Hacker News new | past | comments | ask | show | jobs | submit login
The only way to get hold of a human at Google
301 points by _pghu on May 23, 2012 | hide | past | favorite | 182 comments
...is apparently posting to Hacker News.

My GMail account has been disabled.

"Unusual Usage - Account Temporarily Locked Down"

"To keep our systems healthy, Google has temporarily disabled your account. This primarily occurs when we detect unusually high levels of activity on your account. In most cases, it should take one hour to regain access. In rare cases, it can take up to 24 hours for access to be reinstated."

It's been at least 10 hours (Gmail app on my iPhone shows "last updated: 5/22"), and going "welp, you're fucked, wait a day to get your email" is not an acceptable answer. All of the "help" forms have no contact information and no other way to get in touch with someone, so I'm putting out the "hey, Google employees who read HN, tell me who I can talk to about this" bat signal.

I haven't changed my email use patterns at all in months; the message occurs on a browser in incognito mode, I don't use any extensions, etc.

On a more general note, on what planet is "you don't get any email for a day and have no recourse, and we won't tell you why, or let you do anything to fix that" an acceptable action?

UPDATE

At 10:20, my account magically unlocked itself (I did nothing between posting this thread - my iPhone started dinging like crazy and then I could log back in) and is now working again, without anyone waving the magic wand. So, if you run into this, just know you only have to go 10 hours without email, instead of a whole day. I have been using my personal domain for most mail for a while, and this has just prompted me to accelerate that process to at least be able to maintain backup ways to send/receive mail.

I do still hope this thread stays up for a while, primarily so that the workflow around these account lockout messages gets better. It's fine to lock accounts out for security reasons, and I understand that algorithms have problems. That said, there should be more details of what they think triggered the algorithm, and a way to remediate it. If they think it is unauthorized access, try to auth with n+1 factors instead of the n normally required, etc.




And this time I'd like the outcome of this thread not to be just "A Google insider wandered past and fixed this guys problem" but "Here's how we're going to make sure it doesn't happen again.

Because next time it might be me and by then Hacker News might have grown weary of these kind of posts and I won't be able to get the necessary attention.

Nothing. I repeat - nothing - is pushing me to move away from dependence on Google products more than the fear of this happening.


Yes, I posted this because I've noticed that is what happens -- someone comes here and waits for a Google employee to wave their magic wand -- but I am well aware that people will get sick of seeing these on HN (and a company the size of Google offering products people rely on should not have the only contact method being "go to the secret club and say the magic word").

If there were additional authentication methods, or if it even just stopped you from sending mail (if they thought activity volume were too high), that would be... better, at least.


I note (for completeness) that if you pay for your mail service you get an escalation path that goes to a human.

I agree that it would be nice if the free accounts had this option too but having been inside the chocolate factory I can also see why this is not practical.


You can't pay for @gmail.com addresses, or else I absolutely would. If I'm going to make everyone change the e-mail they send me things at, I'm sure as hell going to change it to a non-GMail address now.


Switching to a custom domain is a good idea even if you don't pay for Google Apps. Because if Google kicks you off for whatever reason, you just change your MX record and your email is fine.


YES. I see all these comments above saying "man I'm afraid of being totally dependent on gmail". Owning your own MX record is the way out of that situation.


Yes, it is absolutely prudent and a good way to handle things.

It is also not something which most people have heard they should do. It also requires you to be something of a power user to even understand. Many people are so far into this mistake that it would take time and even more technical expertise to dig out.


So, just for the sake of argument, let's assume that the poster's account was compromised and being used to send spam. Would that change your analysis? Why or why not?

My suspicion is that your immediate response will be to change the subject, most likely along the lines of "The problem isn't the temporary freeze on the account, it's the lack of communication." So I'd like to preemptively point out that you didn't make that case in your original argument.

These flames get really tiresome.


I can only speak for myself here, but let me state unequivocally that the lack of communication and path for recourse is the problem.

PR-wise it might be a tough sell, but I think a perfectly acceptable answer is a pay-per-incident support line that connects to someone who can actually fix my problem.


I would like to see Google create a marketplace for support. They allow people to buy some access to their internal systems, who then sell support service. There would need to be careful vetting and monitoring of the people who buy the access, but if that could be made to work, end users get access to support, and Google wouldn't have to staff it.

Of course, they would have to provide support to the support providers, but that would be a much smaller, more knowledgeable population.


I badly want this particular solution. But the only way to create this startup would be to have good contacts with people in Google who have the authority to experiment with such a setup (because clearly Google WOULD need to experiment to find out whether it worked). I really DO think that someone ELSE, with a corporate structure that better supported the skillset of providing excellent customer support, could make an excellent living providing "customer service" for Google. 90% of issues could be handled just by hand-holding the customers without bothering Google at all. And the other 10% could be bundled up nicely (here's a repeatable bug report; I have 20 lockouts that appear to pass the first screening; etc.). But there would HAVE to be some way for people INSIDE Google to receive these nicely bundled reports and to respond to them.


Let's say for the sake of argument that his account was compromised.

Why lock him out? Wouldn't it make the most sense to let him get in and change his password?

If your answer is 'because the spammer/bot might change his password', realize it would be impossible to detect a spammer/bot before they start spamming, so once the bot has your password, it can login and change your password before it starts spamming. But most bots don't seem to do that.

Or lock the account such that no new email can be sent, but email can be received. At least then you aren't locked out of your archive for the last X years of your life.


One problem with leaving read enabled is an attacker could reset passwords on any site where the email was used to register.


Would that change your analysis?

No!

Why or why not?

Because I'm still left without a service that I may be using for something important. Maybe I've got a deadline coming up and I need to access my emails, who knows.

The problem, IMHO, is not that the account was locked. I'm perfectly cool with that, if thats what it takes to rectify whatever the problem was. The problem is that there is no way to contact Google about it. So lets say it was important to me to access my emails for whatever reason and I find my account locked because it was compromised. I now have no way of fixing this. No way of getting at my data. No way of even knowing why it was locked. If I could call Google up on the phone and they told me "oh, your account was compromised" at least I'd know whats going on. They then could work with me to at least provide me with access to my data while I wait for them to fix the problem and get my account restored. Or they can tell me to change my passwords or whatever it is I should be doing.

Right now all you get is "we locked your account, good luck, mwuahahaha".


How is it a flame? The guy asked how things were going to change to prevent this from happening. That's a legitimate question that EVERY user should be demanding an answer to.


Couldn't agree with you more. Until I started hearing about these seemingly random account cancelations I considered my google account my safest and most secure account (second only to my root login for my laptop).

I too am feeling a very strong force to move away purely out of necessity - I can't have the very crux of my online identity under constant threat of being completely destroyed on a whim with no guarantee of getting it back.


I'm sorry for the trouble you're having. I have on idea of what's happened and why but thought it timely to point out for the benefit of those reading this thread:

I highly suggest you use two-factor authentication with GMail:

http://googleblog.blogspot.com/2011/02/advanced-sign-in-secu...

Or Jeff Atwood's post on this:

http://www.codinghorror.com/blog/2012/04/make-your-email-hac...

Your email is too valuable to be left open to attack, hijacking or theft.


cough If any Googlers are reading this, Google often phrases error messages more like that quote ("Us us us us us us, ergo, you don't get what you need") instead of like cletus did ("You you you, you you you, ergo, we're going to take this action on your behalf".). Dale Carnegie, Cletus, and every sane copywriter on the planet strongly suggest rewriting that prompt and related ones.

After taking baby steps like sounding like one cares more major interventions like actually caring may be called for. (I enormously respect the Googlers who I know that that line will discomfit but this is criticism that you guys have gone out of your way for years to earn.)


My wife has had two-factor authentication for at least a year, she only accesses gmail from her iPod touch and the browser on her laptop, and she had this happen to her about a month ago. No recourse. It came back eventually, but apparently two-factor auth is not sufficient to prevent this issue.


I am, of course, already using 2FA, but I completely agree that everyone should have it set up.


If this is true, why is cletus bringing it up?


I think that the root of this issue is the stupid Google policy of not distinguishing any variation of your address if a '.' character is in there -- until someone registers it. People get confused and try to login.

So if your address is jsmith@gmail.com, you can send email to (or login with) j.smith@gmail.com or jsmit.h@gmail.com.... at least until someone registers jsmit.h@gmail.com!

I was an early beta GMail user have a reasonably common first initial last name GMail address. I probably get 3-5 password reset attempts per month. I also routinely received a variety of interesting misdirected emails. Everything from someone's VPN credentials, a US military EEOC complaint, invitations to a stag party in Ireland, a video of a paratransit bus flipping over (intended to be sent to an investigator), to girls modelling underwear for boyfriends.


False. It is not possible to register multiple variants of the same address. The reason you get misdirected email is because people are entering the wrong address in forms. You should see all the email that goes to paul@gmail.com :)


Out of curiosity, is it enough to make the account unusable? Do you have to set up strong filters?


On an (un)related note, my google voice phone number is (xxx)-234-5678, and it is completely unusable. You should hear the kind of voice mails that I get. I have started archiving the most amusing ones in my account. I have been blocking the numbers from area code (xxx) since I registered that number (June/2009), but it is still not usable.


Do share. That sounds like a blog post waiting to happen.


With Gmail, j.s.m.i.t.h@gmail.com is the same address as jsmith@gmail.com as j.smith+nospam@gmail.com - it's likely that someone's mistyping their own email address all over the Internet (this happens to me all the time, having a common first name/last name combo. I get bills and newsletters and etc. Never got an underwear pic, though, alas!).

Good thing to remember this when writing a system that compares email addresses--always normalize Gmail addresses on the backend before processing--but woe betide you if you normalize on the frontend, people love their dots!


> So if your address is jsmith@gmail.com, you can send email to (or login with) j.smith@gmail.com or jsmit.h@gmail.com.... at least until someone registers jsmit.h@gmail.com!

Uh, if this is true it's a security abomination. I'm pretty sure Gmail doesn't allow registration with a login that would be considered the same as an already registered one (but I'm too lazy to check a few to confirm, just because I refuse to believe Google could be that dumb).


I just tried logging in with a random '.' in my username and got in.


That doesn't actually contradict what the guy I responded to said though; you'd want to try signing up for gmail with a few variations of your own login that have a few random extra '.'s. My assumption is that these would all be rejected due to the fact that the canonicalized version (all lowercase and with all periods removed) matches the canonicalized version of a currently registered login, but this guy was saying that's not the case.

But anyway, paul responded so it's a moot point.


You can also send a email to a gmail address with dots in it so sending a email to john.smith@gmail.com can be received by johnsmith@gmail.com, john.smi.th@gmail.com, etc. and vice versa.


Really, that works (surprise, not incredulity)? I have a period in my gmail address, but have never tried that. Seems like a very strange default.


Google's got enough of my info.

If they want to come up with a two-factor auth, I'm happy to provide the public half of a PKI keypair. Of my choosing.

Not my phone number, thanks.

My real email is too valuable to be left to GMail.


You can get a list of 1-time pads instead.


To setup 2 factor auth, you have to give them a phone number that you can receive a call or sms on, I believe.


I'm pretty sure that's just for recovery. The actual setup involves scanning a QR code in the Authenticator app, which is the seed for the TOTP - http://en.wikipedia.org/wiki/Time-based_One-time_Password_Al...


Yes, but they show you that QR code only AFTER you gave them your phone number and typed in the confirmation code.


Which is why I provide my Google Voice number for this purpose. Works perfectly!


I know it is not a perfect solution but there is an Authenticator app that you can use on Android. I believe that iOS might have one too but I am not sure.

This solution does not require you to give them your phone number :).


And for all things not Google, check out http://www.duosecurity.com/. Completely painless to set up on my box at home.


Wow, I've wanted such a thing for a while, but hadn't gotten around to researching. Thanks for this!


Really? It is now a suggested policy to use additional authorization flows in order to use this email service?

Are we talking about the same email service? You know, the one that's supposed to be so awesome that you'll quickly forget about getting your email the "old fashioned way" by having to mess with those pesky things like setting up a POP/IMAP account on your host provider?

Talk about things coming full circle.

[Addendum} No, haven't had my email hacked. I guess I was a little blow-hardy, thanks for responses :)


gmail is a large high-visibility target.

I, for one, appreciate the fact that 2FA is available with the service. Everyone should have it turned on for any high-value mail account they own, Google or no-Google.


Take a look at, for example, "Abuse at Scale" from the Gmail folks at April's RIPE conference for an idea of the threat.

https://ripe64.ripe.net/presentations/48-AbuseAtScale.pdf

1 million+ bogus authentication attempts per day, 60-100k auths per second (legit and not), etc.


That's definitely an eyeopener. Gracias.


Well, ideally, 2factor should be used for anything with sensitive information... Frankly, I wish I could have enabled 2factor waaaaay earlier on GMail.


I take it you've never had your email account hacked, then?


And hope your phone isn't stolen, losing access to your email? That's why I've always avoided two factor authentication -- it's scary enough losing your phone, but then you're locked out of your email as well?

(Perhaps coloring my perception is that I have a pay-as-you-go phone currently.)


I'd love to do this, but my Apps account gives me no such opportunity to setup 2FA, following those instructions: http://cl.ly/242v451j3g331U393u34


Apps account administrator should enable 2FA for the domain. I have this option in all of my Apps administrator panel.


Ahh, thanks!


Their is no excuse for not using two-factor authentication with all Google products.


Not that it's a very strong excuse, but it -can- be fairly annoying if the prompt appears and your phone is dead (or not nearby, or lost).


That's why as part of setting up 2F they suggest you generate and print a list of backup verification codes. 2F wouldn't even be an option if they didn't provide an emergency out.


Or hey, get a real host, domain, and E-mail account.

In other news: Someone else's blog is under my Blogger account, and there's absolutely no way to contact Google about it.

The new credo of doing business is HIDE FROM THE CUSTOMER. It's disgraceful.


If you're not paying them you're not the customer.


As several have pointed out: You are paying.


This is a general problem with Google and their customer-no-service attitude. It's just deplorable. It really is. You have to wonder: What is it going to take for them to give a shit and actually do something about it?

Very soon the word gets out that HN is where you can get your Google bullshit problems fixed and we'll be treated to pages-upon-pages of people with Google problems.

The general issue is that of account suspension or closings without any recourse. It seems that the most damage is being done in the AdSense/AdWords ecosystem.

I've said this before, with the introduction of services like Google Drive, one has to really think hard before jumping in with both feet. If you have your email, documents, advertising, revenue generation, file storage and other important services with Google you might be risking a lot. At the present time you have to assume that all of those services could evaporate and go "poof" overnight and you'll never know why. That's why I don't use any of them. I have better things to do with my life than to have a heart-attack because a Google algo decided to shut-down my business and cut me off from all of my data.

Seriously, Google, Larry, Sergey, this is embarrassing (and evil).


Giving away an awesome mail service for free to the world is not evil. Being too busy to support every Tom, Dick and Harry that has problems with it is also not evil.

An analogy: "Hey Tom, I'm not using this rake any more. Would you like to have it? I'll give it to you."

"Sure Dick. Thanks, this is a very nice rake indeed."

The rake breaks.

"Hey Dick. The rake doesn't work any more. Come over here and fix it."

"Sorry Tom, I can't do that. I'm busy raking my lawn."

"I hate you Dick, because you are evil."

It's been said numerous times in this thread -- if you want support, you pay for it. If your email account isn't important enough to you to pay for it, then you don't really have much grounds to gripe if it breaks.

I don't see how that makes anyone evil.


Gmail is not a used rake.

[Dick comes to the door of Tom.]

Dick: Hey Tom, I see that you don't have a mailbox. I have a few hundred extras down the street, would you like to use one on the condition that I might analyze who is sending you mail and the like? It's really secure and it's all the rage in the city you can store 2000 pounds of mail forever blah blah blah. You should really use it!

Tom: Sure Dick, it's a real help to have an address for bills, personal correspondence, etc. And I can use it to establish residency and so on.

[Tom puts the address in his letterhead, tells everyone to use it, makes several job applications with it, etc. He uses it for everything. Every service he uses authenticates him by his access to this box.]

[One morning Tom goes out to his box and sees it has been padlocked. After a great deal of searching, Tom finds an unofficial contact for Dick.]

Tom: Hey Dick, can you unlock the box for me? I am expecting a check, a letter from my daughter, etc.

Dick: Sorry, I can't do that. And I can't tell you why. What did you expect for free? Anyway, how did you get this number?


Well, you have to win points (and got one from me) for coming up with the best analogy.

Though as I recently discovered, they do have phone support, and message boards, and google groups, and all that jazz.

I understand that I'm perhaps the outlier in thinking this, but Google is acting exactly as they said they would, and exactly as they always have. I don't see malice in that, and I certainly don't see 'evil'.


I agree with you that Google is not evil. All I am saying is that Google is a Dick.


Phone support? Where? I have looked for phone support when all the email disappeared from my gmail inbox. There is no phone support for Gmail.


http://support.google.com/accounts/bin/answer.py?hl=en&a...

Found in my 'Help' link from GMail.


I don't see any way to contact them on that page. I do see this, though:

"Prioritized account recovery support is currently offered on an invitation-only basis for selected users."

So, no, this certainly doesn't fix the problem for a lot of us.


Ah, I didn't see the invitation-only bit.


By "phone support" I mean a phone number that I can call when I have problems, such as all emails disappearing from my inbox. I don't see how the page you linked would help me.


Yeah -- the link I clicked to get to that page was entitled 'Prioritized phone support'. http://support.google.com/accounts/bin/answer.py?hl=en&a...

Apparently you have to have signed up for something else first.

I think the safest bet is to just give them your money for an apps account if it really matters, but that might be an alternative as well.


Also the mailbox/rake has targeted ads on it.


It's also come up multiple times that this approach is not unique to Google's free services. Quite often their paying customers -- especially for the ad-related services, which are Google's bread and butter -- are also unable to get in touch with anything other than an algorithm. In other words, this is not Google just saying "well, free users don't get support", it's a symptom of a very broad systemic issue.

And while it may not be "evil" to provide no support for a free service, it does raise question marks for anyone who looks at a free service to get some idea of who they'd be interacting with on upgrading to paying.


I was specifically referring to gmail, and mostly to make the point that I honestly feel those that respond through unofficial channels (like HN) are doing Goog a disservice by skewing customer expectations. You of course have a very valid point for their paid services, though as they've obviously done very well for themselves despite limited support offerings, it isn't that big a deal.

As usual, if you don't like the service, vote with your dollars. If the service is so indispensable that you need them despite their failing you in some way (like not having support) then well, that's the discriminator. You can 'pay' for support by going elsewhere to a service that won't perform as well, which may cost you money.

Also, for what it's worth, I agree that they probably could provide support, and that Google in general is bad at it. It is easily their weakest area in my opinion. I only responded as sternly as I did to combat the 'evil' allegation, which seems to be bandied about any time Google does even the slightest of negative things.


> if you want support, you pay for it.

That's no excuse to provide a shitty service. For 99% of people GMail is not shitty and is infact quite awesome. That doesn't change the fact that with the amount of people Google has, not having even a queue for people to get minor issues fixed (Freaking MICROSOFT can get this right, for crying out loud!!) is ridiculous.


I disagree. The amount of people they'd have to hire to support that 1% of their users could make the service untenable as free to the rest of us.

In my opinion, the thing done wrong was offering support through unofficial channels. It sets the wrong expectations and perpetuates the notion that if you know the right people, you'll get the support that others can't, and honestly don't deserve.

If I give rakes out to 100 people, should I have to hire staff to fix the ones that break? No. I gave them something for free. If they don't like it, they can go somewhere else. If they buy a rake, then they'll get a warranty, and be entitled to speak to a human about it.

To your point directly though, it IS an excuse to provide shitty service, if they did that. As you said, it's beautiful and perfect for more than 99% of their customers.


People depend heavily on these services. Google does not discourage them. I would love it if the front page of gmail.com read like:

"EASY COME, EASY GO

Gmail is a quick and dirty email service for people who don't really need reliable access. Please do not bother signing up unless it does not matter whether you lose the address and all your email."

I think that would begin to resolve the problem being highlighted here for sure.


Something like this? From their terms.

OTHER THAN AS EXPRESSLY SET OUT IN THESE TERMS OR ADDITIONAL TERMS, NEITHER GOOGLE NOR ITS SUPPLIERS OR DISTRIBUTORS MAKE ANY SPECIFIC PROMISES ABOUT THE SERVICES. FOR EXAMPLE, WE DON’T MAKE ANY COMMITMENTS ABOUT THE CONTENT WITHIN THE SERVICES, THE SPECIFIC FUNCTION OF THE SERVICES, OR THEIR RELIABILITY, AVAILABILITY, OR ABILITY TO MEET YOUR NEEDS. WE PROVIDE THE SERVICES “AS IS”.


Of course this is standard CYA legal boilerplate and from the perspective of most users, it might as well be posted behind the refrigerator.

If they put that right on the front page in big letters, replacing the current brags about how awesome it is and how it makes your life easier, then that would filter out most of the users who are clueless enough to get in serious trouble this way.

Like big nasty warning messages on cigarettes.

Of course that's not helpful to Google, but if Google can't be expected to look out for public interests at all then it isn't anyone else's business to look out for Google's either.


That argument assumes that Google email is crap. It isn't, it is the best email client I've used (online or off), and they have every right to be proud of it.

Does it break sometimes? Sure. What doesn't?

Does that make it a smelly pile of crap? I don't think it does, and I don't think most people would agree that it is.

Gmail is a really awesome service that doesn't have the best support. Period. If people can't be bothered to look at the terms, or if they have greater expectations of the service than they should well, that's on them. I don't think circumstances are so dire that they should plaster "Really, we suck" on their homepage, especially as they're better than all their competition that I've seen.


Well correct me if I'm wrong, but I think you have maintained that since it's a free service one should not expect reliable access or even a dime to be spent in dire circumstances outside your control; and you have further argued that Google is telling us the same thing in the terms (however inefficient the medium).

If it is or were the case, that Gmail is not even supposed to be reliable, then might be very pretty and convenient as you please (hence, not a smelly pile of crap, as one might believe from the terms) but still ultimately bad for most people. Particularly the people who are least equipped to judge the risks or recover from the mistake, because IMAP is Greek to them.

So even as apology for Google I think this is a fruitless line of argument, no disrespect intended. I do respect your opinions.

My own feelings are more nuanced than what I think you are probably fighting hardest against (round condemnation of Google as evil, or Gmail as unusable). I personally think there are safe and constructive uses for Gmail, cigarettes, hard liquor, cars, pornography and pistols and informed adults should have ready access to all these. But I think as a matter of personal conscience it's better not to be a dick, and it's better long-term business, and I'm not against leverage being applied to make Google iron out this procedure or be more firmly up-front with the scary disclaimers that probably should be scaring away people who are not wise consenting adults. Again assuming that Gmail is operating on this sort of Libertarian-style principle that they are not even slightly and socially obligated to provide reliable service no matter how much they promote the product for wide and general use.


In the interest of clarification, my hardheaded response originated from classifying 'lack of support' as evil. That was my bone, and now it's pretty much picked clean.

I do happen to think that Gmail is an exceptionally good mail service, though that is obviously just my opinion. I think statistics would agree that it is a fairly reliable service. Reliable enough that it doesn't need to be disclaimed as "We're just messing around here really" on the home page. Nor am I willing to necessarily concede that it is 'bad for most people'.

In a nutshell, I would say that it's a great service if you can agree with its terms. This isn't mail that people are generally paying tons of money for, and I think their expectations are out of sync with reality. The general argument I hear is "BUT MY LIFE IS IN THAT EMAIL". If that's the case, gmail wasn't probably the email service you were supposed to be using, at least not for free, in the same way I don't store my valuables under the rock in the garden. If it mattered that much, you shouldn't have entrusted it to a service that didn't have a support policy more in line with your expectations.

I have gmail, and I'll concede that it would be inconvenient if they turned off my access tomorrow, but I keep all my more pressing correspondence to services that I have a good-faith belief will give a shit if I lose my information. If google apps were shutting people off, I would expect people to be upset, and I would not consider that ire as meritless.

My only real complaint with the post you've just made is the assertion that Google doesn't care to provide any service whatsoever. If they didn't care about providing reliable service, then it probably wouldn't be so reliable. I personally have experienced maybe two or three outages since I joined the Beta however many years ago. Those were global outages, or at least wide-spread. That sort of thing generally doesn't happen any more. In addition, it's not as though swarms of people are having their accounts disconnected every day. We keep bandying about the 99% number, but I really suspect that it's probably more like 99.99%, but that .01% is enough people that we still hear about it.

Some of this is opinion, and some of my argument is diminished by Google's people support in general, but I think it's getting short shrift because of these rare occasions, and I think that it's considered on the same scale as when Paypal freezes someone's account, which I think is unfair.


Your rake analogy is not sound. Ok so Google gives Gmail for free - as in you don't need to pay for it.

But is it really "free"? No.

They parse your emails so they know what you are buying/selling, who you are talking to, what sites you have a membership on, etc. They also use Gmail to display ads (based off of the things they learned from your emails) to make money off of you. They probably do other things i'm not even thinking of right now. So is it really free? Not at all. Is it a great source of information about you (to then be used by them to target ads at you)? Absolutely.

They should be providing support for it. I don't know what that support should look like (be it a call center, forums, etc), but I definitely think that if I give Google permission to snoop through my personal email so they can build better ads for me (which is how they make the majority of their money) I expect some damn support.


Since that shoe had to drop, you could also point out that they DO provide support.

There are google groups, message boards, support forums, HowTos. There's even Prioritized phone support that you can apparently sign up for.[1]

It's not as though they hand you the source code and a note saying "Good luck."

[1] - http://support.google.com/accounts/bin/answer.py?hl=en&a...


The source code would be more helpful, since a thousand companies would already be competing for the privilege to provide basic support to individual users.


By that same argument, you'd think that companies providing a gmail-like service + support would be making piles and piles of money.

Are there any? (Not snark, I genuinely don't know of any.)


Comparing email, adsense, etc. to rakes is flawed. (Please, don't persuade me otherwise.)

I agree that the gmail economic model might not be feasible if support costs were included. But I don't know that numbers so my agreement is not important.

If 99% of users have no problem with google's services currently then, X% have no problem with google's services in the future. I'm not sure how to solve for X.


I don't necessarily disagree, but the assumption that not providing support on a free service is evil is the more flawed idea, I think.

Also, as I recently discovered, Google does have a for-pay phone support service for Gmail users, as well as all the other forms of support they offer in the form of message board, how tos, google groups, etc.


Can you even pay for gmail?

http://groups.google.com/group/Gmail-Help-Logging-In-en/brow...


http://www.google.com/enterprise/apps/business/pricing.html

Also, I don't know anything about this, since I've never used it, but in looking at my account options on the 'Help' page, they have a "Prioritized Phone Support" that it seems you can pay for: http://support.google.com/accounts/bin/answer.py?hl=en&a...


their phone support is excellent, I've filed a ticket twice and both times within 5 minutes I've been called on the phone, and they resolved the issue.


Did you get to it through that "Prioritized" service? Also, can I ask how much it cost?


You make it sound like Google prices Gmail for free out of the kindness of their heart. They're a business. I use gmail for free because I feel it's in my best interests to do so, and they provide it to me for free because they feel it's in their best interests to do so.

The moment that agreement becomes invalid is the moment a person has the right to become frustrated.


Frustrated, sure. The remedy for frustration is to take your business elsewhere. Frustration doesn't entitle you to get support on a free service.


However this frustration does entitle us to accurately describe a 99% working service.

There are terms for something that works 99 days but on the 100th day makes you feel like gotterdammerung.

They are a crappy service, fails QA 101, never trust google and i'm switching my email to something else


That is, in my most civil interpretation, knee-jerk hyperbole.

You're certainly within your rights to feel that way, and if you do, I certainly encourage you to migrate to something else. If that's really how you feel though, I'm guessing you already would have unless... just maybe, the service is better than you admit.


You think that it is knee-jerk hyperbole because you do not take account to the user the risk of using the service.

The risk means that even if Google provides the service free, it still can have a cost for the user that can be very high depending on the importance of the emails the user is locked out of.

It also means that the cost is invisible 99% of the time, which is why people keep using Google services. After all, most companies that offer network services mitigate the risk for the user by allowing the user to contact them for help if things go wrong.

For example, Amazon Web Services and Microsoft both allow you to purchase support. However, Google seem to only provide support when they decide to invite you to it.

In my personal case, my main email of 16 years is becoming increasingly spammed. I needed to find another email to migrate to, and decided to try out Gmail. Gmail has failed my evaluation.


As he already pointed out: IT'S NOT FREE.

Google (read their terms) reserves the right to mine your communications for information that they then sell to advertisers. You're doing THEM at least as much a service.


On a more general note, on what planet is "you don't get any email for a day and have no recourse, and we won't tell you why, or let you do anything to fix that" an acceptable action?

ON a planet where you get high-performance email services for free, apparently. I feel for you, but the lack of personal response (IME) doesn't mean that your communications are being ignored, just your need for a response. This is still far from ideal, but typing out responses take time away from simply fixing problems.

If you pay for gmail storage or an apps account, then obviously the above doesn't apply.


I do pay for GMail storage, so the predictable parade of "WHAT DID YOU EXPECT FOR FREE?????" (answer: exactly what was advertised, a working email service) is tiresome -- and besides that, there isn't even a contact form for this issue.

There is no way to communicate with anyone or to even raise an alert of "hey, I have a problem". The only way that it is going to get fixed is for someone to manually intervene, and the only way to make that happen is apparently to complain loudly here until a Google employee waves their magic employee wand at my account.


> exactly what was advertised, a working email service

Claiming Gmail (even the free one) doesn't work when, in fact, it experiences seemingly random and very infrequent outages, is disingenuous. It's incredibly hard to make a complex application like Gmail work perfectly all the time for all its users and I'm completely sure they are well within their ToS. Much like we are willing to live with software that has some bugs, we must be willing to live with services that aren't always there.

Buses stop, rails need maintenance and your plumbing sometimes fails. Life continues.


To be fair, the OP shouldn't be able to expect a 100% working email service. But to expect that the provider not be actively causing it to fail seems reasonable.


When mass transit suspends there is normally a notification of estimated downtime.


Well, that's why I qualified my response - there was no way to tell from your original submission. I've had a variety of problems with Google products over the years, and have in general found them to be responsive but not communicative. They could be more accessible (though I have always found an avenue to raise issues within a couple of minutes), but I'm also aware that full-service customer support is a labor-intensive experience. I'd rather they be mysterious and efficient than 'because it is my pleasure to assist you today, can you first verify that your computer is switched on?'


> on what planet is "you don't get any email for a day and have no recourse, and we won't tell you why, or let you do anything to fix that" an acceptable action?

On the planet where you're the product rather than the customer?

The financial truth of 99% of their business is that users to the extent that they look at ads. And since ads aren't worth much individually, people must look in large numbers.

All the people I know at Google are great folks, and they sincerely want to serve users. But customer service is expensive. So is writing special-purpose code for weird edge cases.


[redacted], it looks like this issue resolved itself; I'm curious, did you mention your email address anywhere on this page? I didn't see it mentioned.

I'm happy to ask people for more details. Normally when you have two-factor authentication on, I wouldn't expect you to see this message. So there might be some improvements we need to make on our side to try to prevent this from happening for other people.


Matt, I think your message is consistent with the disconnect people feel when experiencing problems with Google services.

The root of the issue for the consumer of Google services is not a loss of email access (that's just the sort of technical problem everyone has when dealing with the internet). The issue is that there is no person representing Google who says, "I'm sorry you are experiencing difficulty, let me see what I can do to help you."

Google doesn't even go there on their own support forums: http://productforums.google.com/forum/#!searchin/gmail/%22Ac...

There is a meaningful number of posts for the exact issue the OP experienced and what little assistance that Googlers provide is generally of the "you did something wrong" variety rather than "we're working on making it better."


brudgers, I think the larger mission for Google has to be to drive down the number of people having problems like this. So Google's philosophy (for better or worse) is often to find and fix the root causes of problems. So for an account that was hijacked, we'd prefer to put our resources into finding new ways to prevent and protect against hijacked accounts, rather than putting a ton of people into one-on-one sessions to work with people whose accounts are hijacked. For one thing, the scale of Gmail makes those sort of one-on-one consultations extremely difficult.

Imagine if tens of thousands of accounts are hijacked every day. There's not an easy way to interact with all those people, which is why we look for ways to drive down the number of hijacks or provide additional solutions like two-factor authentication or other self-service solutions.

In this case, there was a subtle point that I was trying to make, which is that the problem resolved itself even though the original poster never appeared to give his email address. Sometimes these issues are a matter of transient issues like connectivity or data centers where it's just a matter of time for the issue to fix itself.


It's a problem of pitch. You're entirely correct that the original poster's technical issue may have been resolved automatically, but it's not the technical issue which prompted the post. Accounts don't need reassurance, but people do - particularly when they have placed trust in Google regarding something which may be critical to their business or social life.

When my credit card is compromised, just by acknowledging my inconvenience, it makes the time between the cancellation of one card and the arrival of its replacement seem reasonable.

I get the issue of scale. What I don't get is why Liza isn't wired up to the forum and the email doesn't say "We apologize for the inconvenience." It's only a handful of bytes.


Someone broke into my gmail account in 2009, changed the password, and I've never gotten it back. I tried to recover it using their standard form, but they ask all sorts of ridiculous questions like the day I started using gmail, the day I started using Google docs, etc.


Here's a serious question - how much would you pay per annum to be able to talk to someone when you have an email problem?


$50, the same they charge Apps users. You can't buy support for @gmail.com accounts.


Forward your email to an Apps account, then set up your @gmail.com address as an alias. Works great and you get support. Gmail is smart enough to set the outbound email address properly for any replies.


I don't know, but I'd be willing to pay a fair bit per incident. I suspect it would be well in excess of what it would cost to provide such support.


I think that model creates a moral hazard considering that in this instance the account was locked down by Google.


Perhaps, but I don't think that's a reason for not using it. There needs to be some solution, it needs to be something you can implement after the fact, and it needs to be worthwhile for the company to provide. "$100 to talk to a human, refundable if we fail to solve your problem" is a model that would actually work.


Yup, it's perhaps a tough PR sell because it create the potential for misaligned incentives, but I don't think it is a totally crazy idea.

I'm pretty sure Microsoft waives the fee for their paid TechNet support if the problem was due to a legitimate bug or problem on their end.


Microsoft probably has a much higher ARPU than Google does.


There's actually a big support team for Gmail. For enterprise customers.

Here are instructions: http://gmailaccountrecovery.blogspot.com/


gmailaccountrecovery.blogspot.com appears to be unrelated/unaffilated with Google. The bottom of the page says "(c) 2012 Brett K. Carver". Also, blogspot?


Google owns Blogger and hosts all their official blogs there. Example:

http://analytics.blogspot.com/

That does not prove gmailaccountrecovery.blogspot.com is an official blog though.

Edit: for clarity


The site you've linked doesn't have any Google branding. Moreover, none of the real Google blogs have adverts on them. In addition, the visual design of the page looks rather unprofessional.

It's very unlikely that this site is affiliated with Google.


Plus there is some other hint: " This page is not sponsored by or affiliated with Google."


Agreed on all that; my post was just addressing the last question.


Blogspot is owned by google.


Am I missing something? Where in that link does it explain how to contact enterprise support?


A 2 second google search for "gmail support forum" brought me to:

http://productforums.google.com/forum/#!forum/gmail

Have you tried that? I honestly never have and would love to know if those are actually efficient. If you haven't tried it, please do then report back to us.


The Google support forum is a black hole. At best you'll get a canned copy pasted response from a Google employee that won't help you.


It isn't exactly news that Gmail accounts are closed for no obvious reason. I'm sorry that you're unable to access your e-mail, but at least now you've (hopefully) learned that Google isn't trustworthy.


Do you using Chrome with these two extensions?

https://chrome.google.com/webstore/detail/mihcahmgecmbnbcchb... https://chrome.google.com/webstore/detail/ejidjjhkpiempkbhmp...

For me these combination made a request loop (response from gmail was 404 and 501) for some circumstances. As a result my account was temporary disabled ...


I do use Chrome, but no GMail related extensions (and specifically not either of those.)


Someone must have gotten hold of your email+password combo. Mine got stolen once, Ive no idea how but suddenly all my friends started texting me saying they've been receiving spam mails from my account all of a sudden.

Google might be reacting to similar?


I agree its maddening to be locked out of gmail for no specific reason. I imagine the customer to employee ratio is a billion to one, so even if they had a ticket system, it'd be overwhelmed in a short amount of time.

What are the chances your account was hacked and is now being used to pump out spam? Turn on two-factor authentication if you haven't already, once you are able to get back in.


So close to zero as to be zero; my password is strong and I use 2FA. My account works on every other Google service but GMail.


>I imagine the customer to employee ratio is a billion to one, so even if they had a ticket system, it'd be overwhelmed in a short amount of time.

If their system is locking out enough people who shouldn't be that they would become overwhelmed, google is doing something very, very wrong.


They do have support reps and a ticketing system. You have to pay for them though. I suggest upgrading your account when it comes back online so that you're paying for support.


Out of curiosity: if I set up a forwarding rule on my Gmail, and Google suspends my account temporarily, will it still forward my email?


Yes, it appears to still do that. I can also still access my account via ActiveSync on my iPhone (but not IMAP or the web interface.)


This is why you should never use free email for anything you care about, and especially not GMail. I hate to break it to people but the PAID service is not better either, you're just paying for what you used to get for free...


The vitriol regarding Google's services is unjustified.

Gmail is a free service. Google allows you to use it for free, in exchange for being shown ads. You have access to the same infrastructure that paying clients use, and the same uptime, but without paying. You can download all of your data easily, and at any time. Nothing about that is predatory on the free users.

What would you say is the appropriate market "price" of 10-hour turnaround on emergency technical help? Having worked at a company that provided optional sub-24-hour response, I can tell you it's usually expensive.


Nope. Completely untrue. They benefit from us using their services. We are doing them a favour by choosing them over others - their business is built upon people using their services.

If everyone just their our money back (£0) and stopped using Google's services, they wouldn't have a business any more.

By using a service such as Gmail, we've trusted them and invested our on-line lives in them in order that they can monetise that usage and grow their business.

It is completely unacceptable when that trust is betrayed and they cut you off without recourse.


Google definitely benefits from free Gmail users, but that wouldn't be true if every free user got human attention when things went wrong, regardless of who was at fault.

I guess I see OP's problem stemming from the existence of bugs/quirks/spam attacks. As a developer, I know these things are simply impossible to prevent with 100% certainty. I don't feel that Google is morally culpable for bugs or spammers, unless they are somehow adding bugs to the point of negligence.

In fact, as a developer, the idea of being morally culpable for bugs scares me, since that kind of implies I am doomed to be immoral.


Well the least they could do is try to resolve the situation with the human that has entrusted their stuff to them.


Well, that depends on why I need the "emergency help". If I need it for their problem, then I expect it for free, given that I am already "paying" for the service with my ad views and my personal data.

If I need it because I screwed something up, that's a different (and irrelevant) discussion.


I shouldn't need emergency technical help. If they want to provide a reliable service which I can use to convince them that I should be allowed to access my own data, that would be really swell and should not require full blown tech support nonsense.


I travel fairly often and most of the time when I travel I remote into my machine back home so I'm many times logged into google services from those two locations, then throw my android phone into the mix as well and my webserver which uses google api's linked to my account as well. All in all I have tons of connections to google at any given time.

A few months ago I was flying home from a trip and was using the in flight wifi. As soon as I landed though at my connection city and turned on my phone I quickly noticed things weren't working. I tried logging into services and my account was disabled for some reason. I of course started freaking out since I have so many things linked to this such as my suplemental adsense income. I filled out a form assuming it'd go no where.

I wasn't able to accomplish anything before boarding my next flight. Before take off I had the inkling to try the recover password option. To my surprise after doing that and having it txt my phone I was able to change my password and magically my account was unlocked.....

Anyway I know the OP already fixed his issue but just wanted to share this story. If you ever get locked out saying your account is disabled try the recover password option as a way to unlock it....


Sigh when will people finally wake up and understand that Google, Yahoo or Facebook are Advertising companies. Anything that isn't affecting their really big clients in advertising isn't getting any sophisticated support and even that area of business might be maltreated in respect to professional support. And don't be shortsighted here. IT absolutely -needs- support. So if you really wanted professional support for emailing you have to go to a tech company that doesn't earn a living with selling your Browsing history to other parties or worse.

In case of an email product I did not find anything yet that would serve my professional needs. The only really 99% reliable thing yet has been renting a root server (or using my own machine with DynDNS) with a nice swell Postfix/Dovecot install. The Internet was invented as decentralised, if not even distributed technology. Buying in (you buy with your cookies) a centralised technology like FB, Google or Yahoo, even if they are in the cloud or in the edge - it's still one vendor, for me was always against the economical philosophy of the Web.

If you don't have the knowledge how to set up a distributed email node (if you allow me calling it that way), I would recommend lavabit.com, they are reliable and non-commercial (However also subject to the patriot act b/c located in the US).

And not only the Internet with its industry-raped non-standard HTML language, its ridiculous insufficient Border Gateway Protocol or its patchwork 7bit/8bit e-mail MIME protocols is one heck of an enormously cool hack, also the Web can be nowadays.

If you don't get any support from cookie traders like Google or even Ghostery, why don't go self-made and install a distributed Social network like GNUSocial? The Internet used to be a business opportunity for everyone, don't let it get destroyed by monopolies, that block inventions with 15 year-old patents.


I have heard this happening a few times. However I thought you can register a mobile number to help resetting your account password?


It isn't the account password; I can log in fine, it's just that I immediately get redirected to the "bad boy" page.


> On a more general note, on what planet is "you don't get any email for a day and have no recourse, and we won't tell you why, or let you do anything to fix that" an acceptable action?

Serious answer: email is not reliable. There are lots of factors outside your control. Please don't rely on email being available. Unfortunately most providers today are pretty solid most of the time, meaning people put too much trust into their email providers.


Google's response to user complaints is probably the worst aspect of the company, since it's effectively non-existent. Unfortunately, that's what happens when you have millions of users, and only a few thousand employees. Even if everyone at Google responded to user complaints, they probably couldn't get to them all.

You're wise to have a backup plan.


Depends what service you are talking about. I have a phone# to a helpdesk for Google Adwords. Real live human beings work there. But we pay a buttload of money for that service.

Also google apps for business promises 'Around-the-clock phone and priority email support.' I guess you're just getting what you paid for.


Once while waiting in the lobby of a Google office I could hear the receptionist answering a frustrating call from someone asking for a search result removal request. She had to read from a script because people call so often -- they call reception at any Google-related business asking for help.


FWIW and taking the subject a bit too literally, another way is to be active on Google Plus.


How do you do that when you are locked out of your Google account?


I guess having to switch between my GMail and my Apps account has that one advantage. But fair.


So much of my life is on Gmail, I HAD to setup two factor authentication, and it was easy.


OP claims to have 2FA set up. http://news.ycombinator.com/item?id=4014014


there should be more details of what they think triggered the algorithm

One problem with this approach is that it also provides information to the bad guy, e.g. "here's what you did to get caught, so don't do that next time"


That's terrible. What are some better options for web-based email?


I like fastmail.fm


Don't go there for XMPP (Jabber). They clearly don't care about making it stable. It will disconnect you regularly.


I used to use their free service, but their spam filtering was pretty bad (in 2010-2011).


The free accounts only have basic spam protection, the paid accounts have more advanced spam protection.

https://www.fastmail.fm/pages/fastmail/docs/pricingtbl.html


For all of the people railing against Google/Gmail, what do you use that is comparable to Gmail? Do you use Android? How do you use it without a Google account?


It amazes me that people rely upon a free Email service for critical personal infrastructure.


I think if I got my account disabled I'd go to their offices and demand an explanation.


It's a closed campus. Best of luck with that. In fact, why don't you do a trial run and let us know how it goes?


I think they just have normal offices in the UK.

Otherwise, dress like a courier.


Ask for your money back


You have my sympathies and all but this is getting annoying, every once in awhile the HN front page gets cluttered with these sorts of posts, wait the day out it’s not that unreasonable. Complaining when not even half way through the designated time period comes across as whining.

And for the record you could have gotten human support if you were a paying Apps costumer, for the free stuff you have to deal with automation.

It’s just the same thread with the same comments each and every time; “They don’t respect users”, “Their customer support sucks”, this doesn’t elevate the discussion on HN and shows the false sense of entitlement we all have even in regards to the free stuff.


Gmail isn't free. We are paying for it with our eyeballs. Gmail would only be 'free' in the way that you imply if Google was getting nothing in return. Just because money isn't changing hands doesn't mean it's free.


So you've redefined the word free to make it meaningless.

Giving a way food to homeless people? You're getting the satisfaction of having done something good in return! That wasn't a free meal!


which means pennies for every hundred user, the support is good enough for ~free.


I don't mind paying for a premium account with support. But as an individual with a small data footprint I really don't have a need for Google Apps (the OP pays for extra storage which isn't evidently magic enough). If they gave me the option I'd gladly pay for the service (in fact, on some level I'd feel more comfortable).


My point is that for the price of "free" their support is good enough. Not to mention that they did so to protect your account.


I've noticed this trend with many big companies lately (Amazon, Paypal, and Google). Everything is automated and they give you almost 0 chance of defending yourself.

They also don't care because they are de-facto monopolies.

Amazon suspended my account 4 months ago. I'm just getting the $5K they owe me in money now. To this day, I still don't know why they suspended me (100% feedback and virtually no problems).

They shuffled me around their automated system with the result being that my account stayed suspended.

I was also suspended a couple of years ago from Google Adsense due to one of my scripts going awry. I wasn't clicking my ads, but It refreshed a page a bunch of times with Adsense ads on it.

If I try to signup with my name, I just never get any response back. This one was definitely my fault. I could just use my LLC, but I got out of that game ages ago.


PayPal is actually very reasonable when it comes to getting in contact with human operators. I've never had a problem with that. Receiving decent support from them however is a whole other issue.


I tried to change my legal name. Faxed them copies of official documentation twice. Never received a response.


I noticed this recently with CraigsList too. They have a 'contact form' that just sends you an automated email suggesting that you read their FAQ page. Why bother to have a contact form then?


Amazon is a little better, but not by much. They send you an automated email, but sign it with a real name. I wonder if they just have a program on the other side that cycles through names.


Maybe they just have a Mechanical Turk that pays people pennies to just put a name into a box.


Are you sure you have 2FA on? Do you have a desktop client that could have been compromised? I'd love a follow-up on how your account got flagged if it wasn't compromised.

(Note, I ask because the last time this happened on HN, several people errantly thought they had 2FA turned on when they didn't).

(Some days I wonder if I angered a stalker who downvotes everything I post... or if it's some darker HN sign. Sigh)


Yeah, I have no clue how it got flagged. See my update above.

And yeah, I had 2FA on -- I was challenged appropriately logging in to GMail even, it was post-login where I got the "you're bad" page.


Which planet? Planet Google, of course. You're a tool in their shed, not the other way around.




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: