Even backup otp keys would be a challenge in this scenario.
What solutions would help with this? I would think even having two passwords on the account (as in you need both to log in) would be an improvement over plain password auth.
Just stop using Gmail. Here is a very small number of other providers: https://www.ionos.co.uk/digitalguide/e-mail/technical-matter...
Google is not being immoral.
The homeless people can use a different service.
Dealing with the use case of someone losing their phone every few weeks when you have billions of others to worry about is unreasonable. I think handling that situation should be considered out of scope.
And if they don't give a list of "workable free email providers" then the government has failed.
Imagine the howling if you had to have an email address to vote.
GMail offers backup codes to somewhat solve the phone number problem by the way.
Allowing for a case-worker, for instance, to act as a secondary 2FA method, and making it easy for the custodian to update the users information.
Wouldn't be all that different than corporate ownership policies or family accounts.
None of these folks are desirable advertising targets.
The reason this is not offered (IMHO) is that a lot the use (on the users side) of 2FA is from people that want better security, while a lot of the push (on the developer side) for 2FA is from people that would like to see the use of passwords almost disappear.
The only way to win is to not play the game.
IMO this approach would be a good way to confirm identity over a sms.
It's all so tiresome honestly. One of the absolute worst things about western culture is the apparent creeping obsession with political correctness that has been escalating for the past few decades.
If only more westerners were like the great George Carlin. Grateful for once to live in the third world.
Maybe that's part of the issue. Why recycle numbers so aggressively? Give the user a few months to recover their old number if they can prove they are the same person.
And 2FA can be defeated through social engineering, and it is defeated constantly in this way. I would far preferred password requirements with 80-bits of entropy than everywhere I log into requiring I collect a 6 digit number from an email, app, SMS message, etc.
But nearly everyone here seems to think this extra little bit of work at every login is a good thing, assuming they would ever have an account compromised. Seriously, how many here ever was compromised prior to 2FA? I've been online since 1983, and I had never come across it personally until after 2FA was rolled out.
Ignoring the personal inconvenience, 2FA's inconvenience increases exponentially for every 10 users being supported. Supporting 2FA among 10K users globally, just 2FA in itself, becomes a full time job for more than one administrator, when previously, those 10K users were commonly supported by a single tech.
Frankly, I'd far far rather take the risk of unauthorized access than being strong-armed into using 2FA. The amount of time 2FA wastes is far more than the time wasted by unauthorized access. The solution is far worse than the problem ever was.
Sorry for question, but it is a bit mind blowing for me, in my country homeless people are rare and the ones I see don't worry about anything besides something to eat and alcohol. So having a mobile for them would be like having cash to buy the mentioned things.
And just to compare, the cheapest completely useful (4G, 3GB RAM, 3000mAh battery, Android 11) smartphone is $30, the average monthly rent of a two-bedroom apartment in the United States is $1300.
This is why every app and vendor asks you for it.
I change mine every 90 days.
As a result I planned for that phone stopping to work and my understanding is that I will be able to emergency 2FA with those code once it broke. Am I wrong?
What are the best available alternatives?
There are many other (free) email providers. Not all require 2FA via SMS.
How many homeless have been so for longer than four months?
In this case it’s not even a criticism of Google. I don’t see an easy solution here that couldn’t introduce a more gameable system for hackers.
It sucks, but there are alternatives besides gmail and if google is going to spend time on this, I'd rather they not and instead spend time on getting homeless into homes.
Why not lobby those engineers and product managers to improve something that they are actually have agency and arguably a mandate to improve, helping users homeless and otherwise?
If they do so, I would rather they put that money into actually helping the homeless.
I also wonder if this person on twitter would be willing to let his friends use his email or phone.
The homeless have challenges, no doubt, but that does not imply google worrying about 2FA for the homeless is the best way to solve those challenges. It wouldn't even BE an issue if they weren't homeless in the first place, for example.
My solution to this problem was simple: don't use Google. Use Yandex instead because they never require a phone for 2FA and they allow you to set your own custom security questions for account recovery as well as link a backup email account to reset your password. It would be trivial for Google to have these features too, but they won't because this is about spying and tracking and controlling users by forcing everyone to use a SIM card.
The Federal Govt doesn't "give" you a free phone. Cellular carriers give you the phone and the service when you sign up at one of their kiosks usually setup outside local Govt offices that provide services to the homeless. Like the food stamps office.
So you sign up witg T-Mobile or Verizon or smaller carriers nobody has heard of and you get your cheapo off-brand phone with low specs like 1GB of RAM and 3GB of cellular data per month. Great, that is an amazing way to help the homeless since doing everything requires a cell phone now.
But when you sign up, the carriers require you to provide a cirrebtly valid food stamps EBT card and a govt ID like a drivers license with your mailing address on it. They mail a form to that address within 60 days that you must sign and mail back to them to prove you are who you claim to be. I guess this is for fraud detection.
But if you are homeless, then obviously you will never be able to receive that form in the mail to prove you are who you claim to be. Then after 90 days if you have not returned your form in the mail, your free phone service is terminated.
You can immediately go and get a new Obamaphone, but you will have a new number and a new account. There is no way to port your old number because each carrier has totally separate systems to store your account.
This whole Obamaphone program is extremely wasteful because it is intended to help the homeless, but it is implemented to force the homeless to constantly churn through getting new phones every 90 days. I went through several different Obamaphones because of this. Typical Big Govt inefficiency I guess.
It is too bad that Google is so obsessed with spying on people and blibdly trusting SIM cards because you can still use Wifi on an Obamaphone that has been deactivated for cellular service. I don't know why Google refuses to base 2FA on something other than a SIM card. They already control the hardware through Android, so the phone hardware IMEI ID itself should be able to be used as a unique identifier.
Unmoored, trillion dollar megacorporations on autopilot like Google who are managed by multimillionaires Executives living in Silicon Valley and who are staffed by millionaire developers designing these systems of global information control do not think of the use case needs of the poorest, disadvantaged users who fall through the cracks.
I think it is fair to guess that many people reading this have achieved some level of success building solutions to technology problems. Much like solving for malicious use for the average user with 2FA - or privacy with things like protonmail - why shouldn't some of us attempt to solve this rather than expect/complain that Google hasn't?
Mail hosting isn't particularly expensive - companies like mxroute are sub $1 per GB per year with deliverability, etc taken care of - or at least well enough to make it better than constantly changing addresses.
I know that I personally would be willing to invest time and non-trivial amounts of money to offer a solution and gauge adoption and feedback.
Some opinions (open to feedback!) on where to start:
1. Use existing mail provider from the start - mxroute looks like a possibility
2. Overprovision storage by some reasonable factor - say 1GB accounts with 10x overprovisioning - interested to hear from those who know more than me about this but I wonder if more unhoused/homeless people generally use email for mostly transactional purposes not 20mb JPEGs, etc.
3. Ensure the webmail interface (possibly build it) is Ultra simple and Super accessible - screen readers, text to speech, and of course mobile first. Again I (perhaps naively) imagine that features like tagging, rich content composing, and filtering are super low priority here.
4. Have a sign up flow that is mildly fraud resistant - mobile number verification (VoIP not accepted) with a cool off before it can be used for another account (how often do Obamaphone numbers rotate/deactivate once stolen?) and an (accessible) captcha type system to avoid mass sign ups. This could then in V2 be expanded to include more corner cases - possibly invites in lieu of phone numbers, etc. If fraud/spam became an issue it should be easy to detect given these will generally be low volume users.
5. Require only a modestly secure password for login. Use malicious use detection to trigger recovery/verification mode (see next).
6. Have a recovery/verification mode that fits the user group - need ideas here - but 5 questions that you have to answer 4 of and have some verification that the answers are not just simple words at setup? Combine that with verify with a real (but possibly different) mobile (non-VOIP) number that hasn't been used in X days to verify another account? Trusted friend recovery address? Seems like lots of possible solutions to explore here, and no doubt lots of people smarter then me who could provided ideas.
Is there interest in doing this? Am I the only one that feels frustrated when we (including myself) debate what google should do, or why people are unhoused (or what to call people how are) when many of us are capable and financially able to at least try to offer a solution?
With 500k-1M homeless/unhoused in the US (no reason it couldn't be international, just starting somewhere) - let's say it was crazy successful and had a 10% adoption rate of actual active usage. Maybe that's 7.5 TB of storage. I'm sure a reputable provider would be willing to partner to provide that at $1/gb/year or less (plus hosting webmail, etc) - I'd be willing to pay that bill personally for that kind of adoption/benefit. Would others? Would others dedicate their time?
Homelessness is multifaceted - that seems to be the one thing everyone agrees on - so offering possible solutions to any given facet - from fragmented communications to safe shelter - is at least a start and possibly a small part of making a difficult life situation a little easier to overcome/deal with.
But, I mean, why are they not railing on the phone companies, to make it easy for the homeless to keep the same phone number?!
Why is this Google's fault?
======
Addition, 08/02/2022, 3:03pm: I don’t know how this got shared to HackerNews. I appreciate all of the positive responses we have gotten. However, this was not an open letter. It was meant to be shared internally to Google. It went directly to the security team and we had a conversation about it about a year ago. Things have improved significantly since then and this is no longer a daily problem. Please stop calling the branch or emailing me about it. It’s interfering with my work. Press inquiries can be made through https://libwww.freelibrary.org/contact/ and the public relations department will be in touch with you.
If you want to learn more about patron privacy and support librarians advocating for patron privacy and against big tech please check out https://libraryfreedom.org/ which is a wonderful organization I am a part of that does work like this. I still firmly believe in and stand by everything that I wrote. But this particular action was not meant to be a public letter.
Also! If you’re in Philadelphia you should check out this big program we’re doing on August 12th called Empathy Versus Misinformation where a panel of experts will address questions and misconceptions about transgender youth!! Boy am I relieved that this was a Google Doc and I can just put whatever I want onto the front page of HackerNews now :)
People lose their phones all the times, I personally lost countless phones, and I am very far from being homeless.
The problem is forcing 2FA on everyone
Google is actually doing much better than the competition here in many aspects (e.g. it is possible to operate a Google account completely without a phone number for 2FA or account recovery), but as far as I understand, one is still required to initially create an account.
This is only true for a limited time. I've tried to use a couple Google accounts this way and inevitably I log in from a new IP and Google's 2FA system kicks in - forcing me to either furnish a phone number or lose access to the account.
It's similar to how Twitter forces phone numbers out of people - just not as immediate.
These spy phones and the apps they peddle have become a plaque upon humanity. They use addiction and coercion (denied services) to keep you under there spell. The worst part is that they are being forced upon our children, way worse than the tobacco industry ever tried.
For over a decade, I've been using my Google Voice number as my identity, with whatever number is on whatever SIM I happen to have at the time being an implementation detail. Ticketmaster doesn't accept that, so now I have to schlep myself over to the venue (which often includes a bridge toll) to buy tickets at the box office. It's infuriating.
I believe Credit Karma Tax also had this problem, which is moot now that Square owns it (since Square doesn't have this problem).
With Passkeys, your credentials will automatically sync between devices. So as long as you have some way to log in to your main account (Apple/Google/Microsoft, etc.), then you should be able to maintain access to all other accounts, even if you’re always moving between devices.
And there is a solution to the single point of failure problem as well, because there is a built-in flow where you can copy the credentials to other platforms, in case you lose access to your main account.
The newspeak is strong with this one. There was never anything wrong with the word homeless.
Have progressives gone too far?
For example, if Google wants people (who have a tendency to lose their 2FA devices more often) to always use this feature, and in case they lose access to their device, they could use a trusted designate who can verify on their behalf that they are the ones signing into the service. But then again, this alternative will impose some new challenges such as:
- What if the designate is not available? - Designate is available but also lost their access to verify the other person?
As with this case being raised here, it will always be a process wherein Google (or any other organization) will have to explore and find meaningful solutions that is both inclusive and considerate on specific conditions.
The variability alone of such premise is huge that I am quite sure when the next edge case comes up, there are other edge cases boiling down that will become the next set of issues.
To you and me 2FA doesn't seem that complicated. But to less technical people it's just overwhelming and they don't want to bother with the learning curve.
EDIT: It looks like you can turn off 2FA, I think I'm going to do that now so I don't get locked out of my Gmail.
E.g. John.doe1234@people.gov
There are many other usable (and free) email providers out there. It doesn't have to be Google.
I mean I've always fantasized about getting NFC into everything so that NFC-based tags could provide convenient "something you have" taps. Like, give me a simple ring on my finger to tap-in to a scanner on my keyboard rather than having to meander through an app on my phone.
The other problem is that with every org running their own auth systems, if you're trying to help a person with this problem you have to set them up on a dozen services. I really wish something like Mozilla Persona had took off.
Since I've been able to keep the same number through various phones and Sims, this seems technically possible.
The government has the resources to navigate complex situations that digital safeguards can’t.
If someone has no paperwork, lost the device they made their account with, and cannot remember a password they made—no tech company has the resources or expertise to handle this at scale as well as local institutions can. If someone needs to take over an account of a loved one that they have legal guardianship of, you don’t want a support agent at a call center to make these decisions.
Similar idea behind web-of-trust or multisig cryptocurrency wallets, except without the cryptographic mumbo-jumbo.
Isn't there a service like this already ? If not, there is your billion dollar startup idea.
Reminds me of a case in Moscow (iirc): a homeless guy bought a gym pass that came with a locker, and was storing his things in said locker. The gym administration decided to deny him this arrangement, but he sued them and the court said “since the locker is in the contract, it's his privilege now”.
For that situation no 2FA solution is going to work.
They get phones from a government program. Each new phone has a new number, and due to the above challenges, it'd be challenging to port numbers and keep a consistent number.
Authy accounts are keyed to your phone number, and to set one up on a new phone you have to receive a verification call/text.
For some things I have a Google Voice number, the Google account for which uses Advanced Protection (hardware 2fa only).
Also, which one do you think the involved stakeholders at Google would have an easier time getting signed-off: Decreasing reliance on stable phone numbers as an authentication factor, or firing a couple of people and donating their salaries to an organization helping the homeless?
Sometimes, depending on the probability of success, the pragmatic choice is also the ethical one.
Apparently this multi-billion dollar company can't see fit to help humanity because it's literally hard (or impossible?). That somehow I, as an individual, have more of an effect because charities only ever accept money from individuals and not billion dollar corporations?
seriously, just stop.
> The homeless have challenges, no doubt, but that does not imply google worrying about 2FA for the homeless is the best way to solve those challenges.
You seem to be under the impression that improvements to the condition of people's lives are only ethically acceptable if they happen ordered strictly by descending impact. In my experience, that's not realistic.
> Doesn't sound like it was completely resolved. In fact, it sounds like Google may have treated it as a "squeaky wheel," and only that library is getting better help.
It too would be lost.
Essentially, if you rule out possession, your choice is between server-side validated biometrics (if offered at all), or "double knowledge" (e.g. a password and email 2FA, with the email account also only protected by a password), which is pretty phishable.
https://support.authy.com/hc/en-us/articles/115001953247-Pho...
"Any solution requiring long-term retention of a physical 2FA key or high-entropy secret will not work."
Maybe, on top of that, I'm also arguing with the author. But I assume he implicitly talked about Google (which doesn't provide that option).
Google provides backup codes. You can print them on any kind of paper you want.
Regardless, OP argued that printed backup codes don't work because everything is lost every few weeks.
It's 2FA ... for homeless people.
email implies internet, 2FA implies realtime internet. The lack implies very poor at the very least up to and including homelessness.
"this one company uses 2FA, we should bitch at them until they remove that need" doesn't actually help anything.
This person who posted the tweet could offer their personal phone, email, and internet for these homeless friends they have. Why don't they? I bet they'll say it's because it doesn't solve the "real" problem.
Yeah, neither does asking google to spend money on removing 2FA for the homeless.
Also, fully acknowledging Google and other bigtechs 2FA is far from ideal:
The other thing is, we want at the same time Gmail to be unhackable against best hackers and state sponsored adversaries for the billions of users, including high profile dissidents, journalists, and senators who will inevitably have accounts; and at the same time to homeless people who can't keep any physical thing. It's kinda difficult to meet those conflicting requirements well at the same time.
Maybe the solution should be to have some basic free state-paid email provider for those people. They are not forced to use Gmail specifically (albeit the number of non-sucking and free email providers is probably close to zero).
How about the homeless person remembers a good password, and that's all that's needed for authentication? You know, just like it used to be. What exactly is wrong with that?
Gosh, I don't know, how about literally all of the problems that 2FA solves in the first place? Passwords alone are a bad solution (often forgotten, easily re-used insecurely) for people without all of the challenges and frequent mental issues that accompany homelessness, why would you think they'd be a good solution for people who, as the OP says, aren't capable of keeping track of a physical device for more than N weeks?
I'm not unsympathetic to the problems of the homeless ant the burdens 2FA entails, but I'm also not willing to ignore the huge problems the 2FA solves, and realizing there will often be a tradeoff between making it very difficult to hack into accounts and making it easy for people with mental and other problems access their accounts.
Pretty much EVERYONE will have cognitive decline in their twilight years. It would be nice if we could have communication systems that are compatible with basic human biology.
Which would go one of two ways:
1. One uses the same password one uses everywhere else, and now one is much more vulnerable to credential stuffing
2. One is reliant on a book of passwords or a password management app on one's phone, resulting in the same exact problem we're trying to solve
> PS: Many unhoused people access their email rarely, intermittently; they don't stay logged in. They often have to guess several times to remember their password.
2FA doesn’t work, and remembering passwords doesn’t work either. Checkmate.
I don’t think that is the solution. I also don’t know what is.
Public services that somehow provide safe access to email etc?
I think Google faced a trolley problem and made the right decision. You need a different tool "homeless mail" for them.
It's Gmail. You don't have to use it. There's a lot of mail providers out there.
Whatever, if this guy won't set it up I will. I'll stick a 20 msg / hr, 100 / day limit on it and call it a nice anti-spam day.
And google is not alone here; many other major "free" email providers require a phone as well (dagger eyes at you, MS, yahoo, ect); and the icing on the cake are some websites even require a particular set of domains to register with them to prevent multi-accounts/bots/spammers/ect => just a big ol download-spiral of decisions that feed into eachother, just to put a physical ID on anybody to tag-em-to-sell-em
The biggest gripe is that it is mandatory; it is not an option and nothing we can do about it other than "vote with our wallets" - and google does not even allow ToTP use as an alternative to phones, lol
The beatings will continue until morale improves; always has been, always will
Can you even imagine the nightmare of trying to police the usage of such a thing? Everything from simple spamming to harassment to child pornography, all complicated by the stricter scrutiny the government gets for who it can decide not to provide services to.
Seems to me it should mean that it has to be optional, at least until we solve that problem.
USPS serves every US address. Lone Star Overnight is allowed to mostly serve Texas without a requirement to also serve Maine.
Which category do we want Google to fall into? This kinda smells like we're expecting it to be a universally provisioned public service, but provided by a private entity with private funding.
There are three factor categories, what you know, what you are, and what you have. A password is what you know. A phone is what you have. Biometrics are what you are - facial recognition, thumbprints, etc.
2FA in one manner or another is used by various services, because the security recommendation is to pillar identification by at least two of the three factors.
For your question, there are any two from the three factor categories that could be used.
However, there are also limited versions of a single category that are often used as a backup when 2fa is not available. In this case, google uses backup codes when "what you have" is not available. Backup codes are functionally equivalent to passwords, except that they are limited to a single-time use. Limiting use is often a method of using a single factor category, when another factor is not available.
Another method is to rely upon another authority, such as using a physical ID card that can be validated in order to let a person back in.
And so forth.
This is not a technical problem and should not be automated away.
Rely on trustworthy third parties. Universal utilities like Google should have retail outlets which are adapted to local conditions and can exercise educated judgement. In some countries, the police might certify the identity of the individual, and then Google could trust that certification. In another place, it might be some combination of the Red Cross and a public hospital. Obviously some identifications will be easier and others harder - if a person in New York claims they are the owner of an account based in Spain, the employee should be suspicious and require a higher burden of proof (and the reactivation might be logistically more difficult).
> The other thing is, we want at the same time Gmail to be unhackable against best hackers and state sponsored adversaries for the billions of users, including high profile dissidents, journalists, and senators who will inevitably have accounts;
I'm not really convinced high profile dissidents, journalists and senators (why senators?) should be trusting Gmail to protect them from state sponsored adversaries. Google generally wants to do business in territories controlled by states which means they have to follow laws and will sometimes be subject to intimidation; but they have no intrinsic motivation to be unhackable.
Sorry but this just isn't happening, and if there is regulation to make something like this happen, companies will just turn off their services. Plus this would essentially seal off competition: want to run an email hosting startup? Guess you have to manage real estate all over the world and work with every government.
This whole conversation seems backwards to me. Yes, it should be easier for people to recover their accounts, but should governments be totally reliant on private email providers for communicating with people who need services?
The story, as I understand it, goes something like this: a case worker emails a homeless person, the homeless person can't access their email, and then the case worker denies them access to programs because they never got a response. That is not solely an email problem---it's also a huge problem with these programs and services! Why don't they provide identity services and retail outlets to help people get the resources they need? Why are governments shoving this responsibility into the private sector?
Why Senators? They’re high ranking US government officials, they’re a prime target for state sponsored attackers.
Other than Protonmail I wouldn’t trust anyone else with my email. Gmail is close to if not the #1 non-governmental target for state sponsored attackers. The NSA runs secure email for TS-SCI communications but they don’t want to have to teach John Podesta how to not get phished, and Google has the best defense against those attacks if you enable advanced protection.
How?
You don't need to use Gmail. There are a lot of good free mail providers.
I guess too bad! Should have thought of my future homelessness when I was signing up for an email service a decade ago!
Drop the password requirement. Use fingerprints + face. Very hard to lose these, but not impossible. Note, this solution is 1.5FA, but would solve the issue at hand. (pun alert)
Ignoring the issue of device accessibility - which is the crux of the 2FA problem.
If they truly can't keep anything on them, someone who recognizes them needs to represent them. (A locker won't do - they'll lose the key.)
And if they have no friends they can trust (which is likely) then it probably needs to be a government worker of some sort, who has their photo on the computer.
I mean, unless you want to have retina scans to log into library computers or something. Or really reliable face recognition.
It's only hard if you adopt a one size fits all approach to security.
Google's proclivity towards treating its users as an undifferentiated commodity isnt proof that its users couldnt be treated differently.
There is none. That's the entire point of the post: "something you have" doesn't work if you're at risk of losing all of your possessions at any time. So let them disable 2FA and rely on passwords - or even better yet, provide some way to actually talk to a person and verify identity.
Almost certainly is a bad idea. But the first thing that seems like it could work would be an implantable nfc yubikey. Then making more devices support nfc.
I know I would be pretty tempted to get an implantable 2FA device if one was available and seemed like it would have both broad and long term support.
I can read the headline now
“GOVERNMENT PROGRAM TO CHIP HOMELESS PEOPLE LIKE DOGS TO PROVE IDENTITY”
I implore you to read The Scarlet Letter and perhaps read up on [similar such things](https://en.wikipedia.org/wiki/Identification_of_inmates_in_G...).
Biometric? Amazon One's hand recognition would be a decent solution here, though I'll be damned if I've ever met someone willing to try it. And I ask, every time I go to Whole Foods.
What kind of 2FA would be human-proof?
Also, the tweet uses the word "permanent" but doesn't explain. How is it any more "permanent" than anyone else?
I disagree with the idea that because a very, very niche audience is in dire straits that the design decisions should be based on their needs. The forced 2FA system has probably prevented identify theft and financial loss for a very large number of people. I'm saying this as someone who thinks Google is a shady and dangerous entity in general.
It's similar to the idea that hard cases make bad law.
Half of you in here have never met a non-technical user. These folks should not have 2FA on ever, because they can't even use the damn thing with it on.
Yes, those users run a higher risk and should be notified of that extremely clearly. But 2FA is a garbage solution to the problem and it should always be possible to disable it.
I'm going to continue using 2FA happily like most of those in here - but man the lack of empathy is outstanding in here. I feel bad for your users.
And fuck Discord for not allowing me to reset my account with my own damn email address when my phone broke that one time. Total morons, through and through. I'd never want to work with anyone so objectively ignorant and unwilling to admit their ass backwards position.
A much less critical or important thing but underlines the bad attitudes: I just tried to renew my cancelled Netflix membership yesterday. I am not allowed to do that without providing a phone number (I used Netflix for ca. 8 years without it). I do not provide that because I do not want to. I do not tie every aspect of my life to my phone number. In fact I do not want to tie any aspect of it to my phone exclusively. Phone number based authentication is not safe and reliable anyway (can loose, stolen, damaged, then I'll have a cascading effect of problems instantly).
I talked long to the helpdesk lady and the conclusion is that I am not allowed to renew my Netflix account without providing a phone number. End of story.
I permanently remain a non-Netflix user this way. Their loss actually.
(A secondary trouble with them is that they are trying to misinform me, giving false reasons! The support lady reasoned that they need the phone number for validating bank transaction. Since they - Netflix - want to use this to send a code in text that I am required to type into their - Netflix - system it has nothing to do with my bank and with authenticating the transaction! (my bank would never use phone for authienticating a transaction btw, I am not even sure if I updated my phone number with them, they reach me other electronic ways). She was just bullsh%ting! Also the renewal pages stated differently, saying that authenticating my account is where the phone number is required. Not to mention that a friend of mine registered recently and for him the reason to register a phone number was to retrieve password recovery messages. Three sources, three different reasons, one of them is complete bullsh%t. Very repelling kind of practice, I am actually glad staying away.)
(A third smaller aspect was that the helpdesk lady tried to interview me about my phone usage strategy and my reasons instead of answering my question about alternatives. It is not her business how I use phone and trying to pressure me into some rigid lifestyle strategy they determine. There are many alternative ways to carry out the same task, they should provide more and better choices.)
I've been caught out recently twice: once I was away on work and had to access my email. Google demanded that I verify it using my phone that I'd previously accessed my work email with. However, this phone was just a phone I use for development, had never had a sim card inserted, and was on my desk at home. I hadn't agreed that it should be used for 2FA. It was tremendously inconvenient because I needed to find where my hotel was.
Another time recently I managed to destroy my phone in an accident and got the phone replaced. Despite taking the sim card from the old phone and putting it in the new one, doing a factory reset on the old one, and it not being active for a week, Google still demanded I 2FA authenticate on the old one.
I feel these problems could have easily been avoided, but it's typical latter-day Google experience: a tin ear for the customer experience and a general attitude of automation knows better than users.
And maybe the government should consider providing an email account too. The cost would be negligible compared to buying people new phones every 12 weeks...
You can force people to use 2FA, but then you discriminate against people who can't. You can build an account recovery flow that requires government-issued proof of ID, but then you sacrifice privacy. You can do neither, but then you make accounts easier to compromise and harder to recover. There's no good solution here, it's all tradeoffs.
Captchas are another situation where this problem arises. You can implement easy audio and text captchas, available in all the languages your signup form supports, but then you get a lot more fraudulent signups. You can eliminate captchas altogether, relying on invasive user fingerprinting instead, but then you sacrifice privacy. You can do neither, but then you discriminate against visually impaired users. Once again, no good solution, just tradeoffs.
Most of us have at least one email account that's already under our real name, where we have no big interest in hiding our real identity, but we do have a big interest in not being randomly shut down by Google. We hear about such shutdowns every few weeks on HN, if not more.
Google has unfathomable financial and technical resources, much of which goes to projects of speculative value at best. I can't help but feel that they could provide a slightly more customized login experience to help diverse people with diverse needs.
But most people aren't aware of any of this, choose the one they know of or see first, and get angry when 'it doesn't work right'.
Like OP said, all cover is temporary.
If you've every tried to teach an old person how to use 2FA you know it's an uphill battle. Using a fingerprint reader isn't even doable for some. And we're all going to be old one day.
Practically, we need ideas like to 2FA to gain tractionas widely as possible, while realising that isn't everywhere. And some people will never use 2FA, need higher thresholds for triggering lockouts, and need alternative methods for re-establishing identity to their ID provider (google in this case). For some people that might be their local librarians or community shelter, legal aid groups, and banks.
A lot of the downsides are mitigated by using Google Voice as the SMS number, since attackers can't migrate your number away from Google.
But in general, I totally agree with you from a security perspective. I just think that it's a difficult thing to get people to use authenticator apps. Apple has resorted to baking the functionality into their OS.
And that's disregarding the elephant in the room, i.e. Google inevitably pulling the plug on Voice at some point.
1. Somebody has a phone
2. Somebody has a smart phone
3. They are in contact with the phone 24/7
4. They are the unique user of that phone
5. The SIM card and/or number cannot be taken from the phone (virtually or physically)
I currently have to use this for work, with the only positive being that if I get locked out, I can go tell the admin team to let me back in. With someone like Google, it's not even possible to get them on the phone to explain, let alone have them believe it is really you.
The tough issue here is that these access edge cases look a lot like malicious use. The aren't but authenticating someone who has no device or ID or really much else to authenticate themselves is a Hard Problem. Passwords also aren't the solution here, the industry is moving away from them precisely because they provide poor authentication, particularly for vulnerable people.
When setting up thunderbird, I've had multiple Google accounts lie about suspicious activity and demand I go through about 10 captcha checks and enter my old password and answer my security questions and verify my phone number. After passing all of that without error, they STILL won't let me log in with a blanket statement about security.
Why oh why would they ask users to jump through extreme hoops just looking for any possible questionable failure to point to as an excuse, but still reject you after passing everything? If you're not going to let people use their account, farming free AI detection and personal information out of them doesn't seem like a legitimate tactic one should be doing.
They discriminate against some phone numbers too. They have to be in whatever they think the correct country is, they often can't be VOIP or VOIP related, and there's unknown blacklists of some famous numbers sometimes.
What happens when we run out of phone numbers? I won't be surprised when accounts start getting banned for "sharing" or "ban evading" phone numbers (aka getting a new phone number for any reason) because it screws up their ad tracking of you... Or they'll force you to first log into an account in order to delete it even though it belongs to somebody else. Or your new phone number you bought specifically for authenticating a separate account is banned (just like voip number) because a previous user was banned using it.
We shouldn't have to rely on Gmail for what may be the only way to get information/apply for on basic government services!
https://www.congress.gov/bill/117th-congress/house-bill/4258
The majority of companies seem to view email addresses and phone numbers as largely permanent identifiers.
Then there are the companies that actually provide you those things. To them, what they provide you is definitely not permanent.
The whole reason I use an authenticator app is so that my accounts aren't dependent on having the same phone number forever!
We should not be treating phonenumbers as SSN round two, where everyone relies on it for your identity, and it should never be changed because of how much shit was needlessly tied to it.
I rue the day I need to change my phone number and my digital identity becomes a huge headache, especially for far flung services that decided they wanted my phone number, but I wouldn't have considered going explicitly to them to update it.
I'm not proposing a solution for the real issue, simply a way of making things easier for people who have a hard enough time already.
Google's authenticator app is brain dead because they want to encourage 2FA over SMS. Why? Because it has the wonderful side effect of destroying your privacy. With your phone number, Google can easily identify you personally. Ain't that special --- privacy invasion wrapped up in security clothing! Much too tempting for Google to resist.
Google didn't invent OTP so there are other apps that are perfectly compatible.
Word to the wise, it should be obvious by now that all things "Google" are synonymous with "privacy invasion".
The lack of key backup and restore is one big reason not to use Google's authenticator app. Other compatible apps are not so brain dead. I backup every time I add a new sign in.
If you don't have the ability to sign in from multiple devices and the ability to install access onto any new device, then you're doing it wrong.
Phones are highly portable devices subject to being stolen, damaged or just dying for no obvious reason --- so always be prepared. This is simply not possible with 2FA over SMS.
And since it's always more productive to assume malice, not stupidity — obviously, this is the point. Somebody wants you to depend on your phone number, something you don't really control and cannot easily change. This isn't about comfort and security, it never was. What else is new.
But, I mean, if I have to pretend that it's not about me, but about homeless people for something to be changed — I guess I'm homeless' rights supporter #1 from now on.
One of the worst examples I've heard is that Overwatch 2 not only requires a phone number, but they actually check with your carrier if it's a prepaid number, and if it is, you're banned. Sorry poor people, Blizzard doesn't want scum like you playing their game.
Assuming someone's phone number never changes, or that they'll have access to their old and new numbers at the same time, is simply wrong and does not work.
I haven't been locked out of Google yet, somehow, but maybe it's just a matter of time.
Maybe my house will get burgled, maybe I will lose all my stuff in travel, or a fire, or ... I don't know. Email is kind of the key to everything, which makes 2FA important, but can also a huge pain in all sorts of exceptional situations, and losing access to your email often means losing access to lots of other stuff, too.
I feel account access is still an unsolved problem; 2FA is a meh stop-gap solution at best with lots of trade-offs. Ideally your account should be tied to your identity (e.g. passport or the like) in a privacy-secure manner.
Or, he can safely store their 2FA backup codes in his house.
The homeless make up like 0.1% of society. And not every homeless person has this issue. It would be insane to make any feature for like 0.02% of the population. Especially a feature which diminished security. Because yes, those 0.02% of people might have an easier time accessing their accounts, but probably 100x that amount of people are going to end up getting tricked into de-securing their account, or do it by accident, and end up getting compromised.
> Or, he can safely store their 2FA backup codes in his house.
Why even have security? Your solution practically screams for those 30+ people to be taken advantage of.
Just use a different email provider whose procedures align with how you regularly change your phone number.
Why have security? So some random, untrusted person can't compromise the account. If Chad holds the codes, then only he can compromise the account, and maybe their relationships are good enough that they would trust him.
Using a different email provider also works, but I assumed there would be some reason that doesn't work - android effectively has a built in gmail client, non-tech people might just autocomplete "@gmail.com" and mess up someone's address if it is a non-expected domain, etc.
I don't work for google, and recognize they have many other issues, but this person on twitter is incorrect. There are other methods in addition to backup codes. There are voice authentication and id upload. I've even had Google call me back, and I spoke to a person who manually authenticated me.
This particular system isn't broken.
Of course, there are many other email providers. Why would someone keep choosing the same provider, when it doesn't act in the way they expect?
Turns out 2FA is also being used as a low-effort form of a captcha in addition to being a tool for data harvesting and “device identification”. I wouldn’t be surprised if legitimate users simply never receive a 2FA SMS because someone used a prepaid phone or something.
I pray for the rise of esims! I feel like it's on the cards.
You do need to be able to receive a texted code at a phone number to create a brand-new account. This is to deter spammers from creating lots of accounts. But once that's done, you can remove the phone number from the account.
I also don't use my phone much, and the only reason I even have one of those things is because it's "needed" for so many things.
Yeah I have no idea why phones still use numbers. It would be so easier if same address for e-mail worked for voice, just add some DNS records that point at my phone provider to domain and done.
Then again, spam calls would probably be so much worse...
Almost every free email service I've tried now requires a phone number to setup. Even protonmail required it for a brief while, although they now are back to captcha and a stern warning. I actually can't think of another free service besides protonmail that this isn't now true for.
An annoying trick some of them use is to allow you to setup the account and then lock it some time later. I've seen on immediate login (irritating waste of time) or after you've used it for awhile (what you used the account for is now held hostage unless you cough up a phone number).
Among those half a million homeless, how many use gmail and are unable to change for whatever reason? Among those, how many have issues with 2FA? Thus we advocate for increasing the vulnerability of millions to do something that would not even help the homeless that much. The whole problem of having to replace their phones every 12 weeks sounds like a far more pressing issue to investigate and find solutions for.
The homeless are certainly not a niche audience. There might be between 13 and 26 million people in the US alone who have experienced homelessness at some point in their lives [0].
Besides, issues around permanent access to security devices are not exclusive to the homeless. The problem described in TFA impacts a far larger segment of society.
Critical services are increasingly only available online -- and online services are increasingly critical. The people governing access to critical services are willfully ignorant to the difficulties that vulnerable people face, and often make those difficulties worse.
Not very niche.
Besides the fact that this doesn't scale at all, not using gmail is arguably a bad decision. If you have an email address at shiftydomain.com, some services won't accept it because its low barriers to entry may have been exploited by spammers or similar.
They are a vulnerable niche, but a niche nonetheless.
Then your grandparents are technical users. Curiously, so are mine. Sorry to tell you that you're wrong though and you have not met the non-technical users.
I've had to try to help my aunt and uncle recover old Apple and Google accounts with complete failure because they've changed cell phone providers and didn't care that their phone numbers changed. At no point are they adequately warned this is the case, and recovery codes are a confusing additional layer that they don't understand.
So they basically lose everything and nobody is willing to help them. You are making a grand assumption about accessibility - not everyone has the capability to grok such a convoluted login process. The non-technical users often aren't morons - they are just differently abled. Maybe they are immigrants who didn't grow up with computers much because they were poor, or have a mental condition.
2FA fails spectacularly on accessibility.
Your reply is an example of the problem - completely oblivious to the users that are horribly underserved by 2FA as it exists.
You do not need to be a programmer or work in IT to know how to use a computer effectively.
On the other hand there are people that do not use computers nor smartphone features that aren't also offered in feature phones.
[0] https://www.etymonline.com/word/technical#etymonline_v_7660
I find it disturbing to imagine that people are stuck with phone numbers as de facto ID.
Trump for example. Which is why his account was regularly hacked.
Problems would happen when the new person tried to log in to the account. Since the login was from an unrecognized device and an unrecognized IP address, security was tightened. Even after inputting the correct password and entering the right backup email, it was mandatory to enter an SMS message from the phone number tied to the account, even after various troubleshooting and attempted workarounds. That meant getting ahold of the previous executive, who may be busy or changed their number.
You could argue that Gmails weren't meant to be used this way, which is fair; the goal of this comment is just to provide additional evidence that the description provided by the parent comment is true. (In the end, we went for a low-cost, reliable email service to fix the issue in the long-term. We also found that registered non-profits are eligible for free Google Workspace or Microsoft Outlook email plans subject to certain eligibility conditions, though we did not have a need of becoming an officially registered non-profit at the time.)
1) Not providing phone number for 2FA. Never.
2) Using multiple (3 pcs.) physical keys for 2FA (like Yubikey and similar). Authentication app is an alternative for one choice of 2FA (but not the sole one!)
3) Only using a limited set of Google functionality. Use for secondary purposes mostly.
Well, the last one is mainly to mitigate the consequences if happens anyway, for other reasons too (like with that poor guy who made picture of his own naked baby for a remote diagnostics with his doctor and the Google locked him out for months - and still counting at the time of the article - for child pornography) 1) Don't use anything Google.Alternatively you can purchase a hardware key and store it in a trusted place, but admittedly they are expensive, so OTBC is the usual route.
I'm logged in to such an account right now and there's no way to do this. The account primary email is also set as the recovery email address and there's no way to add another.
It's actually deceptive to the user to even call it a recovery email address in this case, since Google will never offer to alternatively send a verification code there if the 2FA device is unavailable.
Heck, here’s an idea for a startup: a digital “moving” service. IRL I could pay a company to take everything I own, pack it up, ship it somewhere else, and even unpack it too. I’d like to see a digital equivalent.
If you've got some spare time, have you considered taking them to small-claims court for refusing to cancel your membership and still charging you? It'll cost them a huge amount if they show up, and if they don't then you get a judgement against them by default. Or if you signed some contract agreeing to only use specified some Netflix-specified legal intermediator, use that.
If everybody who was screwed over by tech companies took legal action against them, it'd cost the companies a huge amount of money and they'd have to improve the way they treated people.
No ads, easy to use, free, and doesn't require a phone number or email.
Phone numbers are often included in billing address inputs, so I imagine it's at least logged in the bank's system and perhaps used as a heuristic signal for fraud.
I've never seen this issue. I don't have 2FA enabled for any personal Google account. There are some dark patterns to try and get you to enable 2FA that I don't agree with, e.g. a big "add a phone number to your account" page after you log in, with a small "skip for now" button at the bottom.
If you delve though GMail's settings, under "Sign-in and recovery":
Trusted mobile devices
Google can verify that it's you by sending sign-in notifications to a private
phone or tablet. You can remove it in your recently used devices.
There's no way to turn it off as far as I can see. You can remove a device from the authorised list, but that's not very helpful if you don't realise that it's been added.It's idiotic. It's essentially: "confirm that you're allowed to access your email by confirming that you already have access to your email".
If you are wondering how I authenticated the first place onto the burner, I used TOTP, but she would not let me use it again; she wanted my burner.
Google then decided that it was going to ignore TOTP set up and prefer the "Trusted mobile device."
In a way it actually made my account less secure, since that was a testing device and had no passcode on it.
The problem here is that misapplied empathy can lead to terrible decisions. Having Google change their 2FA system for this group would be one such decision. It's similar to the 'think of the kids + terrorism' attacks on encryption. It's socially difficult to argue against these ideas because you are then labeled as a terrible and non-empathetic person, but the solutions themselves make one other thing worse without really being helpful other than for garnering retweets and likes.
In this case, we actually aren't being ambitious enough. Why are we having a system where we give out phones every 12 weeks to each homeless person? We'd probably save money for the program by developing some sort of dedicated device designed to be harder to steal or lose. Maybe a high-autonomy low-powered KaiOS smartphone that can be attached as a strap? It's not like the current devices are working.
Why is it such a hassle to keep the same number after a theft? We could investigate there too. Improving this would be better than decreasing the effectiveness of gmail's measures.
Heck, if we want to focus on Gmail, why not focus on why it's the default choice for the homeless to begin with, as opposed to removing features.
We could try to solve the problem structurally but we prefer the caseworker approach, because it's more easily packaged 'empathy' than actually fixing the homelessness issue. It's like people who travel to developing countries to 'help', when the locals need investments and training facilities, not extra warm bodies. Actually giving homes to the homeless would probably be cheaper than whatever we are doing now, even taking into account the mental illness and drug-abuse problems that factor into this.
Google could put a toggle in Google Account settings titled something like "Allow anyone who knows my password to log in to my Google account (less secure)." It could sit above a description of the risks involved. It would need to be disabled by default, and it wouldn't help users who don't know about it. It certainly would not fix homelessness in society. But it would do a lot of good for a lot of people!
Would this option lead to some increased number of hacked accounts? Probably, but these would be accounts that explicitly opted in to that risk! I think it's excessively paternalistic to not provide the option. Every life situation is unique, and people know their own lives better than Google does.
This point is worth reiterating. Homelessness can be solved by providing housing. Yes, homelessness is a complex multi-faceted problem, but the first order solution to the problem is to provide housing.
Homelessness is a problem with huge externalities to society. Put another way, homelessness is an enormously expensive solution to the problem of providing space for humans to live.
Mark spent considerable time earning the trust of LA's skid row population – a large roadside tent community – and has a series of 1:1 interviews with a slice of the population, exploring their histories, challenges, preferences, and culture.
Mark doesn't believe that many (most?) of the skid row population would benefit from being provided with housing, and that issues of trauma, mental health, and childhood family environment are what he believes would have the highest leverage on the problem.
This is of course just one perspective on the problem, but Mark's perspective taught me quite a bit.
It could be opt-out.
> It's similar to the 'think of the kids + terrorism' attacks on encryption.
No, it's not. Nobody choosing whether _they_ enable 2FA affects your decision to use it or not. It's more like forcing drugs down somebody's throat because you believe it benefits them and everybody else is doing it anyway.
> Why is it such a hassle to keep the same number after a theft? We could investigate there too.
Sim-jacking. Somebody could claim to have lost it and just take your number. This has happened before. The problem of authentication is fundamental in security and Google are just passing the buck onto phone service providers.
> Heck, if we want to focus on Gmail, why not focus on why it's the default choice for the homeless to begin with, as opposed to removing features.
Because it's free and the emails don't bounce. Most big tech has 2FA now.
We have to break out of the stereotype that homelessness is a city problem. It isn't. Far from it.
Homelessness is more obvious in cities because there are fewer places for homeless people to be. But there are plenty of homeless people camped out in rural and suburban towns, if you know what to look for.
I recently lived in a snooty city suburb where most of the homes cost from $600,000 to $10 million, and guess what — the drainage tunnels beneath the Home Depot, the maintenance underpasses in the parks, the undeveloped wooded lots were all full of homeless people.
Promulgating the notion that homelessness is a city problem is what allows suburban and rural politicians to cut funding for homeless services because "it doesn't affect my constituents."
google isn't requiring specific 2FA data, like address, because they are stalwart guardians of data. They are harvesting data because that is their business.
The homeless don't have enough data to be of value to an entity like goolge
E-mail needs to be a regulated utility, given that getting locked out of one’s email happens all the time with catastrophic consequences.
That's not the problem, that's a vague wave at a generic class of innuendo that could be used just as easily to rationalize not allowing your child to eat ice cream or Japanese internment. You have to make the case why Google changing their 2FA system is so much more important than the homeless having phone service, you can't just say "sometimes, empathy can be bad."
I'm not getting that from the rest of the comment, which seems like a gish gallop around a bunch of other things that we're also not going to do for the homeless, and about which you or somebody else can say "it's only human to be worried about other people going through these issues, but empathy can be bad. The answer isn't that HUD should change the second line of the third section of Form B, it's that we should fix the homeless problem completely."
edit: We can't use as an excuse for not making small changes that we should be making larger changes. The excuses that one makes to avoid making small changes will apply more so to larger changes.
You're putting the cart before the horse. The far simpler solution is for the government to provide the homeless with email. Now the auth can work however you want.
Also, homelessness isn’t the problem we think it is. It’s millions of problems. Any solution will never help more than a subset of the homeless population. We need to iterate on small solutions to make progress.
May I introduce you to the concept of scissors?
Let's say I care. Let's say I care a lot. I care so much that I'm willing to make it my personal problem to address the very real, very pressing needs of a critically vulnerable and marginalized part of my community from inside Google.
What am I going to do? Is anyone going to be happier if I stand up and proclaim loudly how much I care? Probably not.
Could I say "Gee, what if we just let everyone put themselves in the group of people who don't do 2FA"? Yes, if I wanted to be responsible for a lot of people not securing their accounts. Could I outsource identity verification to a wide assortment of groups (libraries, non-profits, etc.)? Absolutely, so long as I'm alright with this being used to gain improper access to a LOT of accounts outside the target segment. Could I offer more password chances and friendlier lockout times? Sure, so long as I'm OK with the negative consequences of this for a lot of people.
OK. Let's end the game now. We don't really have any major steps towards real solutions here. Empathy is very useful for showing where a problem is. Demanding what amounts to lowering the global bar for account security is perhaps not the ideal approach here.
Sometimes problems are just hard. Taking ownership and feeling empathy and sincerely wanting to solve the problem does not render them easy.
If you dont know how to control what happens in the park you build, then the park will be shutdown.
In the case of Google its not hard to speed up the process of shutdown. I just encourage them to keep working on more and more mindless ivory tower trash like Pixel phones, watches etc and inject more Ads into everything. They dont have the imagination for anything else but want a pat on the head for whatever they build. Give it to them.
As I wrote, THIS WOULD NOT BE THE DEFAULT. It is quite possible to pre nominate the specific groups that can allow unlocking of an individual account. And that's all it is, account unlock when they use a new device, or putting the account into PW only mode for a period.
If the PW is forgotten you require a higher level of identity verification, like a bank/USPS/DMV process.
Facebook already has this enabled, you can have a friend/family member (or two of them!) validate your account.
If you're determined not to find solutions then you won't progress.
"Sometimes problems are just hard. Taking ownership and feeling empathy and sincerely wanting to solve the problem does not render them easy."
No one said it did and it's better than not caring at all.
Recent story was a 65yo + veteran living in a shelter. They hadn’t started collecting social security due to some debts and was worried it would ALL be garnished.
After explaining that veterans get expedited in line for housing and that they would still get almost all of their SS, they have applied for it and should be housed soon.
It doesn’t surprise me at all that 2FA causes problems after hearing many stories similar to this one.
Is this common? I knew a guy who had the same mindset. I ended up paying him in cash for some work, he was convinced that if he made any money in a traditional role it would be instantly garnished.
This is not black and white. It is possible to encourage 2FA but allow to opt out. The same for phone numbers.
And that's why companies enforce 2FA: they want your juicy phone-number or other data. And yeah, maybe they also want to reduce support costs and avoid bad publicity. Still, it's not in your interest, it's in theirs.
If they at least would allow for a sufficient number of options. Like paper-tan (even self printed), yubikey or similar, second email address, an authenticator, ... but even big companies often only require a phone number.
EDIT: Yes, Google offers more than a phone number when creating a gmail account. I didn't say they don't. However: they don't make it easy and I would even go as far as saying that they are evil here. If you don't believe me, try to create a gmail account right now and don't google/search how to do it without phone number.
The key takeaway is not about how we should promote 2FA or how we should promote long ass passwords, the main issue at hand is google's neglectful lack of customer support.
I was once caught in this non-sense many moons ago. But I learned my lesson, I absolutely do not rely on any google products for anything that has any potential to impact me personally (with the unfortunate exception of the Android OS on my phone).
Google as a brand is absolutely dead in the water for anyone that has woken up from the 'Don't be evil' kool-aid of the early days.
Sometimes you have to make hard choices where some people get burned because the alternatives are worse. That doesn’t mean you don’t care.
I'm in my early 40s, computer programmer, and I've temporarily lost access to my WhatsApp account because I don't have a recent enough mobile phone, and the phone that I do have doesn't have a relatively recent OS installed.
It's a 4-year old (I think I've got it for 4 years) iPhone SE, on which I never updated the OS because I hadn't feel the need to do it. When I started getting pop-ups that "hey, our app will stop functioning on your phone unless you upgrade the OS" was already too late for that, I was afraid that upgrading the phone to the latest OS will cripple it permanently in terms of performance (the battery is already on its way out by this point).
So, assuming I get to 70, in no way I'll be up to date by then in terms of having the latest OS installed and all that crazy stuff, who has the time and the nerves for that? (especially the nerves).
The DMV works with people like this all the time; perhaps something could be done there where you have a government issued email address that you can't lose or be locked out of (worst case you take your ID to the DMV and the nice clerk helps you reset your password/sign in).
Google is already providing a free service to homeless people. It's not empathy to tell someone else to solve a problem that you care about. That's virtue signaling. If he cares, he should take matters into his own hands.
Is it too much to ask a single person to build a free email service for all homeless people? Perhaps, but the good news is that he doesn't have to. Google already allows you to disable 2FA [1]. He could have started a campaign to disable 2FA on homeless people's phones, but instead he uses this as an opportunity to shame Google to boost his own Twitter follower count.
I think that empathy is highly overrated. I doubt anyone notorious for flashing their big Johnson is particularly empathetic, yet LBJ expanded social services more than any other President. The problem isn't that people have too little empathy these days. It's that people are too easily impressed by broadcasting their intentions rather than actually trying to solve a problem.
What's stopping any of those groups becoming a homeless person's 2FA?
It’s a problem all around - the elderly are most vulnerable to the types of account takeovers that MFA will prevent.
UX for good security can exist, but it does need a little bit of education.
We will all be old one day but I have trouble believing we will just forget how to use computers. On the other hand, we do need to carefully consider the role google plays in our lives… especially for us Europeans, who are just at the mercy of a US company’s whims.
I think we also have to realize that not everyone who is homeless has problems that can explain it away.
It's easy to look at someone who is homeless and tell yourself, "Oh, he's a dope addict. He did this to himself." It's only very rarely true, and you're only making excuses for not helping another human being.
Just last year there were newspaper articles about how a shocking number of perfectly normal public school teachers in California live out of their cars, just because they cannot afford a place to live on what they're paid.
Most people, especially in the SV bubble, would be shocked to learn how many of the baristas, maids, security guards, convenience store clerks, and other people they encounter every single day are homeless, living in their cars, or sleeping on other people's couches through no fault of their own.
If we can "solve" the problem for the dopest of dope addicts, the problem will also be solved for the homeless barista.
That still doesn't solve the problem for homelessness, of course.
thats just one opinion on security. you see this world where google is an identity provider, and you prove your identity to it via a librarian or bank. i dont. an internet service should absolutely never require any form of government id nor separate network like cell.
But not for ALL people. Just for the people who need it.
You keep using TOTP and GPG email all you want, just don't get in the way of them getting basic services like social security.
No, 2FA needs to die in a fire. Easily circumvented in most social attacks that actually matter, false sense of security, massive timewaster/usability-hell/pain in the butt, acts as a novel social/corporate/accessibility barrier to technology for a large number of previously unaffected groups, and poses a threat to software freedoms.
There are many ways to strengthen security and this has got to be the shittiest one.
Down grading security for the benefit of a tiny minority with an especially ridiculous use case is not the greater good. If the homeless people think they are at risk of losing their phone then they should pick another free email vendor.
1. Vulnerable populations need more assistance accessing essential services required to participate in society
2. Service providers need to maintain a reasonable level of security for their customers
Can both be true. Saying that maximum (or minimum) levels of security are required at all time completely misses the point of security--which is to mitigate risk. How much risk is appropriate varies a lot by context.
Beyond the context of risk, there is reasonable debate to be had on how to best provide access to essential services to vulnerable populations. It's pretty important to have an email nowadays and if you're not tech savvy or an individual/community has little to no money to spend it's not unreasonable to have the reality of the matter be that there may simply not be many good alternatives (or awareness of alternatives) to GMail.
I'm not sure what a correct answer here looks like, but I don't think ignoring the need is an approach that gets us to a better society or enables vulnerable populations to better care for themselves.
A library solution may not scale. Sure, a librarian might develop a personal relationship and do this as a favor for someone. But the author mentions talking to about 30 people with this problem in his neighborhood, which suggests that if word got out a librarian was doing this and they tried to institutionalize it, a library might have to store codes for dozens or hundreds of people it has no way to authenticate.
It wouldn't be a librarian doing someone a favour, but rather a service that libraries provide.
This could be a great evolution for libraries. They are already a distributed, public system, that people in general trust, but their role in society has changed with the rise of the internet and online services, and this could be a really useful role they could fill.
Defining a state-sponsored email account that can only be logged in from specific government machines (imagine a kiosk at the DMV, say) where there are trained clerks who can identify homeless in some way could work.
If the person has ID, then many options work, but if they don't what can a DMV and trained clerks do that others can't in some way?
Lastly, I'm not from the US but even I've heard that the DMV is a hellish place with queues hours long. Putting more barriers in front of those who are already in a tough spot (and may need to spend that time working, queueing for shelters, etc) is a big ask.
At some point, this becomes a problem better suited to the government.
Imagine you have a loved one who has dementia or is homeless and incapable of administering their digital accounts with traditional authentication methods. You want to take over their accounts.
You will need to present evidence that:
- they are indeed incapacitated
- they are who they say they are, aside from you vouching for them
- you are who you say you are
- you legitimately represent this person
- there isn’t somebody else who has a better claim at representing that person
I personally don’t want any tech company in the position to sort through all of that on a case-by-case basis and decide which accounts to unlock or transfer ownership to. Let the government or the courts figure that out.
If we treat it as a utility, it's fine to regulate it as such. If <big corp> want to make money, directly or indirectly, by offering email service, they should have some standard of service. If they can't we can just make it public service, which wouldn't let <big corp> make money out of it, but would also guarantee it's available to all.
Either way, eating the cake and leaving it whole, like it is now, shouldn't be an option.
I know why there should be security. I was pointing out that what you suggested would degrade security.
It's not whether one specific person would do anything with 30 phones' backup codes but that such a list would exist. There are many other valid security practices that can be used.
Remembering one good password is not too onerous. Easier, it seems, that keeping any physical object in your possession if you're homeless. (I would assume that most losses are not due to cognitive failure, but instead are things like thefts when one is asleep.)
The number of gmail users in the USA is obviously significantly lower, and the number of homeless or people in similar situations globally is obviously significantly higher.
The difficulties were to be expected as personal Gmails weren't meant to be used like this (the goal was just to share an anecdote about the difficulties of phone numbers used for two-factor authentication with the free service even once a year). The long-term solution we used was to pay for a reliable but low-cost (in comparison to Outlook and Google) email host initially recommended on HN and a few sysadmin forums, to gain access to organization-wide admin features.
[1] https://support.google.com/a/answer/2537800?hl=en#zippy=%2Cc...
In any case, I'm sure those involved would prefer the option of remembering a password to not having that option and getting locked out forever. Seems like a good solution. There may be better ones you can implement once this one is, always room for improvement you know
with spaces, punctuation, some sort of capilatiozation scheme (cap every last letter, or every other ,etc) and throw a number in there.
lot easier to remember than 32 random bits.
purposely misspelling something, adding spaces, and your own cap scheme make it a secure password.
I only had to change one of my passwords once when my coworkers discovered I was reliably whistling "Stayin' alive" after logging in.
OP stated "Maybe the solution should be to have some basic free state-paid email provider for those people."
I replied that there are a lot of good free email providers already.
The almost complete inability to moderate due to 1A is the largest of many fatal flaws in government run email
If you're homeless, you're getting robbed. It doesn't matter that a yubikey would be worthless to a person mugging you, they'll take everything including the worthless stuff. Or you're being picked up by an ambulance and taken to a behavioral health center after a mental health crisis and when they do that they take your clothes off and stuff goes missing, even if it's worthless.
Keeping the same number usually requires paying into an account which requires being able to make consistent payments, which is not easy to do. Or a credit card or bank account is required. You are maybe unbanked in this scenario.
> Why are we tackling the problem with caseworkers instead of something more ambitious, that would ironically be less costly in the long run?
Caseworkers make practically nothing. Does your solution get rid of human beings to act as agents for people who sometimes lose touch with reality? Will there be an AI assistant to guide someone through a schizophrenic break and get them to a hospital and help get them reoriented after they regain contact with reality? That's what's necessary and you're treating actually understanding what they're going through as if it's virtue signalling.
Could be just option hidden somewhere in the settings. Don't need to turn it off for all
> And the group we are trying to help isn't really better off.
That's just your assumption
Or, you know, pass a deal with post offices or banks. Bank ID is pretty widespread in nordic countries for instance.
But as with other topics (e.g. banking services) we're getting the usual HN answer where anything unheard of in SV but common elsewhere is considered luxury science fiction.
I think what this actually calls for though is a way to prove your identity by talking to an actual human. Something that used to be the standard before tech companies declared that it was too inefficient.
Rerouting traffic with a malicious home location record (like what was done to Merkel for years), or changing the eSPID/NNID for a numbers texting enablement is much easier than doing a SIM swap and you can usually avoid detection too.
I think pointless password rules are at the heart of this problem for many non-technical people who probably haven't been operating with a password storage solution and might not be used to that system or trust it.
Every platform has their own special requirements for passwords: some require a mix of capital and uppercase letters, some require numbers, some require a special symbol, some require a special symbol but no not that one, some restrict you from entering 3 of the same character in a row, some passwords have a short max character limit, some prevent certain characters like spaces, some require you to change it every so often, etc. Eventually, the password is forgotten or confused with another because of these pointless password rules.
I called them pointless password rules because they reduce the possible number of combinations required for an attacker to guess the password because any guessing program knows what can't possibly be valid combinations.
Then provide contingent housing based on staying sober, sticking to your treatment plan, and getting a job. You can graduate when you’re able to pay your own way.
For non-addict/mentally ill homeless, it’s housing contingent on employment, graduate when you can pay your own way.
This would solve 90% of the problem.
What if the most empathetic answer here is "This isn't really the right service for you"?
shut the fuck up. of course someone named octect is the most braindamaged fuck on earth.
Homeless people don't have enough of anything to be an attractive target for advertisers.
While I agree that there's a lot of generalization here, a lot of the point of supporting the homeless in the first place is that big tech should support everyone, even if they are indeed someone who "can't keep the same cell phone number for more than 4 months at a time" (via the source twitter thread) as if they're a government that must cater to its citizens.
It's not an easy problem to solve with "one quick trick" by any means. Part of the reason the DMV can be hellish (in the US at least) is they have to deal with everyone who has an ID, not just the "good customers".
He did progressive things, but to me it sounds like he was influenced by philosophical ideals rather than empathy. They based Frank Underwood from House of Cards on an exaggerated version of LBJ.
Then, all the "common sense" stuff: encourage use of password managers to discourage password re-use, having actual humans providing actual customer support when suspicious activity is flagged, companies educating about safe practices like banks do now (e.g. always call back to a trusted number), spam prevention at the ISP level, SSO authentication, VPN ...
At the very least there must be better ways to do two-factor authentication than what is the standard default.
And to top it all off, on many services, if you cant get all that to work, all you need is your "memorable word". *facepalm*
I'm sure there is some good reason to want to avoid people spinning up free or ultra low cost phone numbers to make extra accounts but some users were like, "I've been using TracPhone for a decade" or something like that. Also pretty surprised that it's this easy to detect the carrier. Guessing we'll see this more and more!
I have only ever used prepaid cards. I would rather be cut off from communication (or buy a local prepaid card) than get a surprise bill of hundreds of euros for visiting a country outside the EU.
I guess a lot of people have the same thought process as me around Europe, because there are lots of smartphones available with dual SIM cards.
https://www.congress.gov/bill/117th-congress/house-bill/4258
edit: Actually there is a similar bill being sponsored in the senate now this year. So something is happening
https://www.congress.gov/bill/117th-congress/senate-bill/452...
Never mind that all the things they're worried about would barely even be easier with an official national ID versus what exists now. Let alone hard/impossible without one.
But no, we just suffer though tons of wasted time for all bureaucratic processes and all kinds of hassle keeping our documents in order and tons of fraud and abuse instead. For no benefit. So we can pretend the government can't already "make a database" about dissidents or gun owners or Christians or whoever very nearly as easily and effectively as if we had an official national ID, if they wanted to. Sigh.
Now they have country-unique ID of a person that will never change so it can be linked to a person regardless of where that person logs in
I don't think the temporally homeless, like someone down on their luck. makes up the issues people have with homeless. You see some crazy person, then you see that person is homeless, your answer to that is "oh give them a studio apartment!" and not lets help them with their issue. Police should be policing violent people, for some reason instead of that we want to build homes in the middle of nowhere and drop them off their. They're still going to cause issues.
But instead the justice system is set up to give effective impunity to the worst sort of homeless people; they're back on the street days after being arrested (if they are even arrested in the first place.) They cause incredible damage and commotion, so they hog all the public attention and give all homeless people a very bad name through association.
fun fact: SIM cards can run applets based on Java. That’s how mobile payments are able to work in developing nations. I think there was a DEFCON talk about it a few years ago.
I’m with you that an average person is probably using at least dozens of services that need credentials, but these people are probably not login on Amazon or checking their 401k online for instance, nd can probably get by with a a very limited set of stuff to remember.
Now let's talk about how much effort and what level of resources it's reasonable to expect a commercial entity to invest in extending protections to vulnerable people in need who happen to not be customers.
Perhaps we're asking the wrong entity to address this problem? This seems more like a public service infrastructure problem.
You still need your phone and cell signal to receive them (at least many European carriers don't support SMS over VoWIFI); the eSIM is "stuck" in your phone if it physically breaks (and on many carriers, you can't re-use an eSIM QR activation code in any case); in many countries, SIMs expire after a couple of months or even weeks of inactivity, losing your number permanently, to name just a few.
I've found Google Voice to work quite well as a workaround for almost all of these problems, but unfortunately, many US companies insist on not allowing VoIP numbers for 2FA or even plain account creation purposes. I usually try to avoid these companies.
Wait, does this happen?
Your phone breaks (broken screen, swollen battery, whatever).
With a physical SIM you can physically extract the SIM and insert it in another (spare) phone (and you can even borrow one for a few minutes).
To transfer an e-SIM you need to authorize the transfer on the old phone (the one that doesn't work):
This is the sort of thing that I think Google could support explicitly with more access control around it, but I don't think that's entirely necessary to get the benefits.
Not garbage :)
On the one hand, this can be quite reasonably derided as a lack of imagination. Surely there must be a way to do it!
On the other hand, well, we as a society accept that businesses are generally allowed to decide they just don't want to be in a market segment or produce some features. Bridgestone is not compelled by law to have a store in every neighborhood. Montblanc is not forced to produce disposable ballpoint pens.
Perhaps we should treat this as Google admitting the limits of what they're willing and able to build. There is no shame in knowing your limits.
Gmail is functionally the root of trust / skeleton key to millions of people's online lives. The only real competitor is Facebook and, for some, Apple. I think Gmail is far better (more secure, more privacy respecting, less capricious) than Facebook.
With the admission by Chad that that homeless he advocates for can't retain mobile numbers, or ID cards, or 2fa keys, I have no idea how he thinks any secure access could possibly work.
As others have pointed out, turning off 2FA is available. Apparently that doesn't work either because the people in question forget their passwords. So I guess we should add passwords and biometrics (not available on all hardware) to the list of things that aren't going to work.
Like you, I'm left wondering what there is to anchor any level of security.
Sure, it's great that gmail is cheap, after all "it's free". But Google (and MSFT, fuck outlook.com in particular for their completely anti-competitive spam "protection" that only accepts email from other big providers) cross-finances gmail from their ad business, completely distorting every kind of service and product markets.
---
For email in particular what's needed is a LetsEncrypt-like community-driven solution for reputation management and acceptance of emails from reputable sources by the big inbox providers.
The long version (if it’s patronising please skim forward, I’m writing as an explainer for anyone else that comes along):
E-mail was originally a means to communicate informally between two participants over the Internet.
In this early version of the system the message would leave your machine, go to your Mail server, then the recipients mail server, then their inbox. This would complete the transmission and a copy would exist at both ends.
Companies providing ostensibly free online e-mail inboxes have slick sign-up funnels that on the surface seem to be offering a very similar system as the one above, with very little in the way of regulation around either the sign-up funnel or the mailbox (and which do not explain the catastrophic life consequences that can occur as a result of losing access to your mailbox).
These new mailboxes work differently from those of the early Internet, though:
1) Your mail is sent to your mail server. A copy may or may not be retained locally.
2) Your mail server transmits the message to the recipients mail server as before.
3) The recipient receives a notification of the e-mail and may or may not retain a copy locally.
This infrastructure is ubiquitous and now not quite 30 years after the early Internet we have an issue where you’ll be required to have an e-mail address for almost all public services and common accounts that have little to no online component. Your entire life, more or less, may pass through that inbox.
If one day you lose access to the account (in that you insert your password and the provider says no), you will lose access to your entire e-mail history.
You may attempt to reset some passwords for essential services, but you can’t, because they’re sending e-mails to verify your identity - which you’ll never be able to receive.
You move on, create a new account, and attempt to start over. However, e-mails - potentially important e-mails containing personal information - continue to be delivered to a mailbox that you can’t access ever again. Maybe you miss some important alerts.
Perhaps it was a gmail account that had your entire photo and video history in google photos. That’s now gone too. With your passwords, if you’re using chrome passwords.
You rebuild, and a couple of years pass, and perhaps someone else gets access to your account (either through a hack, or a rogue employee with access rights, or someone who guessed a badly thought out password).
You never find out that the account was accessed, so have no-one to complain to, and maybe you end up with savings or 401K/pensions getting emptied. Which in a lot of cases wouldn’t be discovered until they’re due to be collected.
Some of the above might sound far-fetched, but you’d be surprised how much having access to an email inbox is accepted proof-of-identity in 2022.
Hence the need for regulation.
"If one day you lose access to the account (in that you insert your password and the provider says no), you will lose access to your entire e-mail history"
This comes down to personal responsibility assuming you lost the password or even if it's the companies fault you should prepare for thus.
In this case the people asking for 2FA are the "small minority", and the rest of us have to suffer through 2FA-authentication hell because of them.
How many people don't like 2fa because they don't know about all the times it's saved them from total account takeover?
It's not a 'gish gallop' but a framework for looking at the issue. I'm not saying that empathy is sometimes bad, I'm saying that it can't be the starting point for our reasoning. It can be the impetus that makes us act, but the actual solution should come first. Sure, maybe none of the things I'm proposing will be implemented. Maybe they're all godawful ideas, but I can't fix the problem in the five minutes it took to write the post or even five decades of intense research on my own. But it's clear that keeping to that pseudo-empathy performative martyrdom mindset is an active roadblock against the more ambitious solutions. And it leads to truly awful ideas such as getting rid of encryption, rights, and so on.
I'm not dismissing the whole issue, just that it was presented in a way that's not actually conducive to helping the homeless.
If you remove forced 2FA, you would be dismissing the hundreds of thousands (at minimum) of tech illiterate people out of the 1.5 billion users who would get cleaned out in the coming weeks. Why do their lives not factor into your calculus? Are they not vulnerable too? All of this for a measure that could be resolved in so many other ways.
This is the problem I'm trying to illustrate. This sort of moral appeal helps no one, and in fact endangers other populations. If the goal truly were to help people, no one would EVER suggest an alteration that would expose billions for the benefit of thousands.
It's not that I'm determined to not find solutions. It's that I am determined to find solutions that don't create a degraded security state ready-made to abuse people's email accounts. Sometimes finding a good solution requires looking somewhere other than under the streetlight.
Like others, I'm led to the conclusion that perhaps Google isn't the party best positioned to solve this particular pain point for our most vulnerable and marginalized community members. Maybe we should be paying more attention to why Lifeline numbers aren't portable.
Social workers, shelters, libraries etc are well placed to support that. They know these people because they see them every day.
If you choose to enrol in the "community assisted recovery" process then you could enrol a new device into your email with their help. Put a big red banner at the top of the email client saying "Community recovery via Topeka Library, Kansas".
Lifeline numbers aren't portable because people have no way to prove their ownership of the previous number, because they have no ID.
The whole "community recovery" concept sets my teeth on edge. It's a whole alternative authentication avenue ripe for exploitation. Anything that positive and innocuous sounding is going to be the target of many an abuse campaign - think Cambridge Analytica and all the people who handed over their info to innocuous-looking things. Telling people all their info has been stolen isn't all that helpful for protecting them and knowing the specific library or shelter that authorized it will do very little to help.
Plus it turns the people designated as recovery agents into high-value targets.
Again, I'm not trying to avoid finding a solution. I'm trying to avoid finding a "solution" that puts a large number of people at risk unnecessarily.
Imagine Google had a full service customer support system for account recovery that everybody could access rapidly. How would a homeless person use it? They lose all their possessions regularly so they don't have a reliable form of identification. They'd need to enroll their drivers license (which they probably don't have) in the system and then still have that license when they need to recover their account. Or they could be vouched for by a pre-enrolled trusted party account that does have strong authentication systems. But... homeless people are often transient and don't have access to regular support networks like a family member or social worker who could be enrolled as a backup account. In fact, you can already enroll as backup account if you want to.
> Google as a brand is absolutely dead in the water for anyone that has woken up from the 'Don't be evil' kool-aid of the early days.
Google has a pretty bad reputation at this point on tech blogs and forums. But, believe it or not, it actually shows up near the very top of trusted brands when 3rd party analysts do surveys on the wider population. Maybe this data is wrong, I don't know. But it is interesting.
Customer support is the main entrypoint into 99% of sim swapping attacks and would be similarly for any targeted account takeovers. What sort of information do you possibly think would be enough to prove someone actually owns a Google account over the phone?
they're smart, I'm sure they can find a way, even if it contains such horrible, detestable ideas like "more support staff" and "more training for support staff"
The answer has been figured out by the highly trained engineers. It's "don't provide account recovery options that bypass 2fa". Yeah that sucks for a segment if people, but it sucks less than regularly getting your account stolen due to a social engineering attack. There really, truly, doesn't exist a panacea. You don't have and can't create an oracle that knows when an account recovery attempt is legitimate or not.
But in many cases, they either charge for it, require more or less involved bureaucratic acrobatics (including sending the QR code via physical mail as proof-of-address, because they've been burned badly by eSIM swapping), or both.
So the assumption that an eSIM activation (QR) code is more or less like a bearer token that you can keep in your password safe and use whenever required often does not hold true, especially when needed most (traveling internationally etc).
Fortunately, my provider is pretty good about it (I can instantly self-serve reissue an eSIM in their portal free of charge), but that seems to be the exception, and I also don't know how I feel about that, security-wise. (They don't offer 2FA, as far as I know.)
What is the debate? The government can collect taxes and provide services, like they do for multitude of other needs.
> I'm not sure what a correct answer here looks like, but I don't think ignoring the need is an approach that gets us to a better society or enables vulnerable populations to better care for themselves.
The correct answer is not depending on the largesse of businesses. It is using government resources to provide methods for identity verification, communications, and various other bare minimum needs for living.
The debate parent mentioned is what to do with the money, not where to get money. You can see that there are lots of possible options, right? But you say use taxes like it’s ‘duh, easy’ or something. Now we’re in the realm of the debates actually happening every day in the US, whether to provide social services at all, before we even discuss how much money they need, what to do with it, and where to get it. A huge portion of people this country seem to believe that they don’t benefit from taxes and would prefer safety nets for other people not come out of their pockets.
> The correct answer is […] using government resources to provide methods for identity verification, communications, and various other bare minimum needs for living.
This also sounds like you think it’s easy, without considering the implications. (If govt resources is the solution, why do we still have a problem?) We don’t have municipal or federal Gmail or Facebook, and there are reasons to believe programs like that would take a long time and cost a lot of money. The ‘bare minimum needs’ have changed dramatically in 20 years, and will probably keep changing just as fast for a while, with the homeless population growing in the mean time because the tax-funded social safety net we have isn’t doing the job.
Exactly, and they love it when people waste time and energy blaming businesses for not providing charity. This whole tweet storm should not be directed at Google, but directed at the US federal government.
> This also sounds like you think it’s easy, without considering the implications. (If govt resources is the solution, why do we still have a problem?)
Because it is purely political. Stalling progress on providing essentials for life helps keep people from getting help, and hence keeps taxes lower. If the US government can do identity verification for passports at USPS offices, it can do the same for other purposes.
>We don’t have municipal or federal Gmail or Facebook, and there are reasons to believe programs like that would take a long time and cost a lot of money.
If the world’s leading country cannot setup email infrastructure, then we have huge problems. Presumably, it already does for the how many million federal employees?
To be fair I don't see how any government system can do better regarding identity on the internet. Login.gov is one of the best services I've used for access to usajobs/SSA/etc but it follows some of the same security best practices people are complaining about here with no real way to re-gain access to your login.gov account should you lose your 2fa methods (afaik).
Hell, it should be trivial to offer federal government provided emails with ID verification with customer service in the event of loss of device/loss of ID/death/etc.
Homeless people aren't stupid and strong password don't have to be incredibly hard to remember. I'd rather get my accounts hacked because of password reuse than lose access to my email, forever.
There is literally nothing more important than your email. Even stuff like your bank account has secondary means of recovery, whereas if you lose access to your email you're pretty much fucked.
When your account is stolen the attacker changes your password. You lose access to your email forever and lose access to all of the services that use your email as a recovery platform.
Also... maybe getting hacked is worse, or maybe loosing access is worse, but the user should have the right to make that decision! Google can set the default, but the user knows his or her own life.
It's a terrible place to be in, but isn't nowhere as bad as being a homeless person with no access to HN and Twitter, having Google delete your account and nowhere to complain about. Because that is even worse.
If an attacker breaks in and changes your password, you already do very likely permanently lose access to your email. Account recovery from that point is a hairy process even for people who have a place to safely store important documents, let alone those who don't.
> Even stuff like your bank account has secondary means of recovery
Those rely on forms of identification that the unhoused disproportionately lack (for the same reasons that they are more prone to lose access to phone numbers). This is also among the reasons why being unhoused tends to correlate with being unbanked.
This is functionally the outcome of getting hacked, if you want any kind of decent security measures.
Any way that Google can give you access back on a password-only account is going to be rife with bad actors using social engineering to gain control of accounts. As long as that form/page exists, it is a threat vector.
What you're asking is for the password to be the only proof that someone owns an account, which means a hacker can demonstrate ownership just as much as you can.
Banks have more options for account recovery because we're willing to give them a lot more info. They can force me to come in to a branch and compare my ID to my face, or ask for my SSN, or any number of things we're not comfortable handing over to Google (especially over the web).
But by definition, the homeless have already lost a home (assuming they weren't born homeless) - and I've forgotten passwords before. So "the stupid homeless just need to memorize their password" isn't a solution.
step 1: get your account hacked
step 2: hacker changes password
step 3: lose access to your email, forever
What you've presented is not in fact a dichotomy, for any practical purposes.
Security questions are probably enough, at least for people who can’t handle 2FA.
The claim in the link is that homeless people lose every single one of their possessions after a period of time. They also have minimal access to support structures that could be used as a recovery system. We've had decades of work on authentication and pretty much every solution either involves using a password manager to create unique passwords or having possession of a physical thing.
That won't at all bother anyone homeless, because there's never been a homeless person who was a conspiracy theorist.
(Obvious sarcasm detected)
The best I can think of is trusted backup accounts, which already exist. A homeless person with regular attachment to a family member or a social worker could set up that person's account as a backup. But this already exists and is likely to fail for a large number of homeless people, who tend to struggle at maintaining long term relationships with family members or social workers who'd be able to help them.
Really?
Or did you just toss that in for the free upvotes?
Keeping all your software, and that includes the OS, up to date, is one of the most important aspects of personal security.
What’s your employment specialty that makes you trust Apple and Google?
And being paid $1k and assuming they'd have $1k and then discovering they only had $500 because of garnishment tells them "don't accept checks, cash is the only safe method".
And then it's not a step much further to be "it's not worth setting up social security because it'll all be taken".
People forget that there is a population group where fines are MORE HARMFUL than jail time. At least with jail, you can serve your time and be done.
A while back a guy destroyed a vehicle of mine and drove off. Per criminal law in my jurisdiction, he should have served at least 45 days for that offense. But it isn't like that would ever give me my property back. It's also unlikely to deter that particular crime in the population.
Another person needed an ID. In order to apply for the ID they needed a birth certificate. In order to apply for it they had to fill out the application, mail it with money, and then have a permanent place to have the birth certificate mailed an unknown amount of time later. At which point they then needed to apply for the ID and go through that process.
Your contractor’s actions makes a some twisted sense to me as he’s still receiving ‘undisclosed’ cash. The homeless veteran doesn’t make any sense to me as he was not receiving the social security funds at all.
Paying people under the table has a lot of potential liability for you and it almost always catches up with them. Especially now it’s just not viable to live off the grid (e.g. hoping you don’t get sick isn’t effective) and all this does is ensure that the amount they owe the IRS is unaffordable when the bill finally arrives, usually when their earning potential has gone down.
That isn't the same thing.
A homeless person has a vastly different cybersecurity paradigm, specifically, they don’t need much in the way of cybersecurity. Nobody is stealing a homeless person’s identity.
Given that, just let them disable it, and let them just use a password. It’s fine to rate limit them if they forget the password a few times, but let them keep trying to log in until they remember it.
Homeless people have no physically secure place to store their possessions. The reason so many of them lose cell phones is because they get stolen or destroyed. It's not because they're incapable of "keeping track" of them.
"There is an imperfect existing solution, with a problem, therefore we will ban the existing solution and move to a new, better one"
... should require extraordinary certainty in completeness of ones new solution before banning the previous.
There are very few times when the legacy method should be deprecated, and Google is the poster child of someone who shouldn't be trusted to recognize them.
(Looks pointedly at Chrome mv2/3 hubris and implementation clusterfuck)
I'm not sure why you think MV3 is a clusterfuck, it seems like it's doing exactly what Google wants. If you're confused by that, remember, you're the product, not the customer.
The great thing about something like an email service is that password guessing can be extremely rate limited. You miss three guesses and you can't log in for several hours. So an easily remembered password is perfectly fine unless it is blindingly obvious. As a homeless person loosing access to a phone on a regular basis, I am going to be comfortable with the risk that the Gmail password hashes might get leaked. I think others would be quite comfortable with that risk as well...
Just because 2FA "solves" the extremely narrowly defined problem, doesn't mean it is the best solution or even something that people can and will actually use. Upon those metrics alone, 2FA is usually one of the worst "solutions" to the problem.
It is clearly failing for this use case.
Security can't be seen as a one-size-fits all threat models. That will never be satisfactory, as requirements vary.
For most people in most scenarios 2FA is a net positive.
But denial of service is also a component of evaluating threat models. Here we're discussing cases where 2FA causes denial of service which is worse than any risk of getting the account stolen by password guessing.
Well, it isn't solving this one. Option to opt out would be nice.
> aren't capable of keeping track of a physical device for more than N weeks?
Bit ignorant of you. They could be just plainly stolen by someone else. A piece of rag working as a tent doesn't exactly have best physical security...
> I'm not unsympathetic to the problems of the homeless ant the burdens 2FA entails, but I'm also not willing to ignore the huge problems the 2FA solves, and realizing there will often be a tradeoff between making it very difficult to hack into accounts and making it easy for people with mental and other problems access their accounts.
It's not either or.
Pushing an implementation cutover by +6 months, and changing it from a hard to a soft date, because it has so many unresolved issues, incomplete APIs, and angry developers seems a fair definition of "clusterfuck."
0The issue here is that homeless don't hold onto anything physical for 4 months; identity verification breaks down in-person immediately as shelters/libraries can't be expected to run a facial recognition operation, and specific shelter employees/volunteers aren't guaranteed to be there anytime a homeless person might walk in and need those backup codes, but it breaks down even further online since 2fa is inherently 'what you know' + ('what you have'/'who you are').
The point is the hardest part of the problem is already solved - which is the physical infrastructure and labor. As for not holding onto physical items, USPS also has little boxes that people can keep their belongings in.
Many other countries have a central government portal with secure messaging, with federated identify. Heavily reliant on 2FA of course.
The aversion to 2FA makes them seem like easy targets if I'm looking for addresses to use for spam.
> maybe getting hacked is worse, or maybe loosing access is worse, but the user should have the right to make that decision
Getting hacked makes losing access considerably more likely. This ain't one or the other.
If you want to spam people, why not just sign up for your own gmail account?
Some homeless people aren't capable of the maintenance of a home due to mental or physical issues.
Some homeless people refuse to accept help for mental issues for fear of being trapped in a psych ward.
Simply put, you need to split homelessness into temporary and chronic populations. For the temporary group, homelessness is the problem. For the chronic group, it is a symptom. Treating the symptom will not have a long-term impact on much of the population.
Source: conversations with a social worker friend who spent years working with the homeless population in our metro area.
You've got a good point. These leaves are really starting to pile up, and the snow will be upon us soon. I think I'll just say fuck it and sleep under a bridge, and leave the grounds keeping to the parks department.
You did set up a straw man solely to get knocked down, right? In actuality, the idea of giving "housing to everyone" doesn't mean an idyllic single family stick-and-drywall dwelling with a yard, but rather something communal - like a less-populous more-dignified shelter with a modicum of persistent personal space. The maintenance would be institutional, and come out of the same operating budget as administration, utilities, etc.
I feel like most of the "some homeless just want to be homeless" argument revolves around baking in assumptions that public housing should come with a bunch of strings attached, to make the residents' lives "better". In your comment, this is the responsibility for maintenance or mental health treatment. Such conditions are what turns people off, not some intrinsic love for sleeping rough.
Sometimes mental issues are purely genetic but often they can also arise from or be exacerbated by trauma. And homelessness sure is traumatic.
Most homeless people do not have a severe mental illness (around 70%) [1]. For most homeless people, it's primarily an issue of housing affordability. The solution is to reduce the cost of housing.
For the people who need more support -- due to mental illness or otherwise -- the affordable, effective solution is permanent supportive housing [2].
[1] https://www.treatmentadvocacycenter.org/evidence-and-researc...
[2] https://www.coalitionforthehomeless.org/proven-solutions/
“70% were receiving mental health treatment or had in the past.” "An April 2016 survey of New York City’s homeless population reported that unsheltered homeless individuals were most likely to be severely mentally ill single males." Something like 1 in 5 of the homeless in San Francisco have a traumatic brain injury.
None of these people are going to be fixed with mere "housing".
Even worse, putting these people who desperately need medical treatment in "mere housing" is very likely to cause the "mere housing" program to fail when it could have succeeded. The homeless who need "mere housing" don't want to be near the homeless who need "significant medical treatment" any more than anybody else does.
Homelessness has an "Amdahl's Law" nature to it. You have to separate out the different types of homelessness and apply the correct solution. And you will only gain the improvement for the group you "solved".
Consequently, you can solve 20% of the homeless problem and people will still say you "failed" because 80% of the homeless are still in their vision.
What ends up happening is they generally just destroy the living space in a variety of ways.
It's because the majority of homelessness is an issue of mental health. In the USA, there are pretty much zero mental health resources for people in poverty.
https://www.nytimes.com/2021/11/09/opinion/democrats-blue-st...
But yeah let us blame Google.
They used to be called asylums, and the problem is what to do if the homeless person refuses to go. I wonder why you don't hear about homelessness in totalitarian states...
Because vagrancy is punishable by prison time there.
Citation very much needed here. This certainly does happen. But, I don’t believe this the general (i.e. typical) outcome. From what I understand talking to acquaintances who work in this area, wrecking the place is not the typical outcome. And property damage is generally cheaper to address than the constant provision of emergency services.
I agree that mental health (and substance use) are major factors in homelessness, but those issues are more or less impossible to address when people are living on the street with no permanent address and no place to keep e.g. a cell phone without it being stolen.
This has gone badly. The property sees intense vandalism and destruction, the neighbors are afraid for their safety, and the whole thing is an amazingly expensive boondoggle.
[0]: https://www.foxnews.com/us/austin-hotel-purchased-homeless-s...
[1]: https://www.statesman.com/story/news/2022/05/16/austin-homel...
This isn't true or at least it doesn't start that way. What people don't understand is that there isn't a single homeless population. You have people who are temporarily homeless and people who are chronically homeless. The temporarily homeless are people who lost jobs, fell on hard times, etc etc. The simplest solution for them is yes to give them housing. The chronically homeless is where things get more complicated and those are the people who typically need mental health and abuse services. The simplest and most efficient thing we can do is help the temporarily homeless and prevent them from becoming chronically homeless.
Also your sweeping statement about the destruction of their living space smells to high heaven prejudiced thinking based on myth or hearsay rather than actual data.
The tech industry self-styles as the smartest people in the world, who try to solve the hardest problems. All I'm saying is that we shouldn't throw our hands up when we can't immediately come up with a solution to something we only learned about five minutes ago.
I think this is a good point, but the catch is that there's an implicit footnote that needs to be attached to "the hardest problems*": "*Which generate sufficient monetary returns". This particular problem isn't one that has much revenue potential.
Treating the tech industry as a magical black box that can "solve anything" is disingenous and dangerous. This is the exact same attitude that leads to things such as legislation that says "find a way for any communication to be decrypted upon subpoena. You're tech people, figure it out"
The solution is very simple. Don't force 2FA. I'm sure most homeless people would rather risk the unlikely case of their accounts being hacked if they didn't choose a strong enough password to memorize than risk getting locked out of their accounts permanently.
You can encourage 2FA but forcibly enabling it for everyone does more harm than good, especially to homeless people but also non-tech-savvy parents and such (though the latter would be more likely to have a working recovery method).
And then in alternative-universe HN people are complaining about the rate of account takeovers via credential stuffing and calling Google irresponsible for making it easy to disable a powerful security measure.
> You can encourage 2FA but forcibly enabling it for everyone does more harm than good
I'd wager that pretty much the only people on the planet who can definitively say this are the people who handle account takeovers and lockouts of large email services. My understanding is that the folks at Google responsible for this have concluded that making it behave the way it currently does is the setup that causes the fewest people to lose access to their accounts.
I’ll take tautological statements for $200 please Alex
1) Austin buys the property
2) Begins renovations on vacant premises
3) Vandalism takes place
---------------
4) The conversion is complete
5) Property officially offered to homeless residents
Steps 4 and 5 haven't happened yet. So homeless people who "generally just destroy the living space" isn't a good fit for what's going on. This is simply a situation of an unsecured construction site that has attracted squatters and vandals.
The risk of course is that you are ripping potentially live circuits out of a building. It usually requires you to already be impaired and desperate to do it. It's that fun combo of illegal and dangerous.
The solution is to use one that is. Why are case workers directing the homeless to setup gmail accounts? Because they haven't been provided with a better solution by the system they work within.
So its the government's problem to fix. They are the ones handing out phones and setting the expectation to communicate through email. So they can either design an email service themselves that fits their needs. Or they can work with an industry partner, such as google or someone else to provide the service.
Normal gmail is a one size fits all commodity solution. It works well enough for most people, most of the time. Specialized problems call for specialized solutions. Complaining that google didn't think of you is misplaced.
Also, if I was homeless, I wouldn't want my email address to indicate I was homeless.
I broadly agree that it isn't Google's job to cater to everyone, but in this instance, the ask seems overwhelmingly reasonable—and less than what we expect in other circumstances.
With this in mind, what else should Google do?
Using "support" and "Google" in the same sentence is laughable. They barely support the ad clients that pay their freight. Google's entire business model is built around NEVER providing support for the users of their technologies, and killing off any products that don't monetize.
Where on the gmail page does it say "not for homeless people, sorry"?
Adding (and forcing) 2FA was a recent decision from Google, which came a long time after Gmail the product was already introduced. There are millions of accounts which were created long before anyone had an idea what a smartphone was, let alone phone-based 2FA.
Not having 2FA is going to allow some portion of users to get hacked. When those users do get hacked they will need a way to regain control of the account. Methods of regaining access to an account are notorious for bad actors social engineering their way to gaining control of accounts.
2FA relieves some of that, because even if you do get hacked you can provide a token from the authenticator that was attached to the account, proving that you do in fact own that account.
> I think it's excessively paternalistic to not provide that option.
I don't find it paternalistic. The goal is to cut down on support costs by reducing the number of users who get hacked and need assistance regaining access to their accounts, and to force users to have a method of demonstrating they own the account even if they can't log in. That it confers some additional security to users is nice, but not really the end goal.
1. Go to myaccount.google.com
2. Press "Security"
3. Press "2 step verification"
4. Enter your password
5. Press "Turn off"
6. Confirm the dialog that says "Turning off 2-Step Verification will remove the extra security on your account, and you’ll only use your password to sign in."
> Look, I'd love to stop CP distribution in America! Really, I would! But Google's encryption policies are preventing law enforcement from intercepting pedophile communications now, today.
It's the same "think of [vulnerable group]" type of statement.
But also, yes, there are in fact many times when it's important to consider the needs of different groups of people! That isn't to say that the ends always justify the means—it depends on what the means are—but reasonable accommodations should be made where possible.
Google allows someone of your choosing, who must also have a GMail account, to takeover one's account after x months of inactivity. It's not great but it's better than nothing and it has the benefit of being an option that exists today.
Remember you have the “rescue keys” from google to avoid these kind of problems.
The bigger problem is how you teach those people how to use the services in their situation.
Which is okay, because it is a business.
If society wants homeless people to have reliable access to email without having SMS 2FA or whatever requirements a business requires, then society should elect a government to provide it as a utility.
There is no reason to expect or want businesses to pick up the slack for the government not providing adequate safety nets. Let businesses be businesses, and let governments handle redistributing wealth.
I don't think they do! This would be part of the tradeoff.
Currently, people who cannot use or rely on 2FA are getting locked out of their accounts even if they weren't hacked and knew their password! Isn't that worse?
I don't think so. You seem to presume the end state of both is that the user is locked out, which is only half true.
With a lost 2FA device, the user and everyone else is locked out of the account.
With a compromised account, the user may be locked out but the hacker is not. The hacker is free to impersonate the user to social services, hospitals, potential employers, etc. If there's no mechanism for the user to regain control of the account, the hacker will have that access until the user can contact all of those people and give them a new email address. That could take a while, especially if we're considering that the user has a high chance of not having a phone at the moment.
Not if it's happening to fewer people than the alternative.
I got "hacked", I mean yeah it was a hack using an Android phone and Google's automated recovery system.
If not for the latter, my incredibru strong password would've saved me.
They also removed the phone and backup email from that account because I recovered the account once.
I sure hope 2FA cannot be removed once someone gains access (not without a call to the 2FA number/whatever) lol.
Either way, I'm not using it because it's a pain in the ass. I already hate that they lock me out if I try to log in from another country.
Gee, yeah I travel between EU countries, that's very unusual for most people.
So we should be mindful of Google's profit margins, instead of homeless people's access to vital services?
That's like forcing pepboys to change the tires of senior citizens for free because social security isn't paying enough.
Maybe we should put our efforts towards fixing problems instead of asking private companies to put a bandaid on it at their expense.
If you login from a new computer or unrecognized IP, Google forces you to use the YouTube app on your phone to enter a “code” to login. It sometimes doesn’t even let you get a text code. God forbid I lose my phone or delete the YouTube app and login from a new IP. I don’t know how I would even get into my account.
I don’t know how this isn’t a wider spread issue affecting more people but I guess Google developers live in a perfect world where the YouTube app auth can never fail and you never lose your phone.
I had the right password and recovery email but I wanted to txt a code to a phone number I didn’t have any more.
That seems insane to me. Right password, access to “recovery email” and still blocked.
What ended up working for me was trying to login when I took a vacation back to the same city when I last logged in.
Didn’t get asked for the OTP code, so could get in and update the number.
I wouldn’t have such an issue if Google had customer support and let you send other proof of identity. But they don’t.
And now I’m getting weird requests to confirm I logged in from the YouTube app on other devices. YouTube?
If you have 2FA enabled, then yes, of course it will ask you for the second factor if you're doing something unusual.
But with 2FA disabled, logging in with just a password works fine.
Initiatives at for profit corporations will always exist within some business constraints, shareholder obligations, and so forth.
It would be very reasonable for governments to provide tax-supported digital services. I could easily imagine that spending a few dollars per year to provide the homeless with basic digital services would pay off simply in easing administrative overhead.
But we don't do it, because, in America, our sense of what government can or should provide is atrophied, and we, mistakenly, look to private actors to provide basic public services.
I don't think this matches reality. The US government is doing more today than any time point in the past. Spending and taxation as a percent of dgp is at an all time high.
There's also a sense that nobody should have to do anything themselves. There's nothing stopping anyone from talking to a homeless person and helping them set up an email account without 2fa.
It might be legal and maybe even legitimate, but OP said:
> This isn't a "fuck the people who don't have regular access to a phone, they don't matter" situation.
So yeah, those people don't matter (enough) in the sense that it's not worth to offer more methods of 2FA. Let's not pretend otherwise.
I struggle to see a reasonable possibility to the government either directly or legislating others to provide identification and communications services. One of the greatest utilities in the US is USPS, a monumental accomplishment to be able to provide communications to all people in the US.
Tacking on email (and identity verification services - which USPS already does via passports) should be a no brainer.
It is possible. And, as far as understand it, the teams at Google in charge of this have evaluated this option and found that it leads to more lost accounts.
The people responsible for user authentication at Google are in a completely different part of the company as advertising and, in my experience, are especially stubborn about their focus on security. "This is about phone numbers" doesn't make sense to me given my personal experience.
> If they at least would allow for a sufficient number of options. Like paper-tan (even self printed), yubikey or similar, second email address, an authenticator, ... but even big companies often only require a phone number.
We are talking about Google specifically here, which offers all of these options.
2FA is a major hassle for support when users get locked out because they smash their phone or change phone numbers or somehow lose access to the 2FA method. But, the benefits of 2FA largely outweigh those downsides for the majority of users. Offering the choice though, is something we think is important.
That's all I'm asking for as a user - thank you for being on the good side. Optimally you allow for multiple MFA options, so that I can e.g. use an authenticator app and a yubikey, as well as a recovery code in my bank.
You might be surprised to learn that this is how it works for Google accounts: it is default-on but you can turn it off.
> If they at least would allow for a sufficient number of options. Like paper-tan (even self printed), yubikey or similar, second email address, an authenticator, ... but even big companies often only require a phone number.
You might be even more surprised to discover that all of these options are supported for Google accounts.
However, Google tries _very hard_ to prevent people from e.g. creating a gmail account without a phone number. Try it if you don't believe me.
We all knew password, no problems at all. Now it mandates 2FA. And because they mandate it for Google Ads, now it's on for everything like Google Drive etc.
Google seems to support all of those?
Hint: it is still possible to create a gmail account without phone number, but it has become quite tricky to do so.
Nope. Not possible.
Oh how I would love to be proven wrong though.
Which leads me back to the point made elsewhere in this thread: we have too high an expectation for what private companies can or should do, because they have taken the place in our minds if government.
And our expectations for what government can or should do are too limited, because we've convinced ourselves government is ineffective and unaccountable.
Sure, homeless people and those who help them should pick an alternate free email service. And the government should either set up its own email or stop requiring email contact for this sort of thing. But for people who are already Google users, Google should also try to make their lives significantly easier with a tiny bit of effort (allow someone to explicitly disable 2FA for gmail - with all the warnings and cautions that they can).
I've personally bought/subscribed to various companies both personally and professionally. Just recently (a couple of weeks ago) I evaluated a couple of mailproviders. I discarded all of those that enforced 2FA with a phone-number.
For instance mailgun. At least the support helped me:
> Hello XXX, > > Thanks for bringing this to our attention. > > At this time, I have successfully activated your account so that it is now fully operational and you are all set! You may need to log out, then back in, to reflect this change. Also, your users can indeed utilize Google Auth without using a phone number. > > Please reach back out if any other questions arise. > > Regards, > XXX | Mailgun by Sinch
Others weren't as flexible. E.g. Sendgrind:
> Hello, > > Thanks for reaching out to Twilio SendGrid Support and for your interest in our products. My name is XXX and I’ll be more than happy to assist you in this matter. > > I am sorry for the inconvenience caused by the 2 Factor Authentication process, but this is mandatory for all accounts, as a security feature. > The only options available are to setup 2FA through Authy: to receive an SMS code or use the Authy app, which you can download here. > > I apologise for the inconvenience caused by the fact that we do not have any other options available at the time. > > Please do let me know if you have any additional questions in regards to this matter and I will be more than happy to further assist. > > Kind Regards, > > XXX | Technical Support Engineer Twilio-Sendgrid
Forcing me to use your own homegrown authenticator or a phone number? No thank you.
In the end I decided for a provider that offers 2FA but offers multiple options and doesn't enforce it.
Doesn't matter if I pay or not, really.
That is like saying 'if the DMV didn't offer IDs to people, no one would complain about not being able to get an ID'.
The fact of the matter is that email is 'de facto' online ID, and gmail has positioned itself into this role. They are now a societal need, not a luxury. They need to be regulated.
One doesn't need Gmail to have a functioning email address.
If email is a societal requirement--and maybe it is, or should be--public utilities should provide it.
It's easy to build an email provider. Why shouldn't your state or local government provide one?
It also has nothing to do with the YouTube app, and there is no code I have to enter anywhere.
I've never had any form of 2FA on my Google account.
It should be possible to turn this off!
What should Google do in the scenario that this purposely-low-security-for-the-unhoused account is breached? What about abuse? Are we OK with Google just shutting off accounts in that scenario? Are we prepared to accept that the members of our community experiencing being unhoused will find themselves constantly creating new accounts as their old ones are shut off or rendered unusual from the consequences of purposely-low-security-for-the-vulnerable?
Remember, things like gmail accounts are under constant attack. Security measures, the very ones we're talking about disabling, help keep those attacks at bay. Each of those things that triggers verification actually lines up with real attack patterns.
So while this may be a small-ish thing to ask for, I'm a little concerned about the consequences. We're literally asking to offer the most vulnerable and marginalized members of society shittier security and ignoring the effects of this.
I am, yes, if the alternative is that they loose access to their account every few months!
Also, at least this way people have the ability to keep their accounts truly safe if they choose a strong, unique password. If Google just locks them out no matter what, there's no recourse.
• The people who want security get to keep all the security they get today.
• The people who don't think about security and leave default settings intact keep all the security they get today.
• The people who explicitly ask for less security get less security.
• Some of the homeless will get increased access to vital services.
It's a win-win—unless you believe, for some reason, that people should have security forced on them even if they explicitly ask to not have it. I fundamentally don't understand this mindset. People should have the right to do dangerous things if they are warned of the risks involved.
The problem with that is less security is almost always more usable than more security, which leads to the greater amount of people being in that state, which is not just a danger to the user making the choice, it is a danger to others.
But we should also expect Google to give a small crap about the troubles it's putting some of its users through, especially when this is so important to some of its most vulnerable users, and adding an option to disable 2FA is such a small feature for a Mega corporation.
No doubt they're letting me through because some security heuristic says I'm a real human, and I'm sure they'd eventually make me provide a number if I continued using the account (this happened to me with my university G Suite account a couple years ago and I needed to contact my IT department to manually disable the phone challenge), but so far I can't see any evidence that they're doing anything unreasonable.
Perhaps they're requiring you to use a number because you've tested it a lot.
While public spending as a % of GDP has indeed increased, that's primarily driven by two things: increased defence (and related) spending, and increased spending on health costs.
In the US, the growth in social assistance spending over the last 3 decades is driven almost entirely by the latter: https://ourworldindata.org/grapher/social-expenditure-as-per....
At the same time, we continue to believe in privatizing basic government services: outsourcing social assistance to charities (including religious charities), outsourcing military and intelligence functions to mercenaries, or, on point for this thread, outsourcing ID verification to VC-funded private startups.
This excludes military spending and is adjusted for the purchasing power of those dollars.
I don't know about you, but I don't feel like we are getting 450% more value out of the government services. The numbers are pretty clear that the government is collecting more and more inflation adjusted dollars from people's income than ever before.
I Suspect we would probably agree that the government is not being a responsible steward of this money that it is collecting.
My primary point was that I don't think that the belief that a decrease in government spending and Revenue is reflected in the numbers. Further, I think it is important to push back on the idea that the systemic issues we see can simply be solved by throwing more money into an increasingly inefficient system.
Can governments (not necessarily the federal government) run a public service internet system? Sure, and probably more easily than we can, as another poster suggested, regulate tech companies into providing the right tradeoffs for housed and unhoused users.
I believe you, I'm extremely surprised I didn't see this considering I've logged in from all sorts of sketchy IPs/VPNs.
Good to hear, though I confess to a bit of confusion. The issue I pointed to is that they're going to lose access to their accounts frequently as their accounts get breached, abused, and shut off. As opposed to losing access because they lost their phone number.
> Also, at least this way people have the ability to keep their accounts truly safe if they choose a strong, unique password. If Google just locks them out no matter what, there's no recourse.
As described in the Twitter thread, we're talking about people who already struggle to remember their passwords. I doubt this will improve if we require basically regular people to have strong passwords, but perhaps you have reason to think differently.
Basically I think you're trading one cause of lockout without recourse for another cause of lockout without recourse with this proposal. This does not strike me as progress. For my own part, I think Google is the wrong place to be trying to address this issue - perhaps porting phone numbers within the Lifeline phone program would be better.
In short - yes, but the consequences defeat the point.
When it comes to the right trade-off for the housed and the unhoused in terms of email service, I'm skeptical that the solution is regulatory. It seems like there is a large number of email providers that already offer what the homeless need. The problem is simply setting them up with the correct provider and user settings.
This seems like a job for people that work with the homeless.
But, look at that: the federal government already provides the homeless with cell phones. Yet instead of arguing that the government should also provide free email—which of course costs far less than cell service—the poster argues that existing commercial services should better serve the homeless.
Which, of course, would be nice! But my point was that this kind of argument seems to reflect a mistaken perception of free online services as some sort of social service, with commensurate obligations.
It seems like we basically agree.