Unacceptable response from a company promoting its services as identity and communication platforms.
1. Google said that if your telco is insecure, you are insecure. If you knowingly choose to use an insecure telco for sensitive communications, you can't expect every system to refuse to communicate with you.
From the article, Google already offers a secure 2FA, in fact Google invented and open sourced it! Do FB and LI even offer a secure 2FA at all?
> disable 2FA on Google via texts or phone calls, and enable Google Authenticator based 2FA
They're right that it isn't exactly a flaw in their systems, but they still have a relatively simple way of mitigating attacks against the telcos' security.
This crappy reaction to any form of customer communications will be the eventual ruin of Google.
If your application is ever suspended from Google Play, you will be greeted with a message directing you to an appeal form which lets you enter a maximum of 1000 characters to make your case. This is without having an exact idea of the reason your application was suspended in the first place. You are also advised that you may not ask any questions about why you have been suspended, or else they will not reply to your appeal.
A few hours later you will invariably receive the following email:
We have reviewed your appeal and will not be reinstating
your app. This decision is final and we will not be
responding to any additional emails regarding this removal.
If your account is still in good standing and the nature of
your app allows for republishing you may consider releasing
a new, policy compliant version of your app to Google Play
under a new package name. We are unable to comment further
on the specific policy basis for this removal or provide
guidance on bringing future versions of your app into policy
compliance. Instead, please reference the REASON FOR REMOVAL
in the initial notification email from Google Play.
Please note that additional violations may result in a
suspension of your Google Play Developer account.
AdWords customers like me (spending at some point several 100.000 Euro/year) are eternally grateful that they actually bothered to implement an appeal form after many years. We got locked out for more than a year with no way to contact anyone responsible (in good tradition of other Google services I presume) and thus no way to appeal, once the form got added, we got the lock removed within days ... What are you Android developers complaining about! </cynical>
I wonder how long this can continue. At some point, one of those big walled garden providers will run head-on into EU law with this kind of behaviour. If you hold control over a significant part of a market, the law will eventually ( and hopefully) step in and prevent you from playing God.
It seems the bigger the company the more likely that you will get a front line response that doesn't really grasp what you are raising.
I fought long and hard with my bank to avoid using SMS one-time codes to confirm transactions, and I lost (stayed on paper lists of one-time codes as long as I could).