WingNews logo WingNews
top | item 20300326

(no title)

tomswartz07 | 6 years ago

I see this as a double-edged sword.

1. It makes sense that Google wants to stop apps from abusing their storage platform. There are a lot of projects that abuse the data storage capacity. There was that one app that converted files to Base64 or something and was storing files that way as email text. Obviously not cool. However, Google needs to be explicitly clear on expectations and throw some people-power behind the reviews, since many are being denied by (seemingly) some automated process.

2. The second issue I see is that it will encourage less secure methods of using these apps. SMSBackup+ in particular is discussing the possibility of moving to "App Passwords" to bypass 2FA and provide the app access it needs to upload and store the data. Issue being, App Passwords are incredibly fragile, they provide near-unfettered access to IMAP and other account features with no auditing. Caveat emptor and all that.

I think SMSBackup+, specifically, has a bit of a gray line as SMS messages can technically be sent via email and vice versa, (among other similarities). It's a shame that Google is becoming so draconian about their data storage uses.

discuss

order

baroffoos|6 years ago

How can you abuse storage? You get n gb of storage on your account. Why does it matter what you store on it or what tools you use to utilize it?

ddalex|6 years ago

Some things such as google docs text documents do not count towards your quota - so people converted data to base64 and uploaded that as docs to get free storage - bit of a dick move if you ask me, as it forces google to take steps like this one and kill the goodness for the rest of us

zantana|6 years ago

Well G Suite deals in academia allow for unlimited storage. If you use the official tools they will throttle you, but if you use something like rclone https://rclone.org/ you can sometimes circumvent these limits.

When I was researching using a tool which leveraged a similar system and talked to a university which had backed up literally a petabyte of data to a single drive account.

Google's vague terms of service in terms of their "unlimited" storage is just a mess on both sides.

Like all cloud storage at the end of the day, if you're a paying customer or not, there are no guarantees you'll ever be able to retrieve anything once its off your infrastructure.

newvoiceoldphne|6 years ago

Google can't monetize it if they can't read it. Why do you think e2e email encryption is still not the default.

nullwasamistake|6 years ago

Google only wants you to use that storage for things it can index (to sell ads)

lordpankake|6 years ago

I doubt this has anything to do with my Unlimited Drive storage thing. Google are doing this to stop API consumers from storing user data on their own, presumably less safe than Google's, servers. I agree with that decision completely.

privateSFacct|6 years ago

Presumably less secure is not the issue. Buried in the fine print of many of these tools that save you money or do other things with your account is explicit permission to share / distribute / use your data in lots of ways. It's explicitly not secure.

These scam apps trade off being inside the protected platforms, so users expand their trust assuming (incorrectly) that a third party app will treat their data well.

"This is how scammers are now abusing Google Calendar to pillage your data"

"Gmail app developers have been reading your emails"

The headlines are ALREADY happening.

Why should google risk their brand so some grow fast and break things startup can create the next cambridge analytica scandal? They are one big CA type scandal away from being looked at as the next facebook (not a good look).

nine_k|6 years ago

Just read it again.

To me, it reads like this: Google is going to prevent users from storing users' data elsewhere. As if it's Google's data, not users'. Though with the free tier this as well may in fact be the case :-/

nullwasamistake|6 years ago

Security is the go-to excuse for taking away control from users these days. For those that run Gmail on their own domain this makes 0 sense. They have control over the whole domain, restricting access to Gmail does nothing for security

londons_explore|6 years ago

If you're a paid Google apps customer, these restrictions don't apply.

CPLX|6 years ago

[deleted]