It's a shame that Google are choosing to focus on policing what people think of as their private data.
Meanwhile, they seem to be taking their eye off the ball when it comes to the spam filtering that many of their users might wish for. In just the past week, I've received noticeable amounts of spam via: Gmail, Google Drive, Google Calendar, and Google Photos.
I'm puzzled about how Google are choosing to allocate their resources. It doesn't seem likely that governments would be asking Google to specifically police spreadsheets for possible phishing data. The owners of the files definitely aren't asking for their access to their own data to be cut off. So what are the origins of this effort?
I have to admit, I originally thought that Google Drive was the obvious choice over every alternative that existed, but I can see now that I would prefer an offline or privacy-driven alternative. The risk of losing files to a Google Drive machine learning black hole & then facing Google's customer service black hole might be small, but it's also nightmarish.
The spam that's allowed to be sent through Google Docs @mentions has been horrendous lately. What's even worse is they only let you ban the individuals. You can't turn off the notification email messages.
Thankfully I'm about ready to close down my Gmail account (still stuck needing a Google account for now) but it's a good reminder of what I won't be missing when I finally get out.
The risk of facing the "black hole" may be larger then you think. There's a person who posts a common "recovery how-to" in the support forums when people get locked out and that page got 83,878 views last month.
I've never encountered this @mentions Spam, are they using it as some mechanism for verifying a Gmail account?
I received a notification from Gmail the other day that "Someone added <made-up-email-address@my domain> as their recovery email.". And my only option was to disconnect the email. By disconnecting the email, I would be confirming to the account owner that the email landed in someone's inbox. By not confirming the email, I would be allowing my domain to be associated with a Gmail account potentially used for nefarious activity.
Given Google's scorched earth approach to deactivating associated Google Accounts when it comes to things like the Play Store, I felt I needed to disconnect the account.
Just for sending plain old spam because they know these notifications bypass a lot of the filtering. Removed the names in case they've come from hacked accounts.
Google Drive
> Random Name (randomcharactershere@gmail.com) has invited you to view the following document:
Private__file-Nyela-(random characters)
> If you don't want to receive files from this person, block the sender from Drive
The painful part is the last bit, you can only block that single sender, you can't turn off all notifications.
Google Docs
> Random Name (randomcharactershere@gmail.com) mentioned you in a comment in the following document
Direct_message_with_Salma
> I have to admit, I originally thought that Google Drive was the
obvious choice over every alternative that existed, but I can see
now that I would prefer an offline or privacy-driven alternative.
I'm not being miserable or spiteful when I say I'm really glad this
happens. Mono-cultures are dangerous and undesirable, and whether the
cause is "network effects" or more active monopoly tactics it's good
that there's some drivers towards alternatives.
Ultimately, when we have interoperability (by legislation if
necessary), people will have the genuine choice to share documents via
Google, where their work may be censored or arbitrarily deleted, or
through another service. It will not matter whether others in the
group use AcmeDocs or GoogleDocs, we will all be able to share and
edit via interoperable protocols. But when Google screw up like this,
they will lose customers who have no barrier to migrate to another
Docs client.
That will raise software quality. It would be a real marketplace.
> It doesn't seem likely that governments would be asking Google to specifically police spreadsheets for possible phishing data.
I would think any first class modern day regime would be on the lookout for anyone who might have it in their mind to challenge that authority, and election related keywords could certainly fall into that filter depending on how coarse it is. I wouldn't expect they would just blatantly take down documents though, so I suspect I am being excessively conspiratorial here.
I suspect is a security "hysteria", everyone wants to market their shit as secure, one a website we were allowing users to host their pdf files, some asholes are making some missleading pdfs pretending they are some company and they put in the pdf a link to some bad stuff.
One report and the entire website is blocked, we clean the website immediately but already all the shitty antivirus and security software is blocking our domain, it took us weeks to have those bastards fix the issue, one of the big security companies even had the form you need to use to submit reports broken for weeks... So unfortunately if a "bad" link appears on your website it will costs you a lot of time to get it all back to normal, my advice , for user generated content just use a different domain so if shit happens your main domain does not get blocked by the browser makers and antivirus companies.
Google wasresponding to groups that complain that the spam filter was heavy. Now some spam is getting through, people start to complain about that which will make the spam filter heavy again. Not sure what the right answer is.. fastmail has seemingly figured it out.
Removing files in google drive will kill drive. How can you trust them?
The spam that is getting through seems like really obvious spam. Not just for a human, but for a classifier, too.
I looked at an "out of the blue" example just now:
1. Sent from a Gmail address where the name doesn't come close to matching the name suggested by the sender address.
2. Email body is in Latvian, a language I have no association with.
3. About 20 other recipients, none associated with me.
4. Subject line is nonsensical (not even words) and an email address.
5. Email body is one line.
6. PDF attachment, with no mention of it in the email body.
7. Looks automated, but came from a Gmail address.
Of course, none of these in isolation is a definitive indicator of the email being spam, but given that there's at least 7 anomalies, considering the amount of data Google has & that they pride themselves on machine learning, shouldn't they be catching something like this?
Arriving in the inbox is one thing, but the thing really throwing me is they're getting the "important according to Google magic" flag applied. How can mail that fails all the tests you've mentioned (I just ran through them on some spam I've been getting) get such a high importance rating?
tbf, the Latvian bit probably counts in its favour because I doubt many spammers bother with Latvian (or that it's particularly unusual for Latvian speakers to have English Gmail accounts).
Still scratching my head at how their calibration can let something like that through and stick a random genuine circular from Twitter in my spambox though...
I think no matter what google does here they won't win - if they increase the sensitivity of spam filters, people will complain (rightly) that legitimate content is getting blocked. If they lessen the sensitivity people will complain (rightly) about too much spam.
Meanwhile, they seem to be taking their eye off the ball when it comes to the spam filtering that many of their users might wish for. In just the past week, I've received noticeable amounts of spam via: Gmail, Google Drive, Google Calendar, and Google Photos.
I'm puzzled about how Google are choosing to allocate their resources. It doesn't seem likely that governments would be asking Google to specifically police spreadsheets for possible phishing data. The owners of the files definitely aren't asking for their access to their own data to be cut off. So what are the origins of this effort?
I have to admit, I originally thought that Google Drive was the obvious choice over every alternative that existed, but I can see now that I would prefer an offline or privacy-driven alternative. The risk of losing files to a Google Drive machine learning black hole & then facing Google's customer service black hole might be small, but it's also nightmarish.