Gmail registration now requires scanning a QR code and sending a text message(discuss.privacyguides.net) |
Gmail registration now requires scanning a QR code and sending a text message(discuss.privacyguides.net) |
Note that "scanning a QR code and sending a text message" means, for the most part, a smartphone. One could do so via a tablet too, I suppose, but most who register will do so via their smartphone device. For some reason accessing the www is increasingly tied to "identify now!". This is a huge contrast to the freedom of the 1990s. I don't think we should accept that.
(In many countries, including soon the USA[1], you can't get a phone number+sim without showing ID, also.)
[1]: https://reclaimthenet.org/the-fcc-wants-your-id-before-you-g...
- Permissionless email (i.e. for agents, empowered users who can program now)
- Pervasive email allow listing
Wonder if these can both exist at the same time, i.e. having a "public" email that is read first by AI (let's imagine we're in a world where prompt injections weren't so possible) and heavily filtered, along with one that is private and allow-list gated (via some easier-than-gpg-to-use identity marker).
People already assume that your "google name" is your official name, so much so that I had to patiently explain a delivery man once that the funny nickname he had for some reason in the delivery notice did not match my ID because that was an old google account from a time when it was usual to use any funny handle for your account.
Protest this by using a paid email provider. My $60 yearly payment just went through today, is that honestly too much for the typical person around here?
You can bypass this if you have a passkey, but phone and password isn't enough. No idea why they opted to do that, it's not like passkeys are indicative of any device binding.
SMS also isn't free. Many contracts contain "free" texting, but that's just SMS being packaged into the subscription price.
Carriers charge each other for (excess) SMS exchanges, so SMS simply cannot be entirely free.
Meanwhile the amount of spam from Gmail I'm getting goes up and up and up.
It’ll happen with social media accounts and other things too. The account creation date is going to become an even bigger heuristic in their spam models.
Google really need to get it together. Their sender reputation bypasses all the normal spam filters, but if it was up to me…
Try Tuta, or Proton, or Fastmail, or Zoho.
It's like saying that the government has outsourced burger making to McDonalds.
And of course their database is leaked in real time.
Both can ban you right away because they had to ramp up their anti-spam protections. Pretty much everyone already have an account, so most people creating new ones are just that, spammers.
These large companies seem to be at the point where they don't want any new users anymore. Or at least they can afford to lock some people out.
We should be way more vocal about this so the idea that "everyone has / can make a (google|microsoft|facebook|whatever) account" dies out.
They've essentially gotten roped into maintaining a huge chunk of internet infrastructure, for free. If they ever shut it down the whole world would end up rioting because it's so widely used.
But it's expensive, complicated and time-consuming to maintain - and both a source of and recipient of endless waves of spam and scams. It's an endless pile of data to hold onto, FOREVER, as well.
I enjoy hating on Google when appropriate. But when it comes to Gmail, I understand what they're dealing with.
It's honestly why I believe the idea of free e-mail is just bad, fundamentally. You can't expect a free e-mail service to be good or have any kind of support. The fact that it still exists is more out of shear fear of the repercussions than any good will on the owner's part.
Just get a paid e-mail service. They're better, and offer a lot more peace of mind.
I’ll stop you here. Google offered it for free and, at the time, offered such an high amount of mail storage for free it sounded insane. At the time, my ISP gave me a 25MB or 50MB inbox and that was considered pretty decent, when Google was trying to get people in with 1-2GB.
They absolutely have a right to take ant steps they deem necessary to prevent malicious use of their product, and certainly aren’t obligated to provide it for free, but Google wasn’t forced to provide a free email service, much less one that went so far above and beyond their competition.
And I'll stop you here. It's less than obvious that there's no obligation. If you provide a critical service that folks rely on at a price less than your cost, you drive out competition, and it's a critical part of your own business model, dropping the service without warning is IMO on the border of what Google should be allowed to do.
This argument would have flown 30 years ago with Yahoo.
Since then we had Uber pumping so much money into a losing business until it drew the competition bankrupt.
And now we have AI pumping so much money into a losing business until they hopefully replicate Uber, only won't work and signs are all over the wall that they just burned a trillion dollars.
Which opens great prospectives for incumbents WHO LEARN FROM THE MISTAKES of the powers be at the time.
About time to start a "Don't be evil. FOR REAL." This time.
If in 30 years it's necessary to start "Don't be evil. REALLY, REALLY, REALLY this time" then so be it.
I'm starting the 2.0 version. Fuck AI. Fuck incumbents. Long live long life and freedom of choice!
Google has done nothing but be a wolf in sheep's clothing. I'm not going to shed a tear because they have to maintain an email service.
The G in Gmail was for a gigabyte and that was what I got in the noughties for "free", when as you say my ISP offered something like 5MB on the end of a POP connection.
To be fair you can cram a lot of ASCII into 5MB. However you can email piccies to a mailbox with a 1GB limit if your modem doesn't melt first.
Obviously, this was during the "don't be evil" days.
What you mean for free? First, they have all the data they get from you. They now track you even when you are not using your phone. They can/could know if you are doing your number 2 regularly or not only.
They control how the internet moves. Https? Sure can enforce. Trackers, etags ? Why not.
They sell every single bit of information on you for a good price. And now they are even more friends with a very good orange buyer. They have a TOS on you that they can chop and sell you whenever they want and you can't complain.
What you mean for free? Maybe for you it seems free, but people are paying them premium for lots of stuff.
Google used to be admired by the innovation and good ideas that shaped the world to a better world. Now they are still shaping the world, but not for everyone
And it's isn't even like they're struggling with profitability, either. It'll be hilarious if this forces common folks to switch back to IMAP since once a user has been burned into spending the trivial cost to set up a local mailbox sync they're unlikely to go back into Google's arms (especially given how cheap (in money and time) disk space and cloud backups are these days).
Not even remotely true. They regularly shut down products and services with impunity. If Gmail cost more than the data they directly or indirectly mine and sell from their users, Gmail wouldn't exist either.
Email marketing and campaign companies pay into these lists and they pass that cost onto their customers as well.
There has never been a email provider that accepts mass email delivery to millions of recipients for free.
A year or two ago they returned to full detail. I've always wondered if it was customer pressure or a backroom deal with Amazon was reached.
I kind of doubt that Google would cave to the former, right?
Maybe at some point in the mists of time, someone just wanted to offer people a good email service but at this point it's a pattern of behavior across every Google consumer product so I can't give them the benefit of the doubt.
No way they are doing it for free.
Basically they tied Gmail 1:1 to Android accounts. I have a Gmail mailbox for a few reasons: 1) self-squatting my usual handle, because they are a large email provider 2) it's my Android account and it's where I get documents shared on Drive 3) maybe it's the way I login to Google cloud but I don't remember. I used to have a customer with servers in there but it's long gone.
Anyway, gmail is their way to manage a part of the Android infrastructure and it seems they like running Android.
>Anyway, gmail is their way to manage a part of the Android infrastructure and it seems they like running Android.
I've deleted my Gmail mailbox and Android works fine, any document share notifications go to the email address on the Google account.
If anything it's better without a Gmail mailbox because those notifications used to only go to my Gmail no matter what alternative email addresses I set, now they all go to my actual email address.
Only problem is I can never reopen the mailbox because the "Add Gmail to your Google account" screen has decided I've already used my mobile number before.
Not for free. Being monopoly is a huge reward. It isn't possible today to have a small email provider. While probably not having that intention from the start, Gmail played a huge role here as its existence allowed everybody to just ignore/block small providers.
They should let others do email. The more email service providers we have the better it is for everyone
I suspect what is really holding them back is the loss of data, and the loss of the assumption that ~everyone has a Google account that they are logged into, which means they can be traced around the web. Google also benefits from this, since its anti-bot tool will be more accurate and less fustrating to users.
I think approximately 95% of all Gmail users would leave. Regular people are accustomed to paying nothing for things like email. And if I have to pay for email, I am not paying Google for it, especially not twice the cost of Fastmail.
> Especially if they made it easy for people to move their account elsewhere?
Sounds mostly impossible.
> People are used to paying a lot more for things outside of tech.
They're not used to paying for an email account.
You have a point, but if you've ever seen how a gmail account behaves for the ordinary person once it reaches 80-90% storage capacity used (15GB free, some cumulative total of all emails and google drive content, google photos content), all of these free services exist to sell a perpetual monthly recurring subscription to users. And many people do pay. The default gmail web interface starts to have a big banner across the top warning about storage reaching maximum capacity with a link to the payment page.
Look at the workflow for a standard out of box android phone now that defaults to backing up all your photos to 'the cloud', which will almost immediately fill the 15GB free. Once your 15GB is full, then you're run through the payment/checkout workflow to enter your card and set up monthly recurring billing for some premium google service.
In general having a gmail account is the initial stage in the pipeline of getting someone to be a monthly-paid google customer for life. Whether it's just for more storage to hold all their google drive and photo content, or google workspace individual, etc.
Additionally, tying a gmail account to the primary-user android on-device account on any android 4.x+ device means revenue from google play store paid app sales. And then all those 'free' apps that the user installs where the app developer has implemented embedded small ad banners for google's ad network? More venue.
Isn't it the corporation which makes super-profits and gmail is just part of the equation?
I highly doubt that anyone would ever riot over loss of access to email, nor that it's some critical piece of infrastructure, there are dozens of other communication methods online today.
My tears started flowing when I saw this. Shouldn't we pay Google for using _our_ data that it shameless steals ? And I also think that 3 letter agencies do not get the data for free.
Not for one second, am I sympathetic to the firm, because it is simply a business acting on its incentives to minimize costs and maximize profits.
Google keeps it running because they make money off of it. Tech firms have profit margins unlike any prior industry; maybe feudal kings come close.
They make money off of it because they (like all tech) avoid investing in human heavy services like customer support / trust and safety. I have had google safety members vent about how they can’t get engineer attention. That when they do get it, engineers don’t want to help the moderators or the moderation software. Their incentives drive them to find a way to obviate the moderation process entirely.
People working to fix things and make it better for users are great. The firm? Heck no.
They CHOSE to offer it for free so they could monopolise the market. They got roped into absolutely nothing.
yeah ok, google maps is free, youtube also...
And you know why? Because every single one of their product is either a data harvesting tool or an ad delivery mechanism, sometimes both. Let's not pretend they do it for free, it's their entire business model lmao
I need to get off of this fucking website.
But man, I would hate to be the one dealing with Gmail. It's a nightmare for the reasons I listed above.
Someone can in fact hold both of those opinions.
I was also actively telling people to de-Google and go elsewhere for a mail service.
Does everything need to be black and white?
Google did it intentionally and pushed to make it happen. It killed whole lot of businesses who were selling email hosting in the process.
In exchange, Google gets to surveil half of the world's population, extract personal information from their email, and resell that information to governments and ad companies.
But it's also a valuable pot of data honey you can boost your wonder AI with, so where is the plight?
> For free
And without revenue sharing
> have any kind of support.
Check, not having support is what Google is famous for
They aren’t doing this for free
Just because they don't charge you directly, doesn’t matter it's not profitable for them.
More info here: https://news.ycombinator.com/item?id=46665414
Does anyone have a better source of information than this one forum comment from someone who thinks scanning a QR code is enough to get your phone to send a text message?
EDIT: It’s just an SMS URI. It doesn’t automatically send anything, just opens a text message for you to send.
This is just the old phone number verification with a QR code convenience method.
Told the owners that if Google is already being difficult during signup, imagine being locked out later with client work on the line. Pulled up a few horror stories about Google lockouts to drive the point home. They ended up with another workspace solution.
1. Personal/Child/Business
2. First/Last
3. Pick email
4. Date of Birth
5. Backup email / Skip
6. Password
7. Enter phone number
8. Confirm with 2FA code
9. Done.
I just made the email testregistrationflow@gmail.com and have since forgotten the password. So that’s one burned. But feel free to try testregistrationflow1@gmail.com and see if it works without a QR code.
The headline is clearly a misstatement of what is a specific flow for someone to make many Gmail accounts programmatically.
2FA has become the wedge to break privacy into a million shards.
Better to call it a noose. Because you can also be entirely "unpersoned" online if you don't comply.
I don't really see the point of a privacy-preserving workflow when it comes to a Google account. It's not like they need to know your phone number to track you.
>>don't really see the point of a privacy-preserving workflow when it comes to a Google account. It's not like they need to know your phone number to track you.
More information is always better.
(EDIT: TFA didn’t clear it up for me, but it sounds similar.)
My phone number - which I've had for about 15 years and have only ever used for personal purposes (minimal SMS, mainly just an iMessage/Whatsapp ID) - is apparently "not eligible" to create a new gmail account. Which is quite strange.
Years ago IIRC there was a "bug" where the Android emulator allowed you to create real Google accounts. This was found and I'm sure millions of these accounts were created. There's a whole black market for Google accounts. Whereas I lost a Google account I'd created for a relative because it hadn't been used in awhile and it was tied to a mobile number I no longer had.
I don't see how this ends without registering for a service like Gmail being tied to your government ID.
(I run an ad blocker, so the ads will not be displayed either way, but I see more agent blockers on ad free sites than ad supported ones anyway.)
So now the agent is crawling bestbuy.com, walmart.com, etc looking for PCs. I don't run one of these sites but I would bet the traffic looks a lot like a Web crawler and is incredibly resource-wasteful. If you were at the screen you might go and start searching for "5080" or you might go into Computers and start filtering. People just don't care if an automated agent is wasting someone else's resources.
Also, where's the ad revenue in an agent crawling your site?
It's just going to be an arms race like adblockers and CAPTCHA but it's going to be so much worse for real people who want to do anything.
I also want to share a comment that someone (Velocifyer) added on my comment:
"If you make a blog post, make sure to also comment on how the audio reCAPTCHAs are nearly impossible and are blocked on public VPNs. The visual reCAPTCHAS have vauge instructions (they say “Select all squares with busses.” when they mean “Select all squares that have a bus or part of a bus and do not select any other squares.”. For 2 years I could not figure that out so I had to use the audio captchas but then Google blocked them on public VPNs and also made them almost impossible. I could only figure that out when Google Gemini clarified it for me."
Also another fact that I had discovered but to upload youtube vidoes more than 15 minutes you have to do this verification with sms and I found that its system of sending sms was quite finnicky and (too much limits is actually just one try)
Google and other tech giants's recent changes/lobbying are really impacting the open internet and it feels to me like we as people who have knowledge about these topics must do something to reform things as I simply cannot ask people who are technically unaware about these topics to fight for these changes unless we advocate and educate them about it
Most people just have simply way too much of other issues to fight for these things that they have almost taken for granted, but this to me means that the responsibility is on us people who are technically sound to fight against the attacks on open internet if we wish to preserve it.
I think my point is that we all might be waiting for other people to protest against these tech giants but I think that the world is looking at us people for such protests, Let's hope that we are able to educate more people and the open internet is preserved.
Our small steps might mean a lot in the future and so to not be dis-illusioned to make small steps thinking that they might be too small but we have to fight tech giants if we wish to preserve open internet. Every step is meaningful no matter how small
I think that's considered "more secure" in most account security flowcharts.
And if you don’t want to share your phone number with Google, which I totally respect, there are a zillion other email providers. Contrary to popular perception, Gmail != email.
We need to prove it's really you, they posited. Simple enough I thought. I'll just use the same password I've used since 2001.
Oh, I must authenticate with a text, you say? Certainly not a configuration I've made myself, but they're holding the cards on this one, so be it.
I enter the confirmation code.
We still need to prove it's really you, again.
Shucks. I try again. And again. And again.
Sorry, but you'll now have to fuck off. Why? Because we've locked your account for complying with our security theater.
Fuck. I'm in a disaster zone. I need to get things done!
Google cares.
But thankfully, so did the FCC, which I registered a complaint with, arguing from the perspective of interference with emergency communications.
The FCC actually sent the rascals a letter. The leviathan complied and unlocked my account, and suddenly my password was secure again.
Thank you FCC. Although I doubt I'd get the same results with current adm...
I wonder if there is a single engineer at Google who actually understands the whole registration/verification flow and all the edge cases?
The fact that they're introducing QR/SMS/MMS/whatever they want is actually an interesting signal, because it will harm the customer experience, which might result in the growth of responsible paid email services.
It is good to realize that it has never been "Nice Uncle Google" and always an advertisement moloch offering tools to hook their product. All that trust that was bestowed was never warranted.
My comment, as per subject, is about Gmail.
And is not a US business, which is an important selling point to several companies and public institutions here in Europe.
That's like saying you need to "scan a QR code" to open a train door, not mentioning that the real requirement is linking your phone to your payment data so they can bill you. It's not the ability to turn a data matrix into bytes that Google is verifying here...
I've paid for email nearly forever (Earthlink, not the most high tech provider but good enough) and get nearly zero spam. Their price went up again recently, but apparently if you mention Fastmail they'll match the cost.
I was listening to the local TV news a few weeks ago and the reporter talked about an SMS scam insisting that you owe unpaid turnpike charges. He said "most of us have seen them". I'm thinking, I've never received anything like that!" and then realized it could be because I don't give out my phone number to just anybody who asks. And tend to push back when they do.
What happens if Google pulls the plug on your account and you have no offline archive?
And now they have a treasure trove of AI training data, for free.
for free? I guess tracking you to death and shoving ads down your throat does not count as monetizing anymore then?
Google used to literally have a counter inside Gmail showing how your account had a super huge and always increasing amount of storage. The courted their current market position. This isnt "Oh how did we get here with our big bleeding hearts" its just enshittification.
Lol, what? One of the biggest company on Earth is being pictured as a victim for creating services that siphon data out of half the planet's people? Don't take it personally but I can't fathom how you think this is FREE. It's literally the most lucrative business there is and it's only going to get worse—and not for them.
The company that wilfully monopolised email somehow got involuntarily roped into running said email?
Do people love revising history like this?
Don't bullshit to us here, please.
Google scan billions people's emails (including very sensitive ones like medical record letters) to then show relevant ads AND sell the data to some partners (hundreds of them).
It's not called "public infra for free". It's the serious for-profit business. The surveillance capitalism on the march.
People pay for it dearly with their data for advertisement.
In fact, even when you _do_ pay, you still get ads!
You know, if it's such a bad deal they can stop owning it any time they want. They already lied about it - I was told I would never have to delete email, and turns out I had to.
I don't care either way, I moved to tuta last year.
- using legitimate sites to bypass filters, like sending you a bill through a legitimate bill-creation site
- pretending to be a tracking service for something you supposedly ordered, then over the course of days pretending the package got lost on the way and offering a discount code for the 'purchased' amount, expecting you to use it on their phising site.
Gmail not only fails at spam classification, they classify these messages as important and nag you with first priority notifications and summaries.
The number of spam calls, texts, emails, iCloud account unlock requests, etc I’ve received in the last year is insane.
Email scanning and file scanning (on our computer) became acceptable when the level of spam and malware became intolerable. But it was at cost of our privacy. Today, Gmail scans all your mails and makes money from it. Both Windows and macOS have built-in anti-virus or malware scanners, and file indexers, and thus know all the applications and files in your system (which provides for more data on your profile with them). Now with both OSes, and even browsers like Chrome and Firefox, including AI, they will now use our own computers to not only collect our personal data, but even process it on our system and use it to build even better profiles to more profitably exploit us.
There’s a leak or someone is selling the data in a lot of the delivery companies in my country. I order something then without fail the fake text message pretending to be the delivery service. Only thing they screw up is claiming it’s failed to deliver too soon and the weird urls.
Messed up these companies are either selling it or being irresponsible with data.
I get, maybe, one actual spam email per year through gmail's spam filters.
I get more actual spam at my work email, which is not hosted by gmail, even though the email volume of emails sent from outside of my employer's network is orders of magnitude smaller than my personal email volume.
Why aren't these things opt-in? Ditto for every other thing that sends you email. I reflexively mark anything I didn't sign up for as spam on principle.
Does that XML get processed by a mailreader?
<ListBucketResult xmlns="http://doc.s3.amazonaws.com/2006-03-01"> <Name>savelinge</Name> <Prefix/> <Marker/> <IsTruncated>false</IsTruncated> <Contents> <Key>winbridge.html</Key> <Generation>1775478745793193</Generation> <MetaGeneration>2</MetaGeneration> <LastModified>2026-04-06T12:32:25.871Z</LastModified> <ETag>"3616712a8e68db66062a3f514b5fb7c8"</ETag> <Size>626</Size> </Contents> </ListBucketResult>
So, pleas ignored, forward these recruitment scam emails to the legal/fraud/phishing teams of the impersonated brands. For a company without the appearance of caring (in my opinion), perhaps law firm letterhead can encourage necessary prioritization.
Some municipalities even make it opt-in so you'd need YES/YES to get mail without a name and address on it. (ie. not direct mail)
There are also laws to enable opting out of direct mail (with name and address).
In effect, junk mail is just gone once you slap a sticker on your mailbox. This is not an unsolvable problem if you just regulate things.
It’s not something specific to a phone. It’s just a convenient method to enter your phone number.
So many companies - such as electric car charging stations - require this without considering failure modes and alternative workflows.
Like email, I'd expect recieving to be more secure since it uses hardware the user isn't in control of.
There are free sites offering recieve-only SMS numbers, but they're almost universally at their rate limit for most services.
These are actual quotes from support:
> Upon checking, I see that the storage is showing as 0 bytes, because of the upgrade that has been done from business standard to business plus. Not to worry as this is very normal.
> I understand your concern and how important it is for the storage to be updated due to the business requirements. > > To give you full transparency into what is happening: when a Workspace subscription is upgraded, our backend systems must first detach your previous Business Standard storage allocation before provisioning the new Business Plus limits. During this transition window, the quota temporarily defaults to zero.
> Now please turn ON user storage limit nor shared drive storage limit. Once you turn ON, please wait for 5 minutes and then please turn it OFF.
^ That last attempt to try to force storage quotas to reset faster didn't work, btw. Still took hours.
The sheer size of Gmail means I have zero chance for support even though I pay for a service. The risk is too great to be acceptable.
What does this mean? The scanning a QR code and sending a text message from this article, or something else?
This last year however, I've started to hear complaints from staff of annoying popups about AI stuff people don't want to use
Which workspace solution did the client settle on?
I generally have rooted for MS over GOOG on this type of thing, so I am not saying this out of fanboyism.
Have you actually tried both?
Very risky, either of you gets banned (it's a risk given now ban happy Google are) you'll both lose your accounts.
Google is probably doing A/B testing or they are using some sort of ML algorithm....
Every account having the ability to invite an only small finite number of new accounts is one way to thwart scammers.
Well I was about to say destroy scammers, but I just realized that they would send out spam to places where you could gamble your invites for Real Cash(TM) or just straight up buy them.
This would lower the creation of accounts, but then they would be rarer and worth more to spammers, since a spamming gmail would be rare.
And we would hear sob stories of people getting their accounts closed for inviting spammers.
Everyone here should be familiar with exponential growth of n-ary trees. If you can get one of these accounts and each new invitee gets to invite 2 more, you can already have accounts gone wild.
So they'd just do this to farm invites if they needed
Apart from people who are knowledgeable or at least curious enough to search for alternative options, I suspect many people don't even know what a domain is or that they could register one for them to use. The jump from "why pay for email if Gmail/Outlook is free?" to "register a personal domain and use it for your emails" is too big.
I don't have the ideal solution but what I've suggested to friends and relatives is they should consider paying for their personal email accounts. Most of them don't care but some do and, as a result, at least try to understand what they want or need and are willing to pay for.
Dead on arrival.
Mostly because of conditioning: it’s been 25 years now that free webmail is the way Gen-X, Y, Z, and future generations do email. Boomers and the older Gen-Xers may still be hanging onto an ISP address, if they haven’t moved too much since the 1990s.
After all that, plus with their email addresses being the opposite of portable, there is no limit to how much crap people will take, when the alternative is learning a little bit about domain registration and DNS, and paying $60 a year for Fastmail or whatever. Email, they believe, is supposed to be free as in beer.
Sad but true. Also, confession: I used to use first name @ full name . com and got tired of the confused looks and typos when I had to give it out, so now I use a six-character Gmail with numbers so that it’s just like people expect.
You still need to register with someone like google, or Proton, etc.
I run my own email server on DO, nothing I send goes to spam. (I normally follow up on nearly all emails in case you're assuming some flavors of sample bias.)
Rollernet.us is a good one. They have excellent deliverability, reasonable prices, and everything you could want related to email.
They have a few minor other services, like DNS management, but they are not a cloud compute provider.
Another option is to use a cloud compute provider like AWS. You don't need to run the VM yourself to use SES for email messages. The hard part is the webmail access: you have to choose between a poor interface (an S3 bucket) or running a managed VM to host something like Roundcube.
Personally I have my own mail server and use smtp2go for sending which handles the deliverability issue. I'm not sure it's worth it going this way but I found it fun and its been 0 maintenance
For now my email is with Apple, since they offers email hosting as part of the icloud+ (or whatever its called). If they decide to die/enshittify, then I can move to another host without having to change any contacts.
One the other hand, since I did use my bare gmail for some years, I am still stuck with it, in case I have some service that depends on it.
It's bizarre how you make up a sob story about how Gmail is just so hard for Google to deal with. They aren't maintaining it for charity. I'm sure, if I had no ethics, I could manage the burden of dealing with a software system that harvests the data of >1 billion people as part of my corporation's business plan that nets hundreds of billions of dollars a year. The reasons you listed for why it would suck to be Google -- it's "free" for users, expensive for Google, and oh god, you have to hold on to the data... are not reasons at all, because Google profits from it and Google wants the data. The data is the point. You belabour how Google has the burden of controlling a huge chunk of the internet's infrastructure, as if gaining control of a huge chunk of the internet's infrastructure is not literally their anti-consumer goal.
It also just happens that they're the ones best positioned to provide attestation and identity services.
> Evaluating Large Language Models' Capability to Launch Fully Automated Spear Phishing Campaigns: Validated on Human Subjects
> https://arxiv.org/abs/2412.00586
LLMs make phishing absurdly profitable, and can now make profits from targets who were previously economically unviable to target.
Called my state senators to complain about it and ask for assistance. Enjoyed the complete lack of follow through.
It occurs to me this "force you to send the sms" might be a way to avoid exactly this sort of thing.
I know you mean charge just these bulk senders, but if they didn’t charge consumers a similar rate too, whoever wants to spam SMS can just set up farms of consumer SIMs and dump them onto the network that way. In fact, they already do this.
Outlook eats Gmail for breakfast. The way shared accounts, lists, and work assignments are done in Outlook require their backend (share point inheritance), and google drive is pretty good even for some small files, but when all is considered O365 wins.
Then if you are in Europe, you should not use any of those and other very good solutions are currently growing super fast.
Hi. I'm a VC bigwig and I'm very interested in purchasing your company. I, too, believe in Not Being Evil
As just one example, sending high volume emails from Amazon requires using Amazon SES [1]. Some people here are familiar with sending from SES vs. trying to send high volumes directly from EC2 instances.
I don’t wanna sound like a salesman. It’s just that it’s been a surprising good experience for my family, especially for the price tag of $0. And if it ever does start to suck, I can point our domains at a different server.
You probably risk some legal fallout though, so be cautious.
Also try squeezing the phone at various points to see if it pops the internal connector back in. You can find a repair video to see where the connector is.
I wonder if I could find a camera app that lets me select a different camera at app startup. The built in app closes with an error, unless I long click it and select "Take a selfie".
Ha, it worked! After opening in selfie mode, I can select manual mode in the stock camera app and use a different rear camera. But if I accidentally use the wrong settings, the whole app closes with an error.
No, you don't need either of these companies if you need a corporate stack for communication and collaboration. And anyone who believes Microsoft or Google is doing anything out of the ordinary to protect their users or data is out of the loop.
A lot of corporate (customer) email sevices drop email from everybody except a very short whitelist.
I was on Google Workspace for about 10 years. I moved off their service because the mandatory Gemini price hikes meant that it no longer represented value for money.
I get excessive storage utilisation warnings for some shared drives I used to have but because I no longer have a paid up license, I can’t manage shared drives anymore. So I can’t delete them.
Google’s “support” team in India told me all sorts of lies about how to resolve the issue, but they’ve finally settled on a position that I would need to reinstate my Workspace account, at my own expense in order to delete the data to stop the emails and save Google money.
They refuse to acknowledge the patent absurdity of this situation and escalate it to someone who can actually fix it.
https://knowledge.workspace.google.com/admin/support/contact...
There are so many businesses now which exist mainly to cheat you, operating at the very edge of what’s technically legal, and relying on their customers not really understanding the full terms of the deals they’re agreeing to. It’s sickening.
- Seniors are sold various quackish financial products like annuities which are a terrible deal for them.
- Timeshares, which nearly never work out in the favor of the consumer (and whose value collapses 50-80% instantly if you look at what they go for on the resale market)
- Prepaid card products that cost a bunch of money to load and then incur monthly fees too (exploiting those who have for whatever reason got blacklisted from banking)
- Every financial product that has a 25%+ interest rate, actually, which isn't limited to those with bad credit. Even if you have an 899 credit score, if you walk into Nordstrom and get their credit card, you will have a close to 30% rate on that. This whole business model is obviously built on tricking people into spending money they don't have and carrying a balance.
- Salesmen hawking solar panels that come to my front door and promise me all kinds of savings. Note: Probably only half these are scams! Just have to figure out which half.
- Health insurers, pretty much across the board. They do things like declare the most dominant ambulance service in San Francisco, the SFFD, "out of network", so the SFFD then sends you a bill for $1000 if you had to use an ambulance. The neat lifehack by the insurer is that most people will just curse, cry, maybe go into debt, and pay it. Only like 10-20% of patients will file a complaint with the insurer's state regulator, and those can just be quickly paid. Result: Savings of 80-90% for health insurance company! (If this one sounds oddly specific, you can guess why.)
Seriously dotancohen, get your people under control.
So if there are any costs for sending this SMS it’s on you.
It's a $0/month e-mail service.
If the price of entry is a single text message, I think that's fair.
there shouldn’t be any remaining for the consumer today
unless you’re a real unfortunate soul.
There weren’t any infrastructure costs to sending the first SMS ever,
Furthermore, carriers still charge each other for exchanging SMS traffic, though many of them just charge the difference rather than sending each other bills.
This approach is quite costly if you're out of the country, though. Sending an SMS is hit and miss when roaming in foreign enough networks, and each SMS can cost you a significant amount for exchanging 10 characters. Even receiving SMS messages far away from home can cost you money, which is a pain if you have a relative that could never get used to modern messaging services.
There are some limited mechanisms for opting out of targeted mail (e.g. things that have your name on them), and mechanisms for opting out of credit offers in particular. There are not any mechanisms for opting out of "current resident" spam sent to everyone in an area.
If it weren't, then Google's business model would not be viable.
The tools and offerings we're given are built to fulfill the needs of the greatest number of people. For better or worse, those people are not people who want to mess with the infrastructure around their email.
We need actual liability laws for compute services at this point, and they should pass through every entity between the bits on disk and the end user.
Google disappears someone's realtor's corporate email, and it cost the agent a $100K real estate commission? Google and the employer get to pay $50K, plus damages to the customer.
Or whatever. The point is not that they'd be paying lots of these fines. The point is the cost of non-compliance and insecure setups is 1000x the cost of just doing their jobs. At that point, the bean counters would allocate another 10% to engineering, and all the easily-solved problems would disappear.
PS Has the bio trap snared any robots yet?!
If their platforms (Gmail, YouTube, DoubleClick) are being used to launch scams, they're failing at scale and governments are failing at legislating / regulating.
The only way to use Google services somewhat safely is with hefty ad (and the rest) blocking.
All this ID and surveillance and privacy invasion and metadata retention and yet all these scams only seen to grow. It never seems to end up protecting anyone deserving of protection.
I wonder what it's all been in aid of...
The first major safety conferences for trust and safety came together only in 2023.
The reality is, Google is driven strictly by incentives and there are no consequences for letting spam/scams run wild vs. pirated content which gets automatically removed when a DMCA notice is received.
The problem with this is the piecemeal enforcement all but proves they only care about stuff they get a cut of and that fact became more clear to me recently when I was watching a random drama made in Asia that I wont name due it being one of the best historical and educational shows I've ever watched - but there was a scene (this was made in the 90s btw) that was entirely innocent, not sexualized - it was done humorously, but I'm not a pdf file either so - anyways, there were fully naked children, with absolutely no censorship, on Youtube - 100% long enough to be noticed by their trackers - they obviously just are not reviewing certain content, at all.
I don't care about piracy at all - I'd still use Youtube if it was the primary source for pirated content, the idea that there may be some obscure content, that seems totally fine, in a language nobody really uses - except for Epstein types, if ever that was discovered - that Youtube had become a haven for pdf files bc of lax application of standards - I would want Youtube split away from Alphabet and force sold on the cheap to a more responsible owner (like Tiktok minus the responsible owner part) - plus an enormous fine.
I didn't believe that such content could exist at all on the platform - until I literally saw with my eyes that it obviously can.
Even if you make it work with some SMTP adapter, you still need external mail server as on reception side Cloudflare don't provide storage/IMAP service, only route/redirect mail.
I use it (routing to Gmail, Mailgun SMTP for sending) and it works. But it's not really a mail service if it depends on some another mail service to work.
Google has firmly been in the "we're so big we can suck at everything, but you'll still use our stuff because you have no other choice" phase that Microsoft was (is?) in.
They've dominated email so much that their spam filter makes it a very risky proposition to run your own domain; chances are very good it'll just start dropping your messages. Even if chances aren't great, can you take the risk of an important email getting zapped?
To this day I still routinely have to fish out my gmail spam folder dozens of emails from various open source mailing lists that have been around for a decade or two, some hosted on kernel.org, because the spam filter is convinced they're spam. Google is too fucking stupid or lazy to whitelist sites like kernel.org.
FFS even google groups I'm in that are technical get obviously-not-spam messages tagged as spam!
Based on some data I collected around five years ago, roughly 80% of US customers used GMail for personal email. It was overwhelmingly the most common choice. I suspect that number has only drifted upwards since.
(What about the rest? 15% were using Yahoo; the rest were spread thinly across AOL, Microsoft, ISPs, and colleges.)
If that ceases to be true, goodbye (free) gmail.
Infrastructure costs were marginal, near 0,
because SMS was just 140 bytes of text stuffed into already-occurring network traffic
between phone<->telco.
the VZ guys laughed and said it cost less than a penny for every 1M SMS.
Continuing that behavior until everybody’s grandma had iMessage, is a large portion of why I don’t trust a telco!
(Not building out the full range of rural etc network they promised to, while cashing all of the government subsidies, struck me wrong as well.)
Yeah, I can "just" after I "just" do A, and B, and C, and D, and E, and F, and G.
Drives me batty on top of being insulting. "Surely you realize I thought about that weeks ago, and if it were that simple, we wouldn't be having this conversation."
But hey, I get paid every 2 weeks.
Corporations aren’t magical entities that somehow exist outside of social obligations and can do whatever they want as long as their own terms of service permit it.
Maybe $1/month starting in 2 years, then increasing to $2/month for the next year, $3/month for the next, on until they feel they're covering costs.
That way it gives people time to look for alternative free providers, or time to get used to the idea of paying for email.
Where's your support for this statement in the law?
In the broader context GP is clearly advocating for what the law should be, or should be changed to should certain events come to pass. Demanding support in existing law for a proposed change in law is nonsense if that's what you meant to do instead of narrowly discussing the nearly vaccuously true quote you pulled out.
I don’t have much empathy for Google.
He also had recently gotten locked out of Google Workspace for a different customer because of a domain registration issue that put him in a deadlock where he couldn't validate the domain because he was locked out and, if I'm remembering correctly, he needed the Workspace access to validate for the changes he needed to make. It was comical and even though it was a paid for account Google was basically useless / non-responsive.
I've also, unfortunately, had to deal with a lot of M365 integrations and external tooling. The fact that changes made in those environment don't always propagate immediately (and there's not indication in the UI of when it will take place) led us to create explicit documentation about how setup in an M365 environment for our tooling could take up to 24 hours because of the inability to programmatically get status of what configuration was deployed. Mail implementations were bad, but Teams was even worse. Talk about nightmare fuel of renaming things every year, APIs that work consistently about half the time and the inability to know when a configuration change was actually applied has definitely convinced me that Microsoft doesn't care and/or doesn't know how anymore. It's "good enough" for most, but flaming garbage for those who care.
You can go to bat all you want for Microsoft, the public record doesn't lie though. And if fanboy'ism is still a thing with big tech, well... That's just embarrassing. But, hey, maybe they sign your checks?
Yeah, I'm not sure that pinning one's hopes for a better-educated populace on LLMs is going to pan out well. Education requires trust and active defense against malign actors.
They are not.
Microsoft on the other hand...
Regulated "Emails cost 1 penny" would have worked fine. All you need to do to meaningfully fight spam is have a cost that isn't completely negligible; Spammers started out at a rate where they spend less than a day's wages to message literally every human being on the planet; At those costs even finding a single person you can convince of your Nigerian prince account nets you a profit.
We controlled the pipes and the formats in the 90's and 00's almost unilaterally. We should have made a stamp.
This is a normal thing to happen in the physical world. We really shouldn't have such strict connections between email being a primary identifier for a user, requiring only a single one on an account, and not letting users change what they consider their primary email address. Email addresses can and should change over time. If someone really wants to ensure you have a piece of digital real estate one should get into the "ownership" game and get your own domain. People somehow end up buying and selling houses all the time which is far more complicated paperwork-wise, and yet we act like registering a domain name and configuring it for an email provider is just nearly impossible for normal people to handle.
e.g. a server connects to the gmail MX server, and gets a response like "example@gmail.com now found at foo@example.com"
There's probably a ton of issues with this approach, but it would make switching email providers simpler on the user-end.
In the end though this still requires that original user to have exclusive ownership to that username in perpetuity and requires the email hoster to continue to actually host email services. It does nothing if, say, Google wanted to shut down email services on @gmail.com or start requiring paid accounts or whatever.
The only real solution is to use your own domain and MX records, which anyone who cares about keeping a vanity email address should do. Which to me is the virtual equivalent of keeping a PO box or such.
Having migrated off an @gmail to a personal domain, yeah it's a pain, but you rip the bandaid off and you're free. Changing the address on my mail sucked when I bought a house, but it would be silly to never ever move because changing your mailing address is unpleasant.
What are you suggesting happen otherwise? Once you're an email provider you're forever committed to being an email provider for those users until the end of time?
The reason is that I have an opposite experience, during the last couple of years I have received much less spam messages than before.
I have hosted my own e-mail server for more than 2 decades. Previously, I had to filter large quantities of spam messages, but lately the number of spam messages is much less than 10% of the total number of received messages.
Take DocuSign for instance. Still, this many years later, is a major source of phishing emails from their free trials. DocuSign could easily shut this down today by either requiring a CC for the trial, or forcing a call with a sales rep to start a trial. But they don't, they continue to allow their service to be used for wide scale phishing.
Atera, an RMM, is another one that has been a big source of malware delivery, also via the free trials.
Shutting down the trial accounts after the fact does nothing, the emails already went out.
I've always had some level of political spam, usually only close to voting months, but this year has been the worst for me.
In the US, we elected a well-known scammer ... twice!
It's been a _lot_ of years that I've hesitated to answer calls from unknown numbers.
This stuff is automated. The ability to automate spam calls (using the same form of APIs developers love, like Twilio) make it absurdly easy for one person to set up a spam machine. No AI required.
It's such a good tactic too to start the voicemail with the conversation already going people are like "what? who?"
The clear, unspoken message in the USA is now: "Enrich yourself in any way you can, as fast as you can. Buyer Beware is the law of the land."
The man is the absolute worse person - unless your a rich guy, who wants to make more money by screwing over people who mostly don't even know it.
Anyone who reads this, I dare you to find out why that thing in your life you hate so much, sucks so bad - nothing is ever by accident or unintentional.
The United States, and its People, will be discovering/realizing different ways we have been absolutely f-d by that grifter for likely the rest of my millenial life, thankfully (silver lining!!) US life expectancy has dropped substantially for the 150 million Americans in the bottom 50% of income - rich people in America have to deal with this bs for almost 8 more years than we do
Oh yeah, if you want a faster out even yet - just make 30k or less per year, your life caps at 71 then.
I joke but I hate so much that people will read this and then promptly go back to sustaining this system at their job.
We work our lives away so the rich dont have to and they get to live 14 more years on average than poor people.
That is the most corrupt thing a Leader in a western country has ever done in the modern world.
While you're correct that this is a trend that has been going on for a while, the keyword is trend. Do you understand what a trend is? It's a direction. Meaning, under Trump, it has gotten worse, and that is directly related to the piss-poor policy choices of this administration.
I won't mince words here. People who think policy is completely detached from outcomes are dim, and should spend less time talking because it wastes everyone's brain space.
The way it sometimes bounces emails around in their own systems lead to them sometimes mixing up who actually originally sent the message. This causes all kinds of problems and seems entirely unique to their crappy setup.
You know, you could achieve 100% spam filtering by just deleting every email. You wouldn't see any spam at all!
what could possibly go wrong
> but it's a more promising path to privacy-preserving digital infrastructure than letting the private market handle it.
The history of governments suggests otherwise.
Unfortunately scamming is a business and if certain actions become less expensive, I would expect more of them.
> On October 1, 2013, HealthCare.gov was rolled out as planned, despite the concurrent partial government shutdown. The launch was marred by serious technological problems, making it difficult for the public to sign up for health insurance.[4] The deadline to sign up for coverage that would begin January 1, 2014, was December 23, 2013, by which time the problems had largely been fixed. The open enrollment period for 2016 coverage ran from November 1, 2015, to January 31, 2016.[5] State exchanges also have had the same deadlines; their performance has been varied.[6][7][8]
> The design of the website was overseen by the Centers for Medicare and Medicaid Services and built by a number of federal contractors, most prominently CGI Inc. of Canada. The original budget for CGI was $93.7 million, but this grew to $292 million prior to launch of the website. While estimates that the overall cost for building the website had reached over $500 million prior to launch[1][9][10][11][12] and in early 2014 HHS Secretary Sylvia Mathews Burwell said there would be "approximately $834 million on Marketplace-related IT contracts and interagency agreements,"[13] the Office of Inspector General released a report in August 2014 finding that the total cost of the HealthCare.gov website had reached $1.7 billion[14] and a month later, including costs beyond "computer systems," Bloomberg News estimated it at $2.1 billion.[15]
Got it. So if you're fighting an obstinate faction that would rather the government not exist than provide services then that can cause issues. Further, contractors will fleece you for everything you're worth. Compare to a successful project like the Post Office that gets pushed through with overwhelming political will and is run directly by a government agency (oddly structured as a government-owned corporation) and then even despite attempts to destroy it it continues to provide good service.
It's not easy; you need someone competent heading it up and setting it up for success. If the Democrats were to propose it in 2028 under president Gavin I would expect it to be a boondoggle. That doesn't change the fact that I want it to be done and done well.