Comment by cube00
1 day ago
> will get a path for them to come back on
That's not what support has been telling their $250 a month customers.
we are unable to reverse the suspension [1]
I get the need to move fast to stabilise the service but similar to an outage it doesn't take much to put a banner on the support page to let customers know bans are temporary until they can come up with a better way of educating customers. Further more it doesn't much to instruct ban appeal teams to tell customers all bans are under review no matter what the reason is to buy them time to separate Claw bans from legitimate abuse bans that need to be upheld.
The fact that users are paying $250 for a service they can't use for at least the last 11 days kills any sympathy I had that Google needed "quickly shut off access", it's like they just sat on their hands until the social media storm hit flash-point.
After 11 days there still isn't even an official statement, just a panicked tweet from a dev likely also getting hammered on socials, goodness knows how long before accounts are restored and credits issued.
Even the original Google employee in the forum thread just ghosted everyone there after the initial "we're looking into it".
come on, using a monthly paid subscription to obtain auth tokens to use claws bots is quite obviously agains T&C. you need to pay api prices for that. I am sure 100% of those knew they were doing something wrong but proceeded anyway.
Sometimes I wonder where I am when people are so shocked. I genuinely don’t understand who would think this is allowable? Is this simply a younger generation and I am old now? API keys vs the auth tokens smells the same as public vs private APIs, don’t be surprised you get shut off if you are using a private API.
To the extent that that's true, it would be in the opposite direction? Auth tokens are meant to be used by the User Agent to effect the wishes of user, often encode permissions the user has, and are used with public APIs like those intended for web browsers. API keys are usually for private communication like server to server.
The usual expectation is you don't care what agent the user is running. You just care about what they're doing with it (permissions, rate limits, etc.).
4 replies →