That's a trend which is more and more common nowadays.
I wish the industry would adopt more zero knowledge methods in this regards. They are existing and mathematically proven but it seems there is no real adoption.
- OpenAI wants my passport when topping up 100 USD
- Bolt wanted recently my passport number to use their service
- Anthropic seems wants to have passports for new users too
- Soon age restriction in OS or on websites
I wished there would be a law (in Europe and/or US) to minify or forbid this kind of identity verification.
I want to support the companies to not allow misuse of their platforms, at the same time my full passport photo is not their concern, especially in B2B business in my opinion.
I'm not a legal expert/lawyer but I do think a lot of this is not the company just randomly wanting to do it, but lawyer driven development. No company wants to introduce more friction for no reason, unless somehow there's precedent or risk involved in not doing it. Curious to know what legal precedents or laws have changed recently.
The only possible non legally driven reason I can think of would be if they think the tradeoff of extra friction (and lost customers) is more than offset by fraud protection efforts. This seems unlikely cause I don't see how that math could have changed in the last few years.
I dont. I'm happy the grift economy has some controls on it. As much as I love open source and all the efforts in collective without government interference; some security is required, otherwise we'll just invite more grift based economics.
It's bad enough living in America without the rest of the world adopting the grift economy.
It's partially because the internet only grants us free storage (noun), not free compute (verb).
Which is fundamental to so many XY problems, including why cloud services are so byzantine instead of just providing isolated secure shells with full root access within them. And why distrust is a growing force in the world instead of, say, unconditional love.
I always dreamed of winning the internet lottery so that I could help dismantle the systems of control which currently dominate our lives. Which starts with challenging paradigms from first principles. That looks like asking why we only have multicore computing in the cloud and not on our desktops (which could be used to build our own cloud servers).
When we're missing an abstraction layer, that creates injustice and a power drain from the many to the few. Some examples:
- CPU -> multicore MIMD (missing) -> GPU (based on the subset SIMD instead of MIMD upon which graphics libraries could be built)
- UDP -> connectionless reliable stream (missing) -> TCP (should have been a layer above UDB not beside it)
- UDP/TCP -> P2P (NAT and other limitations block this and were inherited by IPv6 as generational trauma) -> WebRTC (redundant if we had P2P that "just works")
- internet connection -> symmetric upload/download speed (blocked for legal reasons under the guise of overselling to reduce cost) -> self-hosted web servers (rare due to antitrust issues stemming from said legal reasons)
- internet connection -> multicast (missing due to suppression of content-addressable-memory/hash-tree/DHT/) -> self-hosted streaming (negates the need for regions and edge caching)
I had high hopes for Google and even Tesla (for disrupting the physical world). But instead of open standards, they gave us proprietary vendor lock-in: Google Workspace (formerly G Suite) and NACS instead of J1772 (better yet both). Because of their refusal to interoperate at the lowest levels, there is little hope that they will do the real work of solving the hard problems at the highest levels.
For example, I just heard that China has built thousands of battery swap stations to provide effectively instant charging for electric vehicles, whereas that's something that Tesla can't accomplish because they chose to build Supercharger stations instead.
Once we begin to see the world this way, it's impossible to unsee it. It calls into question the fundamentals (like scarcity) which capitalism is based upon, and even the concept of profit itself.
From a spiritual perspective, I believe that this understanding is what blocks me from using my talents to use the system for personal gain to win the internet lottery. The people who own the systems of control don't have this understanding, and even view its basis in empathy as a liability. So we sacrifice the good of the many for the good of the few and call that progress.
I saw some non-technical people automating or creating small great tools with it which they need for their profession. These people are not programmers.
I think everybody who has basic understanding of programming and deployment better should stick to some AI coding agent like Claude Code, Codex, OpenCode etc etc.
I don't think I'm missing out by not using OpenClaw & Co.
Luckily "trust me bro" is not a defense in court - there is a thing called "discovery" when they have to prove their claims. The fact is few regulators ever use it, but class-action cases often do.
Companies have been getting increasingly aggressive with ‘destruction as a normal course of business/policy’ to help reduce the impact of that. And that assumes that the people tasked with doing the dirty work are following the policies.
It’s been pretty obvious at the federal level (Signal leaks, etc.) that the folks at the top are explicitly trying to avoid it.
Settled with SeaweedFS for replacing minio and getting a good chunk of S3 feature parity. I wonder about the problems OP is posting about. Never seen that behaviour but usually only having a bunch of smaller files.
Mac Studio waits for the Ultra chips to ship, which are always last in a generation. Perhaps the M5's chiplet architecture will help them move faster there.
The better distros have it (ZRAM) enabled by default for desktops (I think PopOS and Fedora). In my personal experience every desktop Linux should use memory compression (except you have an absurd amount of RAM) because it helps so much, especially with everything related to browser and/or electron usage!
Windows and macOS have it enabled by default for many years (even if it works a little different there).
Because it's an easy solution esp. to a rather new installer: setting up swap on disk (partition or file, if file which file system, if partition w/o encryption, ...). Zram: install one additional package and forget.
See also the "zram on Fedora" section in the article.
reminds me: Ever used Gemini API on Google Vertex Cloud API? The usage will show up like 24-48 hours later in the dashboard. So when you use Gemini's API on their Cloud me as Workspace admin cannot even track my own usage in near realtime there. Which makes me think that even Google cannot track it in realtime.
Same here on my iPhone. I didn't previously log it into my github account as I don't use github anymore, I use gitlab. So it wont find anything useful there. You actually only need to do this in order to be able to access the list of sessions. Even if you don't log into github, remote-control still works if you copy across the link that the cli tool outputs for you and just visit that on your phone. That's a bit of a pain though of course.
How about giving the user a big warning to not do that and then block the account if the user continues. This total blocks are crazy. Especially for people who use their Google account for 20+ years or something.
Google's bundling of so many services into one account is becoming a gargantuan liability for them & their users.
This "zero tolerance" policy is just absurdly mega-goliath out of touch with the world. The sort of soulless brain dead corporatism that absolutely does not think for even a single millisecond about its decisions, that doesn't care about anything other than reducing customer support or complexity, no matter what the cost.
Kicking people off their accounts for this is Google being willing to cause enormous untoward damage. With basically not even the faintest willingness to try to correct. Gobsmacking vicious indifference, ok with suffering.
Time and time again it is shown to *not* use your main account for everything. This goes for Apple and having a separate account for development work, for the App Store and your main iCloud account but this also goes for all other SaaS providers.
You are doing groundbreaking new and untested stuff with Claw? Do not use your main account. You want to access your main account's data? Sure, allow it via OAUTH/whatever possible way.
Have separate accounts, people. You don't want one product groups decision in those large SaaS corps to impact everything else.
> Time and time again it is shown to not use your main account for everything.
Good luck opening new google accounts for separation of concern. The new account is banned before the eula page finishes loading.
Google sends code via text msg to my main account phone number to unban, without me ever even filling a phone number.
After a day the account was banned again and pending automatic deletion. The appeal then took an artificial 5 days wait. I had to plead to what I presume is an AI. I had just paid $100 so it's not like I didn't show I was serious.
I am fairly certain that if they ban one account they will also ban the other anyways.
I have multiple Google Accounts and I am running them at the same time without problems. If you really want to separate things use different browser profiles per account. My work Google account never touches my private Google account in terms of browser profiles.
I never had issues with work accounts created via google workplace.
Google forbids you to have multiple identities. It's stated clear in their term of service. Any account you create must be linked to the same identity.
This means that it is trivial for them to ban all your accounts at once.
This also means that the 2factor is difficult to separate. Somebody with an unlocked access to my phone can hijack all my Google accounts by starting a password recovery.
Even though I made sure to never share my phone number to the new account, and I never loggued with it on my phone, and used a different browser session on desktop, it still forcefully sends a notification to my phone when I login because my login is suspicious it says. There is still no phone registered on the new account.
During reinstation of the banned accout I also got a scary msg essentially saying that if they denied my appeal, they might also ban my main account. Chilling.
It seems like a temp ban here would be totally reasonable, like, "we disabled your account for a day here's why, don't do it again". Permanent though, eek!
Nothing new. 10 years ago my (now 20+ year) google account was compromised for a whole 5 minutes. It was used by shady bots, and instantly banned. No warnings, no nothing. Trying to figure out what had happened was a challenge in itself.
Getting through to customer support was impossible.
5 years later I tried to get my account opened up, filled out some forms, and by some miracle it was.
My biggest takeaway from this (other than enabling 2FA) was that it is probably easier to get ahold of the scammers that control your account, than to get ahold of actual human customer support at google / alphabet.
Google will happily screw over users with 2FA as well. A few years ago I was out of state for the funeral of someone very close to me. I lost my phone and then needed to get into my email urgently. I didn't have my computer or any other devices with me and no way to get to them. Fortunately I had actually planned ahead for something like this and added my partners phone number as a 2FA method. So I tried to login with that and Google refused!
Google said that because I had more secure 2FA methods configured it wouldn't allow my to use one of the methods that I had very intentionally configured for exactly this scenario. My opinion of the company was already pretty low but I was still shocked that they would simply discard my security settings without any warning or override option. They made one of the worst trips of my life even more miserable. Google hates their own users so much.
For me it brings back a time when the internet felt more personable. Everything these days is boring, Facebook profiles, Tiktoks and Instagrams all look the same. We need the personal days back where people put their heart and soul into building their geocities page. Where you never knew what you'd find next when you press the next link on that web ring.
Seconded. Blogs are great but the old school blogs were David vs Goliath. I remember how much fun it was to cycle through my web ring and see all the extremely creative sites. Some flash, some just clever JavaScript, none of it used jquery or react or components. In fact, one was a giant anchor area image divided up into sections (not sliced designs, one whole image! With target boxes for clickable regions).
I still have my deviantart profile from the inevitable collapse into corporate. Web design took a turn for the smashing and now it all looks the same.
Everyone was still too cautious to type their credit card in or something. There was nothing to monetize. So, yeah, every website was someone's small passion project, with handwritten HTML.
State of the art for discovery used to be browsing a (manually?) curated directory on Yahoo. Google appeared and was a mind-blowing sea change. That's probably the peak, Google's inception up until jackass SEO marketers appeared. During that window, search worked fantastically over content that was fun to read.
I wish the industry would adopt more zero knowledge methods in this regards. They are existing and mathematically proven but it seems there is no real adoption.
- OpenAI wants my passport when topping up 100 USD
- Bolt wanted recently my passport number to use their service
- Anthropic seems wants to have passports for new users too
- Soon age restriction in OS or on websites
I wished there would be a law (in Europe and/or US) to minify or forbid this kind of identity verification.
I want to support the companies to not allow misuse of their platforms, at the same time my full passport photo is not their concern, especially in B2B business in my opinion.
reply