> Ten years old being younger than the account had actually existed for, it is 12 years old apparently, might, you would have hoped, set off some Google alarm bells in these days of advanced AI protections, but no.
What's your issue with this sentence specifically?
It looks perfectly fine and understandable to me. I guess you don't like the parenthetical sentence between commas. Imagine it is behind em-dash and everything should be fine.
It is pretty hard to grasp on first ready without stumbling through the phrasing. Especially the first part: “Ten years old being younger than the account had actually existed for might have” is extremely clunky. For one, you can just delete the end of it: “The user being younger than the account might have…”. Plus the subject & predicate get a bit confused, and you loose track of the point
Maybe this “You’d hope Google would notice the account was older than the user, especially with today’s advanced AI protections, but no”
Or even clearer: “You’d think Google, with all its advanced AI tooling, would notice the account was created before its creator was born (4 years earlier, apparently), but no”
It's "might set off" not "might have". I don't mind the addition of complements between subject and verb. I view it as a stylistic choice especially when sentences remain that short.
I know English reader hates it when the verb is too far from subject however. Clearly, this one could be improved but I think calling it a failure of editorial standard is over harsh.
You know it makes sense, so get that Google passkey set up now.
Unfortunately you'll be guided to storing those in your Google account too, so your everyday user will still get locked out, in some ways it's worse because a lot of sites will only accept a "recovery key", email confirmation is no longer enough (not that it matters if your GMail is also locked out)
People should be setting up Recovery Contacts so that they have a way of getting back into their Google account even if they lose all credentials (passwords and/or passkeys) and all their devices.
i don't really use gmail (i self host for more than 25 years), but I do have few throw away gmail accounts that I registered way back when gmail started. they all have recovery contacts/emails configured.
a few years ago gmail stopped letting me login. password was ok. it was saying something about my login been suspicious or something and that it will send me code to recovery email. i was getting code on recovery email, entering it and getting back message saying "we still not sure that everything is ok, try again later".
it took 6 months before i was able to login to account.
As someone who works in this space. A large org like Google often separates the feature work and counter abuse teams. The org structure leads to unintended feature consequences. It sucks when your trying to provide value to people and it's taken advantage of by bad actors.
I think the larger question is why are we all (or most of us?) still using Gmail? Why can't an average person host their own email server with open source software with straightforward security upgrades instead of trusting BigCo or the latest SmallCo?
I'm an average person who uses fastmail with a custom domain with a separate registrar. Fastmail does all the right DKIM, DMARC, etc. magic.
And still my mail sometimes goes to spam essentially because it's not "@gmail.com" This is a really real problem that will never go away because everyone in a position to do something about it being so monopolistic cannot understand it.
>Why can't an average person host their own email server with open source software with straightforward security upgrades instead of trusting BigCo or the latest SmallCo?
The average person isn't qualified to administer a server and would rather pay $1/month or whatever for a hosted solution.
I think its fundamentally more difficult to host communications services where spam is possible and there is no auth/contact system in place before first communication can happen.
I'm not an expert in this area but from what I understand what was once novel content spam filtering is not at all novel now, there are easily trainable model strategies (BERT?) that get you to 99%.
A whitelist, auth/contact is ideal for messaging without spam and is more workable with a large federated group that can adopt an evolving open source protocol.
Do you mean average person around here? Or average person in general?
Too many unknowns and moving parts.
Have you ever worked with the general public and computers?
The average person was wondering why their wireless router needed cables. They did not update their computers for the entire time they owned them. Somebody else ignores big red text saying this will delete everything and hits next anyway, then wonders where their photo collection has gone.
I cannot believe the average person would be capable of registering a domain and configuring their DNS to point at this simple mail server they’re running.
If somebody else is taking care of all of these parts, I am not sure they’re really hosting it themselves.
Maybe we need a new protocol and we can replace all of this? How do we get everybody on board?
Especially with all the codified footguns (or the "Tyranny of the Default" — as Steve Gibson would put it) where a lot of critical apps ship with very insecure defaults, and even a seasoned Dev that's an expert on one domain doesn't have time to muddle through the whole of man pages + mail archives + stack overflow threads for every option.
Most folk don't know how or don't want to. A mail server is mundane to admin and most folk probably have higher priority things in their lives going on.
Is there a self hosted solution that will allow me to back up all my Gmail emails including attachments? Something like paperless but for my old emails.
The constant pestering by Google to buy storage space has started pushing me to deleting everything more then a few years old as a stepping stone to leaving Gmail completely.
as someone who did that a long time ago - I largely regret it
granted, it gives me an out if my provider revokes my access (in this case, google) but the custom domain requires some headache to manage well - I wish I had just used a google account...
Technically having your own domains is superior, but it can be difficult to get past spam filters if you have your own domain. Not least because Google and Microsoft often automatically trash anything from custom domains. If you're ok with the delivery issues that can come with this setup, it's better. But personally I get really pissed off when my mail does not get delivered for any recipient.
You're absolutely right, ending up in spam is a real pain. I've run into the same issue myself with custom domains; even when everything is set up correctly, delivery can still be unreliable.
> Ten years old being younger than the account had actually existed for, it is 12 years old apparently, might, you would have hoped, set off some Google alarm bells in these days of advanced AI protections, but no.
Good god what happened to editors?
This is on forbes.com/sites/, I'm pretty sure anyone can pay to post on it now.
What's your issue with this sentence specifically?
It looks perfectly fine and understandable to me. I guess you don't like the parenthetical sentence between commas. Imagine it is behind em-dash and everything should be fine.
It is pretty hard to grasp on first ready without stumbling through the phrasing. Especially the first part: “Ten years old being younger than the account had actually existed for might have” is extremely clunky. For one, you can just delete the end of it: “The user being younger than the account might have…”. Plus the subject & predicate get a bit confused, and you loose track of the point
Maybe this “You’d hope Google would notice the account was older than the user, especially with today’s advanced AI protections, but no”
Or even clearer: “You’d think Google, with all its advanced AI tooling, would notice the account was created before its creator was born (4 years earlier, apparently), but no”
My morning brain really couldn’t parse it until I read your breakdown.
It's "might set off" not "might have". I don't mind the addition of complements between subject and verb. I view it as a stylistic choice especially when sentences remain that short.
I know English reader hates it when the verb is too far from subject however. Clearly, this one could be improved but I think calling it a failure of editorial standard is over harsh.
You know it makes sense, so get that Google passkey set up now.
Unfortunately you'll be guided to storing those in your Google account too, so your everyday user will still get locked out, in some ways it's worse because a lot of sites will only accept a "recovery key", email confirmation is no longer enough (not that it matters if your GMail is also locked out)
People should be setting up Recovery Contacts so that they have a way of getting back into their Google account even if they lose all credentials (passwords and/or passkeys) and all their devices.
https://blog.google/technology/safety-security/recovery-cont...
I hope Google starts to push all users to setup Recovery Contacts. It would greatly reduce the likelihood of lockouts, whether using passkeys or not.
i don't really use gmail (i self host for more than 25 years), but I do have few throw away gmail accounts that I registered way back when gmail started. they all have recovery contacts/emails configured.
a few years ago gmail stopped letting me login. password was ok. it was saying something about my login been suspicious or something and that it will send me code to recovery email. i was getting code on recovery email, entering it and getting back message saying "we still not sure that everything is ok, try again later".
it took 6 months before i was able to login to account.
As someone who works in this space. A large org like Google often separates the feature work and counter abuse teams. The org structure leads to unintended feature consequences. It sucks when your trying to provide value to people and it's taken advantage of by bad actors.
I think the larger question is why are we all (or most of us?) still using Gmail? Why can't an average person host their own email server with open source software with straightforward security upgrades instead of trusting BigCo or the latest SmallCo?
I'm an average person who uses fastmail with a custom domain with a separate registrar. Fastmail does all the right DKIM, DMARC, etc. magic.
And still my mail sometimes goes to spam essentially because it's not "@gmail.com" This is a really real problem that will never go away because everyone in a position to do something about it being so monopolistic cannot understand it.
>Why can't an average person host their own email server with open source software with straightforward security upgrades instead of trusting BigCo or the latest SmallCo?
The average person isn't qualified to administer a server and would rather pay $1/month or whatever for a hosted solution.
The average person would prefer not to pay at all. Hence free email providers will always exist in some form.
I think its fundamentally more difficult to host communications services where spam is possible and there is no auth/contact system in place before first communication can happen.
I'm not an expert in this area but from what I understand what was once novel content spam filtering is not at all novel now, there are easily trainable model strategies (BERT?) that get you to 99%.
A whitelist, auth/contact is ideal for messaging without spam and is more workable with a large federated group that can adopt an evolving open source protocol.
Do you mean average person around here? Or average person in general?
Too many unknowns and moving parts.
Have you ever worked with the general public and computers?
The average person was wondering why their wireless router needed cables. They did not update their computers for the entire time they owned them. Somebody else ignores big red text saying this will delete everything and hits next anyway, then wonders where their photo collection has gone.
I cannot believe the average person would be capable of registering a domain and configuring their DNS to point at this simple mail server they’re running.
If somebody else is taking care of all of these parts, I am not sure they’re really hosting it themselves.
Maybe we need a new protocol and we can replace all of this? How do we get everybody on board?
Especially with all the codified footguns (or the "Tyranny of the Default" — as Steve Gibson would put it) where a lot of critical apps ship with very insecure defaults, and even a seasoned Dev that's an expert on one domain doesn't have time to muddle through the whole of man pages + mail archives + stack overflow threads for every option.
Most folk don't know how or don't want to. A mail server is mundane to admin and most folk probably have higher priority things in their lives going on.
Is there a self hosted solution that will allow me to back up all my Gmail emails including attachments? Something like paperless but for my old emails.
The constant pestering by Google to buy storage space has started pushing me to deleting everything more then a few years old as a stepping stone to leaving Gmail completely.
Synology can
whatever tools that can do imap sync/download and support whatever authentication that google fancies now
I think the biggest question is why most people are still using third-party email services like Gmail or Hotmail.
Why not register your own domain and use an email on that domain?
Nowadays, registering a domain is almost free, and you can fully customize your email addresses.
as someone who did that a long time ago - I largely regret it
granted, it gives me an out if my provider revokes my access (in this case, google) but the custom domain requires some headache to manage well - I wish I had just used a google account...
I hear you, makes sense. I've also struggled a bit with managing custom domains.
1) it costs more than nothing 2) the technical expertise to do that is way outside of most people
Who do you use as a mail host with your custom domain? A third party?
I see, you're right.
Technically having your own domains is superior, but it can be difficult to get past spam filters if you have your own domain. Not least because Google and Microsoft often automatically trash anything from custom domains. If you're ok with the delivery issues that can come with this setup, it's better. But personally I get really pissed off when my mail does not get delivered for any recipient.
You're absolutely right, ending up in spam is a real pain. I've run into the same issue myself with custom domains; even when everything is set up correctly, delivery can still be unreliable.