Another recent concern on other posts here on HN is whether a private company should have veto power over the US government. Or, another way to look at it, whether the US government should be able to designate a company as a supply chain risk and ban them from most business in the host country.
If I squint at the conversation, it doesn't seem that different from a behemoth company taking an employee of a private company and forcing them to still stop working for arbitrary reasons.
I'm giving agents and coding tools wide berth here, but if AI is going to replace all employees, what guarantees do you have as the employer that your employees will do your bidding, and not the bidding of enterprises with a shifting moral landscape?
Once we have tooling wrapped around specific agents, it'll be hard to rehire. What will we do then when our "employees" are furloughed?
This will be especially relevant when the big AI labs decide they need to enter a market to justify an obscene valuation. Or, when the sovereign wealth fund decides they don't like the direction of a business.
This is a good and honorable decision by Google. But it also brings up scary times ahead.
I still kinda wish that the subscriptions would just allow you to use the tokens however you wish.
I get that they rely on people not using all of their quota. But e.g. with open code it doesn't really matter if I use antigravity or gemini-cli the usage should be about the same.
What they are actually trying to force you to do is to pay for the tokens that you don't use in their applications to increase their revenue and/or give their in-house tools an "unfair" advantage. But this is bad for the consumer because it means that there is less competition between coding agents and unless I'm willing to pay per token I have to take one of the model labs agents.
Anticompetitive behaviour imo they could just ban reselling tokens or something like that instead of locking your subscription in like this.
> I get that they rely on people not using all of their quota
They have no problem with users using their quota on their own software. Because they get the signals. They do have a problem with users using the API in 3rd party software, because they don't get the signals.
That's very different from what I'm seeing around me, but yes, I suppose that happens to. And I guess Google wouldn't have as much of an issue with that, right?
Ah, in my spaces (Involved in the proxy dev), most people have been using it for Opus. I suspect they may even have more of an issue with it, as they don't get the cost advantage of serving an in-house model
I don't really understand this reasoning actually:
if OpenClaw usage go up, and a service (OpenAI it looks like) gets lots of usage data for personal assistent usage, they can optimize to make it better for people who get a $200 subscription just because of that use case.
> But e.g. with open code it doesn't really matter if I use antigravity or gemini-cli the usage should be about the same.
This is not at all true. What is prompting this behavior from Google and Anthropic is that people are using their oauth creds/API keys to run OpenClaw bots that use orders of magnitude more tokens than the IDEs. The official clients also can use a lot more prompt caching because they have expected workflows.
And like, if you want to run OpenClaw, they’re not saying you can’t do that: use the API pricing, that’s what it’s for. But people are getting mad that they’re not allowed to roll their pickup truck up to the all-you-can-eat buffet table and fill it.
>I still kinda wish that the subscriptions would just allow you to use the tokens however you wish. I get that they rely on people not using all of their quota. But e.g. with open code it doesn't really matter if I use antigravity or gemini-cli the usage should be about the same.
This is almost as realistic as "I wish netflix or youtube allowed me to use VLC to watch their content".
The easiest way to watch a movie in the player of my choice - even if i have legal access to it because it's in my netflix subscription - is to download it off piratebay.
Add to that Netflix's shitty discovery system, I'm pretty sure I watched some downloaded movies in spite of actually having legal access to them.
Oh, remember when PC games used to come on disks? For the Netflix example I can only guess, but I'm 100% sure I downloaded isos for games I had actually bought and had the physical disc... somewhere.
i don't believe this is a significant driver of piracy tbh, normal people don't care about that kinda thing :P
especially considering most modern movie/tv piracy is free streaming websites - shitty quality and awkward player controls, definitely no choice of player here
I do wish that though. I have given up on streaming services, I am not paying for this bullshit experience. We used to have all the content unlimited on one service for like $10/mo. I can accept prices increasing with inflation but society should not accept such a backslide in service quality.
I would take things somewhat further: I'd be happy to pay the equivalent of $20 2015 dollars for this service if it were comprehensive. Unfortunately, that might allow for a consumer surplus to occur in the viewing experience and the motion picture industry ties with maybe nVidia for peak pathological hostility to retail consumer surplus.
Yea, there are the last to the party (have they even arrived?), so they are going to have to make some concessions. I wonder if they at rollout will have a third-party subscription token service in addition to their first-party one.
Except that is a false equivalent, when you clicked "agree" you did so for their ToS to get a discount or bulk deal with strings attached. It's pretty easy these days to have a LLM extract the unique parts into a summary.
Except you can't prevent people stealing the videos then. And as much as I don't like how things work right now, I think people have a right to get paid for stuff they make and Netflix is one way of doing that.
I think the deal is quite clear: subscription for personal usage in their products, API token for everything else. You get a rebate for subscription because they get the data. I would be quite sad if they removed the subscription option just to not be "anticompetitive".
Nobody is forcing you to pay for tokens you don’t use. If you only want to pay for the tokens you use, switch to api billing and pay for tokens at api rates.
If you want the discounted rates they offer in their monthly plans, then expect to follow the terms that discount is offered under.
I wrote this as a work around to use my subscriptions for claude, chatgpt pro, grok from codex cli but seems like gemini is already broken and will require another approach after this
The danger here is they'll ban you with no specific reason, fill out the form and you get an automatic unban and then something else automatically flags and you're banned the second time permanently.
Support bot will then say "you were warned, read the TOS" and you get to guess what you did wrong.
You'll notice there are no appeals or reviews in this workflow.
Google has no creditability when it comes to handling account bans.
Not crazy, it is just convenient. Constant pushes with Android, Chrome, random websites asking for Google login.
Google wasn't always like this, and moving of from an email address isn't technically hard, but something that 99% of the people will be very very reluctant to do.
Ex googler here. It is based on Google’s fundamental disdain of customers. Googlers are repeatedly told by management that they are the smartest people in the world and that their time is too valuable to spend on silly things like helping customers.
I build AI for banks. A couple of weeks ago, I had a meeting with a Google team on Legacy Modernization using Agentic AI. Let me phrase it this way. None of them were smart. My team and I were shaking our heads at the low skills of the team. While this might have been true 20 years ago, I am sure there are pockets of smart people somewhere. But Google now employs 200K people worldwide. I am certain that it's hard to keep up the quality.
You can't pass the Google hiring screen and be _dumb_. But I'm 100% willing to believe that they had no knowledge of your domain whatsoever, because the Google hiring screen is also totally generic and doesn't hire for any domain knowledge beyond "general comp sci."
Google has zero customer service. using them for anything serious makes no business sense. the only thing that they're good for is serving ads to people, and they have a support team for that, but only if you're spending a lot of money, and even then good luck finding it
Just wanted to say that Windsurf is chugging along just great. No drama for users, excellent outputs at low cost. I am confused why they are not used more widely.
Way too risky to use Google services like this tied to your primary account. There’s too much risk of cross damage. Imagine losing access to your Gmail because some Gemini request flags you as an undesirable. The digital death sentence of losing access to your email with a company that notoriously has no way for the average human to contact a human is not worth the risk.
This wasn't due to some random Gemini request. Users were using sketchy antigravity auth plugins to use their antigravity tokens on things like OpenClaw, clearly against ToS. It's great that Google is giving these users a second chance.
I’ll go further: there should be laws addressing account consolidation. Getting banned from an Apple or Google account is an incredibly wide blast radius. It would be like being banned from buying Unilever or Nestle food from your grocery store.
Email providers should be utilities and also legally require a warrant before disclosing any information whatsoever to the government.
Unfortunately the government is full of corrupt geriatrics who do not understand technology and are paid to continue not understanding technology as they sign bills prepared for them by ALEC.
No Google account has been banned for this. People just keep spreading this lie because no one agrees that they have the right to steal the OAuth token.
It's their OAuth token, it's not being stolen. It's just being copied from one place on their computer to another. This is no different than a competing browser importing your localStorage and cookies from Chrome on first launch.
No, the OAuth token is supposed to be used solely with the context of a first-party app only. Clearly, if you need to extract the key by reverse engineering or set up a proxy to spoof requests to a service, you're doing something shady.
> No, the OAuth token is supposed to be used solely with the context of a first-party app only.
The web doesn't work like that. The operators of google.com saying you must only use Chrome to load it is a ridiculous concept. It's not spoofing to use your own access credentials on your own computer to access your own account on an HTTP API.
Technically speaking, they haven’t been able to. There’s really no way of stopping someone using an alternate client if it appears to the server the same way.
The only reason video game cheating is more difficult is because it uses custom protocols and message types, and it needs to be reverse engineered. Usually it’s just easier to reuse the existing game client and patch it to report to the server that everything is normal.
Most people would agree both that getting rid of cheating is desirable and that the methods of control exerted over users to accomplish it is questionable. It's one of the few freedom/security tradeoffs where people generally agree we have to come down on the side of authoritarian, because otherwise it destroys online gaming as a whole. That scenario doesn't apply here. The world is a complex place.
How do so many people think this happened? All of the articles I’ve read have been clear that it did not happen. Yet it’s all over the comments here. Why?
The concern is not losing access to some new IDE for operating outside the terms of service. The concern is when you lose access to the IDE, you also lose access to your 20 year old Gmail account.
A general problem for Google products is that everything is mixed together.
Yes, our masters once again embarrass us unworthy peons with their endless grace, generosity and forebearance. How lucky we are to entrust our data and our lives to them!
> our masters once again embarrass us unworthy peons with their endless grace
Masters who serve you in exchange for money?
be as sarcastic as you want but you demand a thing they did not agree to provide, for the same money = they have a right not to serve you. If you disagree with that and think they owe you something then you are the one playing master here.
It's easy to sneer at huge corps getting mildly scammed by people stretching or breaking the rules. Certainly I don't shed any tears for these corporations.
On the other hand, I have learned that people who are willing to find exploits with trust-based systems operated by huge corps are very often willing to apply that same cheating and exploitation mentality without regard for who the other party is. These are very often the same people who try to coerce teenage cashiers at locally owned shops to accept expired coupons or combine them in invalid ways, or take produce from a roadside farm stand instead of paying into the honor jar. The mentality of cheating the system seems great when it's against huge inhumane corporations, but from what I've personally seen it rarely stops there, and on the whole it contributes to a low trust society.
Okay but they were paying customers paying $$$ for the service. Banning your customers without prior warning is not right, however sketchy their behaviour might appear. Even if it's obvious to Google that there's a difference between a Gemini API key and an Antigravity API key, it's not necessarily obvious to others.
The correct and sane thing to do is to send them an email, with at most a 24 hour suspension. If they keep doing it despite being warned then by all means fire them.
If a 3rd party product advertises compatibility with a Google service and you use it to login via a first party Google login page, doesn’t the responsibility fall somewhere between the offending product and Google itself? In practice it’s structured pretty much like a phishing attempt.
Notably some model providers explicitly allow that very flow, while others will ban you without notice.
Why do you call it self-hosting? It appears to be installable app with a fancy homepage. At what point does the software being covered by an open license changes the responsibility model?
That's exactly what self hosting is, you install some app on your own computer host(s).
> At what point does the software being covered by an open license changes the responsibility model
When you agree to an open license that says you're liable for anything and not the author of the software.
> THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Telling your users they can't use certain software to access your HTTP API is exactly the same as telling people they can't use certain browsers to load https://google.com.
They were banning people and those people couldn’t even cancel their subscription. That’s a rookie mistake and you expect the same company to have a flawless ban system?
Use a custom domain and don't use google for email.
And if you do use your gmail address just forward it and start to transition to something else. With time everything of importance has been transferred.
Use your own domain to sign up for a paid email service, provided by a company that focuses on email. I use Fastmail, but there are many other options.
Set up forwarding in Gmail to your new address.
Then, whenever you log in to a website or app with your Gmail, take a moment to change it to your new address. In a few weeks, most of your important accounts will be covered. In a few months, almost everything you still actively use will be done.
I did this ~5 years ago and the only thing that still arrives at my Gmail is spam.
You can mitigate/speed the process using your password manager too.
I still use a filter in my email so that if something comes in under my Gmail, it gets a special tag that I can filter on and treat those as a todo list. Rarely happens beyond the occasional Google Meet connection.
For quite some time (approx 8 years) I've used an email forwarding (Blur, but any works) to avoid spam.
This looks like perfect case for change of email, since lot of these accounts can be moved out from Gmail by changing the address that email is forwarded too.
Looks like all this hassle with generating a new email for each service pays for the second time (by ease of changing the main mail), in addition to spam and privacy protection.
You can buy a domain name for like $10 per year; I recommend getting it from porkbun.com.
Cloudflare.com is good too, EXCEPT if you buy your domain from them, you'll be required to use their nameservers until and unless you transfer your domain elsewhere (which you won't be able to do for a while). Though to be fair, their free DNS is good and lots of people use it anyway. It makes email setup slightly more complicated, but it's still doable.
Spaceship.com also has a pretty good reputation, but I think their customer service isn't as good, they're quite new, and they're owned by Namecheap (a bigger domain registrar with a much worse reputation).
Whatever you do, DO NOT buy from GoDaddy. Do not even search for the domain you're considering on GoDaddy. Literally any option is better than GoDaddy.
By far the most reliable TLD options are .com, .net, and .org. These will look relatively trustworthy for email, and the price stays very very stable from year to year. If you don't want to think about it, just get one of these. You can even still find single dictionary word domains for .org or .net relatively easily.
Do not buy any domain marked "premium". This means the owner of the TLD can change the price at renewal as dramatically as they want, for any reason (e.g. if you have a website hosted at that domain that becomes popular). Your $20 per year domain might suddenly become a $300 or $3000 per year domain for no reason but greed, and you wouldn't be able to do anything about it.
Non-premium nTLD's (.club, .horse, .rocks, .theater, etc) can increase quite dramatically in price, BUT the price is required to be set the same for all domains using that nTLD, so they can't target any individual person for having a successful website or whatever. Also, you can pre-buy up to 10 years, which locks in your price for those 10 years. I'd still not recommend them for a primary email, but it's better than buying a "premium" domain. Just be aware that the yearly price might unexpectedly increase in the future.
Some country code TLD's are also good, but for email, probably stay away from the ones that spammers like to use.
___
Anyway, what I actually originally meant to comment about is: if you set up forwarding from gmail and don't check that account regularly anymore, I recommend setting up a gmail filter rule that forwards all your gmail spam to you (their regular forwarding setting leaves it out and just sends it to the gmail spam folder). It's a little annoying to have to re-flag some of the spam as spam in your new email, but gmail has a habit of marking non-spam as spam for me, and if you're not regularly checking that spam folder you can easily miss important email.
Porkbun have started demanding ID verification for registrations, which depending how you feel about current events might make you reconsider having them on your list
> Your $20 per year domain might suddenly become a $300 or $3000 per year domain for no reason but greed, and you wouldn't be able to do anything about it.
I did this but don't forward. Instead, every new email in Gmail I got would prompt me to go update that service's contact info for me.
It probably doesn't matter, but it made me feel a little better because that way Google wouldn't have direct info on to which email/domain I transfered (ignoring other Gmail contacts that start emailing me at my new address(es) ).
> Use your own domain to sign up for a paid email service, provided by a company that focuses on email.
Note you don't need to pay. just use zoho mail or any other free email that lets you bring your own domain. Switch email providers as needed without changing your domain
The trouble with paying is that if you forget to pay, you may lose email. (arguably this is also a problem with domains, generally you should pay some years in advance)
I switched to a password manager (bitwarden) about 7 years ago. I have over 200 accounts (not all of them use my @gmail). it would take me weeks to convert those accounts to a new domain, if the application could even support it.
I will admit, many of the accounts are not needed any more. but the process will still be emotionally boring to filter through that.
> ... it would take me weeks to convert those accounts to a new domain ...
I did the same with about the same amount of accounts and it took me the better part of a Saturday. Even if you were really slow and needed five minutes per account, 200 accounts would still only take about 17 hours.
I don't think that's a lot of effort. You could easily spend that time fixing something around the house or garden, which often might not have nearly as big of an impact on personal agency.
Do you use single email address on your domain or multiple for different purposes? Or do you have one main address and throwaway aliases for the one-time registration purposes? I see that the Fastmail provides a single inbox that can handle multiple addresses and wonder how does it work.
Get your own domain so you can easily change providers in the future. Start with your password manager and change the address on all the accounts you have in there.
After a few years you'll notice you stop bothering to check your Gmail and you can delete it to close the address.
If you need motivation, skim the /r/GMail subreddit and see how many people are getting locked out daily.
Do you have a recommendation for a major email provider as a fallback if you have to pick one?
I vaguely recall encountering a service that only accepted addresses from a whitelist of big providers (Gmail, Yahoo, Outlook, etc.), even @icloud did not qualify.
That's a service that doesn't want your business. If you care, message them about it
I've never once run into a service with such a restriction, but I can imagine someone being that short-sighted. I have seen services that only support "log in with Google or Facebook", which is comparably terrible.
Discogs will not let me login with my own domain (of 30 years) and required one of the big providers. It kept complaining about "risky domain". But that is the only incident I can think of.
It is a top 1000 web site according to Alexa rankings. It would take you about 5 seconds to Google about it. Probably less time than it took you to write your post.
I have heard of that, yeah. It's still busted, but marginally more understandable if they're dealing with a lot of scams. For instance, `.xyz` and some others have bad reputations. I've never seen something that'll reject an arbitrary self-owned `.org`, by way of example.
Although I am increasingly concerned with its longevity since there's a non-zero risk that Proton might shut down SimpleLogin since Proton Pass has its own alias feature.
I just sold a domain I had for 25 years and used for everything including API endpoints, email, authentication, etc. It took a couple weeks to transition myself and my family/friends.
Pretty sure just moving emails would have take a lot less effort. I had the advantage of keeping the domain until I was ready to move, now imagine Google just turned it off one day and what your workload would be. I shudder to think about having to deal with that.
Register your own domain, use a third-party provider to handle actual sending and receiving (I use proton, which makes the setup very easy), forward your Gmail to your personal domain address and as renewals and reminders come in switch your email on services to your personal domain.
After a year or two losing Gmail becomes an inconvenience; after a few more years it is nothing. As everything is now on your own domain name you can switch providers without affecting anything.
That's what I did about 5 years ago and my only regret is not doing it earlier.
Sign up at fastmail.com, set up forwarding, change your "reply-to" address. A year later, you'll have nothing arriving in gmail except marketing cruft.
I moved away from a gmail address that was that old, dating back to the invitation-only days. It had become more spam than not, mostly other people who share my initials not knowing their own email addresses. But the possible devastation you mention was more worrying. It had become too much of a risk for my banking and identity generally to not own my email address.
I got a custom domain. I still host it on google, because I know how impossible it is for small companies to have a reasonable program to deal with insider threats. Because of that, I think only one of the giant companies can realistically provide secure email. And the google app suite is great. Now that I pay for google workspace, there's support and appeals available, and if they ban me anyway, I still control the domain and can regain access to everything.
I have not been able to delete the old address, even after 3 years. There are some things like Google Fi that can only use a non-workplace google account. Very, very rarely, I still get an email that matters on it. But I got to the point where I could stop checking it in about 2 months, and now I look at it about once a week quickly, more out of habit than anything else.
The switch was annoying, but not "hard". It was worth it.
make another mailbox (another provider - migadu, fastmail, proton, whoever) that has IMAP as well. (selfhosting.. is PITA. only if u really need it).
install some standalone mail-client - thunderbird, clawsmail, applemail, or k9 , aqua on android, whatever. Attach both mailboxes into that. Find out how to copy an e-mail from one folder into another.
Folder by folder, select all mails, copy from one mailbox into the other. Will take time.
(Beware, some clients (apple) will fuckup the mail-date, anything older than 5 years becomes 5 years old. or it shows like that. YMMV.)
i have made this multiple times, for 20+ years of mails...
I switched to my own domain ages ago; it only took 2-3 years to stop getting relevant mail to the old one (I put a forwarding rule in place and just used the new one for everything).
Imported all my past mail on day one, forwarding meant I had one inbox only, and I only sent mail from the new domain. A few gentle “please stop using my old address” conversations with family.
It's really not that hard. I switched about 10 years ago. Just every time you log in with your old email, replace it with your new one. Every time you email someone, email them from your new one with a note: "this is my new email". In a few months I had migrated everything to the new email.
I had my Gmail for almost 20 years and made the transition. It's annoying and time consuming but I think well worth it. I bought a domain and host it on iCloud. It's like $3/month for 6 email addresses (you can use it with the family). That includes a little cloud data and other services like hidden email addresses. DNS is handled by Cloudflare for free. Then start moving each service/login to the new email address. Every time you log into something, change the email address. I took the opportunity to update passwords and passkeys too, using Vaultwarden. I was lazy and had used similar passwords for a lot of services. Passwords are all long and unique now.
Now, even if Apple bans me, I can move my host within minutes. I never lose access to my email domain. It's much more professional and I can do catch-all. E.g. netflix@[domain.com]. This way I can see who sells my email address to spammers and block it.
I just migrated to Fastmail (on my domain), it’s fantastic. It works just like Gmail in every way I need, haven’t missed Gmail or Google Calendar one bit. It’s clearly made by people who know Gmail well and understand why it works the way it does. I thought it’d be a huge migration but it was actually boring. Search works, 20 years of emails just magically migrated over. Spam detection is better. Couldn’t be happier!
Accidentally typed gmail.com the other day, it took 4 seconds to load (Fastmail is instant) and when it finished loading there was an ad to try some paid Google service. Felt like a flashback to an abusive ex.
There was a time back when we could get generic LoginWIth OAUTH butons along with the social media roster , allowing one to use whichever provider they wanted.
Current state of OIDC should be pretty much standard across most providers - it put it that devs need too make the push to support alt login providers for preventing vendor lockin in identity like were currently barreling towards in hardware/software.
This has its own risk factors. If your domain renewal lapses due to credit card expiry or something and you fail to notice, it's catastrophic. This is just not realistic advice for the average person.
You can usually purchase 10 years up front. But then you should set a reminder for every 3 years or so to keep topping up, or else you'll forget how to even sign into the registrar.
You're right that having a vanity domain for your primary email address isn't for the faint of heart. There isn't any realistic advice for the average person because it's not for the average person.
yeah exactly have you ever tried to call Google support? it doesn't exist. the only way to contact Google is by posting something on news.ycombinator.com and then hoping that some person who works at that company actually responds to you and logs in somewhere and then changes your access.
> The digital death sentence of losing access to your email
I agree that the digital death sentence is really bad and doubly so seen that many are using single-sign on tied to their Google identity but...
> with a company that notoriously has no way for the average human to contact a human is not worth the risk
There's definitely phone support for paying Google Workspace users: don't tell me there's not, my wife got Google support on the phone more than once and they've been helpful.
And it's not a crazy expensive subscription either.
> Way too risky to use Google services like this tied to your primary account
As a hedge, you can google.com/takeout on a monthly cadence.
At least a few years ago when raspberry pi nodes were cheap, you could set up rClone to sync the `TAKEOUT` folder of your gdrive account locally and then encrypt it and shove it into backblaze. Then set up a monthly reminder to quickly request a takeout and make sure that you choose the "deliver to google drive" option.
Using Gmail as your primary email has become a serious risk. Email was once a distinct thing but Google tying it to your everything-account makes gmail terrible.
What I don’t understand about policy violations is why Google never warns the user before banning. A simple alert or email would reduce so much frustration on the part of users and so much overhead for Google.
ToS change frequently and it’s not really fair to assume the user knows what is and is not correct use of tokens.
Not just Google. This seems to be the default for most tech giants. I was banned on Facebook for an unknown reason, not provided any explanation, and given zero recourse. Had to resort to reaching out to a friend who worked there.
I think from their end, they see a lot more malicious users (e.g. spam accounts) that it's not worth providing a gentle warning before a ban. There might've been thousands more accounts created for Chinese companies for distillation[0], that Google didn't think of/weren't able to initially distinguish genuine user accounts just using a third party tool on their Antigravity token.
Like in a similar vein, Instagram sometimes randomly bans genuine users without appeal, probably because they deal with thousands more spam accounts that don't deserve a warning/appeals process.
This is where mechanisms like ZKP + CBA built from a government ID will allow the company to distinguish, even through third parties, all without exposing actual identity.
It is very easy to understand -- Google loses nothing by acting this way. They despise these users (and users in general by not providing any meaningful customer service), so it's natural they just cut off access completely.
If you think about how people's entire Google accounts are getting banned without apparently violating any terms without the ability to talk to someone or appeal, this feels almost nothing.
All this whole thing did is ensure I never, ever use any google AI service. The fact that they didn't instantly comprehend what a total account ban means when they've got people with 20+ years worth of personal data in those accounts is incredibly concerning.
Yes, but next time this might be different. Who knows, there are no rules. You ask Gemini about creating a new search engine which might compete with Google: is it fine? Is it a permaban of all your Google services? Let's put it on red and go for it!
I see a lot of comments in googles defense, part of me wonders whats the split between google employees(even so people in teams related to these products) and normies who ignore the true underlying issue here…
Google consistently fails to provide a process to deal with user issues.
You donot see many reports of these at Amazon, Microsoft, Apple, and many more providers. Though Meta learns from google I think.
cool. now do something about the hundreds/thousands of people getting rate limited on Antigravity even after upgrading their plans, even on their $250 /month plan.
Complete risk to use google products like this with your real account. My youtube is still banned over uploading two clips of Dexter's Laboratory over 15 years ago.
Today I could have uploaded them fine, and let whoever owns the cartoon make money I was just a fan of the show.
this is the long-standing problem with using Google services. either they become deprecated and removed without notification, or they outright ban you for using tools as intended. either way, using Google tools for anything doesn't make business sense to anybody who's seen the history of this.
It’s interesting that with both Anthropic and Google we’re seeing them develop agentic models that are supposed to do anything a human can do on computers without human intervention, but at the same time, if you plug one program into another of their programs or APIs in a way that wasn’t preapproved you may be blocked or banned.
To be charitable, maybe they’re expecting AI agents to eventually start reading the ToS docs
> Using third-party software, tools, or services to harvest or piggyback on Gemini CLI's OAuth authentication to access our backend services is a direct violation of Gemini CLI’s applicable terms and policies.
It's been 2 months since these bans have started, first Anthropic, then Google. And their wording is still so confusing that I can't get a simple answer to a simple question:
Is piggybacking on headless 'gemini-cli -p' or 'claude -p' a TOS violation? Because there's really no reason why you can't do exactly what these tools did that caused these two companies to start giving out bans.
Unless you're in for a very specific configuration of models for some niche concern, CLIs give you nearly exact same access to the backend that snatching an OAuth token from them does. They give you JSONL for stdin, JSONL for stdout, and if you spin up a local proxy, you even get the same exact API contract in responses that you get from public APIs.
In fact, I already built a small tool for myself that does exactly that, to allow usage of alternative harnesses I prefer. Once I release it to the public, will -p be banned too?
I think the issue is people are using tools in an automated fashion and running up a compute bill for free when they were only meant to be used by humans in a more limited capacity (for companies to gather data on how to improve their products for humans). I think the correct way to use these models in an automated fashion is via the APIs and even then they might also worry about things like abuse/distillation type attacks still if the volume is too high. I think the lack of transparency might actually be by design so that people abusing their services don't figure out what triggers them losing their accounts. I could be wrong of course, this is just speculation on my part.
>Unless previously approved, Anthropic does not allow third party developers to offer claude.ai login or rate limits for their products, including agents built on the Claude Agent SDK. Please use the API key authentication methods described in this document instead.
Yes, I have. And it's obvious that restriction was put there for a reason. The most obvious possible reason is that snatching OAuth made it possible for third party tools to utilize subscription to the fullest - like OpenClaw.
But these tools, including openclaw, didn't have to snatch the OAuth tokens, they could have used claude code built in headless stdio and consequences for Anthropic would be exactly the same. OAuth was just faster to plug in.
So if I open source my solution that allows opencode & openclaw to go through claude cli's headless mode, is this allowed? Is this a product that allows claude.ai login?
What if I open source a 1 line bash loop (e.g. ralph loop) that does the same?
What if I build a more complex bash loop that goes through my tasks in a text file, and calls claude cli for each?
I don't know at which point this becomes "offering claude.ai login" or a "product", or "building agents".
Before I use time responding, I want to ask again: Did you actually read the website, especially the "Compare the Agent SDK to other Claude tools" section? It answers your question pretty thoroughly.
For the second time, yes. And it's still not clear at what point does a wrapper around claude cli running in headless mode become a 'product' that is going to get my account banned.
My guess is, and others have said this as well in the thread: "when you start utilizing your weekly quotas fully".
But obviously, they can't put "you can't use your weekly allocated quota fully". That would be way too honest and we can't accept that.
No, the link clearly says that if you are not using the harness provided by Claude for the Agent SDK (such as for making tool calls), you have to use the Client SDK. So attempting to prompt the Agent SDK with a third-party app so that the third-party app can then call a tool with the output is not allowed in the Agent SDK. You have to use the Client SDK (API).It even gives an example in the section I asked you to read, which is why I am seriously doubting whether or not you read it.
> the link clearly says that if you are not using the harness provided by Claude for the Agent SDK (such as for making tool calls), you have to use the Client SDK
But you just made this up? There's no text on the page that says this. What the linked page does is explain technical differences between Agent SDK and Client SDK, and Agent SDK and cli (Agent SDK is just a wrapper around cli anyway).
Neither tab says anything remotely like "if a third-party app prompts the Agent SDK and uses the output for tool calls, that's not allowed." You entirely fabricated this from the comparisons.
And your assumption is wrong on another level. The Agent SDK specifically exists so that you can write your own harness and give it custom tools - that's its entire purpose. It's even documented in their custom tools guide [1]. So not only "using a third-party harness with the Agent SDK" isn't forbidden, it's the product's primary use case. There's no such thing as "harness provided by claude for the agent SDK" - you bring the harness.
The only policy statement on that page is this:
> Unless previously approved, Anthropic does not allow third party developers to offer claude.ai login or rate limits for their products..
But I've already addressed this, so it seems we're going in circles.
>And your assumption is wrong on another level. The Agent SDK specifically exists so that you can write your own harness and give it custom tools - that's its entire purpose. It's even documented in their custom tools guide [1].
Yea, you don't seem to even understand what you are writing. This in no way contradicts any statement I or Anthopic has said.
>Neither tab says anything remotely like "if a third-party app prompts the Agent SDK and uses the output for tool calls, that's not allowed." You entirely fabricated this from the comparisons.
>The Anthropic Client SDK gives you direct API access: you send prompts and implement tool execution yourself. The Agent SDK gives you Claude with built-in tool execution.
>With the Client SDK, you implement a tool loop. With the Agent SDK, Claude handles it:
Python
# Client SDK: You implement the tool loop
response = client.messages.create(...)
while response.stop_reason == "tool_use":
result = your_tool_executor(response.tool_use)
response = client.messages.create(tool_result=result, \*params)
# Agent SDK: Claude handles tools autonomously
async for message in query(prompt="Fix the bug in auth.py"):
print(message)
At this point, it's clear that you either have questionable reading comprehension skills, are being willfully ignorant, or are arguing in bad faith because it even says that tool calls outside of the Agent SDK harness has to use the Client SDK as the comments to the code used in the examples.
> At this point, it's clear that you either have questionable reading comprehension skills, are being willfully ignorant, or are arguing in bad faith
As an onlooker to this exchange, perhaps things aren't as clear as you're making out. After reading what you wrote I remain unclear. What precise actions with headless mode risk getting me banned?
Is the idea that you are only ever permitted to feed the Agent SDK human generated prompts? That so long as the text you feed into it is 100% human generated you can use your entire quota and won't be banned? To be clear, you could take the output and make a tool call and present that to a human, and the human could go on to make further prompts, but feeding the result of the tool call (which you presented to the human) back into the context is forbidden? Am I on the right track here?
They just want people to pay more via API. Technically, your example would violate ToS, because the purpose matters. Like a license file may allow personal use and prohibit commercial use (unless you obtain a commercial license).
Also because normal usage has predictable usage patterns, which allows them to optimise and predict costs. Flat rate pricing only makes sense in that regime.
problem is google's security concerns. when people connect gmail to openclaw, google flags the activity as weird and suspend the account because of unusual activity. Many whose accounts got locked because of this and they thought it was because they connected it to antigravity use against the policy (which happened in some cases). We will still see google account suspensions, and that would keep making news. and it wont be because of antigravity usage.
The problem is that Google treats its customers as college kids who can be banned from a college maker lab for using too much 3D filament rather than entrepreneurs who are trusting their livelyhood to a service provider that promises to be reliable. If War Department uses too many Gemini tokens, do they cut them off, make them go through recertification process and permaban the next time around?
Which means that anyone serious about AI and not going local route should be using a provider with better reputation. I don't know if Alibaba, Z.ai or moonshots AI are also known for hair trigger responses, could be decent options for coding AI otherwise? If not, time to look for smaller providers with good reputation?
The Gemini-CLI situation is poor. They did not communicate that AI Pro or AI Ultra accounts cannot be used with this API broadly earlier. I specifically remember searching for this info. Seeing this made me wonder if I had missed it. Turns out it was added to the TOS 2 days ago - diff
https://github.com/google-gemini/gemini-cli/pull/20488/chang.... I'd be happy to stand corrected here.
Anti Gravity I understand, they are subsidizing to promote a general IDE, but I dont understand constraining the generative AI backend that Gemini CLI hits.
It takes your query, computes the complexity of the request, and tries to route it to the appropriate model. There is a /manual command i think, to pick the right model.
They mask the 429s well in Gemini-Cli - if an endpoint is rate limited, they try another, or route to another model, etc to keep service availability up.
Your experience on the 429s is consistent with mine - the 429s is the first thing they need to fix. Fix that and they have a solid model at a good price point.
I use my own coding agent (https://github.com/hsaliak/std_slop) and not being able to bring my (now cancelled) AI account with Google to it is a bummer.
I'd still use it with the Code Assist Standard license if the google cloud API subscription allows for it but I have no clarification.
> It takes your query, computes the complexity of the request, and tries to route it to the appropriate model. There is a /manual command i think, to pick the right model.
That is what is should do, but there is no > 2.5 model shown in /model and it always picks a 2.5 model. Ive enabled preview models in the google cloud project as well.
If I pass the 3 model in start param it shows 3 in the lower right corner but it is still using 2.5.
I know google has issues dealing with paying customers but the current state is a shit show. If you go to the gemini-cli repo its a deluge of issues and ai slop. It seems there is a cadre of people jumping to be the first person to pump an issue into claude and get some sort of PR clout.
It might be good but it needs more time to cook, or they need to take a step back and evaluate what they should consider a paid product.
> to address violations of the Antigravity Terms of Service (ToS), specifically the use of 3rd party tools or proxies to access Antigravity resources and quotas
Translation: Google doesn’t want you using Gemini oauth with openclaw
I am sick and tired of companies forcing a shitty fork of vscode down my throat. If I am paying let me use your api how I wish to. Most people aren’t malicious and just want to use their own workflow.
What’s my remedy when Google’s product (Gemini 3.1 pro high) makes a “grave” mistake? This is unrelated to the bans that’s been happening recently, but wanted to share …
This morning I asked Gemini to “save” its output to a local file. However it did more than that … it committed the file (along with several unrelated staged changes that was not ready to be committed) and even pushed the changes to GitHub. I’ve never asked any model to commit, let alone push… I’m not impressed; actually a bit disappointed that it would do this without any warning up front. This happened in Antigravity.
The deeper issue here isn't about Antigravity specifically. It's that email is most people's de facto digital identity. Every password reset, every 2FA recovery, every account verification flows through it. When a company can revoke access to your email over a ToS violation in a completely unrelated product, the stakes are disproportionate.
The fix is surprisingly straightforward: own your domain, use a provider that focuses on email, and keep your client separate from your provider. Standard IMAP means all three pieces are interchangeable. If one fails, swap it out.
(I work on Marco [0], an IMAP email client. The number of people looking to decouple from Gmail/Google has been growing steadily, definitely a current trend.)
In my mind Google is the one AI provider which is more or less guaranteed to make it past the next 2-5 years. Maybe anthropic and openai can be profitable with current model. But they'll never get to stop investing in next model while Google is there with infinite money.
So either scaling stops hard here pretty soon so that spending can stabilize or else the investors are going to be showing up asking for several pounds of flesh.
Suddenly 'dont get left behind, this is the worst these models will ever be' sounds a lot more like 'get locked in with a hyper giant that'll destroy your livelihood and not notice'.
Although who knows, maybe local models will be a thing (however when your dev team gets banned with no explanation and the next milestone is coming up somehow I don't expect that transition to go sufficiently quick).
cogman10 | a day ago
iepathos | a day ago
xrd | a day ago
If I squint at the conversation, it doesn't seem that different from a behemoth company taking an employee of a private company and forcing them to still stop working for arbitrary reasons.
I'm giving agents and coding tools wide berth here, but if AI is going to replace all employees, what guarantees do you have as the employer that your employees will do your bidding, and not the bidding of enterprises with a shifting moral landscape?
Once we have tooling wrapped around specific agents, it'll be hard to rehire. What will we do then when our "employees" are furloughed?
This will be especially relevant when the big AI labs decide they need to enter a market to justify an obscene valuation. Or, when the sovereign wealth fund decides they don't like the direction of a business.
This is a good and honorable decision by Google. But it also brings up scary times ahead.
jascha_eng | a day ago
What they are actually trying to force you to do is to pay for the tokens that you don't use in their applications to increase their revenue and/or give their in-house tools an "unfair" advantage. But this is bad for the consumer because it means that there is less competition between coding agents and unless I'm willing to pay per token I have to take one of the model labs agents.
Anticompetitive behaviour imo they could just ban reselling tokens or something like that instead of locking your subscription in like this.
NitpickLawyer | a day ago
They have no problem with users using their quota on their own software. Because they get the signals. They do have a problem with users using the API in 3rd party software, because they don't get the signals.
falcor84 | a day ago
theblazehen | a day ago
falcor84 | a day ago
theblazehen | a day ago
xiphias2 | a day ago
if OpenClaw usage go up, and a service (OpenAI it looks like) gets lots of usage data for personal assistent usage, they can optimize to make it better for people who get a $200 subscription just because of that use case.
smashah | a day ago
Analemma_ | a day ago
This is not at all true. What is prompting this behavior from Google and Anthropic is that people are using their oauth creds/API keys to run OpenClaw bots that use orders of magnitude more tokens than the IDEs. The official clients also can use a lot more prompt caching because they have expected workflows.
And like, if you want to run OpenClaw, they’re not saying you can’t do that: use the API pricing, that’s what it’s for. But people are getting mad that they’re not allowed to roll their pickup truck up to the all-you-can-eat buffet table and fill it.
gruez | a day ago
This is almost as realistic as "I wish netflix or youtube allowed me to use VLC to watch their content".
nottorp | a day ago
The easiest way to watch a movie in the player of my choice - even if i have legal access to it because it's in my netflix subscription - is to download it off piratebay.
Add to that Netflix's shitty discovery system, I'm pretty sure I watched some downloaded movies in spite of actually having legal access to them.
Oh, remember when PC games used to come on disks? For the Netflix example I can only guess, but I'm 100% sure I downloaded isos for games I had actually bought and had the physical disc... somewhere.
throawayonthe | a day ago
especially considering most modern movie/tv piracy is free streaming websites - shitty quality and awkward player controls, definitely no choice of player here
plagiarist | a day ago
ShroudedNight | 22 hours ago
raincole | a day ago
Oh, except they do[0].
[0]: https://x.com/thsottiaux/status/2009742187484065881
NewsaHackO | a day ago
raincole | a day ago
Anecdotally, I'm having a very hard time imagining there are more Gemini Cli users than Codex users.
joshstrange | 9 hours ago
That said, I am unimpressed by Gemini CLI overall and even though I have 2 workspace accounts with access, I use neither.
smashah | a day ago
Think of it like the digital right-to-repair.
I pay for it, I get to use it with any client I want. Simple.
verdverm | 20 hours ago
cyberax | 22 hours ago
This is exactly what should be happening. There's no reason to limit the client apps for things like _paid_ Netflix or Youtube Premium.
hahn-kev | 16 hours ago
bluecalm | a day ago
notatoad | 18 hours ago
If you want the discounted rates they offer in their monthly plans, then expect to follow the terms that discount is offered under.
agentifysh | 14 hours ago
https://github.com/agentify-sh/desktop
cube00 | a day ago
A week? Try at least 16 days
https://discuss.ai.google.dev/t/account-restricted-without-w...
The danger here is they'll ban you with no specific reason, fill out the form and you get an automatic unban and then something else automatically flags and you're banned the second time permanently.
Support bot will then say "you were warned, read the TOS" and you get to guess what you did wrong.
You'll notice there are no appeals or reviews in this workflow.
Google has no creditability when it comes to handling account bans.
clickety_clack | a day ago
elAhmo | a day ago
Google wasn't always like this, and moving of from an email address isn't technically hard, but something that 99% of the people will be very very reluctant to do.
oofbey | a day ago
ph4rsikal | 17 hours ago
oofbey | 15 hours ago
charcircuit | 15 hours ago
StilesCrisis | 8 hours ago
jijji | a day ago
consumer451 | a day ago
johnebgd | a day ago
WarmWash | a day ago
TiredOfLife | 12 hours ago
koolba | a day ago
gman83 | a day ago
johnebgd | a day ago
dangus | a day ago
plagiarist | a day ago
Unfortunately the government is full of corrupt geriatrics who do not understand technology and are paid to continue not understanding technology as they sign bills prepared for them by ALEC.
LiamPowell | a day ago
That's exactly what they did, plus Gemini CLI and Code Assist, which are the same product in different formats.
TGower | a day ago
NewsaHackO | a day ago
sneak | a day ago
NewsaHackO | a day ago
sneak | a day ago
The web doesn't work like that. The operators of google.com saying you must only use Chrome to load it is a ridiculous concept. It's not spoofing to use your own access credentials on your own computer to access your own account on an HTTP API.
NewsaHackO | a day ago
I have no idea what you are talking about. Chrome? Are you sure you are replying to the right thread?
sneak | 12 hours ago
Antigravity and OpenClaw are HTTP clients that access webservers at specified addresses.
squeaky-clean | 21 hours ago
sneak | 13 hours ago
The only reason video game cheating is more difficult is because it uses custom protocols and message types, and it needs to be reverse engineered. Usually it’s just easier to reuse the existing game client and patch it to report to the server that everything is normal.
It’s why anticheat runs in the kernel now.
DangitBobby | 7 hours ago
DangitBobby | 7 hours ago
joquarky | a day ago
Aurornis | 15 hours ago
DangitBobby | 7 hours ago
crawshaw | a day ago
A general problem for Google products is that everything is mixed together.
BoredPositron | a day ago
amiga386 | a day ago
WarmWash | a day ago
Its not evil of Google to say "Here is an allotment of steeply discounted tokens, but you can only use them with our services."
fooker | a day ago
ZekeSulastin | a day ago
WarmWash | a day ago
joquarky | a day ago
fooker | 22 hours ago
Could be true, but a somewhat depressing worldview.
squeaky-clean | 21 hours ago
Aurornis | 15 hours ago
GaryBluto | a day ago
"Google Shuts Down Gmail For Two Hours To Show Its Immense Power"
throwaway290 | 17 hours ago
Masters who serve you in exchange for money?
be as sarcastic as you want but you demand a thing they did not agree to provide, for the same money = they have a right not to serve you. If you disagree with that and think they owe you something then you are the one playing master here.
mikkupikku | 10 hours ago
On the other hand, I have learned that people who are willing to find exploits with trust-based systems operated by huge corps are very often willing to apply that same cheating and exploitation mentality without regard for who the other party is. These are very often the same people who try to coerce teenage cashiers at locally owned shops to accept expired coupons or combine them in invalid ways, or take produce from a roadside farm stand instead of paying into the honor jar. The mentality of cheating the system seems great when it's against huge inhumane corporations, but from what I've personally seen it rarely stops there, and on the whole it contributes to a low trust society.
zarzavat | a day ago
The correct and sane thing to do is to send them an email, with at most a 24 hour suspension. If they keep doing it despite being warned then by all means fire them.
exitb | a day ago
Notably some model providers explicitly allow that very flow, while others will ban you without notice.
n8m8 | a day ago
exitb | a day ago
squeaky-clean | 21 hours ago
> At what point does the software being covered by an open license changes the responsibility model
When you agree to an open license that says you're liable for anything and not the author of the software.
> THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
NicuCalcea | a day ago
sowbug | 22 hours ago
jamesnorden | a day ago
I hope this is sarcasm. A permaban as the first action is never a good idea.
982307932084 | a day ago
sneak | a day ago
theturtletalks | a day ago
HardCodedBias | a day ago
However many stories appeared where people tried to claim that their whole Google account was banned to gain traction.
Unless it is clear that a full Google account has been banned we should push back on any story that claims this.
nottorp | a day ago
By now they lost any trace of goodwill they ever had and are guilty until proven innocent.
tjoff | a day ago
And if you do use your gmail address just forward it and start to transition to something else. With time everything of importance has been transferred.
aliljet | a day ago
calcifer | a day ago
Set up forwarding in Gmail to your new address.
Then, whenever you log in to a website or app with your Gmail, take a moment to change it to your new address. In a few weeks, most of your important accounts will be covered. In a few months, almost everything you still actively use will be done.
I did this ~5 years ago and the only thing that still arrives at my Gmail is spam.
genxy | a day ago
Making a new local account on your machine is a good first step.
caseysoftware | a day ago
You can mitigate/speed the process using your password manager too.
I still use a filter in my email so that if something comes in under my Gmail, it gets a special tag that I can filter on and treat those as a todo list. Rarely happens beyond the occasional Google Meet connection.
wafflemaker | a day ago
This looks like perfect case for change of email, since lot of these accounts can be moved out from Gmail by changing the address that email is forwarded too.
Looks like all this hassle with generating a new email for each service pays for the second time (by ease of changing the main mail), in addition to spam and privacy protection.
hogwasher | a day ago
You can buy a domain name for like $10 per year; I recommend getting it from porkbun.com.
Cloudflare.com is good too, EXCEPT if you buy your domain from them, you'll be required to use their nameservers until and unless you transfer your domain elsewhere (which you won't be able to do for a while). Though to be fair, their free DNS is good and lots of people use it anyway. It makes email setup slightly more complicated, but it's still doable.
Spaceship.com also has a pretty good reputation, but I think their customer service isn't as good, they're quite new, and they're owned by Namecheap (a bigger domain registrar with a much worse reputation).
Whatever you do, DO NOT buy from GoDaddy. Do not even search for the domain you're considering on GoDaddy. Literally any option is better than GoDaddy.
By far the most reliable TLD options are .com, .net, and .org. These will look relatively trustworthy for email, and the price stays very very stable from year to year. If you don't want to think about it, just get one of these. You can even still find single dictionary word domains for .org or .net relatively easily.
Do not buy any domain marked "premium". This means the owner of the TLD can change the price at renewal as dramatically as they want, for any reason (e.g. if you have a website hosted at that domain that becomes popular). Your $20 per year domain might suddenly become a $300 or $3000 per year domain for no reason but greed, and you wouldn't be able to do anything about it.
Non-premium nTLD's (.club, .horse, .rocks, .theater, etc) can increase quite dramatically in price, BUT the price is required to be set the same for all domains using that nTLD, so they can't target any individual person for having a successful website or whatever. Also, you can pre-buy up to 10 years, which locks in your price for those 10 years. I'd still not recommend them for a primary email, but it's better than buying a "premium" domain. Just be aware that the yearly price might unexpectedly increase in the future.
Some country code TLD's are also good, but for email, probably stay away from the ones that spammers like to use.
___
Anyway, what I actually originally meant to comment about is: if you set up forwarding from gmail and don't check that account regularly anymore, I recommend setting up a gmail filter rule that forwards all your gmail spam to you (their regular forwarding setting leaves it out and just sends it to the gmail spam folder). It's a little annoying to have to re-flag some of the spam as spam in your new email, but gmail has a habit of marking non-spam as spam for me, and if you're not regularly checking that spam folder you can easily miss important email.
dwedge | a day ago
ZeWaka | 18 hours ago
Sophira | 22 hours ago
Seconding this. Tthis is exactly what happened with the .sexy TLD: https://www.reddit.com/r/Domaining/comments/uia8pc/sexy_tlds...
hellojesus | a day ago
It probably doesn't matter, but it made me feel a little better because that way Google wouldn't have direct info on to which email/domain I transfered (ignoring other Gmail contacts that start emailing me at my new address(es) ).
nextaccountic | 18 hours ago
Note you don't need to pay. just use zoho mail or any other free email that lets you bring your own domain. Switch email providers as needed without changing your domain
The trouble with paying is that if you forget to pay, you may lose email. (arguably this is also a problem with domains, generally you should pay some years in advance)
mulmen | 18 hours ago
hboon | 16 hours ago
nextaccountic | 3 hours ago
itake | 11 hours ago
I will admit, many of the accounts are not needed any more. but the process will still be emotionally boring to filter through that.
fwn | 10 hours ago
I did the same with about the same amount of accounts and it took me the better part of a Saturday. Even if you were really slow and needed five minutes per account, 200 accounts would still only take about 17 hours.
I don't think that's a lot of effort. You could easily spend that time fixing something around the house or garden, which often might not have nearly as big of an impact on personal agency.
victorbjorklund | 8 hours ago
jllyhill | 8 hours ago
cube00 | a day ago
After a few years you'll notice you stop bothering to check your Gmail and you can delete it to close the address.
If you need motivation, skim the /r/GMail subreddit and see how many people are getting locked out daily.
8cvor6j844qw_d6 | a day ago
I vaguely recall encountering a service that only accepted addresses from a whitelist of big providers (Gmail, Yahoo, Outlook, etc.), even @icloud did not qualify.
JoshTriplett | a day ago
I've never once run into a service with such a restriction, but I can imagine someone being that short-sighted. I have seen services that only support "log in with Google or Facebook", which is comparably terrible.
genxy | a day ago
CamperBob2 | a day ago
Who? Never heard of them, and it sounds like there's a good reason for that.
throwaway2037 | 22 hours ago
CamperBob2 | 15 hours ago
sir0010010 | a day ago
JoshTriplett | 23 hours ago
8cvor6j844qw_d6 | a day ago
What's the playbook for migrating away in this situation?
cube00 | a day ago
Hikikomori | a day ago
I switched to fastmail with my own domain.
8cvor6j844qw_d6 | a day ago
Although I am increasingly concerned with its longevity since there's a non-zero risk that Proton might shut down SimpleLogin since Proton Pass has its own alias feature.
ikidd | a day ago
Pretty sure just moving emails would have take a lot less effort. I had the advantage of keeping the domain until I was ready to move, now imagine Google just turned it off one day and what your workload would be. I shudder to think about having to deal with that.
gmerc | a day ago
Xevion | a day ago
rhdunn | 13 hours ago
ptero | a day ago
After a year or two losing Gmail becomes an inconvenience; after a few more years it is nothing. As everything is now on your own domain name you can switch providers without affecting anything.
That's what I did about 5 years ago and my only regret is not doing it earlier.
ok_dad | a day ago
ForHackernews | a day ago
simonjgreen | a day ago
benhurmarcel | a day ago
bhuga | a day ago
I got a custom domain. I still host it on google, because I know how impossible it is for small companies to have a reasonable program to deal with insider threats. Because of that, I think only one of the giant companies can realistically provide secure email. And the google app suite is great. Now that I pay for google workspace, there's support and appeals available, and if they ban me anyway, I still control the domain and can regain access to everything.
I have not been able to delete the old address, even after 3 years. There are some things like Google Fi that can only use a non-workplace google account. Very, very rarely, I still get an email that matters on it. But I got to the point where I could stop checking it in about 2 months, and now I look at it about once a week quickly, more out of habit than anything else.
The switch was annoying, but not "hard". It was worth it.
svilen_dobrev | a day ago
make another mailbox (another provider - migadu, fastmail, proton, whoever) that has IMAP as well. (selfhosting.. is PITA. only if u really need it).
install some standalone mail-client - thunderbird, clawsmail, applemail, or k9 , aqua on android, whatever. Attach both mailboxes into that. Find out how to copy an e-mail from one folder into another.
Folder by folder, select all mails, copy from one mailbox into the other. Will take time.
(Beware, some clients (apple) will fuckup the mail-date, anything older than 5 years becomes 5 years old. or it shows like that. YMMV.)
i have made this multiple times, for 20+ years of mails...
danielheath | 23 hours ago
Imported all my past mail on day one, forwarding meant I had one inbox only, and I only sent mail from the new domain. A few gentle “please stop using my old address” conversations with family.
teyopi | 20 hours ago
create icloud account.
use their custom domain email setup (free btw) - https://support.apple.com/en-us/102540
Start replacing important account emails with your custom domain.
Every time you get an important email in gmail, login and update.
Bonus: icloud let's you create catch all emails, so you can create many burner emails such as hackernews@mydomain.com
eviks | 7 hours ago
> When you subscribe to iCloud+, you can use a custom domain name
andrepd | 19 hours ago
nextaccountic | 19 hours ago
Gareth321 | 12 hours ago
Now, even if Apple bans me, I can move my host within minutes. I never lose access to my email domain. It's much more professional and I can do catch-all. E.g. netflix@[domain.com]. This way I can see who sells my email address to spammers and block it.
akhilchaturvedi | 12 hours ago
cadamsdotcom | 9 hours ago
Accidentally typed gmail.com the other day, it took 4 seconds to load (Fastmail is instant) and when it finished loading there was an ad to try some paid Google service. Felt like a flashback to an abusive ex.
rzerowan | a day ago
Current state of OIDC should be pretty much standard across most providers - it put it that devs need too make the push to support alt login providers for preventing vendor lockin in identity like were currently barreling towards in hardware/software.
bilalq | 22 hours ago
cyberax | 22 hours ago
Sure, you'll likely miss some emails, but otherwise it's safe.
sowbug | 22 hours ago
You're right that having a vanity domain for your primary email address isn't for the faint of heart. There isn't any realistic advice for the average person because it's not for the average person.
jijji | a day ago
jauntywundrkind | a day ago
If people lost access to their whole accounts that would be a major crisis for Google users. But it doesn't seem that that was actually the case.
This doesn't make it super clear, but, the submission from a week ago when bans got handed out: https://news.ycombinator.com/item?id=47115805
TacticalCoder | a day ago
I agree that the digital death sentence is really bad and doubly so seen that many are using single-sign on tied to their Google identity but...
> with a company that notoriously has no way for the average human to contact a human is not worth the risk
There's definitely phone support for paying Google Workspace users: don't tell me there's not, my wife got Google support on the phone more than once and they've been helpful.
And it's not a crazy expensive subscription either.
ithkuil | a day ago
stavros | a day ago
Hasnep | 20 hours ago
rootnod3 | a day ago
aprentic | a day ago
I'm the customer, not the product.
baby_souffle | a day ago
As a hedge, you can google.com/takeout on a monthly cadence.
At least a few years ago when raspberry pi nodes were cheap, you could set up rClone to sync the `TAKEOUT` folder of your gdrive account locally and then encrypt it and shove it into backblaze. Then set up a monthly reminder to quickly request a takeout and make sure that you choose the "deliver to google drive" option.
joe_the_user | 23 hours ago
wnevets | 20 hours ago
I would also avoid using the same credit card between accounts. I used a Venmo card for my chrome extension account as an extra layer of separation.
fsalbrechter | a day ago
Thorrez | a day ago
> bans for Antigravity usage also blocked access to Gemini CLI and Gemini Code Assist.
Disclosure: I work at Google, but not on anything related to this.
[OP] RyanShook | a day ago
ToS change frequently and it’s not really fair to assume the user knows what is and is not correct use of tokens.
solfox | a day ago
sheept | a day ago
Like in a similar vein, Instagram sometimes randomly bans genuine users without appeal, probably because they deal with thousands more spam accounts that don't deserve a warning/appeals process.
[0] Like as Anthropic reported: https://www.anthropic.com/news/detecting-and-preventing-dist...
verdverm | 20 hours ago
g947o | 5 hours ago
If you think about how people's entire Google accounts are getting banned without apparently violating any terms without the ability to talk to someone or appeal, this feels almost nothing.
MiscIdeaMaker99 | a day ago
gozzoo | a day ago
oofbey | a day ago
pocksuppet | a day ago
oofbey | a day ago
esskay | a day ago
squeaky-clean | 20 hours ago
notrealyme123 | 11 hours ago
DangitBobby | 7 hours ago
narmiouh | a day ago
Google consistently fails to provide a process to deal with user issues. You donot see many reports of these at Amazon, Microsoft, Apple, and many more providers. Though Meta learns from google I think.
cube00 | a day ago
TacticalCoder | a day ago
Yes but as we're talking about Microsoft, these cases are probably explained by incompetence.
marcd35 | a day ago
https://discuss.ai.google.dev/c/antigravity/64
sergiotapia | a day ago
Today I could have uploaded them fine, and let whoever owns the cartoon make money I was just a fan of the show.
jijji | a day ago
writeslowly | a day ago
To be charitable, maybe they’re expecting AI agents to eventually start reading the ToS docs
sidewndr46 | a day ago
gck1 | a day ago
It's been 2 months since these bans have started, first Anthropic, then Google. And their wording is still so confusing that I can't get a simple answer to a simple question:
Is piggybacking on headless 'gemini-cli -p' or 'claude -p' a TOS violation? Because there's really no reason why you can't do exactly what these tools did that caused these two companies to start giving out bans.
Unless you're in for a very specific configuration of models for some niche concern, CLIs give you nearly exact same access to the backend that snatching an OAuth token from them does. They give you JSONL for stdin, JSONL for stdout, and if you spin up a local proxy, you even get the same exact API contract in responses that you get from public APIs.
In fact, I already built a small tool for myself that does exactly that, to allow usage of alternative harnesses I prefer. Once I release it to the public, will -p be banned too?
blainm | a day ago
gck1 | a day ago
But that's the sole reason why all of the tools have headless modes. Headless mode is textbook definition of supporting automation.
From gemini docs: [1]
> Headless mode allows you to run Gemini CLI programmatically from command line scripts and automation tools without any interactive UI.
And claude code:
> Use the Agent SDK to run Claude Code programmatically from the CLI, Python, or TypeScript
Why does headless mode exist if using it is a bannable offense?
[1] https://google-gemini.github.io/gemini-cli/docs/cli/headless...
[2] https://code.claude.com/docs/en/headless
szmarczak | a day ago
squeaky-clean | 20 hours ago
gck1 | 12 hours ago
But my question is regarding gemini-cli where lines get blurry.
NewsaHackO | a day ago
>Unless previously approved, Anthropic does not allow third party developers to offer claude.ai login or rate limits for their products, including agents built on the Claude Agent SDK. Please use the API key authentication methods described in this document instead.
Seems clear-cut to me.
gck1 | a day ago
But these tools, including openclaw, didn't have to snatch the OAuth tokens, they could have used claude code built in headless stdio and consequences for Anthropic would be exactly the same. OAuth was just faster to plug in.
So if I open source my solution that allows opencode & openclaw to go through claude cli's headless mode, is this allowed? Is this a product that allows claude.ai login?
What if I open source a 1 line bash loop (e.g. ralph loop) that does the same?
What if I build a more complex bash loop that goes through my tasks in a text file, and calls claude cli for each?
I don't know at which point this becomes "offering claude.ai login" or a "product", or "building agents".
Here's my product:
while :; do cat PROMPT.md | claude ; done
Am I blacklisted now?
NewsaHackO | a day ago
gck1 | a day ago
My guess is, and others have said this as well in the thread: "when you start utilizing your weekly quotas fully".
But obviously, they can't put "you can't use your weekly allocated quota fully". That would be way too honest and we can't accept that.
NewsaHackO | a day ago
gck1 | a day ago
But you just made this up? There's no text on the page that says this. What the linked page does is explain technical differences between Agent SDK and Client SDK, and Agent SDK and cli (Agent SDK is just a wrapper around cli anyway).
Neither tab says anything remotely like "if a third-party app prompts the Agent SDK and uses the output for tool calls, that's not allowed." You entirely fabricated this from the comparisons.
And your assumption is wrong on another level. The Agent SDK specifically exists so that you can write your own harness and give it custom tools - that's its entire purpose. It's even documented in their custom tools guide [1]. So not only "using a third-party harness with the Agent SDK" isn't forbidden, it's the product's primary use case. There's no such thing as "harness provided by claude for the agent SDK" - you bring the harness.
The only policy statement on that page is this:
> Unless previously approved, Anthropic does not allow third party developers to offer claude.ai login or rate limits for their products..
But I've already addressed this, so it seems we're going in circles.
[1] https://platform.claude.com/docs/en/agent-sdk/custom-tools
NewsaHackO | a day ago
Yea, you don't seem to even understand what you are writing. This in no way contradicts any statement I or Anthopic has said.
>Neither tab says anything remotely like "if a third-party app prompts the Agent SDK and uses the output for tool calls, that's not allowed." You entirely fabricated this from the comparisons.
From: https://platform.claude.com/docs/en/agent-sdk/overview#agent...
>The Anthropic Client SDK gives you direct API access: you send prompts and implement tool execution yourself. The Agent SDK gives you Claude with built-in tool execution.
>With the Client SDK, you implement a tool loop. With the Agent SDK, Claude handles it:
Python
At this point, it's clear that you either have questionable reading comprehension skills, are being willfully ignorant, or are arguing in bad faith because it even says that tool calls outside of the Agent SDK harness has to use the Client SDK as the comments to the code used in the examples.fc417fc802 | 20 hours ago
As an onlooker to this exchange, perhaps things aren't as clear as you're making out. After reading what you wrote I remain unclear. What precise actions with headless mode risk getting me banned?
Is the idea that you are only ever permitted to feed the Agent SDK human generated prompts? That so long as the text you feed into it is 100% human generated you can use your entire quota and won't be banned? To be clear, you could take the output and make a tool call and present that to a human, and the human could go on to make further prompts, but feeding the result of the tool call (which you presented to the human) back into the context is forbidden? Am I on the right track here?
DangitBobby | 7 hours ago
szmarczak | a day ago
simsla | 20 hours ago
ankit219 | a day ago
problem is google's security concerns. when people connect gmail to openclaw, google flags the activity as weird and suspend the account because of unusual activity. Many whose accounts got locked because of this and they thought it was because they connected it to antigravity use against the policy (which happened in some cases). We will still see google account suspensions, and that would keep making news. and it wont be because of antigravity usage.
cat_plus_plus | a day ago
Which means that anyone serious about AI and not going local route should be using a provider with better reputation. I don't know if Alibaba, Z.ai or moonshots AI are also known for hair trigger responses, could be decent options for coding AI otherwise? If not, time to look for smaller providers with good reputation?
hsaliak | a day ago
Anti Gravity I understand, they are subsidizing to promote a general IDE, but I dont understand constraining the generative AI backend that Gemini CLI hits.
Finally, it's unclear what's allowed and what's not if I purchase the API access from google cloud here https://developers.google.com/gemini-code-assist/docs/overvi...
The Apache License of this product at this point is rich. Just make it closed source and close the API reference. Why have it out there?
tempest_ | a day ago
To this day I cannot coax the gemini-cli to allow me to use the models they claim you have access to. Enabled all the preview stuff in cloud etc etc.
Still I mostly get 2.5 and rarely get 3 or 3.1 offered.
The gemini-cli repo is a shit show.
I can seem to access the new models using opencode, but am 429 rate limited almost immediately such that its like 5 minutes between calls.
hsaliak | a day ago
They mask the 429s well in Gemini-Cli - if an endpoint is rate limited, they try another, or route to another model, etc to keep service availability up.
Your experience on the 429s is consistent with mine - the 429s is the first thing they need to fix. Fix that and they have a solid model at a good price point.
I use my own coding agent (https://github.com/hsaliak/std_slop) and not being able to bring my (now cancelled) AI account with Google to it is a bummer.
I'd still use it with the Code Assist Standard license if the google cloud API subscription allows for it but I have no clarification.
tempest_ | a day ago
That is what is should do, but there is no > 2.5 model shown in /model and it always picks a 2.5 model. Ive enabled preview models in the google cloud project as well.
If I pass the 3 model in start param it shows 3 in the lower right corner but it is still using 2.5.
I know google has issues dealing with paying customers but the current state is a shit show. If you go to the gemini-cli repo its a deluge of issues and ai slop. It seems there is a cadre of people jumping to be the first person to pump an issue into claude and get some sort of PR clout.
It might be good but it needs more time to cook, or they need to take a step back and evaluate what they should consider a paid product.
TiredOfLife | a day ago
chaostheory | a day ago
Translation: Google doesn’t want you using Gemini oauth with openclaw
zero0529 | a day ago
wiskinator | a day ago
burgerone | 22 hours ago
This comment resonated with me in particular.
verdverm | 20 hours ago
meling | 22 hours ago
This morning I asked Gemini to “save” its output to a local file. However it did more than that … it committed the file (along with several unrelated staged changes that was not ready to be committed) and even pushed the changes to GitHub. I’ve never asked any model to commit, let alone push… I’m not impressed; actually a bit disappointed that it would do this without any warning up front. This happened in Antigravity.
verdverm | 20 hours ago
Or just don't give it the keys, this is my strategy. Put them in a box with specific tools and access.
See also The Lethal Trifecta
isaachinman | 21 hours ago
The fix is surprisingly straightforward: own your domain, use a provider that focuses on email, and keep your client separate from your provider. Standard IMAP means all three pieces are interchangeable. If one fails, swap it out.
(I work on Marco [0], an IMAP email client. The number of people looking to decouple from Gmail/Google has been growing steadily, definitely a current trend.)
[0] https://marcoapp.io
NamlchakKhandro | 20 hours ago
sreekanth850 | 17 hours ago
Verdex | 8 hours ago
So either scaling stops hard here pretty soon so that spending can stabilize or else the investors are going to be showing up asking for several pounds of flesh.
Suddenly 'dont get left behind, this is the worst these models will ever be' sounds a lot more like 'get locked in with a hyper giant that'll destroy your livelihood and not notice'.
Although who knows, maybe local models will be a thing (however when your dev team gets banned with no explanation and the next milestone is coming up somehow I don't expect that transition to go sufficiently quick).