Comment by koolba
17 hours ago
Way too risky to use Google services like this tied to your primary account. There’s too much risk of cross damage. Imagine losing access to your Gmail because some Gemini request flags you as an undesirable. The digital death sentence of losing access to your email with a company that notoriously has no way for the average human to contact a human is not worth the risk.
> Way too risky to use Google services like this tied to your primary account.
I would also avoid using the same credit card between accounts. I used a Venmo card for my chrome extension account as an extra layer of separation.
Use a custom domain and don't use google for email.
And if you do use your gmail address just forward it and start to transition to something else. With time everything of importance has been transferred.
How do you even pull away from a Gmail address? I'm nearly twenty years into that service. Getting banned would be absolutely devastating...
Use your own domain to sign up for a paid email service, provided by a company that focuses on email. I use Fastmail, but there are many other options.
Set up forwarding in Gmail to your new address.
Then, whenever you log in to a website or app with your Gmail, take a moment to change it to your new address. In a few weeks, most of your important accounts will be covered. In a few months, almost everything you still actively use will be done.
I did this ~5 years ago and the only thing that still arrives at my Gmail is spam.
11 replies →
Register your own domain, use a third-party provider to handle actual sending and receiving (I use proton, which makes the setup very easy), forward your Gmail to your personal domain address and as renewals and reminders come in switch your email on services to your personal domain.
After a year or two losing Gmail becomes an inconvenience; after a few more years it is nothing. As everything is now on your own domain name you can switch providers without affecting anything.
That's what I did about 5 years ago and my only regret is not doing it earlier.
I just sold a domain I had for 25 years and used for everything including API endpoints, email, authentication, etc. It took a couple weeks to transition myself and my family/friends.
Pretty sure just moving emails would have take a lot less effort. I had the advantage of keeping the domain until I was ready to move, now imagine Google just turned it off one day and what your workload would be. I shudder to think about having to deal with that.
Just start changing addresses. Forward the rest. It takes about a year. Changing your name is way harder and tons of folks do that all the time.
I moved away from a gmail address that was that old, dating back to the invitation-only days. It had become more spam than not, mostly other people who share my initials not knowing their own email addresses. But the possible devastation you mention was more worrying. It had become too much of a risk for my banking and identity generally to not own my email address.
I got a custom domain. I still host it on google, because I know how impossible it is for small companies to have a reasonable program to deal with insider threats. Because of that, I think only one of the giant companies can realistically provide secure email. And the google app suite is great. Now that I pay for google workspace, there's support and appeals available, and if they ban me anyway, I still control the domain and can regain access to everything.
I have not been able to delete the old address, even after 3 years. There are some things like Google Fi that can only use a non-workplace google account. Very, very rarely, I still get an email that matters on it. But I got to the point where I could stop checking it in about 2 months, and now I look at it about once a week quickly, more out of habit than anything else.
The switch was annoying, but not "hard". It was worth it.
buy a domain.
create icloud account.
use their custom domain email setup (free btw) - https://support.apple.com/en-us/102540
Start replacing important account emails with your custom domain.
Every time you get an important email in gmail, login and update.
Bonus: icloud let's you create catch all emails, so you can create many burner emails such as hackernews@mydomain.com
Begin with making a list of all services where you subscribed using gmail...
Get your own domain so you can easily change providers in the future. Start with your password manager and change the address on all the accounts you have in there.
After a few years you'll notice you stop bothering to check your Gmail and you can delete it to close the address.
If you need motivation, skim the /r/GMail subreddit and see how many people are getting locked out daily.
8 replies →
I switched to my own domain ages ago; it only took 2-3 years to stop getting relevant mail to the old one (I put a forwarding rule in place and just used the new one for everything).
Imported all my past mail on day one, forwarding meant I had one inbox only, and I only sent mail from the new domain. A few gentle “please stop using my old address” conversations with family.
gmail uses IMAP.
make another mailbox (another provider - migadu, fastmail, proton, whoever) that has IMAP as well. (selfhosting.. is PITA. only if u really need it).
install some standalone mail-client - thunderbird, clawsmail, applemail, or k9 , aqua on android, whatever. Attach both mailboxes into that. Find out how to copy an e-mail from one folder into another.
Folder by folder, select all mails, copy from one mailbox into the other. Will take time.
(Beware, some clients (apple) will fuckup the mail-date, anything older than 5 years becomes 5 years old. or it shows like that. YMMV.)
i have made this multiple times, for 20+ years of mails...
It will never be easier than right now. Every day you stay, you dig their moat around you even deeper
I just went through all accounts in my password manager, logged in and changed my email. It takes a little while but not that much.
It's really not that hard. I switched about 10 years ago. Just every time you log in with your old email, replace it with your new one. Every time you email someone, email them from your new one with a note: "this is my new email". In a few months I had migrated everything to the new email.
took about 30 minutes to switch to proton mail
1 reply →
Sign up at fastmail.com, set up forwarding, change your "reply-to" address. A year later, you'll have nothing arriving in gmail except marketing cruft.
Same. I still have an old Gmail address that receives forgotten but still considered important emails from various services.
What's the playbook for migrating away in this situation?
1 reply →
Just have to get started and suffer for a while and make it a practice to switch emails when you log into places.
I switched to fastmail with my own domain.
1 reply →
There was a time back when we could get generic LoginWIth OAUTH butons along with the social media roster , allowing one to use whichever provider they wanted.
Current state of OIDC should be pretty much standard across most providers - it put it that devs need too make the push to support alt login providers for preventing vendor lockin in identity like were currently barreling towards in hardware/software.
This has its own risk factors. If your domain renewal lapses due to credit card expiry or something and you fail to notice, it's catastrophic. This is just not realistic advice for the average person.
You can usually purchase 10 years up front. But then you should set a reminder for every 3 years or so to keep topping up, or else you'll forget how to even sign into the registrar.
You're right that having a vanity domain for your primary email address isn't for the faint of heart. There isn't any realistic advice for the average person because it's not for the average person.
Not really? You just jump in and fix the domain name. You have 75 days before a lapsed domain is released into general availability.
Sure, you'll likely miss some emails, but otherwise it's safe.
This wasn't due to some random Gemini request. Users were using sketchy antigravity auth plugins to use their antigravity tokens on things like OpenClaw, clearly against ToS. It's great that Google is giving these users a second chance.
Yes, our masters once again embarrass us unworthy peons with their endless grace, generosity and forebearance. How lucky we are to entrust our data and our lives to them!
Anyone can buy the tokens via the API and do whatever they want with them.
Its not evil of Google to say "Here is an allotment of steeply discounted tokens, but you can only use them with our services."
7 replies →
https://youtu.be/ntICHMV-WMA?t=40
"Google Shuts Down Gmail For Two Hours To Show Its Immense Power"
> our masters once again embarrass us unworthy peons with their endless grace
Masters who serve you in exchange for money?
be as sarcastic as you want but you demand a thing they did not agree to provide, for the same money = they have a right not to serve you. If you disagree with that and think they owe you something then you are the one playing master here.
If a 3rd party product advertises compatibility with a Google service and you use it to login via a first party Google login page, doesn’t the responsibility fall somewhere between the offending product and Google itself? In practice it’s structured pretty much like a phishing attempt.
Notably some model providers explicitly allow that very flow, while others will ban you without notice.
If the "3rd party product" is you selfhosting FOSS, then that's you (OpenClaw users)
2 replies →
Okay but they were paying customers paying $$$ for the service. Banning your customers without prior warning is not right, however sketchy their behaviour might appear. Even if it's obvious to Google that there's a difference between a Gemini API key and an Antigravity API key, it's not necessarily obvious to others.
The correct and sane thing to do is to send them an email, with at most a 24 hour suspension. If they keep doing it despite being warned then by all means fire them.
The concern is not losing access to some new IDE for operating outside the terms of service. The concern is when you lose access to the IDE, you also lose access to your 20 year old Gmail account.
A general problem for Google products is that everything is mixed together.
But that's not what happened.
It’s be great if Google just revoked antigravity access if terms were violated. No need to disable the entire account.
How do so many people think this happened? All of the articles I’ve read have been clear that it did not happen. Yet it’s all over the comments here. Why?
> just revoked antigravity access
That's exactly what they did, plus Gemini CLI and Code Assist, which are the same product in different formats.
No Google account has been banned for this. People just keep spreading this lie because no one agrees that they have the right to steal the OAuth token.
6 replies →
Only Antigravity and Gemini access was banned, not email or other google account stuff.
I’ll go further: there should be laws addressing account consolidation. Getting banned from an Apple or Google account is an incredibly wide blast radius. It would be like being banned from buying Unilever or Nestle food from your grocery store.
1 reply →
>It's great that Google is giving these users a second chance.
I hope this is sarcasm. A permaban as the first action is never a good idea.
When's the last time you read the ToS of a service you signed up for?
This would be a great job for an AI agent. Even better if a few million such agents collectively refused to agree to unconscionable terms.
They were banning people and those people couldn’t even cancel their subscription. That’s a rookie mistake and you expect the same company to have a flawless ban system?
Telling your users they can't use certain software to access your HTTP API is exactly the same as telling people they can't use certain browsers to load https://google.com.
"Hey Gemini, write a short blurb casting our capriciousness in a good light."
> Way too risky to use Google services like this tied to your primary account
As a hedge, you can google.com/takeout on a monthly cadence.
At least a few years ago when raspberry pi nodes were cheap, you could set up rClone to sync the `TAKEOUT` folder of your gdrive account locally and then encrypt it and shove it into backblaze. Then set up a monthly reminder to quickly request a takeout and make sure that you choose the "deliver to google drive" option.
It's not 100% clear to me, but supposedly it was just access to Antigravity that was shut off.
If people lost access to their whole accounts that would be a major crisis for Google users. But it doesn't seem that that was actually the case.
This doesn't make it super clear, but, the submission from a week ago when bans got handed out: https://news.ycombinator.com/item?id=47115805
That's a big part of why I switched to paid email.
I'm the customer, not the product.
yeah exactly have you ever tried to call Google support? it doesn't exist. the only way to contact Google is by posting something on news.ycombinator.com and then hoping that some person who works at that company actually responds to you and logs in somewhere and then changes your access.
AFAIK it has clearly been a ban of Gemini and not of all people's Google accounts.
However many stories appeared where people tried to claim that their whole Google account was banned to gain traction.
Unless it is clear that a full Google account has been banned we should push back on any story that claims this.
Why? Google has been doing automated bans for ages, even before "AI".
By now they lost any trace of goodwill they ever had and are guilty until proven innocent.
Using Gmail as your primary email has become a serious risk. Email was once a distinct thing but Google tying it to your everything-account makes gmail terrible.
> The digital death sentence of losing access to your email
I agree that the digital death sentence is really bad and doubly so seen that many are using single-sign on tied to their Google identity but...
> with a company that notoriously has no way for the average human to contact a human is not worth the risk
There's definitely phone support for paying Google Workspace users: don't tell me there's not, my wife got Google support on the phone more than once and they've been helpful.
And it's not a crazy expensive subscription either.
This remains a problem for the personal account though (arguably what "primary account" meant in GP)
Can that account be upgraded to Workspace just to get the support?
1 reply →
Here’s an idea: run your digital life away from a corporate shitbucket like Google. Don’t run your email there. Plenty of good other options.