selling ads for corporations. A google software engineer can get a job at countless places including nonprofits sometimes making close to google money, but even if they made half that income they would be living more comfortably than 3/4s of the US.

Anti corporate soapbox or google job, please just pick one.

Nobody who get a Google paycheck has a sincere "anti-corporate" streak.

An anecdote: I was running my bootstraped company with 5 employees when in 2013 I suddenly started getting Google recruiting emails about once every 4 days. They wanted me for a "role" of a SRE, probably because I asked stack overflow sysadmin questions. I never responded.

> Google needs a damn union just to get some reason in the building.

I'm pretty pro-union in general but I don't follow your reasoning. Cops are unionized, and when they murder innocent civilians in broad daylight, the unions are right behind to pay for their legal defense. Unions don't bring reason to a workforce; they merely represent that workforce.

The problem is that regardless of the number of programmers that refuse to implement the whole thing, you only need one to ever say yes to get it.

So every bad idea eventually gets implemented.

The absence of an appeals process for online forums and stores is one of the great threats to public life today.

Most societies actually have something to solve such disputes: courts of law.

The real tragedy is that we decided to let corporations grow so big that they can say "fuck you" to courts and people alike with no repercussions. Twitter is famous for this, ever tried to appeal a ban?

I fear this is overstatement...people don't have a recognised right to an appeal if their app is shutdown. Only if the agreements were written in such a way as to define such a right, would a court of law even be involved.

This isn't about companies being too big, it's about an absence of rule making. If there were some rules defining the rights, then the courts could, indeed, be involved; but courts can't be brought into something just because it is "wrong". People agree to the ToS when they submit an app to the store; and the ToS more or less say, it's Gapplsoft's platform and they may do what they like.

> people don't have a recognised right to an appeal if their app is shutdown.

In Germany, people and political parties have obtained court judgements to unlock their Twitter and FB accounts. Generally the principle behind these decisions was that Twitter and FB are a public venue for discourse and therefore it goes against free speech to ban accounts for acceptable speech.

The only downside is that it are mostly hardcore actual Nazis which obtain these rulings, e.g. from the NPD party: https://www.belltower.news/gerichtsstreit-facebook-muss-seit...

That is a Twitter account, not an app.

It is unlikely that any common law jurisdiction would apply freedom of speech so broadly but it is uncertain. It could be that even Germany only applies it in cases where it is clearly a matter of political speech. How broadly do you think this precedent applies?

The odd thing is that they can't even make a cost argument for this. If they charged a cost recovery fee for human redress of these sorts of issues, it would not cost them anything, and that's assuming they don't lose money from improper automated enforcement, which they almost certainly do.

It's pure incompetence.

Why would I want to keep paying google for their shitty AI’s mistakes?

The alternative is being disappeared without recourse, if you have to pay 40 bucks when they screw up, it is what it is, and you can make a decision.

That is (morally) wrong on so many levels. It’s basically what regulations were invented for.

What would your brilliant regulation entail? Forcing companies to publish software for free when their automated systems think it's malware?

Could you even summarize a piece of legislation that doesn't amount to "describe Google, then make everything that annoys us about Google illegal for companies fitting that description"?

Apply anti-trust law as is currently written for starters. Standard Oil and Ma Bell were split for less egregious offenses than we've seen from Alphabet/Google, Apple, Microsoft, and Amazon.

In Standard Oil's case, vertical integration across markets was enough, and pretty much everyone in Big Tech is guilty of this.

Applications are open for YC Winter 2022

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact