š¾ Archived View for dioskouroi.xyz āŗ thread āŗ 29446529 captured on 2021-12-05 at 23:47:19. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
________________________________________________________________________________
Something very similar happened to me with Amazon. I used a new debit card from an online bank to purchase an expensive item and deliver it to a foreign address (which is admittedly suspicious). The payment bounced, Amazon immediately locked my account and requested to see a card billing statement sent to my home address to reactivate it. Upon login I am presented with a stern request for documentation, a pdf upload field, a tweet-sized text field for comments, and all communication comes from a noreply@amazon.com address. All my kindle/audible/etc media immediately became inaccessible.
I went through every possible channel to explain that the card does not send me a billing statement and I cannot possibly produce one, requesting to be called or at least emailed by a human, to no avail. After spending tens of thousands of dollars on Amazon over the course of fifteen years I couldn't even get a personal call from the case manager, and all my purchased media is gone.
To this day I have found no resolution, and the only next step is to contact them through a lawyer.
> and all my purchased media is gone
Stolen by Amazon. They have no incentive to get it back. Amazon hopes that you purchase it again.
Call the consumer protection services. Big tech companies are not the law, they cannot steal things from you. Even if you committed fraud in one transaction, they cannot take away your property. (Amazon will call it 'service', but accessing your property is not a service)
> Stolen by Amazon. They have no incentive to get it back. Amazon hopes that you purchase it again.
They are not the only company doing this in some ways. ISP's who provide a set top box for watching TV and downloading/streaming service to tv, do the same thing when you change you ISP. Its a form of lock in because whilst you can still get access to the purchased films, you have to jump through more hoops. Its all legal but I question the morality of it, when considering online piracy via torrent streams and then the "hacking" that companies have used to trace and prosecute the worst.
But I've learnt enough to know that everyone has their questionable practices to maximise profits/income, the lucky ones are the one's who would also be the expert witnesses in court or have been able to fly entirely the right side of the law.
There have been so many stories of users and developers losing libraries and livelyhood because they have been spurned from these "walled gardens."
The only real answer is to minimize our footprints in these closed places.
My current phone runs Lineage without a hint of Google. I keep an old Samsung for gmail and other services, but the death of "don't be evil" has meant the death of Google on my phone. They will never be back.
I have seen several people who sold on Amazon lose their accounts. I am not sure what provoked it, but the exchange is certainly not in favor of the smaller party.
And we all know what Ebay did.
I can't really say that any one abusive company's behavior is any worse. They are all tyrants with their "star chambers" and sundry courts of inquiry, and the less authority that you give them over you, the better your position will be.
We left this legal thinking behind long ago, but Apple (among others) has brought it back.
https://en.wikipedia.org/wiki/Star_Chamber
Which ISPs kill your purchased content when you leave?
At Comcast/Xfinity when you cancel all services your account still remains, and you can stream your purchased content the web or through their mobile streaming app when signed in on your account.
UK, so you purchase with a set top box you buy from them to use their additional services and then when you leave, they force you to purchase another device to watch those films like a computer to watch it on. You can no longer use the set top box to watch the purchase films on.
Well I wish that is true. But It isn't actually your property. You are only purchasing a perpetual right to use that item under the terms and condition. It is the sad state of things Silicon Valley decided ownership is no longer a thing and everything should be "service", so they gain the control of all asset management right.
There is some part of me that increasingly hate Silicon Valley.
> You are only purchasing a perpetual right to use that item under the terms and condition
To clarify for others: parent is not talking about subscriptions.
When you "buy" content on these platforms, they are not actually yours to take away for ever like a physical book. The software you consume them on e.g a Kindle or iTunes, is actually capable of remotely deleting "your" content at any time, and they are supposedly within their legal right to do so.
They have essentially hijacked the word "buy", it does not implicitly mean what it used to mean, you cannot really buy a copy of a piece of music or a book or a film from any of these large platforms today without removing the DRM and making a local copy (which is technically illegal).
My wife "purchased" a French movie on Amazon Prime Movies Ć few years ago (because it was pretty much the only way she could acquire it without piracy)
Recently she tried to watch it and Amazon just had "you can't access this content." Maybe Amazon didn't renew the license with publisher, maybe not, but in any case, Amazon really proved to me that no, we do not own digital content.
So, I pirated it for her. If doing things the "right/legal way" is going to screw us over because of fine print, then why bother?
This reminded me of pirating a Game of Thrones episode when I was a customer of HBO. My wife and I signed up for HBO max to watch the final season as it was airing. The quality turned out to be pathetically poor. During the Battle of Winterfell episode, the pixelation was serious enough to make the action difficult to make out.
I went ahead and torrented the episode the next day to rewatch it in all of its intended glory. Then a few days later, I got a letter from my ISP telling me that HBO was very upset with me and threatening to cut off my service. I felt compelled to send them a reply, explaining the situation and telling them to eat it.
In some countries "piracy" of itens you own is a gray area, because in the past you could make copies of medias, such tapes, as backup.
> Amazon really proved to me that no, we do not own digital content.
Amazon does not make laws. If a thieve steals your car that does not prove that you don't own the car. The car ownership is still yours, but it has been stolen.
Would you download a car? advertisement has gone all the way around and now big companies are just stealing our property.
ObXkcd:
>They have essentially hijacked the word "buy"
Yes.
Part of me thinks that was the reason why Steve Jobs hated Music Subscription. He said "no" to Beats many times before his death. And why Apple ( at the time ) worked really hard to get rid of DRM in movies ( but failed ). And iTunes Music is DRM free. May be it is time to remind our self how we got DRM free music on iTunes, with Steve's "Thoughts on Music"
https://web.archive.org/web/20070207234839/http://www.apple....
> They have essentially hijacked the word "buy"
No, that's simply called "lying". When done for monetary gain, it becomes fraud.
But you don't buy property anymore. You are licensed to use it under various T&C. The age of property is gone. I wouldn't be surrised to see our fav OS(ios, macos, win etc) stop working once the cloud account is suspended. For your own safety you may not use a different account either. People traded their freedom rights for apparent convenience so I guess we get what we deserve.
I'm sure they have some small print stating that it's not actually yours.
Small print is not always legal.
This is why I pirate all my kindle books and keep them locally in epubs/mobis. You either have it or you don't.
Kinda funny how they're driving us right back to piracy.
Digital content is not forever. If I can't purchase it and download it to my local hard drive, I'm not purchasing it.
Reminds me of those old anti piracy PSAs: "you wouldn't download a car." (note: yes, yes I would if I could).
But if the new car-buying process was "pay $20k for this Honda Civic, but just know that we are just allowing you to drive it, we can take it away from you at any time" you can be sure that either no one will ever buy cars again, or they'd just "steal" them.
If compliance is too hard or too inconvenient or just plain stupid or malicious, then people won't comply. Easy as that.
Makes me wonder what would happen with my Steam games if the publisher pulls it from the store, or what if Steam decides it won't support my system anymore (and I don't want to update).
I feel like there were a few cases where this has happened, and Steam actually still had the game stored for people who had purchased to download, it was just that no one else could buy the game. Not sure if those cases were the publisher not wanting to generate bad will among its customers, or if Steam's contract with the publisher states outright that even when the game is pulled from the platform it must remain available for people who have already purchased it. Either way, it would certainly be the case that any future patches wouldn't be pushed to Steam.
Easy answer: Quit giving money to Valve, and use GOG instead
GOG for buying stuff DRM free, and Game Pass for renting it cheaply if you don't care to own it
I own a few games that got yanked from the Steam store. I can still download, install and play those games as much as I want to.
Generally this has only happened with games that are no longer developed, but if they got yanked for any other reason I believe Valve wouldn't distribute any new patches to me.
Alpha Protocol was removed from stores over music licensing issues. I freaked out because I didnāt have it downloaded, but itās still in my library and I can download it. You just canāt even view it now if you donāt already own it.
Not to forget when Amazon deleted books off of Kindlesā¦
the internet is my car.
I do this too. I don't want to have to resort to this, but I also don't want to risk Amazon taking away all of the books that I've paid for! All I want is to pay for DRM-free content.
Copyright infringement is your best entertainment value.
I started buying huge stacks of DVDs from Goodwill. They are on my Plex NAS now, along with all of my music. All legally purchased. I was considering starting a donation chain where I give all of my DVDs to someone who wants to do the same, who in turn would give them to someone after they are done. It is a lot of work but my shows and movies are super fast, ad-free, and accessible from anywhere. A pleasant friction-free experience after ingestion.
The state can curb stomp the small print, just keep pointing out where it impacts people like we are doing right now
So might be a good idea if they refund him then.
If you pirate content it's gonna be yours forever no matter what.
So if you buy stuff and it's going to get taken away from you for arbitrary reasons... you might as well pirate stuff.
> you might as well pirate stuff
I want big corporations to abide to the law. To pirate is a patch that does not solve the problem. Let's fix that corporations do whatever they want with your digital property.
I want to buy digital movies, games, music, ... without being at the mercy of some algorithm that can automatically steal what is mine.
It's not your digital property. Look eg. at Netflix ToS, you're just buying a temporary membership in some club that will allow you access to some content, on their terms. That's not what ownership looks like.
I suspect it will be similar with all other consumer oriented content distribution services.
And so it should be considered an open-and-shut case of false advertising. The small print may not take away what is given by the large print. If the large print says "Buy Now", then the small print may not replace buying with licensing.
Yeah but if people keep pirating the corporations will groan and lobby for the sensible legislation for us. They will eventually figure out that they have no control and will ask for laws that grant rights to consumers that benefit them as well (people actually trusting them again). I think that's a good patch. We just need to incentivize them to do the right thing.
I doubt they'd be so charitable. More likely they'd just lobby for harsher piracy penalties and protections from piracy.
Thatās ok, VPNs are super cheap.
I agree, but in the meantime...
Audible books can be bought without a subscription, downloaded in an encrypted format, then decrypted by a FOSS tool (such as Libation).
It's roundabout, but at least for audiobooks there is a way to own what you want to listen to and still support the creators.
Or you can buy audiobooks from
or similar and support open formats and your local bookstores. Leave audible as a last resort, the more you buy from, the more you are 1) supporting them 2) telling then you don't mind DRMed media.
Well you are not wrong, but pirating is not the answer but cracking. For example i regularly backup my Audible library and remove the DRM, not to redistribute them, but in the case Amazon closes the Audible-brand, change the Apps i can access my library, delete some of them etc (we all know what can happen and did in the past).
Same with games, if possible i buy them from HumbleBundle or GOG. And i never buy something that is bound to a platform that i really care for.
You still support this unfair business with your money. If you want to fight DRM, check out
https://www.defectivebydesign.org/
.
Look the audible drm is so easy to remove i am ok with it, if they change it and i cannot remove it anymore i will stop.
And yes i hate drm too, but since stallman is a extremist that supports un-free licenses (unlike the BSD and MIT) i will not listen to his wannabe rants, and i will never forgive him to change the GCC license to GPL3 only.
If i care for something i remove the drm, if i cant, i will stop buying it.
Those "unfree licenses" are the reason you're not forced to use Windows on desktops/laptops/phones/servers/toasters/supercomputers (it does none of these things well even now, imagine the world we would have if it didn't have any competition at all).
GPL puts the user's freedom first. Every developer is mostly a user anyway, unless you're writing absolutely everything from scratch like they do in SerenityOS. So I like that stance very much. If you don't, nobody is forcing you to interact with GPLed software in any way.
Exactly. Copyleft is more about "freedom for society" as a whole, ensuring all users (which includes developers) retain this version of freedom. Permissive licenses are more about "freedom" for the individual to do whatever they want, with the potential to take freedoms away from others as a result. I think the stupid anti-gpl sentiment mostly comes from American idealisms of freedom, and developer selfishness, but that's just imo. The GPL still lets you do whatever you want in the privacy of your own computer, but when you put that GPLed software into the public, you need to ensure that you give the same freedoms to everyone else to have within their own computers as well.
I think that's much more noble and kind.
But as long as it's free software, I'll still use it and be happy it is, regardless of the license.
And tbh it'd be nice if the small, loud minority of BSD lovers, GPL despisers would shut up. They give the BSD crowd a terrible look.
This is still pirating. The fact that you don't share the cracked media doesn't change the fact that you violated the T&Cs. And I'm pretty sure they could sue you for piracy.
In the US, I don't think they could (but it may depend on the details of how you did it). They could sue you for contract violation, but would they? There's no upside for them to do so.
> And I'm pretty sure they could sue you for piracy.
Afaik, they could in Germany.
One of the most BS laws.
Care to suggest a preferred method?
I too would like to know this, I've got years of Audible books and this is the first time I even thought of backing them up. This Reddit thread has several options
https://www.reddit.com/r/audible/comments/nphw1w/easiest_way...
including a website that will generate the ffmpeg command:
That's why whenever I buy a DRM-ed content like a book on my Kindle, I always download an un-DRM-ed copy from Librusec. If it's unavailable, I un-DRM it myself. This is for non-fiction where I'm likely to go back and read the book (or, more likely, its fragments) again, possibly many times. For fiction, I don't care that much - usually I read a fiction book once in a lifetime so if Amazon steals it from me or not it makes no difference. It's not like I can give it to someone like with a physical book.
Same here. But of course with fiction (or anything really) you can forward the un-DRMed book to your kids, your spouse, etc.
Thereās also family sharing for kindle, so this isnāt particularly a feature.
Thatās why I donāt pirate stuff. I donāt want to hoard it and keep it. I just want to use it once and be done with it.
The only exception is content I create.
With a couple of minor exceptions that works well for me.
Historically i hoarded content and ended up with 2TB of crap I was never going to watch again. So I deleted it and now donāt have to herd hard discs.
my man you can delete the files once youre done
LOL. Its probably too much for new generation too.
My daughter is amazingly apt at not paying for content. Youād be surprised.
While I agree with you, it's not as simple as it seems. One of the crucial skills we have to learn in the digital age is to discard information. Historically, we have evolved as hoarders: keeping valuable things usually pays off.[0] With information, it's no longer the case. You don't have scarcity like with physical goods: there is more available than you can absorb during many lifetimes. So we need to develop the crucial skill of discerning between the top stuff you really want and need - and everything else that should be discarded. Based on my limited personal experience, this is not always easy but improves with time.
[0] Marie Kondo would disagree
I don't get it, this is not a house with limited square footage. Discarding is of almost zero importance, in fact, you have it logically backwards because discarding incurs a cost of investing your precious time to make a decision. While retaining only requires you to have an amorphous blob somewhere, a non-event. This is especially true for things tens of megs to a few gigs. Of course not yet true for 4K videos, but we are approaching that point not year by year as cost per TB approaches 0.
By saving stuff, you future proof the high possiblity that it becomes completely unavailable anywhere online and you have the last copy. And you can easily find it by search, I have this happen all the time. In many cases the audio cassettes that accompany an old pedagogic text have been digitized by one person who shares a zip one time and then the link dies forever. Ten years later when I finally free up time to study the material, it will be too late.
The important skill: don't download or even browse crap you certainly won't use within your lifetime. It is a time sink. Develop a strong preference for only looking for things you'll immediately begin studying or have a concrete plan to study in the coming 6mos.
Information hording is not only concerned with information availability, also with information presentation, stability, liquidity (non mainstream information may be very hard to find later) etc.
> With information, it's no longer the case.
It isn't always like that. If your data is on somebody else's platform (as for the author's data) your data is gone, possibly for good.
And by the way... onljne communities (and websites in general) come and go. The data you're relying upon today might not be there tomorrow (or it could get altered someway).
I would spend more than the 2 hours a month all the streaming services cost me in salary pissing around, transcoding and finding the damn things.
Absolute hogwash. Torrenting is easy as pie if you know the right places and know the bare minimum basics of torrenting like pick a torrent with more seeds in the quality you want. It takes less time to torrent something than find out which of the gajillion streaming sites has the thing I want to watch.
Yeah 10 episodes down a hole of anime season and you find the last ones donāt have English dubs resulting in an impending shit show to deal with because no one bothered to release it or there are no seeds for single episodes. Then thereās the subs written by someone who doesnāt know any languages apparently. Then thereās the shitty transcodes originally. Then the logistics of managing which one of the 5 members of my family wanted it and getting it to the device of their choice.
Then you find something is only available in x265 so you have to transcode it yourself so itāll play on the kids 5 year old Samsung TV. Oh and that only supports certain very fussy audio streams.
Just no. Iām on the mark. Iāve been doing this shit for a decade and Iām tired and fed up with it. I pay ~Ā£35 a month for all my services and thatās a bargain. Itās literally fuck all money to make the problems go away.
420 punds a year!
> transcoding and finding the damn things
I'm sorry, this is bullshit.
I spend _less_ time if I torrent stuff.
Example: I want to watch the last season of Expanse. Ok, go to iTunes (Apple TV). Nope, not there (Australia). Hmmm, may be Netflix? Nope. I remember it was by Amazon or smth? Oh yeah, it's in Prime.
How much time did I just spend? And I also must pay for all of those?
Torrents:
- go to my favourite tracker
- search, find bunch of options from SD to HD with bunch of audio tracks and subtitles that not a single commercial pos offers
- copy magnet link
- paste in transmission UI
- done, took less than 3 minutes.
Whenever I feel like watching it, open Infuse on iPhone and watch it from my Emby.
When I want to stream something I go to justwatch.com, search, and then see which streaming services carry it either through subscription or for rent or purchase. Then I fire up that app or website on whatever device I like and watch.
Torrenting isnāt hard but these days neither is streaming.
Seriously it is some BS. I even spent like mabye an hour setting up the *arr tools and now anyone in my family can log into 1 site, find the tv/movies and hit download and it manages everything.
I am a Datahoarder with almost 50TiB. I almost never delete things. I kinda view it as a mixed media library, the value is in the content youay want to consume whenever. Plus one never knows if something will be available at a later date and hard or impossible to find.
Download logoās, see how a statement would look, and create one yourself. Print it, fold it and make a photo. Always works for me when I am asked for a statement from a full digital service.
My energy provider used to perform an immediate change of address which would be visible on your latest downloadable PDF invoice. This allowed even people without the most basic computer skills to validate _any_ address.
Long story short, all those processes eventually depend on āproofā that is really easy to fabricate.
Dutch banks invented the iDin standard, some kind of oAuth with your bank that provides third parties with validated personal information, but it is not widely used and I am not aware of an international standard or initiative for this.
It's no wonder that ID fraud is so rampant in countries like the US and UK in comparison to countries like Norway that have a national ID service (BankID).
There is no way that my Norwegian bank would accept a utility bill as any kind of support of ID. Instead they send a letter to my registered address (national population register) with instructions to take it and my driving license or passport to the post office who will act as a notary and report to the bank that I am the person that the letter is addressed to.
From then on BankID (using a one time pad, SIM card, or code generator) can be used to log in to pretty much all banks and government services.
Norway is a bit unusual in the way it handles ID. In many parts of the world (including the US & U.K.) the idea of central government holding an accessible database of everyoneās identifies, and mandating participation, is cultural and political suicide.
We can argue all day about whether or not this is a good idea. But ultimately, itās red lines weāve drawn in the ground, and weāve decided the trade off (such as identity theft) is worth it. In the U.K. at least, two World Wars have taught us to be wary of central government databases. Weāve seen how they can be abused people in power seeking to persecute part of a population, and even now weāre seeing it again with the U.K.s governments persecution of migrants.
At least in the U.K. there are clear and simple guidelines for undoing the damage caused by identity theft. If a bank account or loan was opened in your name, the bank has to close it and write off any losses, and they should compensate you for the trouble. If the mess you around, thereās a number of Ombudsmen and regulators filled with people waiting to take the financial organisation to task and make them really regret their obstinance (Iāve been on the receiving end of their wrath, itās not much fun).
All of this creates very strong incentive for banks to prevent identity theft in the U.K. Unfortunately US consumer protection is lacking in comparison.
>In the U.K. at least, two World Wars have taught us to be wary of central government databases.
Speak for yourself. The anti-ID faction is basically hysterically scared of the idea of 'papers, please'. That's it, and that's why there is a specific statutory defence to not carrying your drivers licence while driving (the HORT1 'producer'), which itself has been made irrelevant by the fact that the PNC has access to the DVLA driver file database.
We need, as a society, an ID document. In the UK, we end up making it up through the use of a passport/DL and a combination of various other official letters. Young adults end up carrying their passports just so they can prove their age to go drinking - do you not see that this is a problem?
While I share concerns re biometrics etc, the idea that an ID card is somehow anti-democratic is ridiculous and, frankly, far fetched.
>At least in the U.K. there are clear and simple guidelines for undoing the damage caused by identity theft. If a bank account or loan was opened in your name, the bank has to close it and write off any losses, and they should compensate you for the trouble.
Which is fine for the consumer, if not a considerable amount of hassle, but is also the source of much financial loss. Fraud, in the UK, takes place on an industrial scale.
> the idea that an ID card is somehow anti-democratic is ridiculous
I don't think anyone invoked the spectre of 'democracy'.
A common fear of ID cards is that, once everyone is supposed to own one, some government comes along and decrees that you must carry one at all times. Then the police are given powers to arrest anyone not carrying ID; and finally, to stop and search anyone on the suspicion that they are not carrying ID.
Those fears are not "hysterical".
Also: the novel 1981 was written about a future UK.
>A common fear of ID cards is that, once everyone is supposed to own one, some government comes along and decrees that you must carry one at all times. Then the police are given powers to arrest anyone not carrying ID; and finally, to stop and search anyone on the suspicion that they are not carrying ID.
And can you point towards a European country that isn't in the grip of a totalitarian state where this currently happens?
It's typical British exceptionalism, like unarmed police and Brexit. We'll massively inconvenience ourselves out of principle, while sensible populations look on in bemusement.
>Also: the novel 1981 was written about a future UK.
I'll assume that you mean 1984, which is _fiction_. Orwell, after all, was English and you would expect him to write political allegories based here.
> It's typical British exceptionalism, like unarmed police and Brexit.
Odd thing to get worked up about. Not sure why you link brining guns into a potential heated situation is gonna make it any better. Most police offers donāt even want to carry a gun, I certainly donāt want police officers carrying a gun.
That got nothing to do with exceptionalism, I just think a police officers primary responsibility is to their community. We should rate them based on their ability to prevent crime through community relationships and diplomacy, not on their ability to rapidly deliver lethal amounts of lead into a situation.
We should stand up for our principles, and try and build a society to thats a fair and equal as possible, regardless of an individual quirks and differences. We shouldnāt be aiming to create a uniform society just because it economically more efficient, and removes the need for the majority to think about the needs of the minority.
Yes, of course, 1984! He was expressing his fears about the future of the UK, because he was British (and of course, because he was projecting a future, it was fiction). You are quite right.
> And can you point towards a European country that isn't in the grip of a totalitarian state where this currently happens?
No, but there are several European countries that are essentially totalitarian at the moment; and there are several European countries that are not currently totalitarian, that have required people to carry ID on pain of arrest during my memory. It's a reasonable fear.
> We need, as a society, an ID document. In the UK, we end up making it up through the use of a passport/DL and a combination of various other official letters.
A voluntary national ID could be useful, something that effectively the same as a driving licence, but available to all U.K. residents without cost. Not sure I agree we _need_ it, existing documents work surprisingly well.
> Young adults end up carrying their passports just so they can prove their age to go drinking - do you not see that this is a problem?
They can get a provisional driving licence instead, it cheaper than a passport. Thereās also no requirement to use an in-date passport. Bars and pubs will happy accept an expired passport with it corner snipped, as long as the photo is recognisable.
> idea that an ID card is somehow anti-democratic is ridiculous and, frankly, far fetched.
I never made this claim. Democracies are just as capable of committing atrocities as totalitarian states, they just tend to do less frequently and with better PR. I personally think people should think seriously about who they hand their identity data too, examine what benefits it might provide, but also consider how it could be abused in the future. I like the fact that most databases in the U.K. are difficult to integrate because thereās no clear single identifier for a person, joining data requires a degree of fuzzy matching and creates opportunities to challenge government agencies.
> Fraud, in the UK, takes place on an industrial scale.
Iām well aware of the scale of fraud in the U.K., Iāve spent years developing systems to prevent it, and run full on into the issues caused by a lack of national ID. However I still believe the trade-off is worth it. Iāve seen to many examples private organisations effectively running a shadow judicial system that can prevent and individual from accessing essentials societal services, like banking, with no oversight or appeals process. A national ID would just make it easier to build these systems, and innocent people who get caught up will pay the price (for a fraudster, getting caught is just the cost of business, they go in with their eyes wide open).
The ultimate goal of society is not to produce the most efficient economic system. There are trade-offs to be made, and achieving zero fraud is far more problematic that having some fraud.
>existing documents work surprisingly well
Not really. A passport is expensive, a drivers licence isn't supposed to be a photo ID card and someone shouldn't have to pretend to be a driver in order to obtain one.
>They can get a provisional driving licence instead, it cheaper than a passport. Thereās also no requirement to use an in-date passport. Bars and pubs will happy accept an expired passport with it corner snipped, as long as the photo is recognisable.
_Some_ bars might. Others may not. In any case, you've still got to a passport in the first place, so that doesn't remove the renewal cost or the initial cost. It's also a multi-page book.
If we're going to run a provisional DL as a de-facto ID card, why not just have an ID card?
>Iāve seen to many examples private organisations effectively running a shadow judicial system that can prevent and individual from accessing essentials societal services, like banking, with no oversight or appeals process. A national ID would just make it easier to build these systems
If you're verifying someone's ID at all then those issues are going to exist. That's not a problem with having an ID card, that's a systems problem - if you use a DL, there's a URN. If you use a passport, there's a URN.
Not having a national ID card is, frankly, Stone Age. If you want to avoid the spectre of _Papiere, Bitte_ then that is a legislative problem and not a technical one.
> Some bars might. Others may not. In any case, you've still got to a passport in the first place, so that doesn't remove the renewal cost or the initial cost. It's also a multi-page book.
Pretty much every bar does. I know this because I have several friends that used expired passports for years without issue. Itās also frequently done be foreign students, because most bar staff donāt recognise any form of foreign ID except a passport. So thereās no need to ever renew the passport.
> It's also a multi-page book.
So what? It no more difficult to carry than a small wallet or purse.
> If we're going to run a provisional DL as a de-facto ID card, why not just have an ID card?
Because the DVLA donāt want it to be an ID because itās a pain in the arse for them. Which is good, because they go out of their way to make accessing the data difficult for any reason that isnāt driving related. Creates a nice little natural firewall against abuse.
> If you're verifying someone's ID at all then those issues are going to exist. That's not a problem with having an ID card, that's a systems problem - if you use a DL, there's a URN. If you use a passport, there's a URN.
The URNs change on each renewal or replacement, strictly limiting how long they can be used to track an individual. Additionally people can choose which document they use with each entity, and make it harder for different entities to match their IDs.
> Not having a national ID card is, frankly, Stone Age. If you want to avoid the spectre of Papiere, Bitte then that is a legislative problem and not a technical one.
Yes it is, just like paper voting. Thats a good thing, it shouldnāt be easy for future governments or corporations to track individuals without their consent.
With regards to _Papiere, Bitte_ legislation solves nothing. It can easily be changed at a whim, our executive government almost always has a majority in the legislative house, make it trivial for them to amend legislation on whim as it suite them. Surely your not blind? You must have seen the numerous abuses of this powers from Borisās Tory government over the past year. Just look at anything Priti Patel has worked on.
Throwing away natural defences against abuse for _convenience_ is stupid and short sighted. There are plenty of innovative ways of working within our current ID system, while still offering a high level of convenience, without making it easy to abuse the data. Just look at any recent neo-bank to find half a dozen examples.
I find it strange that folks in the US and UK, given that these are championing modern dragnet surveillance, would recoil at the idea of government issued ID, thus forcing everyone to come up with error-prone workarounds enabling identity fraud. As a German, the idea of a bill proving anything at all is just wild.
It makes no sense, but this:
> In many parts of the world (including the US & U.K.) the idea of central government holding an accessible database of everyoneās identifies, and mandating participation, is cultural and political suicide.
Is a very true statement. I am British but I live in Switzerland. If I want to do anything here, I send a copy of my residency permit. Bank statements wouldn't count.
The UK actually did experiment with ID cards under the Blair/Brown government. I never had one, they were only issued in a trial area. There was a campaign against it:
and the Cameron government (2010-brexit) scrapped the ID cards. The law was:
https://en.wikipedia.org/wiki/Identity_Cards_Act_2006
.
One of the main objections was to the national identity register, which would contain biometrics and not need the card in order to query.
I'm on the fence about this. On the one hand, I'm not sure I trust the UK government to run any kind of IT scheme - they tend to pick huge consultancies, waste enormous sums of money and the result is late, 6x the price and doesn't actually work. Also the biometrics thing seems excessive. On the other hand, there are plenty of centralised databases already and if you ever want to drive a car, at least one of them prints out an ID-0 sized card with your photo on it. I would also, honestly, prefer an identity card over proving my identity with easily forged bank statements.
> the idea of a bill proving anything at all is just wild.
Itās a little more complicated than that. KYC requirements arenāt that lax, but there are multiple ways of proving ID. Proof of address in the form of a bill is just one of many components that are used in tandem to prove identity. Rest assured you canāt open a bank account with just a utility bill.
As a Brit, I think the lack of ID* is fairly silly nowadays, however it's an orthogonal issue to the surveillance one.
Abuses of government power that the average person might experience here tend to come from lower levels like the civil service, police, tax office, immigration or councils. ID card databases could make that easier as they tend to be more accessible (of course, otherwise they'd not be useful). The other thing we don't want is for it to be easy for companies to demand ID for basic things knowing that everyone will have one, or future governments to be able to make carrying an ID card mandatory when in public, and for police - or anyone else - to demand to be able to see it. That situation is often derided as a Nazi Germany "papers please" police state. The idea of needing a permission slip from a state authority to breathe the pure English air is a line the majority of people would absolutely not want to cross at this point in time.
The secret services aren't something that most people think about. We don't typically worry about being mistakenly or maliciously classified as an enemy of the state. Unlike being maliciously classified as an enemy of a local councillor, which is fairly common. Also, you can be pretty sure your secret services are doing exactly the same things as ours, irrespective of what your law or constitution says.
(* Physical ID cards are a bit old fashioned though. We're planning on replacing physical driving licenses, non-citizen residence permits, etc. with digital versions. I suspect we'll end up with a national digital identity system by default without ever having a physical ID card. Some people are worried that will lead to another Windrush situation, however.)
> In many parts of the world (including the US & U.K.) the idea of central government holding an accessible database of everyoneās identifies, and mandating participation, is cultural and political suicide.
You mean like the IRS?
American here. Not having national ID is stupid. The government has an interest in knowing who it's citizens are.
It doesn't have a legitimate interest in knowing where I am at all times, however.
I donāt really have a super strong view either way. Here in the U.K. HMRC only knows about you if have a National Insurance Number (which isnāt mandatory) and get payed with PAYE (Pay As You Earn) where your employer collects your income tax on behalf of HMRC.
You can avoid both by only accept payments in the form of cash and bank transfers without a proper payroll. Legally dubious, but there are people out there who actually do this.
> The government has an interest in knowing who it's citizens are.
The government has an interest in many things. Doesnāt necessarily mean that individuals share that interest and should capitulate. Personally I donāt think mandatory government ID is a requirement for a well run civilisation. Interestingly Norways Bank ID is an example of how you solve the issue of ID without making it mandatory (Norway doesnāt have a compulsory National ID and only got a National ID last year), and banks in the U.K. are experimenting with something similar built on top of Open Banking.
Ultimately itās down to the individual (in my view) to decide how much info they give to their government. But equally a government can request that info in exchange for government services, assuming that info is needed to provide that service.
> You can avoid both by only accept payments in the form of cash and bank transfers without a proper payroll. Legally dubious, but there are people out there who actually do this.
Well there's the issue, isn't it? The government has to know your identity unless you're committing a crime.
> The government has an interest in many things. Doesnāt necessarily mean that individuals share that interest and should capitulate.
This isn't an argument against the government knowing who its citizens are.
> Ultimately itās down to the individual (in my view) to decide how much info they give to their government. But equally a government can request that info in exchange for government services, assuming that info is needed to provide that service.
Why should we be providing any service to anybody without having any information about them? So one person can show up and collect the same benefits 10x at the expense of everyone else?
At a BARE MINIMUM the government has to know your identity to determine your eligiblity to vote and to levy taxes. And both of those are so fundamental and important that I don't see how you can possibly argue that "shadow citizenry" is acceptable.
> Well there's the issue, isn't it? The government has to know your identity unless you're committing a crime.
Depends how much you earn. Below a threshold itās entirely legal to earn income and report nothing to HMRC. Taking the stance that anyone not reporting to HMRC is tax-evading would turn the whole idea of due-process and āinnocent until prove that guiltyā on its head. The government should be forced to substantiate its accusations with evidence, and a lack of any record is not evidence of a crime.
> > The government has an interest in many things. Doesnāt necessarily mean that individuals share that interest and should capitulate.
This isn't an argument against the government knowing who its citizens are.
Isnāt it? Governments should exist to serve their citizens, not the opposite (at least in a democracy). If a population donāt want their government to know who they are, that their prerogative. Nothing inherently gives a government a right to know who itās citizens are, it might be useful and even necessary to provide certain services, but itās for the people to decide what the trade off is, not government.
> Why should we be providing any service to anybody without having any information about them?
Yeah, thatās like my entire point. The other side of that coin is āwhy should citizens provide any information to government with they donāt want to use their services?ā.
> So one person can show up and collect the same benefits 10x at the expense of everyone else?
Donāt know how you got to this conclusion. It totally reasonable for a government to make access to benefits dependent on providing basic identity information to prevent abuse. But if someone doesnāt want to access benefits, then why should they need hand over identity information? Equally if those benefits can be provided with collecting the information, then why should it be handed over? I should need to hand over my ID so an NHS doctor can fix my broken leg.
> At a BARE MINIMUM the government has to know your identity to determine your eligiblity to vote and to levy taxes. And both of those are so fundamental and important that I don't see how you can possibly argue that "shadow citizenry" is acceptable.
Sure, but if you donāt want to vote, or earn above the tax free allowance, then why should you need to identify yourself? And even if you do identify yourself, why should that process be centralised. Each organ of a government can figure out what they need to perform their function, and only request that data. Just because you want to vote, doesnāt mean the HMRC and the Home Office should automatically know who you are.
The UK and US are actually in the minority when it comes to compulsory national ID, albeit in good company. [0] I don't really have a value judgement on this, but would like to note, that both the UK and US have some of the most advanced surveillance states in the world, something that countries like China can only aspire to. If there is a red line drawn in the sand, you forgot to check your back.
[0]
https://en.wikipedia.org/wiki/List_of_national_identity_card...
> UK and US have some of the most advanced surveillance states in the world, something that countries like China can only aspire to.
I think thatās a little hyperbolic, the U.K. and US certainly have large surveillance states built in secret out of the public eye and public scrutiny. But China is on a completely different level, if you donāt think thatās true, then research the prevalent use of facial recognition, and the extreme forms of surveillance applied to minority populations like Uighurs. Everything in the U.K. pales in comparison.
Before you bring up the topic of CCTV and facial recognition trials, almost all CCTV in the U.K. is privately owned and inaccessible to the state without a warrant. It certainly isnāt networked into some super surveillance hub. And the facial recognition trials have been a complete farce, more a demonstration of police incompetence, than state surveillance.
China is indeed _aspiring_ to copy western countries surveillance state, and taking it much further, but you are overestimating the infrastructure and data sharing already in place. The often discussed social credit system for example will start national operation soon, but in its absence, _there is no national credit system_. Ant Group was recently busted by regulators for not sharing credit data with the state [0] Facial recognition is very advanced in Xinjiang and first/second tier cities, but it is usually localized and data sharing between agencies seems very low. Life in China is full of legal grey zones, as is typical in developing countries, with things technically being not legal, but no one is there to enforce it.
[0]
https://www.cnbc.com/2021/09/23/ant-group-to-share-consumer-...
> inaccessible to the state without a warrant
I don't think that's quite accurate; I think it's true that the state can't _compel_ access without a warrant, but in general shopkeepers quite like policemen, and will share their footage vountarily.
The irony being that except for a register of addresses countries like the UK and the US have much more surveillance of their citizens than places like Sweden or Norway. The UK has about 1 surveillance camera per 11 citizens or so, I don't know numbers for Norway or Sweden, but from my own observations there are orders of magnitude less.
So yes the UK government might not have your adress in a register, but they know where you sleep, go to work, with whom you talk etc..
Lets not even talk about the extensive spying by the 5 eyes.
Yeah, that stat is very misleading. Those cameras are all privately owned, mostly by shops.
So unless you think thereās some great grocers government surveillance network (there isnāt, Iāve actually asked), then the government has no idea what your doing. To find out they would need to send a police officer with a warrant to every shop in the country to request the footage. Even then the footage is mostly crap (again Iāve actually seen what the police collect for investigations).
To claim that the mere existence of a camera indicates a surveillance network is just intellectual dishonesty. No one would ever claim that very laptop camera is monitored by the government, but apparently supermarket cameras are?
That is not true, there are a lot of police/government owned CCTVs in public places in the UK. They even had some initiatives, were some of those had speakers attached so the person monitoring the camera calls out "unwanted" behaviour.
I would say ignoring the fact that the US and UK have set up and are running (well the UK is really just tagging along) in the biggest worldwide surveillance operation on the planet is the intellectual dishonesty.
Also I never said that the existence of a camera indicates surveillance, that's a straw man. However, the existence of automatic licence plate tracking is definitely an indication of surveillance. The wikipedia article on UK mass surveillance is quite enlightening.
https://en.wikipedia.org/wiki/Mass_surveillance_in_the_Unite...
You should go and talk to some actual police officers trying to investigate actual crimes. Iāve talked to quite a few when working for a company that specialised in dealing with CCTV, and I was trying sell stuff to the police.
I can tell you with some confidence that U.K. CCTV infrastructure, both state run and private, is a complete joke, and almost completely useless. Try giving an officer CCTV footage of a bike being stolen, and youāll quickly discover how useless it is.
> the idea of central government holding an accessible database of everyoneās identifies, and mandating participation, is cultural and political suicide.
>In the U.K. at least, two World Wars have taught us to be wary of central government databases.
Well really it is a little more than a sort of Driving License. We might get away with it by calling it EuroClub Express.
For those that havenāt seen Yes, Minister.
> In many parts of the world (including the US & U.K.) the idea of central government holding an accessible database of everyoneās identifies, and mandating participation, is cultural and political suicide.
That's because the US and the UK are mentally ill cultures actually engaged in cultural and political suicide, so any practical, useful ideas like that are considered suspect.
> Unfortunately US consumer protection is lacking in comparison.
That's what happens when a whole country decided to mistrust their elected government and instead put their faith in corporations.
> There is no way that my Norwegian bank would accept a utility bill as any kind of support of ID.
It's not ID, it's proof of address, separate from proving identity afaik. Mtgox wanted to see ID, but because my ID doesn't say my address they also needed some somewhat official letter addressed to me on this address.
Well, it's not really _proof_ of address either because it's so easy to forge, which was OP's main point.
BankID with a digitally signed utility bill should be enough for AML/KYC.
I was developing one fintech app recently and I never heard of this requirement.
As much as it might seem practically expedient, I'd advise not doing this.
I'm imagining a lawyer for the injured person hearing they resorted to fabricating evidence, lawyer looking sad or irritated, and telling the person there's nothing the lawyer can do for them now. At least not on the original problem, though now the person might have an additional problem.
>Dutch banks invented the iDin standard,
Oh this is genius! Why aren't others doing it? My guess is that Banks have no incentive to do so? After all Auth and validated personal information is not their business anyway?
Email jeff@amazon.com. It'll hit the exec support team (even though he's no longer CEO.)
It's aggressively monitored. Jeff himself used to forward prickly ones with a ? to relevant parties, but at the very least, better than front-line support.
I hate it when companies use an "open secret" for important things like support. They're telling customers "Screw you if you're not part of the secret club!". That behavior is fine when you're a child, but for a trillion dollar company to do it just sucks.
Knowing that email address exists makes me less likely to shop with Amazon, and any startup that considers copying it should think very seriously about whether they actually care about their customers. No one should have to email the CEO to fix a basic problem.
But it's not a support trick, it's a "the executive team doesn't want to look embarrassed."
Writing the executive team isn't some trick to get real support, it's something that people figured out you could do and that executives would give vague responses to in order to save face; having seen the end result of a "write the CEO", usually the executive response is just a vague "make this go away", and the "how" of that is left to the imagination of the reader.
Please understand that it's highly doubtful that there is any official policy on what to do with support emails received at the executive level; the end result is that the person who wrote the email gets what they want, but it's not because the executive put any thought into the actual situation, it's because they just wanted an annoying person to go away and wanted to avoid bad PR.
That's all this is, a quick cost-benefit analysis of "what does doing nothing cost me here?" for some executive. For each story you read where writing the executive helps, probably there are a dozen (if not far more) met with radio silence. I've seen customers write the CEO when they were flagrantly and intentionally violating our licensing policy in hopes that the CEO would change something. I've seen them write our product VP because the customer felt they were entitled to salary compensation for the duration while an issue they had with our product was investigated.
Writing the CEO isn't a way to get basic problems fixed, it's a gamble that your particular issue and the circumstances around it are a big enough PR problem that the normal channels of raising concerns aren't enough.
> any startup that considers copying it should think very seriously about whether they actually care about their customers.
Presumably if a startup is copying Amazon it's because of their track record of making money, not their track record of showing they love customers, for the same reason companies aren't copying Google to achieve a bespoke customized nature of services and how they feel tailored to the individual.
That's exactly the point I'm making. Copying Amazon because they make a lot of money, _without actually being Amazon and offering the price, range, and radical convenience of Amazon's service_, is how a startup fails.
Copying _any_ aspect of a much larger company without properly considering the impact of it on your customers when you're running a very different company is usually a terrible idea, but doing that for support and customer success is extra-terrible.
I would go as far as saying that customer service is not core to Amazon, it's purely a means to an end in _some_ of their businesses. To my knowledge AWS isn't known for their amazing support, but it's entirely possible I'm just ignorant of it.
The catch: One does make a lot of money by being a good citizen.
Not true - one can make a lot of money while being a good citizen. Not a hoard of billions, but quite enough to live comfortably on.
Yes - I slipped 'while' in as a substiutute for 'by'. Arguably the CEO of Oxfam is a 'good citizen' as part of his job, from which he earns millions. So he earns that 'by' being a good citizen. I meant that it's perfectly possible to have a well-paid job that doesn't involve exploiting people or the environment, or generally being a dick. FVSO 'well-paid'.
If 'making a lot of money' means becoming a billionaire, well, I don't think cornering the world's wealth is consistent with being a good citizen.
Exactly.
Going in, youād probably want to be aware enough to ask yourself if you want to become a complete fucking sociopath and build another psychopathic corporation.
Weāve got enough of them already, there are better things to do with your time.
Iām in Australia, so was fortunate enough to go through the last decade without Amazonās presence in online sales, theyāre here now buy nobody used āem. I occasionally subscribe to their streaming service when thereās something I want to watch, but Iāll never purchase anything from or through them Iām not prepared to lose.
(Throwaway account cos Iām tired of getting point-bashed for having strong options any _reasonable person_ could _at least understand_. HN needs to do something about that).
this place is corporate shill-land. Dang allows some corps to spam hard here, I assume lots of $ are involved, or just protecting investments. You need to walk on eggshells not to trigger the shill army's votes. You need to be all smiles when big corps are mentioned. Some good links are posted now and then.
This also annoys me, and how people don't realize how fragile this solution is. But I think it's like moving your ssh daemon to a random high port: it doesn't change the nature of process, it doesn't provide any guarantees, and it's not the only/last thing you need to do, but it's believed to filter out enough problematic actors that it's worth doing, for both senders and receivers.
(But I get now your complaint isn't about that, and this isn't the best analogy. You're saying that this is a slap in the face to people who don't know that address; they shouldn't be likened to "attackers.")
No, they're telling customers: "If you're savvy enough to likely be able to sue us, we'll offer support."
The "open secret" approach is a high enough bar to filter out 99% of unprofitable support request, but a lower-tier than litigation. Most people will spend time with a search engine before shelling out for a lawyer.
You're thinking about this emotionally, rather than in terms of capitalism.
> _Email jeff@amazon.com. It'll hit the exec support team (even though he's no longer CEO.)_
I've emailed this address with problems about scammers and counterfeits on Amazon and never received replies.
That's not exactly support though is it, it's just that you don't like their business model. Counterfeits are like half of what they sell these days. Hell that's what amazon basics is.
I've unfortunately come to the same conclusion. They also can't be held accountable by courts or regulators if they don't document the problem.
Basics may be AMZN ripping off successful sellers, but it's clearly not counterfeit, it doesn't pretend to be something else?
Amazon gets a cut of every sale even if a 3rd party sells counterfeits. Removing 3rd party sellers and their counterfeits means less revenue in the short term.
as soon as this becomes common parlance, there'd be too high a volume and become yet another noisy channel.
This has already happened with "Steve's" email address at Apple, which used to be monitored but is now mostly ignored, I suspect because of the sheer volume of traffic.
Probably because people email Tim now.
Sure, you'll get a response after emailing tcook@apple.com. But there's no guarantee that the customer service peep assigned to you will do anything to help.
I tried this approach when a client was having issues enrolling in Apple Enterprise to distribute an app in-house. Didn't work, took four months until we could release our app.
Completely killed any esteem I had for Apple.
I secretly hope everyday that a competitor comes along who can produce hardware with a matching level of beauty.
Not sure why any existing hardware maker can't do it. Everyone else is producing plastic boxes of crap. That said I'll never have a mac, that whole mindset is so foreign to me.
I feel like this is extremely well known, at least 8 years ago I whined about the kindle case being shit (causing my screen to crack) and they reached out and got me a replacement
jeff@amazon.com was common knowledge almost a decade ago already.
What would be the same but for Paypal?
Anyone have one of these for FedEx? I found about 100+ @fedex.com email addresses for people at FedEx by scouring the web but not one of them worked.
Just trying to get my package...
(p.s. tried all the regular support channels)
How does that work with the emails he actually needs to receive from his own internal staff though? Having a separate email that he actually uses for daily work ("notjeff@amazon.com")? I can't imagine having my customers and my colleagues bombard me at one email account and effectively staying on top of everything.
I think you'll find that quite a few senior execs don't actually handle their own email inbox. Just as they have an executive assistant to jealously guard their calendar and book all their meetings, someone is actively fielding their emails, dealing with the trivialities and junk, and only escalating the important stuf to the exec's attention.
Adrian Newey (cto of Red Bull Racing F1 team) famously has his emails printed off and then he replies in writing. His assistant types it out the following morning.
Seems like a very simple email filter would do the job, for internal emails at least
ceo's at this level have teams of executive assistants that cover all communications 24x7x365, for personal, work, and government liason. You don't think they actually read their own emails do you?
A former CEO of mine was known for keeping all his emails, forever. For this he needed special email storage arrangements from the IT team, including a laptop with a super-large HD.
If you ever turned up to a meeting and contradicted something you once said in an email, he'd be on to you in an instant.
Maybe aggressive filtering based on contacts or domain?
When he was actively CEO, he had an entire team devoted to sorting through those emails. They would filter the obvious spam and send the genuine customer complaints directly to him. Which usually led to the infamous question mark emails and a lot of people scrambling to resolve the issue and ensure it remained resolved. (The only time I've seen a question mark email have more than just question mark was when Jeff noticed this was a repeat problem from a previous question mark email.)
I would filter emails by domain before they hit the exec's inbox.
My country of nationality, residence, and issuing bank are all different. On top of that, my name is odd for my place of residence and contains characters outside of A-Z (which makes names not match 100% on cards)
I get hit hard by anti-fraud systems.
If I budget 1-2h for any given online purchase, I have <50% success rate with Paypal and ~75% with Stripe. If I contact the bank and merchant, the issue is always with the payment processor. Trying to resolve through the payment processor goes nowhere. The only thing that can work is try again with another of my 6 legit cards (mix of visa/Mac debit/credit) and if Iām lucky it goes through. Sometimes the next day; I guess some cool down is in place.
This feels like discrimination or xenophobia with extra steps. If youāre international enough and have some bad luck, the systems will perceive you just like a scammer and will deny you service or require hours of intervention because of things like your name, location history, and nationality. (For those who havenāt noticed, sometimes PayPal will arbitrarily require you to create an account in order to complete a single payment. Nationality is required information in this step)
If itās not something I really want provided only by a single seller, I will nowadays abort at merchants only accepting PayPal, and at the first failure of Stripe. Itās not worth the headache.
This reminds me... what about those who do not have a surname?
> Most Afghans have no surname; it is also common to have no surname in Bhutan, Indonesia, Myanmar, and the south of India.
They cannot handle patronyms, and for many people every local document (except passport and tax card) uses initials, for example. The problem is that the bank account name has initials (in many places for many people) which does not match your name.
My friend had an issue with Wise because they wanted the name to match that is on the passport, which was fine because it did. Then it started demanding that it matches his bank account name, which it cannot, because he has only initials there.
They are dealing with international customers. They need to understand these differences, but they do not.
>> Most Afghans have no surname; it is also common to have no surname in Bhutan, Indonesia, Myanmar, and the south of India.
Oh this is completely new to me. So they have single name?
I wish there is a documented difference in all of these so that International companies can all pay attention.
> _I wish there is a documented difference in all of these so that International companies can all pay attention._
https://www.kalzumeus.com/2010/06/17/falsehoods-programmers-...
Also, why do you limit to āInternationalā companies? Donāt people from all cultures live in most every country, even in small numbers?
Yes, but you also have to be careful about many people having initials only for their bank account name, such as my friend who is in South India.
Yeah, I can only imagine how bad it would be to have an Arab name and only one of them.
I knew a guy with a single-character first name. He once bought an airline ticket but then got stuck at TSA who would not let him pass, despite all his ID etc saying the same thing.
A large number of web sites would not let him register at all.
This definitely needs more recognition. Same with time & date. Actually, same with all "Falsehoods Programmers Believe About <X>".
Here is a list:
https://github.com/kdeldycke/awesome-falsehood
Wow. This reminds me of my experience with Coinbase. I find it interesting that they don't see how troublesome all this is. There's a human on the other end of the technology, and shutting them out without a solid reason, or the ability to reasonable appeal is crazy.
Set your age to below 13 in Coinbase for a fun surprise.
As soon as you click "update", you are insta-locked out of your account.
As a dev I love seeing these. Makes me feel better about myself when these companies with seemingly infinite resources suck at engineering as much as I do
This seems like a policy, rather than engineering, decision.
Yup, but when the age has been (let's say) 23 for an year and becomes 13, the software should smell a mistake.
Of course I have no idea about the actual UI. It's a bad idea to ask for the age because it doesn't update after the birthday. A birth date is much better but it's also personal data and maybe not necessary. If all a site wants to know is if you're 18, just ask it and store a boolean. If you suddenly declare that you're not >= 18 anymore, especially after using the site for a while, smell a misclick on a checkbox, ask for confirmation and explain what's going to happen.
Itās an engineering cost decision. I imagine they get single figure numbers of people making this change each year. The cost of having a developer design and implement a system to catch it, reject the change but save it in a state where it can be applied later, and automatically open either a support ticket or have an automated resolution system is far too high. Much easer to just lock the account and ask the customer to get in touch.
(Assuming there is a save button on the screen and itās not an auto save on an input change, in which case yes it needs a confirmation dialog)
Shouldn't an age change require a check by a human against their passport / identity documents anyway?
The software does smell something is off. Typically the policy in this case is that legal told them to deny then access, because they don't want to deal with the legal hassle of serving someone who just told you themselves that they're not 13 yet. (Lawyers are often unreasonably risk-averse.)
>Yup, but when the age has been (let's say) 23 for an year and becomes 13, the software should smell a mistake.
some years ago the Danish electrical company Dong (wonderful name they've since changed for 'reasons') sent me a message - give us a meter reading for your house or we will send someone around to do it and it will cost you some money, so I figured fine I don't have to do anything they do it for me for money!
next year, the same thing.
third year, the same thing. In Christmas of the third year when I was in Berlin I got an email from Dong, you owe us 15 thousand dollars (approx. translating from dkk in head), then later same day you owe us 18 thousand dollars, and finally next morning you owe us 20 thousand dollars.
So naturally I called them up and said I sure would like to know what you all are thinking (which was a lie, I didn't really want to know but I figured I better find out anyhow)
So they said they had sent someone by to read our meter and we had used more electricity and they wanted their money or they were turning it off. So I said you think I used 20 thousand extra dollars in a year?
No, the meter hasn't been read for three years and this is your fault because when we send you a notice to go read the meter you have a moral obligation to do that.
I asked what about their moral obligation to go read the meter when they said they would (which point they did not understand) but anyway since I was supposed to pay 3 thousand dollars a year (which is somewhat high for a Danish family of 3) and paid that it seemed highly unlikely that I had managed to use over two times more than I was estimated to use per year without an increase in population of the house.
It took a lot of arguing to convince them that somehow there was something fishy in the situation and they might have made a mistake, before they would put it to off closing the electricity and do an investigation.
Some months of investigation later, which involved me going to take pictures of my meter etc., it turned out they had read the wrong meter.
tldr: even obvious discrepancies that systems could easily be set to catch will not be caught and you will have to do the work to fix the problems of the organizations providing you services.
Even if it is policy, they can probably have a better lockout page or make it 'disabled' but still let you login to talk to support, get records, etc to fix things. AFAIK it's a complete lockout.
This is the kind of statement that leads to this kind of a feature.
It's a policy decision regardless of whether you believe engineering should be making policy decisions (which they generally should, but I digress).
Technically/semantically correct. OTOH, this mentality reliably leads to these kinds of features, bugs, policies or whatever you like to call them.
The software works perfectly. It's the spec that's broken. I'm going home.
You think being able to make irreversible changes to your account that destroys it with no recourse and no "Are you sure?" message is _policy_?
"Our policy is to make it as easy as possible to destroy your account forever with no warning."
If you work inside these companies, you quickly realize that the amount of work is far greater than the amount of people to do the work, and triage is always happening. The bigger the company gets, the more there is to do.
Youād think thatād be prevented when they identity proof you with government identity credentials considering the immutability of your birth date.
> the immutability of your birth date.
Another falsehood programmers believe about dates. ))
When immigrants move across borders, often if there is no record of date of birth the date used is the first of January on a best-guess year, and sometimes even the year is wrong. Later this information could be updated. I know of a case of a man whose birthday (immigrant from China) went from January 1st, 1900 to some date in the late 1890s upon documentation being found, just slightly before his 100th (living) birthday.
There are, of course, also reasons for deliberately falsifying a birth date. Accessing an online service is one, false claim of benefits (e.g. pension) may be another, avoiding or enlisting in armed forces, purchasing age-restricted material, renting a hotel or vehicle, the list goes on. A robust system must account for these possibilities.
While there are relatively few people in this specific situation still alive, my grandmother was born in a country that still used the Julian calendar at the time.
Yes, but you are designing a system based on a once in 100,000 edge case. There is no reason why such odd and rare requests can't be handled in a customer support request.
> There is no reason why such odd and rare requests can't be handled in a customer support request.
Since we're in the middle of a bad customer service with no appeal discussion... can we assume you are joking?
...If your customer service team are sufficiently well staffed, trained and have escalation points. In the article the customer service team couldn't even read a decision made by 'The Back End Team'.
A more realistic case for you: People make far more mistakes than you think. Having done genealogy recently, the number of documents with people messing up their own birthdate or name is staggering. On top of the much larger number of registers where someone else have taken the information down wrong.
Or when there's a difference in convention. For example, the European convention dd/mm/yy[yy] and the US convention mm/dd/yy[yy].
You're seriously underestimating gow much this happens with current rates of immigration. 1 in 1000 to 1 in 5000 seems to be the correct rate in my country.
Besides, Even with 1 in 100k, with the US population of 330 million, you've created trouble for 3 300 people based on this edge case alone.
Modern example: my father, who is still living, driving, and traveling internationally.
When he was 15, his parents decided it was time for him to start driving his mother around, who never learned how to drive. They wrote down his birth year to make him appear 16. The Texas Department of Public Safety in the 60s wasnāt quite as strict about proof of identity as it is now.
Fast forward to the late 90s, and digitized driverās licenses. Fortunately, my mother had an inkling that life for my dad might get a bit complicated with a driver's license that didnāt match his birth certificate, so she pushed him to get it corrected.
I imagine there are at least several thousand US citizens who have never lived elsewhere whose primary ID (driverās license) shows a different birth year from the one on their birth certificates for similar reasons, and itās a toss-up on which date they use for various purposes.
My grandmother "altered" her date of birth on her birth certificate so her husband wouldn't know she was older than he was.
That date ended up on their marriage certificate.
And then, after her husband passed away and she was approaching pension age, she realised she would only be eligible for the pension a few years later...
So DOB is not immutable.
(and another common source of DOB errors, mixing up the US MM-DD-YYYY versus the normal DD-MM-YYYY format used almost everywhere else...)
Not immutable for all.
There are people who escaped war zones with no papers behin
Syrians in Germany, Bosnians in Arizona and many other such examples in the UK.
They often provide 1.1.year as dob.
Quite common. On Discord, there are NSFW channels and before joining them, you have to provide your birth date (only once). If you set it to below 13, your account gets suspended/locked immediately.
Twitter does this as well.
The US legal code doesn't give them a ton of flexibility here.
Coinbase has to push the boundaries of US legal code interpretation in plenty of other places... picking "letting pre-teens manage accounts" would be a dumb hill to die on.
Coinbase already has verified you by your legal ID, though.
Going into your profile on a trading app and saying "i am 12 and what is this", no matter the reason, seems like a reasonable signal that maybe you're not a customer I'm hugely concerned about retaining.
Tbf, I wouldn't want to deal with someone who can reverse age like that, either.
When there's 1,000 happy customers and 1 unhappy one, what's the incentive to fix anything?
Not being facetious, just pointing out the depressing nature of our reality. :/
Commonly the 1 unhappy customer might tell his story to ten of their friends or thousands+ of readers online. Fixing customer problems (especially drastic ones) carries large incentives, because those single stories will actually be observed, while the 1000 happy customers wonāt be mentioned.
The company will only fix problems for customers with sufficient social reach in that case.
Case in point:
20 years ago DHL told me the credit cards I was waiting for in Santa Cruz, California were suddenly in transit to South Korea.
As a one off it was a funny story. 10 years later they told me the computer that was sitting in a depot in London was on a ship back to the US.
I'll keep telling those stories until everyone involved had long since retired.
To answer the question in the plainest way: the possible revenue potential from the unhappy customer if turned to a satisfied recurring customer.
This is really just a question of the opportunity cost, which can vary.
The depressing bit is that they can make a rational decision to weigh that cost against the amount of money it takes to keep people happy (vs doing nothing). Not that I support it, but they might be following the financially superior option. There's a lot of incentive to get that answer "correct", so I suspect it's currently working out in their favour, even though it sucks for those of us caught on the shitty side of that equation.
While true that economies in their various forms can form unsympathetic relationships between producers and consumers, it seems that, broadly speaking, producers who align more strongly with consumer satisfaction tend to āwinā and those who broadly speaking donāt tend to āloseā on a long-term basis.
To their credit, Apple seems to get this _mostly_ right.
Most happy customers never tell many people how happy they are. Most unhappy customers will tell everyone how unhappy they are.
I was banned from Coinbase 4 years ago, and I am still unable, to this day, to create an account without it being banned within 5 minutes of creation and no one is able to give a reason as to why.
From having been behind the scenes of a web hosting company a while back: They almost certainly have decided that you're a scammer, and that any account you ever try to open is just an attempt to get around being banned for being a scammer.
The complete non-answers from support are almost certainly because they have that as a standard policy with people they've decided are scammers, because the genuine scammers out there are _extremely_ good at manipulating literally any kind of even vaguely permissive support policy into enabling further fraud.
The bigger issue here is that when a company is actually good at this stuff (like that web hosting company I once worked for), there's a department specialized in handling these cases with knowledge of how to properly verify legal identities and filter out the scammers... but quite a few companies today both big and small have decided (possibly correctly, given how they're treated) that it's easier and more profitable to just skip that entirely and instead leave false positives locked out of the system permanently.
You may share a name with someone on a US Treasury, FDIC, FINRA or other banned list.
I went to school with someone named Jane Smith whose father was named John.
In my life, I've known two Mike Wilsons, and when I knew one of them, there was also a cabinet minister called Mike Wilson (in Canada).
Summary: if your company blocks someone based on their name only, your company is a bunch of incompetent losers.
If it's in finance then unfortunately this is really just how it works in the US. If a bank has the slightest inkling that you're someone on a sanctions list (or that you have a connection to some "bad" country like Venezuela, Iran or Cuba) they'll drop you like a stone.
So yeah I agree it sucks, but the issue is not that every company which complies with OFAC is an incompetent loser. It's that the USA has declared a few countries as enemies and has some tough laws to enforce this both domestically and within its sphere of influence (foreign transactions with a "US nexus"[0] fall under OFAC). If I recall there's no upper bound on the fines for contravening OFAC and there's no leniency for accidentally breaking it even though you demonstrably tried to identify people, or were tricked. So these companies are incentivized to err on the side of extreme caution.
[0] - this is a fun one, iirc this can mean obvious things like "a company has a subsidiary or office in the USA", or "a transaction was conducted in USD" or even "an American citizen was in the room when the transaction was performed".
Because some among us donāt like the idea of a rational identity system, thatās what we got in the US.
Many things are more difficult for āJohn Smithā because of this sort of bullshit.
or it's complying with a US law or executive branch administrative policy that was set by a bunch of incompetent losers.
When our bank replacements are run like tech companies everybody loses.
I suffered through similar with Binance.
Traditional banks will cut you off as well. Move lots of money through your account, bounce it between a few accounts and back into your account. They'll cut you off.
In the UK I can raise this with my bank and if they don't resolve it I can raise it with the regulator, who has real teeth. Getting back on topic, who regulates Apple?
There are bank regulators in the US, it is heavily regulated. Businesses are still free to choose who they want to do business with. Banks will get smacked down by regulators if they helped laundered money so they error on the side of caution. The fact that is heavily regulated is the root cause.
That is correct. Yet it doesn't make it good. Customer focused communication even though some indicator tell you to terminate the account should avoid a "The process" situation. This is 2021, we have many amazing communication tools available.
At least in the UK, there are "tipping off" offences that make it very legally risky to tell people why they're suspended. Banks just tell their employees not to do it to avoid risk
> _I suffered through similar with Binance._
What did Binance do to you?
They had to stop business in Singapore.
It doesn't matter if they lose one customer by mistake if they screen out multiple fraudulent accounts this way. It's simply more profitable to do this in an automated way than to actually consider the human in the equation.
I'm also locked out of my Coinbase account :(
Don't know what to do, I'll just assume my investments are lost to time...
There's an old chinese proverb that goes: "Not your keys, not your coins"
I'm not mad, I've still got my keys from 2014-ish. I only made a Coinbase account after a finance teacher in high school heard that I dabbled in crypto, and bet that he could build a better-yielding portfolio than I could. I logged onto Coinbase, spun up an account with $20 in it, and invested in Chainlink and Ether. Nowadays it's worth ~350 dollarydoos, which isn't _absolutely necessary_ to retrieve. Honestly, it was worth it just to watch his enthusiasm crumble when his 30% APR high-risk portfolio paled in comparison to some dumbass high-schooler's prediction.
File a complaint with your stateās Attorney General, FINRA, the SEC, and NYDFS. Should help Coinbase along in recovering your account. Should take no more than an hour or two to file with all regulators I mentioned.
What about people who are not US citizens?
I'm surprised OP mentioned New York State Department of Financial Services (NYFDS), but this might be the local regulator if Coinbase's home state is New York.
I would still file with them, they can still escalate on your behalf since they are the regulator, or refer you to the agency you should file a complaint with.
Not being a citizen does not deny you access.
Contact
https://twitter.com/CoinbaseSupport
helped after several months failing to resolve it over email.
My experience has been just opposite with Amazon at least their Web services. One of my account was hacked and since I don't use AWS any longer the emails and alerts were going to an email I never check. Don't remember how I discovered it but upon opening my AWS account I was stunned to see a $50,000 something bill. Amazon even raised a GST invoice for the same IIRC.
My heart sank and mind filled with questions and uncertainty.. What if AWS sues me, maybe they will settle it for half or 25%. But their customer support was more than kind to me. In every reply they assured me that I need not worry and they are working on my behalf to resolve this.
I cooperated with them in every way possible and After 16 days I finally got a reply that it was all taken care of and I owed them nothing and they didn't even suspend my account. God knows how the things would have turned out with any other hosting. I did leave them a suggestion to hard-cap the billing instead of just email alerts.
> I did leave them a suggestion to hard-cap the billing instead of just email alerts
Why would they do that? Enterprise customers are just going to pay the bill, and for small customers they get a lot of good will when they make a "special exception" and don't ask you to pay for charges that someone else fraudulently racked up.
The actual cost of providing the service to the fraudsters is probably so low that they don't have a lot of incentive to prevent the fraud, as long as there is a non-zero chance that someone pays for the fraudulent charges.
Web services is a rather different kettle of fish from their consumer items side, so your comment is rather inane.
For traditional banks and credit unions, a physical branch is a major component in their 'anti fraud' device and systems.
Trained human experts will review documents and establish an identity.
However those systems also have financial hurdles to access. Someone with a very thrifty banking service, or someone with very little money (paycheck to paycheck poor) would have trouble utilizing such a resource.
This is unfair and systemically disenfranchising.
I would really like to see a solution to this issue from another part of 'the system' which must already validate someone's identity. A nominal and small fee should be attached, but it should be paid for by the corporation that wishes to ensure anti-fraud activity.
In such a circumstance the corporation would be compelled to also accept this validation, or optionally offer others that may be faster if a consumer agrees.
An individual under such suspicion would visit a nearby police department. Depending on the level of validation asked for said department might also try to actively contact the individual in other ways to cross-validate. If someone happens to be on vacation at the time this check would necessarily involve two departments (the place the person is at and their home area).
Such a system is costly in time for the consumer, and some money for the company. Ideally solutions that don't result in account suspension would be developed to prevent reaching this state; but a good standard for last resort default is necessary to ensure any other solution that survives is better.
If weāre talking radical changes, Iād really like to move from authentication-by-flesh to authorization-by-cryptography. Basically as opposed to have party A present identifying and (supposedly) hard-to-know information and biometrics until party B is sufficiently confident that they map to the same physical person.. authorization by cryptographic keys. Like using metamask for authenticating.
There will still need to an ecosystem of companies with the kind of services youāre talking about, but there would be a clear distinction between the āvouchingā part (attest to a bank that you are who you say) vs āaccessā part (multi-party key custody and recovery services)
So many hairy problems (online payments fraud for example) stop existing in the same way if we move payments from pull to push and access control to utilizing cryptographic signatures.
I shouldnāt have to expose my entire identity in order for an online merchant to be sure I wonāt bounce the payment. And the scenario OP is describing would never happen.
That solves the problem to one extent and makes it worse to another, and definitely doesn't solve fraud to any degree. With crypto, if a scammer cons my parent to hand over their private key, every company that relies on that key can claim that whatever account action occurs is perfectly legitimate and ignore attempts to correct problems -- after all how would you prove the transactions are illegitimate if they're signed? More to the point: how would we prove they're illegitimate better than we can now?
I think that for most people, they would not be directly exposed to key material. They would rely on an enclave in their smartphone, and/or separate tokens a la yubikey. The actual private key used for each company would probably also be different.
Wow, same for me!
A few years ago, I was vacationing abroad, and ordered a gift from Amazon to be delivered in another country. The payment from Amex bounced for whatever reason, and Amazon permanently banned my account instantly. Difference is it says my login/password are invalid (they're not), there's no other message, no field for contact.
I lost more than 100 paid Android apps. Never took the time to recover that account, if this is even possible at all.
The damage would have been much greater with an Apple or Google account.
That's why I don't have books with DRM in my digital library. It would be unacceptable to me that my books are no longer accessible to me by somebody blocking my Amazon account.
Hey, I'm not sure if you'll see this but I work at Amazon and can at least try to get a human for you. I can't promise magical solutions but I can get you some real person attention. Email me at my HN handle at protonmail dot com and we'll move the discussion to my work address from there.
> to explain that the card does not send me a billing statement and I cannot possibly produce one
I'm sorry but this does seem extremely suspicious. I've never heard of a bank that does not provide any statements.
Sure, a debit card does not have a billing statement like a credit card, but the bank account that the debit card is linked to should provide a monthly statement where you can see the transactions. At least a downloadable PDF even if they don't send a paper one in the mail.
It's a simple top-up card, not connected to a bank account. I wrote "online bank" to simplify. What they offer is an online dashboard, a screenshot of which Amazon refused.
In any case, I didn't ask them to take me on my word, but to contact me and see if a different set of documents might be used instead.
I run an online store, we use Stripe for payment. 100% of prepaid cards issued outside of the UK (we are UK based) are declined, fortunately we have very very few of them. I have no idea if this is stripe or the issuing bank but I believe prepaid card and overseas transactions is MAJOR indicator of fraud.
I suppose prepaid cards are still connected to an underlying bank, even though they're not a debit card.
I've never used one myself but Amazon claims to support them in general.
https://www.amazon.com/gp/help/customer/display.html%3FnodeI...
I wondered if there might be some mention on this page about large transactions or unusual addresses, but there is not.
Oh a "prepaid" card, I see. Yeah those are tricky
Download a monthly statement, itl be a pdf with your address on it.
Just because it isn't connected to a bank account as you understand bank accounts to be, doesn't mean it isn't connected to a bank account as banks understand them to be, and you're not entitled to request a statement.
Just because one is entitled to a bank statement as you understand this entitlement to exist, does not mean that the card issuer is obliged or interested in providing one within weeks or even months of the request, especially with the exact format that Amazon or another third party has decided to accept.
Ah I see, so you did realize that the bank responsible for your card would send you a statement, but they wouldn't send it in either the correct format, or within the necessary timeframe. Well that just sounds like a crappy situation all-around.
Here in New Zealand most banks no longer provide paper statements. I have a US Etrade account, recently they wanted a paper statement of any sort and I realised that I no longer receive anything that meets that requirement
(I could turn statements back on, I think the bank charges $5/month or some sort for that)
Same here in Australia, but at least the monthly statement is a PDF that is printable and for all intents is same as a paper statement
This is more common than one would imagine. Not all banks provide statements narrowed down to debit card usage. A bank statement does not always show the debit card number making it difficult to establish a link between the provided evidence.
My bank nagged me to go paperless. There is a PDF available monthly but those are trivially editable these days.
Congratulations, you have the top comment on the top story of HN. Your issue should be resolved promptly.
This is the true support channel for all major corporations.
You would think so wouldn't you
See my comment above, I am standing by to try to help.
> I went through every possible channel to explain that the card does not send me a billing statement and I cannot possibly produce one
Offerers of online banking services take note: even if you don't mail statements to your customers, you should provide an option to generate such a statement that the customer can download as a PDF.
How likely is it that a bank doesn't? I would expect every bank in the US to have some sort of monthly statement available, for instance.
The online bank doesn't let you download pdf equivalents of monthly bank statements with your address on it? Usually that works I've found.
The exact same thing happened to me, I added my own (new) card for billing and they immediatly locked my account and requested the docs, I got the same screen you described.
I had just moved countries and none of my new accounts had statements yet, by the time I got them I just get stuck in this repeat loop of upload docs, wait a few days, says invalid.
No way to get back in, all my purchases lost, no human to contact, I just don't use Amazon anymore. Very annoying
How the hell can it be legal for the card provider not to produce any kind of transaction log?
They probably do have a transaction log in the form of an online webpage or dashboard.
But Amazon wants a statement with a billing address and the card number.
That's one reason I only use my credit card on Amazon - it has such a statement available in case I ever need one, while most of my other cards do not.
That is your takeaway? Mine is to avoid amazon at all cost.
Not my only take away.
But it seems more surprising to me than what Amazon did (not that it was good).
Are you not allowed to send pdf of the e-statement?
> All my kindle/audible/etc media immediately became inaccessible.
gen.lib.rus.ec
Also lookup myannonymouse for audio books, have all the latest titles. Getting an account is pretty easy, they literally checks if you can read their account policy.
Did you try just uploading a bank statement from the debit card?
> To this day I have found no resolution, and the only next step is to contact them through a lawyer.
https://news.ycombinator.com/item?id=23506276
Go to Small Claims court. Then again we probally signed that option away when we agreed to the TOS?
because cheating is bad - your premise is extremely flawed, think about your intention.
> card does not send me a billing statement and I cannot possibly produce one
I don't blame Amazon here. This is suspicios. All debit cards are linked to your bank account which always have a statement.
Also, I have found it very helpful to provide not just statement but the photos of the card, your ID and various other documentation in the PDF. It helps the support engineer realize that you are really you.
Amazon should totally be blamed. Their reinstatement process has taken a complete nosedive recently, with their review of documentation consistently inconsistent and devoid of any quality control.
I've sent them the exact documentation they requested (actually well over and above what was required) - all of it rexboxed and annotated, and each time they send it back saying the documentation is illegible or lacking in the details they require.
So what if it's suspicious? People pay hard earned money for content via services such as Amazon's. That these companies think they're justified in locking people out of the content they _paid for_ because of some random suspicion is just insulting.
There'll come a day even the people who defend copyright won't be able to justify supporting this industry due to how badly it mistreats and abuses them. It's simply appalling how it's almost 2022 and paying consumers _still_ get infeiror products and services compared to "pirates".
I constantly amazed how people are happy with or even try to defend practices with online purchases that absolutely no one would accept for real live items.
Just to give a car analogy, imagine your car is at your BMW dealer for repairs. While it is there you buy some new rims and pay with a credit card that is different from the card you used for buying the car. After that they refuse to give you back your car, because they say this is suspicious. Nobody would accept that.
Not all debit cards are linked to a bank account, some are just top-up cards (like this one ā I wrote "online bank" for brevity).
I'm not familiar with these top-up cards. Do you get no itemized list of purchases? Can you send that in lieu of a statement?
I have an online dashboard, and Amazon won't take anything other than a card statement with my card number (all but the four last digits to be hidden) and the billing address on it.
> All debit cards are linked to your bank account which always have a statement.
OP clarified that it is not a debit card, it is a prepaid card.
A lot of people in this thread talking about losing their store credit and app/content purchases. I'd imagine the worst case scenario could be _much_ worse. Apple runs fairly popular cloud storage services that are _strongly_ encouraged to you for your photo storage and files. The photo storage especially has an option to automatically delete your local media because it's already backed up on Apple's servers. Will these all be locked out without warning or recourse for a miscellaneous card whoopsie?
Even standard files on iCloud. Who knows how important the average users' cloud files are to them? (I don't use public cloud storage at all anymore because of this exact fear - what if some arbitrary billing/transaction error locks me out of everything without recourse?).
To be fair I've no idea what the person in question got their account locked for and if there was any shadiness involved but I doubt they'd write about it publicly (or get access restored) if there were, which implies that at any time your account and your data can be taken away for something entirely mundane.
It makes me really concerned in fact how Google would handle something similar to this - given that for Chromebook users _everything_ (literally _EVERYTHING_ you would normally do locally on a computer) is in/via your Google account.
For exactly this reason I _never_ trust online photo storage for anything other that disaster recovery. Google Photos still, after nearly two decades, won't tell you if they're storing an original copy or compressed facsimile of your photos. And after having the Android App randomly and surreptitiously turn on compression for uploads, there is simply no trust left.
So. SyncThing on my phone and laptop, and an a little herd of external drives. It makes me feel like a digital prepper or something. Sigh.
Actually. I think I have just self identified as a digital prepper and I like it. Time to download my Google content.
> Google Photos still, after nearly two decades, won't tell you if they're storing an original copy or compressed facsimile of your photos.
One recent anecdote: When I used my Pixel 2 with its free original quality backup, I used motion photos for a few things. 3 years later, now, on another phone (or even the web viewer) some of these motion photos are not loading. Some of them then load on the web but have video compression artifacts (i.e.: B-frame artifacts).
I'm glad the original photos are intact from what I can tell, but this is extremely off-putting, given I was 100% in the Google ecosystem -- from hardware to account setup -- and _still_ got burned somehow.
I think this is completely OK. We treat our physical valuables with care. Why would we treat our digital valuables otherwise?
> It makes me really concerned in fact how Google would handle something similar
Very poorly, it seems. There are a bunch of stories scattered around HN about Google not only irreversibly deleting personal accounts, but entire paid Google Apps for Business setups. A whole company gone because the admin uploaded one ripped movie to their personal Drive, for example.
Many of these did get mostly resolved after someone carefully exploited the Kevin Bacon rule to get in contact with a Google employee, who then made some noise internally. But many couldn't be even with insider help, as some deletions are (were) apparently instant and irreversible.
There is a famous google support post going around where a woman begs the support to help them get her account back and the support just parrots a canned text reply.
But afaik google only has working support for paid users.
Nope, the paying users have a similar level of support i.e. a well-trained parrot
That's not 100% true. One of the best things I ever did was ditch all my clients who used my servers for mail onto corporate gmail accounts. They actually do get someone on the phone when they have a problem. The thing you have to consider is that someone on the client side is getting paid $8/hr to call Google and someone on the Google side is getting paid $8/hr to respond, and as long as it doesn't bubble up to being anyone else's problem this is _probably_ better than having a CEO call a dev lead at 5am and ask why the mail isn't working.
Ask to speak to the data controller; they have to provide you with a copy of all the data they have on you. Once it gets legal things tend to move quicker.
This only works in certain countries.
Take a few weeks holiday to the EU and solicit it while there; I believe the GDPR would apply to you in that case.
Have three kinds of backups. Physical drives (2) and an online backup that's _not_ through Apple, Amazon, Microsoft or Google.
And don't use any of their built-in services; in fact, firewall yourself from them.
Then it's no fuss. You'll never have to deal with their "customer service".
Every company (Apple, Google, Amazon, etc) is guilty of pulling this non-sense on customers. It is too easy for them to wipe out thousands of dollars of value with no meaningful explanation (read the Terms and Services and go away? seriously Apple?) and no accountability.
IMO, states should enact laws where you can take the company to court in your local county and no contract can override that right. If the termination is found justified, the company must refund all account assets at fair market value and any remaining balance. If it was not justified, the company must reinstate the account, pay all court and legal fees, and a reasonable amount of mandatory punitive damages.
Also, I don't get why Apple et al pull these stunts anyways. They already have a huge "regulate me" post it on their back.
This is something the EU is currently taking on with their Digital Markets Act, and the concept of digital gatekeepers.
I pretty sure (I havenāt been following too closely so it might have changed) the Act requires digital gatekeepers to provide human customer support, and provide clear explanations for moderation activity and account closure. Along with a clear appeals process.
In theory all of this should make it much easier for a normal person to appeal an account closure, and refer a company to a regulator, or sue them in court, if they fail to provide a fair appeal.
This sounds promising. What's a good article that explains this in more detail?
https://ec.europa.eu/info/strategy/priorities-2019-2024/euro...
Thanks.
That's a tough policy to write fairly. Imagine Tom in Alaska buys a $10 downloadable pdf calendar off of designer David in Florida via Etsy. Tom claims the calendar somehow harmed him and sues David locally in Alaska, but is willing to settle remotely for $500. David knows it's bullshit and could beat it in a millisecond, but there's no way he could take time off to go to Alaska and avoiding a bench warrant is a pretty compelling reason to pay up the $500.
That's not to say the current setup doesn't suck, but the solution isn't super cut-and-dried.
But this is happening on accounts with long standing.
The thing that gets me is that Apple knows Iāve spent $10,000s with them over many years.
Even if I somehow fuck up and use a dodgy card, Iāve brought so much money into the business that they should at least assume good faith on my part.
I understand cutting relatively new accounts off permanently for abuse but this no-recourse shit for long standing accounts is bullshit.
I think they understand that, theyāre just saying such a law either needs a regulating body doing the enforcement or needs to be worded very well to avoid frivolous cases.
Reanimating of old accounts for fraud is very common from a fraud pov.
Using a ādodgy cardā ultimately is the problem.
There are things you can do remotely. This happens all the time.
I once sued a company in New South Wales in small claims court. It was done entirely online from the US, and if there had been a hearing, it would have been by phone. The company paid up within 24 hours of the filing.
You have to look at it from the companyās point of view. As the accounts can be created for free, every day millions of grifters are pulling shady shit. Using stolen CCs to purchase, trying to scam the support team, refund scams, identity theftā¦ You name it and it happens.
When you create an account, and do nothing shady for years, in fact buying their products and spending money with them, and THEN you get cut off, thatās what weāre talking about here. And that their moderation needs to not be so digital and one sided.
>>You have to look at it from the companyās point of view.
No we actually do not, and should not.
They are offering the product to the market, it is incumbent on them to fix the problem not just toss their hands up and say "Well it is too hard / expensive for us to solve so consumers just have to deal"
This is similar to my complaint over the concept of "Identity theft" no one identity is ever stolen, no companies fail to implement proper fraud controls then shift the liability to the victim to "prove" their "identity was stolen", that is the exact opposite of how the burden should work
Coming back around to the Apple situation, this is a result of allowing unconscionable contracts (aka severely one-sided and unfair) to permeate the digital goods world. The fact that Apple can terminate a contract in full, with one sided review with out having to notify the other party of the exact clause of the contract they alleged the other party violated, no recourse or notice to correct, no appeal or attempts to remedy, etc would not fly in most contract situations, the fact we allow it with "terms of service" is ridiculous
Their business model is literally profiting off of poor customer service (as a service).
Get your credit card from a local credit union with at least one physical presence near you.
Do your own backups or contract to an independent company whose primary occupation is doing backups.
Manage your own email either directly or through an independent email provider. Buy a domain and use that for your email address to increase flexibility to move from one provider to another.
Diversify.
Anything else increases your risk of getting caught in a personal and financial wood chipper.
This sounds like The Trial by Franz Kafka. You get thrown into a bureaucratic machine and you have no idea why. And no way to appeal.
These account suspensions scream for regulation that forces a company to explain the suspension and offer some kind of appeal process. Otherwise I see a very dark future where super large companies kill people's livelihoods and nothing can be done.
It's striking how the guy goes out of his way to not be angry at Apple. Very interesting psychology. Stockholm syndrome or just begging the king for forgiveness?
āI do not know what I did wrong officer, but I promise to never do it againā - Peppa Pigās dad
Now that is a comment that really captures the important thinkers of our times. He is even influencing the UK prime minister.
https://m.youtube.com/watch?v=Q4AzGie3JcI
Perhaps he doesn't want to lose whatever good favor he has at Apple or risk his account beind disabled again in retaliation. The alternatives to Apple aren't exactly equivalent or easy switches to make.
> Otherwise I see a very dark future where super large companies kill people's livelihoods and nothing can be done.
What do you mean _future_? This is already the reality. I recall reading multiple threads here on HN in the last couple of months alone where people lost access to their Google accounts and only got it back because they happened to have a somewhat bigger following on Twitter or elsewhere. I think it's safe to assume that for each of these cases there are many others where the victims don't happen to be influential online personas and their cases just go unnoticed.
"Sci-Fi Author: In my book I invented the Torment Nexus as a cautionary tale
Tech Company: At long last, we have created the Torment Nexus from classic sci-fi novel Don't Create The Torment Nexus"
> Otherwise I see a very dark future where super large companies kill people's livelihoods and nothing can be done.
Hmm, this sounds very familiar, like a certain political class was doing this recently.
Is it not possible that the person did not take it personally? What is getting angry, if not taking things personally?
> It's striking how the guy goes out of his way to not be angry at Apple. Very interesting psychology. Stockholm syndrome or just begging the king for forgiveness?
What would getting angry accomplish?
It is an expected human reaction to a slight. Although some people react with fear, maybe this was the case (?)
Others are mature enough to control their emotions and react appropriately to the situation in a way that is most likely to accomplish what they want.
I was curious if the German Verbraucherzentrale (consumer center?) has info on this sort of thing. At least for the Amazon case, there is a template letter stating that Amazon isnāt legally allowed to deny you access to previously purchased goods. I know this topic has been discussed in other threads. I was just curious about the legal situation here, and apparently there is legal precedent from 2016.
(link in german)
https://www.verbraucherzentrale.de/musterbriefe/digitale-wel...
I would bet it is some ML model to detect fraud. This model will never be perfect ā it will have false positives. My guess is ā while picking the precision/recall thresholds for blocking users, someone higher up would have argued it is okay to cause some false positives to prevent a lot of harm.
And they would have justified to themselves saying there's always recourse through customer support. But customer support tools to investigate and un-ban users would be slow and painful and lacks capabilities needed to check if the complaining user even passes the basic smell tests for a fraudster. And nobody can really explain why the model blocked the user in the first place. There's no well-lit path from CS to engineering on a case-by-case basis. Escalation would happen in bulk/batches ā when lots of seemingly 'innocent' users complain to CS, CS may escalate to engineering.
Btw, the alternative of having to pick really conservative thresholds (with near-zero false-positives) causes more harm ā harm that's more visible.
The slippery slope is this ā over time the definition of 'trust and safety' would have been expanded to include interests of more and more stakeholders (including company's own business interests) ā it is very easy to lose sight of serving the user (who may not be the paying customer).
> I would bet it is some ML model to detect fraud. This model will never be perfect ā it will have false positives. My guess is ā while picking the precision/recall thresholds for blocking users, someone higher up would have argued it is okay to cause some false positives to prevent a lot of harm.
> And they would have justified to themselves saying there's always recourse through customer support. But customer support tools to investigate and un-ban users would be slow and painful and lacks capabilities needed to check if the complaining user even passes the basic smell tests for a fraudster. And nobody can really explain why the model blocked the user in the first place. There's no well-lit path from CS to engineering on a case-by-case basis. Escalation would happen in bulk/batches ā when lots of seemingly 'innocent' users complain to CS, CS may escalate to engineering.
Can such a model be trained effectively if isolated reports of false positives are rejected without meaningful investigation? In that case, wouldn't the model be trained with bad data?
What if for each reported false positive there are more users affected who didn't report it (because their accounts were less valuable, because their time was more valuable, because they were too upset, because they were too timid, because they died (for unrelated reasons), etc)?
> Can such a model be trained effectively if isolated reports of false positives are rejected without meaningful investigation?
No, and much like YouTube auto terminating accounts with 10 years of content there is absolutely no excuse for certain very obvious cases to be handled without human interaction. There absolutely must be flags that stop terminations without a human.
_> it is very easy to lose sight of serving the user_
Every public corporation only serves its shareholders. If they annoy enough of the users and the shareholders take notice when it hits the bottom line maybe then something will be done.
Boring take that shows up in every HN thread. I worked for years in Risk/Fraud and what you're saying is just not true.
There are always tradeoffs to be made, we will always mistakes (hopefully rarely), and 99% of the time the people behind the curtain are trying very hard to reduce harm for the good actors.
I think most actors are genuinely acting in good faith. The problem comes when the machine gets so big that people don't understand that their good faith actions lead to overall bad outcomes. It's not so much evil corps as I think it sometimes is clueless corps.
Thanks for that. Evil Corp narrative is strong on HN.
Years working in corporate and I am yet to see people who are āserving shareholdersā and āsqueezing customersā.
There are strategies that fail, and sometimes there are people who maximize personal gains at all cost. Exact same way as for any other kind of organization.
Big problem is scale. Cost of mistake and collateral damages for big org will always be higher and more impactful due to size. 0.1% of customers for Amazon is 300 people.
Squeezing Customers does not automatically follow from Serving Shareholders.
A healthy coorporation has these aligned: serving customers well, treating workers well results in shareholder value.
getting rid of 1% of customers to save 10% of expenditure is generally a good move.
You can have 99% of customers are happy even if 1% are quietly given food poisoning and die, which is why we have laws to protect that 1%.
As Tim Ferris shows brilliantly in his famous book (four hour workweek) "Firing customers" can be greatly benefitial to all.
Or, to stay in your analogy: striving to make a food that is 100% safe for 100% of the people will result in bland, poor food. It's fine to use gluten in your bread, or peanuts in your sause, even if x% of potential customers will get sick and can die, if they eat it.
Fire those customers. Be clear: this is not for you. It makes the other customers happier. And consequently your stakeholders happier.
Isn't it more like Amazon has 300 Million customers so 1% is 3 Million, and 0,1% IS 300000 people?
Hehe, thatās what I meant, but my math failed me
And this is why regulation of private corporations is a necessary evil, to provide an incentive to corporations to treat their customers better...
These tech companies are ridiculous to the point that some law should be written to curb their attitudes.
These are the richest companies in our country, and print money hand over fist. That they sell online life services like photo, storage, music, etc should require them to provide actual, human support.
I find it really sad they even have to be forced into it. How much could it possibly cost to hire a few hundred 'filterers' that triage out the tech support, and a smaller team of people who look into real issues?
Amazon and Walmart do it, and still both make tons of money. So what's the downside here?
In Australia, the powers of monopolistic or near-monopolistic telcos were effectively checked by the Telecommunications Industry Ombudsman (TIO).
The TIO has _teeth_ and almost always sides with the customer, and they make sure that the fine exceeds any benefit that the telco might be gaining through the bad behaviour that resulted in the complaint. Unofficially, I heard that the fines for any valid customer complaint start at $7500 and go up from there rapidly.
Something similar may be needed. A mega-IT-corp-ombudsman, with powers to fine corporations providing services to the public in proportion to their annual revenues or current market cap.
Itās more like $30 a day for every level 1 complaint open with TIO and cost goes up from there. I seem to remember level 3 is around $250 a day though memory is becoming increasingly unreliable.
Point is, even if TIO sides with the telco (unlikely, they encourage both parties to find a middle ground as they are consumer first oriented) on a case where it takes for example 10 days (again, unlikely) to resolve; the margin[1] on a residential NBN service with a budget provider like TPG has already evaporated and thatās without considering costs of having TIO liaison staff, etc.
Itās a good model because it encourages the telco to resolve the complaint properly and in the customers favour before the problem can make it to TIO as once it gets to them, it always costs the telco money. Provider is better off wearing $100 cost to resolve than have the complaint spend 3 days with TIO level 1, taking up time and resources whilst also becoming a publicised negative statistic (TIO regularly publish report outlining telco performance from a number of complaints perspective).
I think your suggestion is a good one. Just adding this detail because I think itās important to note that the model is actually about encouraging better complaint handling and customer service than just being about fines and punishment.
[1] assuming 12 month term on approx $65/m service but I am speaking in broad terms
I wonder why the TIO can't help with complaints to Apple, Googles, and Facebook. They provide plenty of telecommunication services. There's really not that much difference between the FANGERS and the telcos who sell the sim cards. It's all just software.
That's a very good question.
_These tech companies are ridiculous to the point that some law should be written to curb their attitudes._
IANAL, but doesnāt contract law already cover this? Apple terminated the contract one sided. They are allowed to do so, but only by acting in good faith and fair dealing. That they were willing to let this person open a new account (new contract) but not willing to reinstate the existing contract and also unwilling to explain how this person could avoid a similar punishment seems to indicate at least a lack of fair dealing.
The ABA has this to say: _In general, the duty of good faith and fair dealing means, for example, that parties cannot evade the spirit of the bargain, lack diligence or slack off, perform incorrectly on purpose, abuse their power when specifying the terms of a contract, or interfere with or fail to cooperate in the other partyās performance._
I wonder if this person had took apple to small claims court instead of trying to navigate appleās kangaroo court system what the outcome would have been.
The real problem is that these companies have silently just become foundational infrastructure for a modern society. They arenāt some random private optional service. They were private disruptive innovation at one point, but because of their immense effectiveness, power, and influence, they are really more like public utilities. Our laws donāt recognize that yet and we need to start talking about this more to make it so.
Should they be able to scan your photos? Should they make judgements on your photos based on ml classification? Should they run your photos against police data for crime matches? Should they be able to sell your photos or use them throughout their product? Can they use your photos in an ad campaign?
What would the laws protected against?
A provider shouldn't, because their system should be designed to prevent them from being able to so they aren't someday required to at their own expense nor at the probable violation of their customer's privacy.
As technology evolves it becomes increasingly easy to invade deeper and deeper into once private spaces. Such as someone's rooms. Someone's now electronically light and replica-table collection of externalized documents and memories; maybe within our lifetimes even within their minds.
While I donāt disagree in particular that Apple should offer support for account recovery, and that a resolution shouldnāt require knowing the CEOās email address and crossed fingers, I donāt necessarily follow the logic that āthey store my photosā necessarily means āthey should be governmentally coerced into having dedicated support staffā.
Itād follow logically that if your photos (or whatever) are valuable to you, you wouldnāt punt sole responsibility of their perpetual storage to third parties. Understand instead that the storage services they offer are voluntary, conditional and subject to loss due to error, negligence or even maliciousness (the latter of which rarely serves business interests).
Apple should obviously do better here ā assuming this story is indeed accurate - but introducing legislation here seems like a leap.
They should be regulated. In the same way that other utility providers (eg electricity, water etc) are regulated.
They should be subject to consumer protection law.
Apple was forced in Australia by the ACCC (our consumer protection regulator) to provide proper warranties and repair/replacement/refund protection, as specified by the law.
I see no reason why they shouldn't be "governmentally coerced into having dedicated support staff" to support their compliance with the law.
I agree that they should be subject to whatever consumer protection laws are in place for the regions in which they operate; I disagree however that they should be viewed as utilities for the purpose of legislation. Iām unconvinced that access to those libraries of movies, music or photo storage could be considered along the same lines as electricity or running water.
Iād agree that thereās too tight a coupling between account access and access to purchased media, but itās unclear that government intervention is needed to mitigate that. At the very least itād be useful to know the frequency at which this kind of thing happens before making a judgment call on it.
People use their apple account to register with utilities and banks. If Apple decide to randomly shutdown your email because "artificial intelligence" (statistics), then this causes much more major problems than simply wiping your photographic life away.
>At the very least itād be useful to know the frequency at which this kind of thing happens before making a judgment call on it.
Why is that? Is there a number like 1 in 1000 where is acceptable for Big corporation to screw people and "steal" their accounts? Think about average Joe story that does not appear in news-papers and HN. Laws seem very obvious here, if you want to close a customer account you need to do some minimum stuff:
1 tell the customer what they did wrong, in the same way if you would show to a judge the evidence that this customer did X and X is illegal or against the TOS you show the customer what he did wrong. I understand that this might make your giant corporations anti-spam/anti-fraud job harder but we don't want to optimize for lazy developers and lazy corporations.
2 Offer the customer a simple way to download his account data
3 If the customer bought media and games you have to either refund the customer or find a way to transfer the media to the customer. You would say that this is a hard problem, the answer is again let's not optimize for making things easy for super rich corporation and super hard for regular people. Maybe some innovation would come out of this , like maybe some kind of way where I can buy a book or game and I can sell/donate it like any physical object I buy.
The issue is that now people are excusing that is would be hard for super rich company to do a decent job so is OK if they do a terrible job as long as I, the HN reader don't care about the poor guys affected.
Also from what I noticed from YouTube it seems that simple obvious solutions are not even explored, you treat a 10 years old account with a good reputation the same as a 1 day old account, are all the developers working on ad targeting and polishing the next version of some shit framework? Is there any Google product that you were impressed by their overall quality?
> I donāt necessarily follow the logic that āthey store my photosā necessarily means āthey should be governmentally coerced into having dedicated support staffā.
Understandable. But I'm of the opinion that companies like Google and Apple more or less offer these services and advertise them as one stop shops for you, forever. And in many cases, mine included, I pay for it. That I make an offcolor comment on Youtube or get a chargeback against the Google store shouldn't lead to a complete blackout to said photos, in my opinion.
Agreed on that point. When too many services fall under a single umbrella of ā[Company Name] Accountā, the loss of access to the account as a whole because of some kind of transgression on one sliver of [Company Name]ās services is just a fundamentally bad approach.
A law that stated companies cannot cut off access to people's purchased digital goods without a findable process for sensibly resolving mistakes on their part seems valid.
They are effectively stealing - by accident obviously. But once that happens and they give you know recourse - there is intent that mistakes on their part won't be fixed.
It would be nice if Congress would make laws that force large tech companies to offer arbitration when they disable an account that has more than a nominal amount of assets attached.
I hate to advocate for more laws and regulations, but these companies have gotten too big to operate without oversight. Losing your ability to log into Netflix would be a bummer, but losing your ability to access your work files, medical records and everything else you need to live your life (eg: Google Drive, Apple iCloud) is just too big of an impact on a persons life to happen without transparency.
I recently listened to the OG radio version of Hitchhiker's Guide to the Galaxy, with some added commentary about the early 80s. Vogon bureaucracy jokes were of the time in England. Everyone had little adventures & run-ins with comically illogical public services.
These days vogons are banks, SV giants, social media...
The striking antipattern (to me) is where official channels are a brick wall. Everyone insists that no other channels exist. Meanwhile, if you ask friends or read blogs, all actual resolutions seems to come exclusively from inside contacts, personal favours, being famous or such.
Paypal broke up with me circa 2010.
Apple media services terms includes things like:
You may not use the Services to: - post a dishonest, abusive, harmful, misleading, or bad-faith rating or review, or a rating or review that is irrelevant to the Content being reviewed
To me it seems like those rules could ban you for just about any reason. I mean, what is even a "bad faith" review? Do you need to assume good faith on the company if you had a bad experience?
āBad faithā is a common, normal term that has a well-accepted concrete legal meaning [0].
In this context it basically means posting a rating or review which doesnāt match your actual opinion. For example, crowd-sourced vote brigading (where you donāt have an opinion at all but are just voting in the way someone else told you to vote). Similarly, reviews along the lines of āThis app only deserves four stars, but currently it has an average five star rating so Iām going to give it a one star review to try to bump the average rating down toward what I think the average should actually beā would be reviewing in bad faith.
[0]:
https://en.wikipedia.org/wiki/Bad_faith
How would they detect this though? A bot looking for things like this would easily catch a lot of innocent people. Even a real human would.
This is your periodic reminder that not all problems have a technical solution. There probably is no bot scanning for this. If itās ever enforced, it must be through manual human action.
Or companies can report reviews and a bot react when lots of such reports triggers?
I think the best solution would just to block the relevant capabilities related to the ban rather than deleting the whole account based on some strange activities. Why doesn't companies do this?
1) Have a group of humans perform this
2) Notice group of humans costs money
3) Replace group of humans with shitty ML/AI/Neural Net/XML/Blockchain
That clause is pretty specific. _This_ is the clause by which they can ban you for any reason:
> Apple further reserves the right to modify, suspend, or discontinue the Services (or any part or Content thereof) at any time with or without notice to you, and Apple will not be liable to you or to any third party should it exercise such rights.
Iām inclined to believe a court would find otherwise, regardless of what it says in the TOS.
Particular courts in jurisdictions that actually have enforceable consumer protection law.
Good luck and have fun in going to courts against Apple for suspending your iCloud account.
Also, what is a harmful review? Pretty much any 1 star review is harmful however, in many cases, they are deserved. So if I get horrible service and leave a 1 star review, is that grounds for banning me?
I wonder if Apple has a system where companies can report your reviews as harmful and if enough such reports comes in maybe Apple auto bans you?
A bad faith review would be a review made in bad faith. It seems rather redundant given the four preceding adjectives but serves as a catchall for reviews made with bad intentions (such as selling reviews...etc).
The word I would pickout as the most ambiguous is "harmful"... harmful to whom?
With "free" services like Facebook and Twitter I can understand pulling the rug off from under the feet of some unlucky customer. It will generate bad PR, some social media outcry, but the losses still mostly remain in the intangible domain.
But cases like this where the customer actually pays real money for and has accounted assets in Apple's system this is absolutely inexcusable. No face-to-face business could do this or they would be sued to extinction even in the lesser litigious countries.
>and has accounted assets in Apple's system
But really what do they have? They rented something and now they lost access. If they had physical media on CD, DVD, or even stored locally as a stand-alone file that would be different.
Yes I'd be enraged but people have feared for years subscriptions and no physical media lead to this. Games and music have gone from disks, CDs, DVDs, to subscriptions. Today it's become so bad that even physical devices are now seen as owned by its manufacturer and you're not permitted to repair it or even open it to look, if you can mange to open your device.
Eh, even Facebook is something where the value lost to users will be too great to just have ML model autoban people. They offer email and photo storage. Getting banned from gmail, which is also a free service would be terrible for many reasons.
It should be unlawful, maybe criminal, to revoke access to digital goods a customer bought and paid for. How the heck have we normalized *theft* as standard business practice?
In my jurisdiction I swear you could sue them in small claims court. I think itās pretty easy to do and lawyers arenāt allowed. Youād probably end up with someone from the nearest Apple store representing Apple and theyād have no answers.
Even if you lose, there arenāt any downsides and Apple would have to send an employee to participate. I would absolutely do it if I ended up in the same position.
Isn't small claims unable to issue injunctive relief though? Or can they do that in your jurisdiction?
This sounds like an area where the arbitration clause could actually work in your favor.
Theft of what though? You donāt own any of the music you pay to access. Itās all just revokable licenses to consume media.
Theft of something that was purchased in a transaction for perpetual use, a digital analogue of physical property. It's not a private company's place to redefine how civil property rights work, to their one-sided benefit.
Gotcha capitalism and inverted totalitarianism. Submit to the interests of the plutocrats and go into debt buying today's fancy widgets, or be banished.
For better or for worse, we have āagreedā to the teens and conditions ā¦
There are plenty of laws that override terms and conditions. A one example, on many countries landlords can not throw out tenants on a whim. Telephone companies can not cut off service on a whim. There are similar laws for utility companies and banks. Arguably it's about time for similar laws for Apple, Google, and Microsoft who potentially hold the keys to your entire life.
That doesn't matter when it's illegal. Statute overrides contract.
In California at least it's actually tortious to offer certain illegal contracts of adhesion. That right is rarely exercised, but you do in fact have standing to sue simply because you were asked to sign a contract with clauses that oppose California public policy.
This just happened to me on Friday!
Iāve been using the same Apple ID for a decade or more. Iāve purchased thousands of dollars worth of apps and content, and probably tens of thousands worth of Apple devices in the last twenty years.
The initial chat support experience was the same as OP: (paraphrasing) āNo, we canāt tell you what happened. No, you have no recourse.ā
Even when I asked to escalate to their management, I was told that they would have no additional tools to assist me.
My initial shock and outrage was palpable. I managed to get in touch with a Senior Rep who is looking into my case and is scheduled to call me back on 12/9.
My only theory for why my account was banned is that on 12/2 (the day before the ban) I made a purchase using a gift card on apple.com. The gift card was a promo from another device purchase I made on 11/26 (Black Friday). I had both devices shipped to my parentās house (a different address from my billing address), and so maybe some fraud detection kicked in due to the purchases being so close together, using a gift card, and sent to some other address?
Iāll update once the senior rep gets back in touch on Thursday, but in the meantime Iāve already started drafting my letter to Tim Cook.
Shit that makes me really worried. All my photos and lot of files are in iCloud.
I thought at first you were referring to September 12th and then February 12th, quite far apart those events XD
Yea sorry, American here.
I have a $25 gift card from Apple, now Iām worried to use it.
I've got an Apple App store account, a long-disused developer account, and an Apple.com store account. (These are three separate, unconnected accounts; I've been their customer since the 1990s). I'm anti-iOS and only use Android for mobile, but I've used Macs as my primary work machines for 30 years, so I never noticed until I just got my new M1 Max that Apple wants me to reconcile all these accounts somehow from old usernames to actual email addresses, but I can't, since the username for my dev account is the email address for my app store account, and so on. I tried for awhile to download something from the App store on Mac OS - and it was my first and last time. I basically just gave up after four tries to reset the account where it emailed the other account and invalidated the validation the code repeatedly before it could be inserted. So their attempted consolidation of user accounts is very wonky (as it would be if one cost $500/year and another was a consumer account, but they'd allowed both to share an email address for a decade or two). Not that I care. The first thing I do when I buy a new Mac is to remove everything related to iCloud and then block as many Apple IPs as I can while keeping the machine functioning.
Sounds like you should just switch to linux and save some money!
It could be like they use Mac specific apps, like FinalCut, or Logicā¦
Laws should force an extreme balance in regards to company-customer relationships. Right now companies get most of the benefits: they can sign up new accounts and charge money very, very easily, _by the millions_, and yet if anything goes wrong they can basically ignore you or make things very, very, very difficult. Thatās just insane.
āBalanceā basically means that if youāre going to set up a business that can āeasilyā take money from millions of people or āeasilyā create millions of accounts, then you _must_ ensure those people can āeasilyā reach you, āeasilyā inquire about status, āeasilyā cancel things, etc. What we have now is just absurd.
Yes. It should be illegal to lock someone out of their account with no explanation nor recourse. A company is free to lock you out, but you should have a right, even legal, to ask them to have a human review the case and explain in text why and what happened.
We have become so helpless that AI/ML takes decisions for us. We have put those AI in place, yet we behave as it they have taken over the world and once they have deemed you in the wrong, there's nothing you can do.
Why are we tech people not protesting over this? Everybody is quick to take Apple's side in this thread, or Amazon or Google in others. I don't get it.
I believe reason many in tech donāt protest is they are well aware just how easily companies can be brought down by abusive users having seen many of their own favorites die over the years from being forgiving or being too open about their ban mechanisms.
Governments fail at being flexible. What they have in Australia for instance allows consumers to abuse the hell out of business driving up costs for legitimate customers.
It needs something more like a Better Business Bureau who can examine both sides, but without a way to accurately verify a consumer is trustworthy it gets shady. Few people want to be tied to a realID so we are stuck with this mess.
I don't buy it. Apple, Amazon, Google have virtually infinite money and there's a whole spectrum between "malicious actors can abuse the system" and "the decision is final, there is no recourse."
Yet people keep parroting the "malicious users are the problem" party line. Please tell me, which tech companies were brought down because of customer service abuse?
Here's what's going on. Having real humans not even making decisions, but reviewing false positives costs money, and the company justifies it by saying it's to prevent abuse from malicious actors. But it is simply a cost saving decision. So, again, I ask why are we quick to defend the company when they could afford to do better by us. Is the entire tech community suffering from Stockholm Syndrome?
I donāt know of a service that hadnāt been forced to add advertising and captcha just to stay above water due to stolen bandwidth and human hours dealing with abuse. The internet has become a trash dump of toxic users to the point it is legitimately difficult to isolate legitimate cases of failed algorithms.
Apple, Amazon and Google have good margins, but I would hardly say they could afford to do better. Human hours are incredibly expensive and the number of people attempting to get something for nothing often exceeds the number of people with legitimate complaints. I have run across whole farms of people who found some cheap online job reading off scripts trying to rip off large companies and any knowledge they get about bans they change the scripts for all.
It is has become a hostile relationship unfortunately and it is not due to companies not trying. I have seen for Apple at least they sometimes have people show up in person with lots of documentation and identification at stores and you legitimately cannot tell the scammers from the people who think it should just not be their problem.
I am not trying to justify that they fail. They often clearly do. It is just not an easy problem, especially with the amount of anger and frustration involved.
Why have folks in tech simply acquiesced to being abused by these monolithic companies? Sad how many people suffer from battered persons syndrome at the hands of these faceless organizations and just go back for more. The author makes so many cases for NOT ever using Apple again but- oh me oh my how happy he is he had his "email to Mr Tim Cook" and through their benevolence his account was restored. Keep rewarding bad behavior and you too will be the victim of it.
And before "there aren't any other options" for goodness sake this is HN. Go build your own environment on private silicon and buy a different brand of thing.
Imagine one not-so-fine day, your partner of 10 years sends a message "You messed up - we are over". You cannot contact them and their best friend only says "you should have not broken the trust - thats all I can say". Your partner has keys to some of your valuables and you are very worried. As a last ditch effort, you contact their parent and after three days, they are back with a smile as if nothing happened. Then you continue happily and put in even more of your time/money/whatever in this lovely setup.
If you want to take this thought to the next level, watch the Black Mirror episode White Christmas. One of the stories deals with the having the ability to completely block someone from your life (so they can't hear or even see you).
Black mirror episodes are either really good or absolutely terrible.
Or lifted from 1990's Outer Limits episodes :)
https://www.imdb.com/title/tt5709234/
https://www.imdb.com/title/tt0667901/
> Then you continue happily and put in even more of your time/money/whatever in this lovely setup.
Yeah, no, that's when I start self-hosting my partner.
I was really waiting for this part. But no, the abusive relationship continues.
I donāt see how this is comparableā¦ I donāt think anyone was under the illusion that Apple actually cares for them, it is just a business relationship. I donāt have the same expectations I do with a significant other.
Many have an emotional relationship with Apple. Love or hate them they have created some kind of emotional response in you.
Their most well-known device responds to your touch, and anticipates your needs. I've had relationships with humans less intimate than that.
I don't know. The smiling, happy faces in the ads, the warm feeling you get when Tim Apple speaks... I thought they were different...
Idk, I have relatives that do trust companies and believe they would never take away access to their calendar, email, phone, notes, contacts, etc. the paid for. Which is worth a hell of a lot to them.
It's emotional investment vs monetary investment (it's not a "business relationship." Ironically, businesses seem much less likely to fuck over another business, probably because the chances of getting sued are much higher.)
Yet most people usually have and share more private information with their devices than their significant others.
What for your future AI spouse...
The story drives home how dangerous it is putting your trust, maybe your business and maybe your life in the hands of these mega corporations. I've tried to distance myself from Google somewhat but Gmail is still my main email account. I don't want to know how many accounts I may be locked out of if I ever lose access to it.
Absolutely buy your own domain name and use an email service where you can use your own domain as an email address, period. I can't tell you how many horror stories I have heard about people getting permanently locked out of their gmail accounts that served as email address for password recovery and what not. And I have some horror stories of my own.
How do you prevent the registration services from losing (not renewing) your domain and having someone else register it? This happened to me, and there was no recourse.
You can register domains for >1 year. You'll still need to renew it every year but you'll have a buffer in case something goes wrong.
Confused, how did that happen to you? Doesn't every registrar support renewal? Did they pretend to renew but they actually didn't? Did you get a receipt for it?
Registrar issue, if I remember correctly. It was set to auto renew, but they didnāt do it, and I only noticed when my site was suddenly a placeholder page.
I had that 20 years ago. Credit card expired, registrar didnāt tell me, and I lost a 4 letter .com.
After that I moved to hosted Mail (yahoo, then gmail) as I felt it was more reliable. Now I ensure I have more than one email on file if possible with any account. Same with phone numbers.
https://www.vice.com/en/article/qj8833/dark-fail-fake-court-...
It is rare, but it can happen. Another threat vector.
Select a highly reputable registrar with good business practices. Pick a couple, then buy a super cheap domain and try to screw with it, like doing a transfer with no authorization. A horrifying number of them will let you get away with it.
If you really are concerned then you might want to consider migrating away now while you still have access for those situations.
At least getting a new email address, pointing it to Gmail, and working to migrate
GMail has the same problem, of course. ĀÆ\_(ć)_/ĀÆ
I think the suggestion was to get your own domain. You can use gmail as a service and if they kick you off you still own your domain and your email address. If you're smart you might backup the email. That's fairly easy to do.
Yep. Ideally you get some sort of actual paid email account, with someone that only provides email (so you don't have issues elsewhere that lead to loss of email account), and then you get your own domain (with no other services that you're using), and forward your gmail to that domain, and point your personal domain's MX records to the new email address, and start using an email address on your personal domain from here on out, but failing the separate email, at least getting a domain and pointing an email address to your current Gmail account, and starting to use that new address instead, gives you a migration path to reduce your reliance on Gmail.
And if your domain registrar decides to ban you for whatever reason?
In the extremely unlikely event that happens (provided you pick a registrar whose only service you're using is DNS), then you transfer it to another one, as mandated by ICANN. You're down a week, but everything is fine after that. Quit being contrarian.
It's a bit like getting struck by lightning, you deal with this when it happens if it happens. This is sufficiently unlikely for most people that it's not worth being too concerned about it when other exceedingly more dangerous and pressing matters could be dealt with using that same energy.
The best part is that they could get locked out of anything they have "find my" enabled on.
Imagine that. "oh you broke the TOS, now all your apple devices are bricks"
It took me a couple years to transfer all important online accounts to a new email, one by one. I feel free now.
There is a solution.
https://sneak.berlin/20201029/stop-emailing-like-a-rube/
Is there legal recourse for a user who has invested a significant amount of their digital life with a service provider and who gets unilaterally cut off? What happens to any service that you'd have signed up with through "Sign in with Apple" ?
We're still in the early days of such a digital-provider-dependent lifestyle, and it seems the legal system hasn't yet reacted yet. The closest equivalent is how US Phone companies do have a "duty to connect the call,", specifically in legal response to the unilateral power they (used to) have. Unfortunately, that's led to the current (US) problem with spam/scam calls & text, because though they have a duty to deliver, they don't have a duty to _authenticate_.
The user seems to have run afoul of Apple's fraud detection systems, hence the "cold shoulder" response (you don't want to give fraudsters a clue on how to dodge the ban-hammer next time, and you don't want them to DoS your support lines). After all, we only have the user's (carefully constructed) story to go on. At the scale Apple/etc operate at, fraud is a huge, difficult problem. I expect the companies tune their processes _in favor of the fraudsters_, because bad press like OP's story probably does them way more damage than a few hundred/thousand fraudsters.
No, I don't have a pithy solution for solving either problem, though I do expect legislation to eventually catch up to give legal recourse for users. I guess the cost of fielding such legal recourse will just be added to "the cost of doing business" by these companies, and that cost will somehow trickle down to users. At the very least expect much harder sign-up procedures once that legislation is enacted, and maybe more regular "are you a real user" annoying checks on the users.
I started to make provisions for this scenario years ago. Paid email from a small but reputable provider, never rely solely on cloud storage for private data, never "buy" media unless it comes without DRM. It's been a tedious process but I think I'm mostly there.
Loosing my Apple account would still be a terrible blow. So many more or less essential services are app only these days. Financial services increasingly rely on phone Apps for authentication. Even some government services require a phone with NFC to use your digital id online. Many daily conveniences like cabs, car and bike rentals and the like are not usable without apps.
I think it's time legislators thought about this problem more thoroughly. Just creating a new account is not an acceptable solution in my opinion.
Really would love a law on this issue.
"No company can disable a user account without explaining clearly what they did wrong and allowing them to appeal to an independent review group within the company"
Its not right they can just disable something you paid hundreds or thousands of dollars for.
Hardware should just work without any strings that lead back to the vendor.
This sort of thing is becoming a serious consumer protection nightmare. Just about every online service out there will disable your account without appeal or justification, while completely stonewalling you if you try to address the issue. For many of these services you can lose access to hundreds or thousands of pounds in purchases.
This is one of those situations where the power imbalance is so extreme that some sort of regulation is probably appropriate, but heavens knows I have no idea what it looks like.
Why would you in this instance ever use Apple again? I would have returned the MBP and once they'd recovered my account, asked them to delete it.
Great that it was sorted for you, but there are dozens who aren't so lucky.
Because there is no alternative. Google is much much worse. And not using Google or Apple ecosystems for at least phones and general media/photo backups limits your experience in day to day life sadly.
There is an alternative:
https://puri.sm/products/librem-5
. It probably limits you in some ways, but the more people support it, the better it will become.
There are also pretty decent in-betweens based on AOSP like CalyxOS or /e/.
I'm pretty happy with the transition to CalyxOS. Everything works as before, but I can now limit internet access to apps, and there is a much more consumer friendly view of permissions. Not tying the whole phone to system-level user with google services feels great. Specifics that need it still gets it, like YouTube.
This is the reality of āthe cloudā. We have given up so much computing freedom to them across so many aspects that itās not even in the comments yet. The fact that Apple even has this one-sided power to completely end your media access, cloud backups, etc should be the horrifying part of this story.
Instead people are trading similar anecdotes, offering ML apologetics, etc. Itās tragic to watch the personal empowerment of personal computing fade away into oblivion like this.
This is not just a problem with Apple. It is a problem with many large scale platforms. It seems that often the problem is caused by automated systems that disable accounts that fall outside of normal parameters to prevent fraud. I've had it happen to me with Discord and Tinder. In the case of Tinder, I know it happened because I uploaded a picture holding a yellow pepper from my garden, it wasn't sexually suggestive at all, but I'm not surprised that an AI could categorize such a phallic yellow shape as a violation of the terms of service. I wasn't able to get Tinder to manually review or reactivate my account. In the case of Discord, I'm not sure what triggered the system, probably something with my VPN or other privacy measures that I take. I wasn't able to get a manual review or a reason from Discord. I tried to make a request for my data under EU and US laws (I'm a dual citizen), and Discord actually denied my data request a few times. Finally I filed a complaint with the relevant authorities in the US and Europe, and wrote a polite but firmly worded email to their legal team about their legal obligations. Under EU law at least, they are obligated to send you all of the data they have about you, including any data that led to an account being disabled, and it is a violation of the law to refuse a manual review of an account disabled by an automated system. I am not a lawyer, but I think the law stoped short of them being required to explicitly state the reason that the system disabled your account. Anyway, within a couple hours of my email, I got a password reset request, and magically, my account was re-enabled. I made another personal data request and got a packet of obscure, JSON files with invalid syntax, that I was able to fix up and examine. I still wasn't able to determine the exact cause of my account being disbled, but from everything I can see, it seems to have been an automated action related to me joining a new server.
Anyway, there are already some laws about this kind of disabling accounts, but there needs to be a better solution for recourse for people who wrongly have their account disabled. Perhaps mandating manual reviews upon request that must state explicitly how the terms of service were violated would be a good step. And perhaps there is a market for lawyers or legal experts to persue and resolve these cases.
Discord's join new server flow is super broken, not surprised it has these deep flaws.
If it somehow forgets your credentials, it is very unintuitive to login again.
One might wonder: how is this legal?
And I think the answer is simply it is not, at least not in Europe. I suspect the companies just do what they can get away with and what's cheapest to implement. When challenged in court they won't have much luck with this, but that puts the burden on the consumer.
There was a recent court case in Germany about YouTube banning a video based on its terms of service, without explaining what exactly was violated. The court ruled YouTube would need to explain what exactly the user did wrong. And that was a case just about publishing a video for free, not blocking an account that's worth hundreds of euro.
It's probably not, but how many people are willing to go to court? Something similar happened to me in Germany in 2020. I consulted a lawyer and gave up. Going to court for someone with my personality is a very harmful process, and there is still no assurance I'd win.
Yes, that's the problem.
I think there should be a law organizing how big companies need to deal with high value (to the user) customer accounts.
Unilaterally taking away hundreds of euros, irreplacable memories, etc., then putting the burden on individual users to sue, seems very lopsided.
This just recently happened to me with an old eBay account I've had 20+ years. After reading the story in the document above, you could easily search/replace Apple for eBay and it's identical to my story, aside from emailing the CEO. The reason given in the permanent suspension message to me was a vague reference to the TOC docs and links to support that all lead to dead ends. After, resigning myself to not caring further, because I use eBay these days rarely, the next day my account was just as suddenly and without reason reinstated, as if nothing ever happened.
I'm left scratching my head as to what the reason(s) were for this to have happened and can only think of 3 possibilities.
- An overzealous, newbie type operator that suspended me by mistake
- Some kind of error in automated flagging and error in review
- eBay's radical way of engaging with me to spur me to buy/sell again as the account's last activity was more than 1 year ago
A couple of years ago, I signed up for an eBay account to buy one thing with Buy It Now. After buying it, my account was promptly suspended for no reason. I contacted support and they told me they donāt know why and wouldnāt reinstate it.
I'm not one to call for new laws, but it seems the TOS and EULAs are way too powerful and obtuse.
I would like the provider to be required to specify in detail what the consumer did and how those actions violated the TOS. No blaming an algorithm or being vague. A specific action and what was wrong with that action. The BS about needing secrecy for security are just attempts not to get sued.
An internet user bill or rights might not be out of line given the power disparity. At least some lawmaker's staff going through the major TOSes and writing a law to ban some of the egregious clauses.
Do not get too attached to your Apple account; it belongs to Apple, NOT YOU!
I think consumers should demand that whatever products they buy, there should be absolutely _no_ strings attached to it that lead back to the vendor, if the consumer chooses so.
So if you buy an espresso machine, the "no strings attached" law should prevent the vendor from locking you into buying only their brand of coffee. Same with printers and ink. Same with computers and accounts.
If instead you subscribe to a _service_, it should be properly advertised as such, and different rules should apply.
Apple support is not really helpful. They give you general advice, for the layman, and not really profound tips for how to resolve an issue. No matter if you have a payment issue or a technical issue.
Just to give an example: I was using my iPad Pro as a second screen (primary screen is a 4k monitor) to see my terminal below the monitor. Apple calls this Sidekick. After an update of my iPad to iPadOS 15.x this technology does not work reliably. The iPad screen freezes and I need to stop sidekick and start it again. This works for a couple of minutes until iPad screen freezes again.
So I called Apple support, waited half an hour to get someone who tries to help me. Finally they suggest I should go to an Apple store. No, I am not going to an Apple store to get a fix for a trivial problem.
There are many users who have experienced this very problem and written about it, even on Apple support forums (which are the worst: written for idiots, no real help). All you get to hear is: Reset your device(s). Or: It must be a problem of third party software, etc.
I used to use an app for this feature called Duet. Whenever I had a problem, I could reach out to the devs, they would give me very specific instructions for how to solve the problem. Now you could say Apple is too large to give this kind of help. But they have a large database of all incoming issues, so they know exactly that 20000 other users are complaining about this issue, and some egineer might have solved it, so why not give specific instructions on the forum, why these super vage tips that are of no help!?
So prey to god you wonāt have real issues where you rely on Apple to solve it.
Edit: Another example: I regularly have issues with iCloud sync. Sometimes I realize that it was stuck because I need to access a document on the go just to realize my Mac could not sync it to iCloud. iCloud-sync issues are so common you can find thousands of entries on the web about this, also on Apple support forums. But neither will you find helpful answers, or any instructions from Apple how to mitigate.
> Apple support is not really helpful.
They are horrible. I once called them to ask if "iCare+ Theft Insurance" works if my iPhone get stolen abroad and they just straight said "We don't know."
Yeah this is annoying and frankly terrifying. These companies are too big and we have all been way too reliant on them for many many years now that losing the accounts will be very tough to recover from. Given how important these accounts are these companies should really staff up to have actual people respond to these kind of issues. Even though itās algorithmically done and itās just one account out of billions for them, itās a huge thing for the impacted.
At least they enabled his account again. Google doesnāt
They often have under similar kinds of executive or insider duress
"Not Even Google Employees Can Unlock Their Own Personal Gmail Accounts"
https://au.pcmag.com/old-hosted-email-providers/87012/not-ev...
This reads like a classic abusive relationship.
+1 for executive customer support care team. Some life hacks for this if the company makes it hard and Googling the company plus "executive customer support/consumer advocacy" doesn't find anything: Searched LinkedIn for employee emails for team members, guess the email format and email them. Email board members, CEOs. Just go straight to Executive customer service after your first failed try. I've had success with Amazon, Ebay, banks, my insurance company, and more using this method. A lot of people get stuck in the system by calling the normal customer service pipeline and can never solve the problem and don't know there's a back door do the executive customer support. Even I fall into that trap sometimes because I guess there's social pressure not to use it - the Amazon address is jeff@amazon so it's a bit nervewracking psychologically to use it, but in most cases the email accounts are just funneled.
I read this with great frustration, and felt glad when I saw that the issue was resolved. I can only hope that whenever Tim Cook needs to transfer such emails to someone higher up, thereās also a strict mandate that the root cause be addressed and that the solution is not just a one off adjustment for the person facing the problem.
As we keep discovering (this is the second one Iām reading about Apple just in the last few days), relying on any of these companies to not disable accounts and access to things that have been paid for is a dicey matter.
Only when consumer regulations get a lot stronger, mere civilians may have a better chance.
Customers are misled by the common wording that is used in the current digital marketplaces. The wording needs to reflect the fact that we are just getting a revocable nontransferable license to a digital product or service, and that in no shape or form the customer owns such digital assets.
Instead of "Buy" perhaps it should be "Purchase license" or "Acquire license".
Instead of "Purchases", it should say "Licensed products/services".
Right, if you are unlucky bad things can happen with a single provider.
I split my digital life and purchases between Amazon, Apple, and Google. Book purchases, occasional movie purchases, etc. I have moved on from having a massive personal library of physical books to mostly relying on digital media, eBooks and audio books. Splitting purchases between three vendors makes me feel a bit more secure.
Probably most peoplesā most precious digital asset class is their personal photos and videos. I use a very simple setup: when I am at home on wifi, my phone updates all photos and videos to Apple, Google, and Microsoft OneDrive. If I am, for example, hiking and take a dozen pictures and/or videos, then before getting home to my wifi, I review and delete what I donāt want available during my lifetime. A secondary advantage is that all three companies run automated deep learning based systems that present my own media to me in interesting ways. For most of my digital life I care about and work for privacy, except for my photos and videos where I want maximum enjoyment for myself, family, and friends. I like to create photo albums and share links with specific people - so much better than posting on social media.
EDIT: for book purchases, I also favor buying directly from publishers who provide ePub, Kindle, and PDF formats - all of which I save to all three cloud providers storage and for convenience import into one of Googleās, Appleās, or, Amazonās eBook readers.
Seems like a threat of a lawsuit would have been in order to force Apple to return all the money he's ever spend with Apple + interest.
https://www.apple.com/legal/internet-services/itunes/us/term...
> YOU AGREE THAT YOU SHALL NOT SUE OR RECOVER ANY DAMAGES FROM APPLE, ITS DIRECTORS, OFFICERS, EMPLOYEES, AFFILIATES, AGENTS, CONTRACTORS, AND LICENSORS AS A RESULT OF ITS DECISION TO REMOVE OR REFUSE TO PROCESS ANY INFORMATION OR CONTENT, TO WARN YOU, TO SUSPEND OR TERMINATE YOUR ACCESS TO THE SERVICES, OR TO TAKE ANY OTHER ACTION DURING THE INVESTIGATION OF A SUSPECTED VIOLATION OR AS A RESULT OF APPLE'S CONCLUSION THAT A VIOLATION OF THIS AGREEMENT HAS OCCURRED.
It seems like that provision wouldnāt hold up in court (at least in a sane legal system, I guess that means it might hold up in the US), rendering it moot.
When Google does this everyone gives them a free pass because "it's a free service, you can't expect actual human support". What's Apple's excuse?
Companies should be required to divulge the exact reasons for account termination as well as all internal communications related to that termination.
I would seriously have considered taking them to court. In Sweden you can file a small claims case for $90 and the legal fees are capped at $125 if you lose. Well worth a shot.
This is what inverted totalitarianism looks like when it crushes the innocent. Now imagine what it can do to activists and dissidents.
Apple already exerted that control
https://appleinsider.com/articles/20/10/15/apple-demands-tel...
Add in a dose of Palantir used by corporate security organizations, and you have push-button operations that can direct global recrimination, up to and including, droning, in certain circumstances.
This is the reason why you don't want to place all your eggs in one basket, or why you don't place them in one walled garden. They have all the power and can do what they want. Guilty until proven innocent doesn't come into this, you're guilty and you have no recourse.
In my view this is a form of theft and should be treated as such.
This is why the open decentralised web is important.
There's a special kind of grumpy old techno-luddite, and I am describing myself here, who says "Ha! You actually fell for all that e-book and digital downloads trickery, buying DIGITAL-ONLY products with no way to be sure that you really truly own them or have them? You TRUSTED THE CLOUD? Then you get what they deserve when they all disappear, I've been bracing for the day that happens ever since the whole thing started."
and since 1998 have only bought actual tangible physical books with pages that turn, video games on physical disc, and movies only on VHS and DVD and BluRay. ((But yeah, I have a STEAM library. Nobody's perfect.))
With how pervasive and ubiquitous these big tech services are in our lives, and how purchases are toed to these accounts without any way to backup or export these purchases, I hope there will be a kind of law to eventually force transparency when a major change is done on an account, and to minimize the impact when an irreversible change is made, as well as having a clear and direct support line to at least settle the issue.
For example, it's not right that you access to the entire Google account and the stored files and emails if you let's say spammed on YouTube and got your account suspended there.
If you shared files illegally too many times on Google Drive, lock the storage in read-only and disable the ability to share (example).
And
Itās not his only option; email tim@apple.com the Executive Relations team fixes things like this. They even fixed something as pedestrian as the I bought a refurb Mac Mini online, found it had a broken DIMM slot and I took it to my local Apple Store and the manager refused to help me. They emailed me within hours and told me to please try again. I went back the following day, the store manager was visibly irked but did the swap.
I told him before I left the store he was leaving me no other option but to email Executive Relations. He kinda chuckled at that.
Wasn't that the exact option that worked for him?
If only people actually read the articles.
Perhaps. I typically stop reading these kinds of articles when the individual concedes defeat, which is what I did in this case.
Please donāt comment then. You could have at least searched the page for āTimā.
That's fine, but why comment on them?
I know that you've already been corrected for not reading the article, but I'm going to leave this here, from the article, for comedic effect:
> So what to do? I emailed the one person I knew who worked at Apple, and I had his email address...Mr Tim Cook.
I have had decent success sending letters to the CEO of companies and CC'ing the FTC and Better Business Bureau.
Tim Apple is good about stuff like this. He helped me desolder the broken wristband on my iWatch.
These stories always bring back that anxiety I got as a teenager when I read Kafka's "The Trial". You're guilty and being punished but we won't tell you why, what you did, and there's no way to appeal. Back then, I found comfort in the thought that this kind of thing wouldn't happen in the modern Western world. Boy was I wrong.
If this individual was based in the EU, Art. 22 GDPR would protect him against this practice. Basically making a fully-automated high-impact decision is not legal. This applies regardless of the company's location.
When Google does this it is fully expected, IMO there is never an expectation of customer support with Google with any of their products. That is, they have no good reputation to keep or to lose when it comes to customer service (imagine _calling_ Gmail or YouTube as this user did).
If Apple goes down this path it will literally destroy the company, customer service is one of the most important competitive advantages they have.
The executive team that answered this email should be focused primarily on ensuring it never happens again as we speak.
This sort of thing is why I don't purchase anything that I can't keep an offline copy of, and I avoid any ongoing account or service that I might actually come to rely on. I'm very resistant to putting my fate in the hands of others, and especially when those others are for-profit businesses (and especially especially when those businesses are in the tech industry).
I had this happen to a friend/client and did the same thing with the same result. This was 2 years ago, under similar circumstances. Just like Google's capricious AI-powered suspension-bot, Apple has one too that is just as hair trigger on weird inputs. The "no appeal" is downright creepy.
With vendor lock-in being so tight in many cases, how is this not regulated to allow recourse to decisions either an idiot or an idiotic algorithm makes?
Alternatively make sure services do one thing and one thing only so it doesn't break other things, like purchases or access to data.
I just had the same issue with my Facebook ads account (which I haven't used in years). I couldn't event lodge an appeal because they don't let you do so unless you have 2 factor auth. I'm sorry, but I so don't trust Facebook/Meta with my phone number.
Register a Google Voice number. I have one specifically to give to all companies I don't want to give my actual phone number to.
Facebook refuses Google Voice numbers, or at least did in my case.
A similar case was posted yesterday, though it involved adding gift cards:
https://news.ycombinator.com/item?id=29437627
Exact same thing happend with Discord for me. Just that I had no way to get it unlocked. I don't trust that anyone actually looked into it.
Several years ago, I had a problem dealing with Verizon at the store level and customer service so I contacted the office of their CEO and was able to get my problem resolved. His secretary sent me a new phone out of their office stock.
This equivalent story occured with me and my Google account, where all manner of external support proved pointless.
I eventually had to have a friend at Google contact the Gmail team to get my account lockout sorted out.
It makes you wonder if the story of the Google employee who couldn't unlock their own account is actually true or they was just stonewalling to get rid of the customer.
https://au.pcmag.com/old-hosted-email-providers/87012/not-ev...
> I eventually had to have a friend at Google contact the Gmail team to get my account lockout sorted out.
Reading this thread on HN, I started to panic thinking about what would happen if I lost my Gmail account, and then I saw this comment! What a reason to be a loyal googler until the end of the world!
I sent tim cook an email November 13th about my airpod max repair experience (long story short, 2 pairs of head phones died, one of them came back connected to someone else's icloud account) - by the 1st someone from the apple exec team emailed me and let me know he was reviewing my case and that he would resolve the issue for me (apple only has referb airpod max right now for repair return and I didn't want another refurbished pair). We'll see what happens, but the guy was nice.
Don't leave anything of significance walled in behind a Google, Apple, Amazon, or really any other account. Only physically accessible copies of your data belong to you. Everything I upload to "a" cloud, I immediately mirror to my backup rig. Do the same, don't trust.
Once I used a brand new credit card with a $1000 credit limit at a Walmart in the deep dark of a Sunday morning at 2a.m., to try to buy a PS4 game system and a copy of DEATH STRANDING. The card was declined. I contacted the bank via phone and they asked me to upload copies of my driver's license and/or passport. I never did. Oh well, so much for that credit card!
What happens to guys who get their accounts disabled for no reason and they don't know anyone from the executive floor? "Sucks to be them"?
Apple has banned my account twice or thrice in the last ~13 years. And then unbanned after a number of appeals and begging from my side.
Thing is, I am indeed in kind of permanent violation of ToC due to my account being US and me being in Ukraine. No problems for the last half of the decade though.
In most cases, we are trying to do the right thing. Allow the customers to appeal and put their case forward
I have a teeny shred of sympathy for Apple here, actually. Creating new identities is trivial (Sybil) and so adversaries would write malware and their accounts get deleted. The more info that apple gives each of the adversaries' deleted accounts, the easier it is for them to probe the logic used to catch them.
Note that no one is complaining about them locking-out "new identities" (which could be easy to create), but about them locking-out "old identities that have paid thousands of dollars to them" (which are not as easy to create), without any reasonable recourse option.
I'm sure your shred of sympathy would quickly disappear if this ever happened to you, but... as the saying goes... "pepper in someone else's eyes is a refreshment to me".
And thatās why you need to regularly backup your photos library.
A few lost purchases is bad but losing all your photos is the worst case scenario.
And after that... You still buy Apple things? Rotfl!
There is a clear malalignment of incentives when commercial entities both sell and provide property.
These are clear cases for better algorithmic governance systems for managing the assets. Eg. Holding the asset on a distributed block chain / ipfs.
In the meantime, commercial companies that provide subscriptions should be favored. Here the risk is contained.
Firstly, 99% of Appleās customer base will never experience what I went through.
The very next day, all my Apple devices gave the following prompt when updating apps from the App Store: āYour Account Has Been Disabled in the App Store and iTunes.ā
I called Apple Support and was advised that my account has been permanently disabled, and there is no recourse.
I then asked what does Apple recommend I do. Apple Support representative said: āCreate a new account and start from freshā. This means I have lost all my app and media purchases and the funds in my Apple account.
I tend NOT to blame Apple because why would they take such a drastic step.
I am a mere civilian where we are accustomed to accepting decisions put on us and adjusting accordingly.
So what do next?
The only option is to create a new account and move on. Start fresh with Apple.
Three days went by, and I took delivery of a brand new MacBook Pro that I preordered before Apple disabled my account.
After five years, I bought a Mac, but the sour taste of betrayal from Apple made it extremely difficult for me to get excited about my new workhorseā¦
First question would be: Is this here actually Stockholm syndrome? But let's not get into this. More importantly:
By now everybody should know that you don't "buy" things at those companies. You're not even renting them!
They can at anytime, without reason, take away everything you "bought" there. Cause it's not _your_ property. You don't _own_ it.
You own stuff only if you _completely_ control the hardware and the data. That's what all those beardy open-source freaks are telling you since foreverā¦ Maybe it's time you consider they're right?
Besides the point that most customers wouldn't find such kind words for the people they scammed them and wouldn't relativize what those scammers did ("99% won't experience thatā¦", "I don't blame Appleā¦", *eye roll*) the exact same thing can happen with all the other companies who are doing the same. Apple, Microsoft, Google, Amazon, etc. There's no difference. They're all the same. _They_ own "your" devices and "your" data. So they can take it from you.
And most people won't be so lucky to "get things back" through divine interventionā¦ So don't count on that.
I don't know whether it was the topic, good writing, my low attention span or all three but this is the first article which I've read in its entirety in a while and has prompted me to check the author's other articles.
I thought it would end with linux on the MacBook Pro.
It seems like Amazon, Google, FB, and Apple are working to eliminate humans from customer service.
Can we get FAANG to respect their customers again?
The fact Apple, Facebook, Google, Steam, etc. does not have a proper customer support is appaling. All they can do is parrot back canned responses, without the ability to actually do anything. This will have to change.
it's long past the time that we need a digital bill of rights for "services", content, etc. Esp content that we own like our own photos, docs, etc that are on the cloud. They may be able to take music, books, and games you purchased but not your own content.
Even more nefarious - when I lost access to my account on Friday, I lost the ability to update apps that I have purchased.
One app that I use frequently wonāt load unless it is updated (it gives you a dialog that you canāt dismiss when you start it). So now Iāve lost access to another service and my data in that service by proxy.
We absolutely need rights here, especially the right to a full and detailed proof of violation and access to human remediation and review.
This sort of thing is why I go to the trouble to have an Android phone without a Google account or any Google services. It takes about an hour to set up a new phone, though.
I've considered a burner google account, not sure how feasible no google services is. Don't you have trouble finding apps/services? I could imagine finding replacements for meet/maps/photos/drive, but the play store on android feels a bit irreplaceable, I've tried F-Droid and the quality of apps is significantly worse.
Maybe he would have gotten a better customer service through the legal system
Sounds like a fraud detection system got triggered. Stonewalling the fraudster is usually the safest course of action so thatās what companies do.
Unfortunately those systems arenāt perfect ā¦
My girlfriend once had to replace all of her bank accounts because of something like this. Did a thing while traveling abroad, looked like credit card theft, everything got shut down. oops
>Unfortunately those systems arenāt perfect ā¦
Automated systems will never be perfect but there are companies that have policies that are far more respectful of their customers than others.
If you get detected for fraud or did a chargeback on steam, you will be issued a trade ban and a ban on buying games and activating game codes, but valve does NOT take away your ability to download and play the games you already own and legitimately bought in the past. Heck, in the case of chargebacks they can be quite lenient : it can be a temporary restriction on buying that is lifted after a few months (but with a permanent ban on the specific visa card).
If you do something wrong with the community features, your account will become a restricted account and you will not be able to use them anymore, but you will still be able to play your games too.
They also have an actually active online customer support service that help you regain control of your account if there was a fault on their part or something else, like someone hacking your account, and it doesn't require an obscure method like mailing some gabenewell@valve.something to get things done.
What Apple and Google does with their account system should be illegal. It's asinine that society would accept that one could lose thousands of $ of software and media bought because for reason X or Y they banned your account.
Valve can do very granular account restrictions, there's no reason why the wealthiest companies in the world can't.
And this is why I have a humongous library of games on steam and will never spend a single $ on Google Play or the App Store. Concentrating all sorts of digital purchases onto a single point of failure in the hands of companies that treat you like garbage? I think not.
I am OK if such a thing happens but they really need to provide an appeals process and explain what triggered the fraud detection.
How many bank accounts does your girlfriend have?
Most people have at least 2 or 3 with any bank they work with (checking, savings, credit)
If my bank left me high and dry in a foreign country I would absolutely cut ties.
I've done enough international travel that I maintain redundant checking accounts for just such a situation, but there are plenty of people out there that keep all of their accounts in a single place...
If that is what happened then why would they delete the account rather than just block it for a short time?
Ban marketing spending by any corporation above a certain size
It will encourage competition and only those who actually please their customers will thrive
This is an interesting idea, but would flatly violate the First Amendment in the US.
Then perhaps tax it to oblivion?
FB blocked my business account and blacklisted my domains.
If those paid apps, music, movie are my private properties, can they stop me access to them? (It is not a rhetorical question)
That's the thing, the paid apps, music, movies, etc. are actually just licenses. And, although I didn't read the contract myself, I'm pretty sure the Terms and Services all users agreed to during the purchase of said license (or even just during account sign-up) stipulates that the company reserves the right to revoke any license purchased for any reason, etc.
Though I do like your way of thinking. Potentially, if there really is a violation (which there was not in this case, but just an example), then, in theory, the company can implement a system that allows users to still access the content, but remove interactions (e.g. in the case of fraud, remove the ability to transact, etc.). Of course, this requires resources to implement and maintain, so it's unlikely to happen.
Unless Apple refunds his purchases and money in the Apple account, they are committing a theft.
Not nowadays. Nowadays theft is doing something like copying a file, or using a vpn to watch YouTube. Permanently depriving someone of something they paid for isnāt theft.
A few months ago, the balance on my Apple account was running low (less than $100)
Why do you need that much money in your apple account ? Do you buy new apps everyday ?
Pathetic begging Apple to listen. Just stop using their crap man. Dont be a fucking fool.
Apple is a very large corporation
The upside: Interoperability of the products, prestige, false sense of security
The downside: Everything bad about a monopoly
The solution: none. If we,people, were smart monopolies wouldn't happen in the first place. Maybe someday the government decides to split it or to suffocate it, or Apple becomes one with government and its practices become law.
Meanwhile: I don't participate of the Apple ecosystem. I am hurting myself in the prestige field.
Good to see that Stockholm syndrome is alive and well.
I read it more like a serf begging his lord to commute his death sentence. He has no power, so all he can do is flatter and ask forgiveness.
He's deeply bought into the Apple ecosystem. He noted his Macbook arrived while he was fighting his account ban. I'm guessing iphone, ipad, thousands in music and movies on itunes, at least hundreds in apps, and an apple account required for all of it.
As a Google user I'm not in tremendously better shape, but my PCs don't require Google to function, and at least I could load a different ROM on my phone if needed. Not that Android is tremendously useful outside the Google ecosystem.
> but my PCs don't require Google to function
Macs don't require an Apple account to function either.
> Macs don't require an Apple account to function either.
i helped someone setup their macbook air M1 a few days ago. the least i can say is that they were asked to create an apple ID and they were asked for a phone number.
those steps were not skippable.
i was disturbed to say the least because i was recommending them to skip those steps and enter that information when they felt comfortable. an OS should only care about the user account. but two accounts and external identification were needed in this case.
Can you get os updates without an apple account? My Mac always bugs me for my apple ID when updating things. I'd be happy to get rid of that, maybe it's for apps.
Yah, it's just for apps.
Pre-Catalina, major OS version updates were distributed as apps on the Mac App Store, and required an Apple ID to download. You're right that this isn't the case today, though.
https://support.apple.com/en-us/HT208987
What if you set up a Mac with an Apple account, Apple permabans you for something, then you forget your password and want to wipe and restore your Mac?
I also found this story quite unsettling. Glad Iām not alone.
Wait til you find out about what other systems you rely on have imperfect fraud detection.
There isn't a platform any large number of people use that is exempt from this.
> There isn't a platform any large number of people use that is exempt from this.
I can think of a few. TCP/IP, email, BitTorrent, TLS, RSS.
Millions of people use Linux. A single digit percentage of people, but millions of people. Not even counting the majority of servers on the internet.
And the way Linux does it proves that you can do it that way. The largest platforms just don't.
TCP/IP relies on your ISP routing you. They can disown you, taking you offline.
Email is fairly dependent on DNS which is fairly dependent on a domain. Your TLD can deregister your domain, and domain hijacking is still a thing. Similarly, most people do not have an appetite to self host email and are subject to the whims of their provider.
BitTorrent is a decent example, DHT are fairly robust but also not easily searched. The discovery method of BitTorrent is frequently subject to DMCA takedowns. These takedowns have taken down legitimate torrents as well.
TLS and RSS are not platforms, and fall victim to the same thing as email.
The internet is built on many levels of trust, but just because we trust in it doesn't mean it isn't possible to deplatform at very low levels.
> TCP/IP relies on your ISP routing you. They can disown you, taking you offline.
They can cancel your service, obviously, but that prevents you from using Verizon, not from using TCP/IP. You go sign up for AT&T or Comcast or Starlink and you can still communicate with anyone on the internet.
> Email is fairly dependent on DNS which is fairly dependent on a domain.
Which is why I didn't list DNS. But dependencies are something else. In theory anyone can deny you access to anything by putting you in prison, but by then you're really arguing that preventing this is impossible because a military could wrongfully kill you, rather than talking about whether some specific thing is the thing causing it.
Not to mention self hosting your email will likely mean facing an uphill battle against spam filters blocking you. And seriously, fighting that alone could become a full time job unless you don't care to email.
TCP/IP: Not really a "platform", but if you consider the internet as a platform: Your ISP puts you on a CGNAT with an abuser, or you random into a floating IP that is blacklisted as a bad actor
Email: Try setting up your own email server and sending to $largeESP
BitTorrent: Not a platform, but: This issue exists one layer up at the level of BitTorrent trackers (without which BT is mostly useless)
TLS+RSS: Same as TCP/IP
Linux: Not a platform, but you could probably get banned from package mirrors if you get the same IP as some asshole trying to DOS them and waste bandwidth
> TCP/IP: Not really a "platform", but if you consider the internet as a platform: Your ISP puts you on a CGNAT with an abuser, or you random into a floating IP that is blacklisted as a bad actor
So then you use a VPN. It's also not the same thing because that's being done by endpoints instead of the platform as an intermediary.
> This issue exists one layer up at the level of BitTorrent trackers (without which BT is mostly useless)
Modern BitTorrent uses a DHT for this. Trackers, to the extent that they still exist, are just to make peer discovery faster.
> Linux: Not a platform, but you could probably get banned from package mirrors if you get the same IP as some asshole trying to DOS them and waste bandwidth
There are many independent package mirrors and also you can access them from any IP address (e.g. using a VPN again). Also, this:
http://manpages.ubuntu.com/manpages/bionic/man8/apt-p2p.8.ht...
This is abusing semantics to the point you just make yourself look unknowledgeable. And honestly I feel like you know better...
TCP/IP? Protocol.
Email? You mean SMTP the protocol, or email platforms like GMail that people get locked out of all the time, or you mean a tiny platform with a fraction of the users?
BitTorrent... the protocol.
TLS... the protocol. Are you joking callling this a platform?
RSS... same.
Linux the OS? Because Linux sure doesn't have a centralized platform built into it last I checked.
When you forget your Linux password where's the reset link?
-
Like to be clear, my statement is tautological. For any useful definition of "platform with large number of users" you need to have fraud protection.
It's not really an ideological thing, anyone who's run any platform of a meaningful size knows you get attackers, and attackers scale. So you need to defend against attacks, and legitimate users can accidentally trigger any form of attack detection, human or otherwise.
> Email? You mean SMTP the protocol, or email platforms like GMail that people get locked out of all the time, or you mean a tiny platform with a fraction of the users?
Email is a platform. Anyone on any provider can email anyone else on any provider. And then you can choose one you trust not to lock you out, or run your own.
The others are the same. A platform is something you build other things on top of. HTTPS is built on top of TLS. Webmail services are built on top of HTTPS and SMTP.
You want a more traditional platform? Java.
> Linux the OS? Because Linux sure doesn't have a centralized platform built into it last I checked.
Who said anything about centralization? The centralization is the source of the defect.
> When you forget your Linux password where's the reset link?
Boot from live installer and reset the password.
But also, why is "password resets" necessary for something to be a platform?
I'm going to assume you're acting in good faith and just haven't seen this definition of platform.
The one everyone else in this thread is using is "an application or website that serves as a base from which a service is provided" (that's straight from Merriam-Webster)
Examples include (also from M-W):
"music streaming platforms"
"has built a cloud-computing platform for use by others"
"billions of photos scraped from Facebook and other social media platforms"
The only one that really could count in your examples is email, and if you think that doesn't have problems try setting up your own server and sending to gmail, hotmail, and other large providers without getting sent to spam or outright bounced.
That's definition (b) from M-W. Definition (a) is "operating system." Though that's kind of a layman's oversimplification and it's more specifically the operating system's API implementation, which is why Java qualifies by providing the same thing.
But also, how does email not fit under (b)? Or Signal etc.?
Definition (a) goes on to include "also : the computer architecture and equipment using a particular operating system", which I think is largely accurate and I agree something like java would probably fit.
Email and Signal are kinda on the fence for me, because they're split up in a way where it's not really one cohesive platform in the same sense as a social media platform.
Regardless, even if you consider them platforms in this sense, both have the same issue with the detection of spam and other bad actors.
As far as I know Signal doesn't do spam filtering at all and has no means to read your messages. They just separate things sent from people not in your contacts until you add them, which happens entirely at the discretion of the peer and not the service.
Does signal not attempt to ban users that engage in spamming, spreading malware/CP/other undesirable content, impersonation, etc?
How would they have any information about any of this? It's end to end encrypted. I don't think it even has accounts; the service is just a relay and the messages are authenticated on the basis of TOFU, i.e. this peer is the same as it was last time.
Yeah Signal still has as an order of magnitude fewer _monthly_ users as WhatsApp has _daily_ users, so the "we won't do anything, block them or call the cops" approach still works.
The scale thing I mentioned is real.
Most "monthly" users are also "daily" users, so I don't know what point you're trying to make there. Signal has tens of millions of active users.
This has nothing to do with call blocking or anything like that. I've had Signal for years and the the only spam in my message history is from more than a year ago and was sent via _SMS_.
It's all just network effect and WhatsApp being the same company as Facebook and therefore having a marketing budget that a non-profit doesn't. The fact that Signal has grown by a factor of nearly a hundred over the past two years _despite_ WhatsApp's network effect implies that people strongly prefer it.
I feel like you must be trolling between the whole spending 4 comments arguing that TCP/IP is a platform thing... and now saying MAUs and DAUs are the same.
MAUs are how many people used Signal in a month. DAUs are how many people used WhatsApp in a day.
The DAU/MAU ratio for an app is never 100%. Ever.
20% is like a "good" rating, and 50% is like a best-in-class rating.
So WhatsApp having literally an order of magnitude more DAUs shows the gap in their usage.
The gap in their usage is not something for you to start making excuses about, it explains why Signal has no way to deal with fraud, child porn, spam, etc besides calling the police.
That flies precisely because Signal is small potatoes compared to the platforms I mentioned.
> Wait til you find out about what other systems you rely on have imperfect fraud detection.
>
> There isn't a platform any large number of people use that is exempt from this.
Okay, but with the other platforms that I can think off[1], my computer and phone still continue working. I can effectively work without those platforms and do not need to purchase a new computer or phone.
[1] Maybe I'm thinking of the wrong ones (Twitter, FB, AMZ, etc). Which platforms were you referring to?
lets start with bank's for instance?
how do you feel about getting locked out of all your money for a false-positive fraud detection?
> lets start with bank's for instance?
>
> how do you feel about getting locked out of all your money for a false-positive fraud detection?
I don't feel bad about it - it happened once or twice in the last 30 years and it was relatively trivial to fix[1]. I also don't mind that they freeze spending if they think my account was hijacked in any way.
[1] Go into a branch with my ID, look at the transactions they think is fraud, declare that they are not, and get my account unfrozen. The whole process took about 60m, from leaving my front door to withdrawing money again.
If Google and Apple started collecting government identification documents for everyone ahead of time it'd be pretty trivial too...
Right now sometimes _after_ the problem occurs you can provide those, but it's tough because they don't have those sitting around for every account.
-
Also fraud in this case is often being considered a bad actor yourself, most people haven't dealt with that from a bank.
That's like the bank thinking the transactions you would admit to having made being fraudulent, so identifying you isn't really enough.
Not too bad as I have far more recourse than getting locked out of Apple or google.
The issue isn't automated fraud detection systems. The issue is the lack of humans who can override them when they're wrong.
Except there are humans who can and their strict orders are to never do that.
People don't realize, yes sometimes these companies are just ignoring CS, but when it comes to lockouts they want the humans to stonewall you.
Otherwise what's the point of the automated fraud detection? The human operator will just become the new target, and SMS attacks are a great example of why that doesn't work
Are you saying that permanently locking legitimate people out of their accounts is acceptable collateral damage just to make fraud a bit more difficult?
Are you incapable of making an argument that isn't a garbage-tier leading question?
Like sorry but that pisses me off a bit, have the basic decency to present your point without the theatrics...
-
It's acceptable to make a system that makes it incredibly hard to get your account unlocked in very rare cases just to make fraud a lot more difficult.
You see hundreds of these posts a year and billions of people use these devices a day.
"Incredibly hard" or impossible? And again, are hundreds of people a year acceptable collateral damage?
Impossible or incredibly hard? Well impossible right?
Because OP did not get back their account.
Once your account is locked it is impossible to get it back, the bits that make up your account are instantly wiped right? Some L9 at google waves a magic wand and it's gone.
No one who ever got wrongly locked out of a Google account has ever gotten it back, so it's impossible right?
-
And yes, hundreds out of billions is acceptable collateral damage.
In case you didn't know, all systems are subject to similar tradeoffs, even ones of life and death. Planes aren't just designed with safety in mind, trade offs are made knowing they could cost lives because no one could afford to travel on a plane that was twice as safe for 10 times the cost.
The water you drink is treated knowing that X incidences of illness and death occur for Y amount of contaminates because no one can afford water that's significantly more expensive for marginal benefit.
Fraud is the same. You have to accept hundred out of a billion chances of going wrong because no one will pay not just a monetary cost, but a convenience cost. Most people won't be happy if Apple requires ID to make an iCloud account for example...
I'll never understand why people accept this religion-like relationship with Apple.
If you think about it, it really looks like a religion from the outside: the author got some random problem (account lock) then prayed to the god (emailing tim cook) and then the miracle happens (the executive team unlocked the account).
This is not a story of any sort if not an evangelization story about dealing with a fickle god.
I don't think the author is going to be thinking "wow I really dodged a bullet here, better get off this ecosystem as fast as I can" but instead they're probably going to recall the story about that time when they emailed tim cook and the miracle happened.
It makes no sense.
----
And people should also consider that with an account gone all the purchases are gone... Arbitrarily. Music is gone, software is gone, data is gone. Isn't this scary?
I had a similar experience with eBay. In my case, they suspended my account for no reason and refused to delete my bank account information. They are literally holding my banking details against my will. I might actually call the police on them because its so shady - and we are in the same county.
I had a similar experience with PayPal. Fortunately, I had created a separate bank account specifically for use with PayPal. After they blocked my account (for the heinous crime of having the word "Hacker" in my company name: Hacker Factor), I went to the bank and closed that account. PayPal ended up keeping the remaining balance of something like $1.
In my case a guy won an auction, bid (but did not pay) 30% over buying it brand new, and all of his reviews said "don't ship to this guy, he's a scammer". So I refused to ship, and they closed my account for it.
If you're in the EU, you might be able to do something about this using GDPR.
I'm in the United States and this still feels illegal. My bank suggested calling the police.
This seems like an easy shut and close small claims lawsuit as apple stole purchases from him.
Credit card? They are probably struggling with payment fraud. Has your credit card ever appeared on dark net āfor saleā lists? That might do it.
Please stop buying digital licences.
Buy an activation code or use an OSS product.
App stores are a like renting music, please don't complain when they turn you off...
Hopefully more people notice these problems and stop using online services so much.
A company that depends on slave labor and avoids paying taxes how could it act unfairly?
BTW, if you want another example of an organization that imposes arbitrary consequences on users without telling them why, look no further than your URL bar:
https://news.ycombinator.com/item?id=29024255
Back End Team had made the decision
Of course. A different kind of company, one which prioritises function over form, would blame frontenders.
My apple ID is applesucks@my.tld and I never give them my card info, never have. I've only been given apple shit, I haxor it and load all the apps I want. I could download any movie or song I want but I don't because I pay a streaming service and wouldn't buy a digital item unless I can download it. I have been in tech a long long time and this was always the way. Somehow people got snowed into thinking they own something on someone else servers _ahem serverless_ which is absolutely not the case. Have you heard possession is 9/10ths of the law and they own your contract, and according to their thousands of lawyers it's Real and ultimately people with guns agree. It's an absolutely retarded position we've put ourselves in, I will enjoy the day apple is forgotten, like Compaq or DEC.
Don't use an Apple ID for anything.
Don't install App Store apps on the mac. Don't use iCloud at all.
Use a per-device throwaway Apple ID to install free apps only on iOS devices. Don't buy apps or IAPs.
Disable iMessage and FaceTime.
Use a third party password manager.
This is really the only safe way.
"all my purchased media is gone"
I feel sorry but personally I would never "buy" something of that nature that I can not truly own/control. All my media is in format every player would understand and backed up in couple of places.
Piracy remains a way better option than anything else.
I'd rather give my money to put.io than the iTunes Store.
Who is talking piracy? All the media I have was purchased.
You likely broke some form of law (depending on the media and your jurisdiction) in the process.
While laws like the DMCA exist I donāt see the point in buying a film and ripping it, as Iām breaking the law just as much as not buying it and downloading it.
Since I can't answer your last one directly:
>"Your inability to read shows you up"
I did read it. "Likely broke ... law" and "depending on jurisdiction" assumes / hints to that I am in the jurisdiction and this is totally baseless. I think my answer is proper but whatever.
You likely have no clue. I suggest you do some reading in regards to backing up media in Canada (this is where I live).
Hint: it is legal
Your inability to read shows you up
ādepending on the media and your jurisdictionā
"The only option is to create a new account and move on"
The only option is to talk to a lawyer and try to file criminal charge against their interference with enjoinment of the things you paid for.
What's hilarious about this pathetic, whiny monologue is that the author most likely will continue using Apple products after all of this. Some people just never learn. Honestly, seeing people so dependent on an abusive for-profit corporation just so they don't have to be alone with their thoughts for 2 seconds makes me cringe and weep for future generations.
Be sure to make a CCPA/GDPR request to delete all your data, including your account. You get nothing from them, they get nothing from you.
I was waiting for the realization that he couldn't go on shoving money at these guys, and needed to increase his self-sufficiency by selfhosting to keep his data out of their or anybody else's walled garden.
But he did not seem to draw any lesson from it.
That is not at all the answer to this. Tech people need to respect their craft a little bit more. If some hospitals screw over a patient no doctor would say people need to learn surgery and self operate on themselves. Self hosting is not something a normal person can just learn overnight and manage.
Yes this.
All this case (and similar others with other companies) demonstrates is that we're lacking in laws and regulation here.
There should be no way that it is legal to just lock a customer like that without paying them all the money invested in virtual "goods". Sure, you want to block me then return all the money I paid for music, apps, etc.
There should be channels in every company where they will precisely tell you what happened and why. If they want to just stop dealing with you - they must pay back.
There's nothing wrong with using a service, what is wrong is that our laws are not up to the task of dealing with those risks.
> Self hosting is not something a normal person can just learn overnight and manage.
It's not something most tech people can _really_ (properly) manage either.
_I_ can.
I'm sure of this because I've made a career of it and I do it professionally for a large corporation. I know how many engineers it takes to have a 24/7/365 follows-the-sun rotation that doesn't lead to burnout. I've personally seen and solved lots of failure modes that result in mysterious degredation. (Hey did you know there's firmware on the SAS breakout board itself?) I've read many more, with solutions I'd never have come up with, by people cleverer than me.
An individual tech person could theoretically manage to do it, but I'd rather have my team helping me while I help them. I'm only human, and can't always see my own shortcomings.
I _can_. But I know better than to try and self-host something mission critical for myself or (especially) family. I self-host the same way a car mechanic has a classic car in their yard that they'll aspirationally fix one day.
Itās so odd. 15-20 years ago we didnāt have this problem. It just takes time and time is very precious. It comes downs to risk and time. Is the risk of this happening worth your time? Some times I think we embrace technology too quickly as technologists without considering the whole picture. At this point you have to ask if you can trust the people behind a technology to dk the right thing for a decade or more. If the answer is no start figuring out how to ditch it. This ignores the philosophical issues emerging with FAANG type companies. Anyhow, itās much easier to never embrace a technology or vendor than it is to ditch it later.
15-20 years ago you could get away with more mistakes without them biting you, but they where none the less mistakes that where bad.
These days the bad actors have automated there exploit attempts to the point that its not even really about asking when you will get hit rather then if you will get hit anymore, its almost instant in most cases.
with so little leeway its just not viable to self host anything that is exposed to the internet, and then if you still have to deal with things like off-site backups if you care at all about your data.
I have thought about this a lot. I think it basically comes down to your domain. Itās okay to let someone else host things for you. To retain control you just have to keep your domain you are using for important things secure.
That risk includes getting shut down by your ISP, who may be the only ISP in the area.
I once got a nasty call from Comcast's net abuse department because I was _gasp_ running a mail server. It was locked down tight, and only accepting mail from an old email provider.
They didn't care. I was told that if I had SMTP open or they saw SMTP traffic coming in, I'd be permanently banned from being a Comcast customer because I was "running a server."
Internet needs to be declared a utility and internet companies need to concern themselves only with reliably delivery of network packets and to otherwise completely fuck off. My power company, gas company, and water company don't give a fuck what I do with my electricity, gas, or water.
> It's not something most tech people can
That's not really true, there are offerings on the market that make it a breeze. Take Synology. You get raid with dozens of terabytes, that is self managed and has got instructions on every aspect of usage. It's got Google Photos rip-off for every mobile platform, it's got LDAP, Email, Caldav and Cardav packages with GUI. It's got DNS server with easy to use GUI, it's got packages for NextCloud and it's got something like Dropbox that is made by Synology as well.
You don't need no port forwarding or fancy security, it can connect to Synology's cloud thingy that will route your traffic back home correctly, DDNS on steroids.
So if you really want to self host everything, it is couple grands out of pocket and couple of evenings of clicking around.
I am not affiliated with Synology, just a happy user (although I only use it as raid storage with SMB, NFS and as Docker server).
https://www.zdnet.com/article/ransomware-crooks-hit-synology...
Good to know, thank you. It is still doesn't cancel my point that producing "self-hosting in a box" devices is possible and profitable.
Also there used to be "Windows Home Server" thingy.
Most people can't manage amazon services (properly) either. And the downsides and consequences are even more fatal.
It need not mean your own cloud services, although I think the longterm trend is residential routers plus a USB stick will make this more possible.
Eg, he doesn't have to make access to all his music so it is contingent on his one credential, which can be revoked at any time by Apple. He can keep local copies of what he has bought, despite the ecosystem tries to make that difficult. Apple Music will delete any local copies it manages when the credential is invalidated.
https://www.guidingtech.com/what-happen-when-you-sign-out-ap...
> residential routers plus a USB stick will make this more possible.
This smells like "let them eat cake" except in the context of technology. Not everyone is able or even wants to mess with that stuff. There's a vast difference between "Yes, backup my stuff, Apple; Here's my card" and "I know what an IP is"
At $12/year you literally cannot get anything like what Apple offers just in terms of backup ā not the equipment, not the man hours required to maintain it. Even if I were able to set it all up, it would cost me a huge amount of money in lost revenue just to maintain it safely.
It feels like "I could build dropbox in 5 minutes" never stopped.
Maybe read it a bit more generously, in the vein of:
* Maybe we can get to a point where running your own services is easy enough and normalized enough that most people do it.
I'm doubtful, but there's at least some small winds in that direction-- disillusionment with FAANG, peaking of the large tech economy, some renewed interest in privacy.
Most people use mobile devices and want the ability to watch content anywhere, anytime at press of a play button. Thatās the benchmark. No personal hardware setup will match that convenience and people who are not aware of the security risks shouldnāt be hosting their own content from their personal network online.
> Not everyone is able or even wants to mess with that stuff.
People literally managed books full of CDs or jewel cases, DVD racks, cassette tapes, LP collections, people had an entire rack in their house dedicated to hardware designed explicitly to use these cumbersome things, people torrented and used gnutella and managed software CDs, movie CDs, photo albums, VHS collections and the like just fine for ages. Not everyone is capable of playing MP3s on an PM3 player? Since when?
If these new systems that everyone is using is so much more complicated than that that you have to pay a professional service to do it for you, we have royally fucked up somewhere along the way.
Why are we pretending it's the early 2000s? CDs were used because that was the best option at the time obviously. To compare them to services today hosting infinite amounts of LEGAL content streamed over the internet to millions of people on all manner of devices at the touch of a button is rather odd.
Likewise, it's weird that you need professionals to build such services? Anything that is so complicated that it requires professionals to create it has fucked up? In other words, every industry that ever existed is fucked up because they require more than a passing knowledge... professionals shouldn't exist.
I'm not necessarily comparing them, I'm just pointing out that this line "people can't manage their own shit and so must contract with companies to do it for them" is ridiculous in it's face.
You don't _need_ professionals to build such services, no. Especially considering that the services don't really work better than a drive with MP3s on it.
Software is eating the world, I expect defensiveness on this site particularly, having massive back end data centers and frameworks just for people to do what took a 1tb drive 10 years ago is absolutely stupid.
What? When is the last time you built a YouTube or Netflix? When did people in the past EVER have access to near infinite amounts of content that could be streamed over the internet onto any device?
My grandma wouldnāt know what āburningā a CD means, but she sure knows how to use Netflix.
Itās not defensive to explain the overwhelming reality of todays content landscape. I couldnāt be bothered explaining the difference between a single 1tb drive and YouTube or Netflix, itās clearly obvious.
There is nothing ridiculous about contracting companies to do work. We hire professionals to perform all sorts of tasks everyday and purchase products made by them. Itās not lazy to do so, itās smart. Why do I have to explain the basics of how the world works?
For e.g. Do you grow your own food? Fruit and vegetables all that. It's easy right some soil and seeds with minor maintenance. You don't need professionals to do something so basic. Why cant everyone become an expert at growing their own food? Why do we need farmers, a massive global supply chain and mega stores to do something so simple? The idea that we have this global spanning network just to supply a tomato to someone is stupid and we screwed up?!
We don't have time to be experts at every facet of life, the world doesn't work like that. Believe it or not, managing big stashes of content isn't common knowledge or on everyones priority list.
> People literally managed books full of CDs or jewel cases, DVD racks, cassette tapes, LP collections, people had an entire rack in their house dedicated to hardware designed explicitly to use these cumbersome things, people torrented and used gnutella and managed software CDs, movie CDs, photo albums, VHS collections and the like just fine for ages.
Sounds like youāre trying to generalize from a very small set of people. The percentage of the population that had specialized full sized racks for their torrented stuff and what not was very, very small. For the rest of it, I imagine that ālarge drawer next to the deskā was the #1 solution, followed up by āin the car somewhereā for music CDs.
For the average person, the actual backup procedure from that era was very poor. Frankly, I doubt many did it at all. Even the nerds I knew mostly did a pretty half assed job, all considered. What professional backup software hosted in the cloud today blows even the most thorough technique from any consumer in the 1990s out of the water.
The racks was a reference to entertainment centers, not torrents. That was just about everybody.
> Apple Music will delete any local copies it manages when the credential is invalidated.
No, it doesn't. I literally just tested this. The article you linked to is wrong. (The site looks like a content farm, so this is hardly surprising.)
Signing out of an Apple ID will leave any subscription content downloaded from Apple Music present on the device, but unplayable. This is expected -- the user never purchased that music; they only had access to listen to it through their Apple Music subscription. Any other locally stored content belonging to the user remains playable, _even if it was downloaded through Apple Music_, and the subscription content will become playable if you log back in.
You just said "belonging to the user".
Yes. That isn't a contradiction. Let me give an example.
Let's say I have an MP3 file, and I added that to my Apple Music library on my desktop computer. Apple Music will make that file downloadable and playable on my phone, and that downloaded file isn't tied to the subscription in any way -- it's literally the same MP3 file that was uploaded. This functionality is an extension of an older feature which Apple called "iTunes Match".
On the other hand, if I download an arbitrary track from Apple Music which I didn't put there myself, that downloaded file will no longer be playable if I log out or cancel my subscription -- because those files _don't_ belong to the user.
Are you sure you aren't still signed up for iTunes Match?
(I ask because I just happened to notice a $25 annual charge for that the other day... and I was like, oh yeah, I've been paying them all these years to host those 5 CDs I bought at live shows in the 1990s that aren't available on any streaming service...)
Update: Like every time this comes to mind, I almost just canceled it, but then I listened to "Track 03" by the band "djiin", purchased at Jasper O'Farrell's pub in Sebastopol, CA in 2002, and I just can't...
Yes. An Apple Music subscription includes the functionality of iTunes Match.
:-ć
good to know, thanks
The point was, something is checking credentials.
Routers and USB sticks are the long term trend? How exactly will a USB stick handle apps purchased through the App Store or your subscription to Apple Music?
The long term trend is the exact opposite. People don't want to the manage hardware and all the issues of configuration, backups and troubleshooting faults that come with that, just to watch a movie. They want to palm off that responsibility to an external entity.
>"Routers and USB sticks are the long term trend? How exactly will a USB stick handle apps purchased through the App Store"
I do not buy apps from app stores. I buy my software from vendors and only perpetual licenses. USB stick well replicated hard drives in my case) work just fine.
>"People don't want to the manage hardware..."
People were doing it for ages with CDs and DVDs just fine. Learning to backup one drive to another? If this is such a huge mental load then spread your buttocks and let the corps have you here and there. You deserved it.
The surgery analogy is great! Not only it is not something it easy to learn / manage, but in some cases it is outright not possible. How do you self host an App Store? If you bought an eBook on amazon I am not even sure if you can easily export and read it on non kindle device. Self-hosting is definitely not an answer to this.
Why not?
Imagine someone told you "you can't manage your own system on a workstation, you're going to terminal into a mainframe, no normal person has the time or resources to manage their own workstation." You'd say it's absurd, because it is.
We are literally talking about doing something as simple as buying a single board computer and a hard drive, putting a pre built system on an SD card and plugging it into an Ethernet cable. It's not surgery.
And then you've lost all your data cause an SD card was not rated for extreme write endurance. You repeat all that using better SD card or just a cheap PC with an SSD. You add backups.
Then you realize you need to access this setup while away from your home. You add port forwarding.
You run an audit to check if the system is secure enough so script-kiddies with a port scanner are not able to access your 'cloud'.
Then you realize your router is not so reliable. You add a watchdog which will reboot it once the connection becomes unstable.
Then there is a power outage. And if before you could just access all data using 4G on your phone, now you cannot. You add UPS to all critical parts of your home network infrastructure.
...
And it goes on and on. It is doable, but doing it well requires a lot of time, planning and resources. It's hardly feasible not only for a lay person but for 'power users' as well.
I get it. I self host _everything._ I'm simplifying, but I'm not naive about it.
The problems you say, connection/power downtime are the biggest ones. And they're frustrating, but not near as frustrating as things you paid for going missing, forever.
My point though is, if we can get workstations out of the box ready, we can get home servers out of the box ready. The software already exists, the hardware already exists. The problem is not that people don't want it, that they're lazy, that the tools don't exist, the problem is that mobile devices are deliberately built to herd people to these services. Once they're hooked they're hooked. They're fundamentally disempowering.
I don't think it's laziness, it's just delegation of a time consuming process. In a similar vein, most of us no longer wash clothes using a washboard, grow our own food etc. Modern society is pretty much built around us not doing everything for ourselves and, as a result, we generally have a better quality of life.
Washing machines are an obvious improvement to washboards though.
With the modern service oriented way of listening to music and watching TV, you risk losing what you purchased, you're manipulated by algorithms, you're trapped in the net of a service provider. Is that really less stressful than pulling out a CD and putting it in a CD player?
Digital media is better than cassettes. But the service oriented way companies expect us to do it now is _not_ better. We really hit peak digital media with mp3 playing software on our smartphones. Everything since has just made the experience worse.
Every step here is illustrated as a worst-case scenario, and omitting the time gaps between issues where the system is operational where you are receiving value from it.
Yes self-hosting is a PITA. Yes things will go down. Yes it takes time to learn.
But owning the means of your production? Priceless.
We need to stop teaching people to be cyber-peasants, sharecropping a land they'll never own.
I'm looking at worst cases cause they're really likely to hit you _not_ when you have enough time to tinker and solve it, but when you have other more important things to do.
I self-host a lot, including a smart home setup that is not reliant on the cloud, but in the end looking back how much time I've sunk into this and how often it's down due to _my_ mistakes I don't really think it was worth it.
Why shouldnāt you look at the worst case scenario? Using a hosted service is valuable too, except in its worst case where they kick you off of it.
Because it is not representative of every experience, and without labelling it as such the story given above is mere FUD
We should be encouraging self-hosting for those with the risk-tolerance to do so
Sure, you can plug a hard drive into a computer. But....
What about when that hard drive fails and you lose all of your data? Do you have backups? Do the backups _work_? Do you regularly check the health of the hard drive? What if you want to access the system from outside of your LAN? If it's accessible to the web, are you handling security yourself? How often are you applying patches? Kernel patches? What if you go on vacation and there's a power outage and you can't remotely turn everything back on?
Exactly. Even if I can manage some self hosted systems, sometimes I prefer to just buy the service to save some time and effort.
This is a great analogy, going to steal this one.
Itās not tech people that need to respect their craft, itās companies that need to respect their customers. Most tech people know this is a shitty practice, many pixels have been spent here about the capriciousness of FAANG companies towards consumers, itās just that most of us lack the organizational power to do shit about it.
Did you just compare self hosting to surgery?
> If some hospitals screw over a patient no doctor would say people need to learn surgery and self operate on themselves.
That's quite a false equivalence you've vomited out right there.
If self-hosting is too difficult it's an engineering problem for the folks you're saying need to respect their craft a little bit more to f*cking get off their asses and collectively fix to make more accessible/practical.
Nearly everyone already self-hosts a wireless micro-ISP in their home in the form of a WiFi router. The next step is for these little boxes to grow some serious storage and more functionality catering more to everyones data storage and access needs, with first-class standards-based integration in ios/android/$whatever-you-want-because-standards-matter-bring-back-RFCs
FreedomBox [0] is a step in this direction, Eben Moglen's conference talks on the subject [1] are worth giving a listen.
[0]
https://freedomboxfoundation.org/
[1]
https://www.youtube.com/watch?v=2U8PyukPyGE
Last year I was banned from Google Pay without any reason given. Since then I've been trying to move everything to alternatives. For example, changing accounts from using my Gmail to use an email on a domain I own. If I'm ever banned from my new email provider, I can continue to receive email after updating a few DNS records.
The problem is that I wish this wasn't necessary. I really like Google Photos and I haven't found an alternative (free or otherwise) that I like. And I'm also sympathetic to people who don't want to do this, even if they have the technical ability to. It wasn't hard for me to set up NextCloud on a VPS, but it took more than a weekend to get backup scripts working, run the security audit, set up New Relic monitoring, etc.
I think about in the past about how a town might have a local blacksmith or a local doctor that everyone in the community trusts. I wouldn't mind being the ops guy for a local co-op for friends and family and neighbors. But I think in this day and age it doesn't work well since people don't care enough about the problem. I told my wife to stop putting files in our shared Google Drive and to install the Nextcloud app and she said sure, but I don't think most people would care.
Because what happens to him is rare and the benefit of being in a walled garden is immense. The solution should be to pressure the walled garden to have better recourse when things go wrong rather than throwing the baby with the bathwater.
How do you "pressure the walled garden"? The walled garden only works when it has coercive power over others. If it was easy to opt out of it then most people would. When it isn't easy to opt out of it, you have no leverage against it.
Emailing the c suite seemed effective in this case.
That's not pressure. It was entirely within their power to not respond, and then what?
Walled gardens are not the baby, in that metaphor. The so called benefits are rentseeking arrangements, exploiting and imposing ignorance on consumers. The costs to society outweigh any advantages by many orders of magnitude.
Consumers actively choose walled gardens over free alternatives. In fact, consumers are willing to pay premium AND put up with all the rent-seeking precisely because the free alternatives are trash in terms of UX/UI, which at the end of the day is more or less the only thing that matters to consumers. I do think that through (primarily government regulation) we as a society should try to lessen the rent-seeking and inscrutability.
> Consumers actively choose walled gardens over free alternatives.
This is the specific thing that customers are prevented from doing. If you want Apple's hardware, whose processors are faster than Qualcomm's, you get Apple's App Store. If you want iOS instead of Android, you get Apple's App Store. If you need iMessage, you get Apple's App Store. And no other.
It's not a separate choice. If it was, what it would look like is multiple app stores on iOS, and the choice would be whether to use any other than Apple's. And then tons of people would use the other stores, especially if Apple continued to reject apps people want.
If you don't want green bubbles, you have to choose walled garden.
And it's not like Android is so much better.
Do you want the one with the wall, or the one with the barbed wire fence with a tunnel under it?
What if I just want to come and go as I please without crawling through the mud?
Exactly, the android ecosystem is only better in that the code is more open and the hardware manufacture more diverse. You still run into the competition being brutally squashed. Computers and devices should be completely open and accessible to their owners. If someone wants to run Tizen or windows or ios on a phone, or should be entirely up to them. Instead, the world has basically 2 choices, with a vanishingly small minority of users able and willing to try things like pinephone hardware or Linux on personal devices.
Consumers are given a false dichotomy - they have as much choice and agency as a child being asked "do you want a 7:45 or 8:00 bedtime? Mommy and daddy will let you pick!"
It's awfully hard to apply pressure when Apple refuses to admit wrongdoing. Their corporate ethos is too opaque to allow for any real change at this level, the only time they go about making change is when there's significant legal pressure directed towards them.
It gets even harder since Apple refuses to admit why their ban triggered in the first place. If we knew how they work we could fight it, but as is this is just a black box to outsiders, you can't fight that. I assume that is why they don't tell, if they don't tell then you can't do anything to fight it.
I'll assume from your tone that you're not an Apple user?
Like it or not, being signed in everywhere with iCloud is an amazing experience. I know this because I recently tried a second user account on my Mac that wasn't signed in to my iCloud account. It was jarring.
As an Apple user I take it for granted that my watch unlocks my computer. That text copied to the clipboard on any device is immediately, invisibly available on the others. That all of my contacts and messages are just there. That my Safari history and state synchronises.
You can't 'selfhost' this stuff. You may not like Apple -- I'm not trying to convince you -- but the fact is that there are a ton of benefits that their integrated ecosystem delivers that you just can't emulate yourself.
> You can't 'selfhost' this stuff.
you can,
- kdeconnect can do clipboard & messages sync
- nextcloud (or anything else that does webdav & webcard) does calendar & contact sync
- Firefox (and chrome probably too) can sync browser history and share webpages feom one device to another
i'm not aware of anything that can remotely unlock another device, but that seems like a security risk to me (also quite hard to implement as pam is synchronous :/).
but you certainly don't need a closed ecosystem, building your own out of free components is very much possible.
Itās worth pointing out that the most useful and difficult synchronization is not between desktops, but between mobile device and desktop. Switching to a new machine is hopefully a rare process, but copy and pasting between my iPhone and Mac is a near daily experience. Ditto with sharing open tabs.
Some of the stuff you mentioned seems to cover computer to computer, but isnāt relevant to computer to mobile scenarios.
> Some of the stuff you mentioned seems to cover computer to computer, but isnāt relevant to computer to mobile scenarios.
no, the things I listed are how I sync my linux machines with my mobile phone.
I wasn't talking about computer to computer sync, but the methods I listed (maybe except kdeconnect, which is built for computer to phone sync) apply to workstation to laptop sync aswell.
Actually, all of them (kdeconnect, firefox, nextcloud) have pretty good Android clients
Still an apple user after that? You deserve each other.
Shut up you little lesslinh
It does strike me as a problem that can be solved at scale with just the correct automation rules. Hopefully they take the opportunity to do so.
Why didn't they think of just using the _correct_ rules? It's all so obvious now.
Full Self Driving strikes me as a problem that can be solved with the correct automation rules. Hopefully Tesla takes this opportunity to do so.
Man this is so meme worthy.
Curing cancer strikes me as a problem that can be solved with the correct automation rules. Hopefully doctors take this opportunity to do so.
Just make some medicine that only destroys the correct cells, easy peasy!
So true. All software should be written without mistakes. Strange no one takes this obvious approach.
It strikes me as a problem that can be solved at scale by scaling up their support staff and not automating blanket bans without human intervention and an appeal process.
If they ban a bot, the bot will be unable to proceed through a manual/human appeal process.
Not everything can be automated and arguments that scale make it impossible implies that the organization has become "too big to fail" and should be reduced in size by regulation/law.