TechPulseTechPulse
Back to News
Advertisement
Advertisement

⚡ Community Insights

Discussion Sentiment

44% Positive

Analyzed from 1459 words in the discussion.

Trending Topics

#google#gmail#number#phone#code#sms#email#spam#solution#accounts

Discussion (61 Comments)Read Original on HackerNews

everdrive2 minutes ago
Thanks for the update. I've been meaning to fully move away from gmail. It's clear that now is the time.
dvhabout 3 hours ago
Any Gmail person can tell me why Gmail is tolerating Gmail phishing emails that use Google's own services (e.g. https://storage.googleapis.com/savelinge/... ?

More info here: https://news.ycombinator.com/item?id=46665414

torben-friisabout 2 hours ago
Spam is getting horrible lately. I get all sorts of new techniques including:

- using legitimate sites to bypass filters, like sending you a bill through a legitimate bill-creation site

- pretending to be a tracking service for something you supposedly ordered, then over the course of days pretending the package got lost on the way and offering a discount code for the 'purchased' amount, expecting you to use it on their phising site.

Gmail not only fails at spam classification, they classify these messages as important and nag you with first priority notifications and summaries.

traviswingo44 minutes ago
I can’t prove it, but it feels like the world recently decided that spamming/scamming is acceptable, so the number of spammers/scammers has increased dramatically.

The number of spam calls, texts, emails, iCloud account unlock requests, etc I’ve received in the last year is insane.

abirch26 minutes ago
It's AI that's doing a lot of it. For a lot of spam, scammers would want to exclude anyone who may not fall for the scam due to the costs associated with dealing with people who won't pay you. Now that AI decreases the need for a human scammer to scam, expect them to start to widen their scam nets.
deweyabout 3 hours ago
The same reason spam filtering is hard. It's not possible to catch every misuse of the service without too many false positives.
dvhabout 3 hours ago
The same 5 urls has been used for 3 months
deweyabout 3 hours ago
That doesn't really change the fact that it's hard. Do you know how many full movies are on YouTube that infringe on copyright? How many pirated streams are hosted on S3? How many piracy sites are behind Cloudflare. It's just very hard to police at scale and if something is flying below the radar it will be there for a while. They probably spread out their assets over many accounts, or even use misconfigured buckets with write permissions to drop some files in there.
cyanydeezabout 2 hours ago
Ok, it's even harder when you do not care because they people are either freeloaders or locked into your solution because it's a customized mess.
Aboutplants24 minutes ago
It follows the same logic as physical junk mail. We accept the fact that we will receive junk mailers in our physical mailbox and just toss them out.
00000000000114 minutes ago
Yeah, but junk mail funds the USPS, without it Republicans would've killed the postal service long ago, See the Pension requirement that they pushed in a vain attempt.
Aurornisabout 2 hours ago
> Supposedly, using the QR code on the smartphone triggers an SMS sent from your phone to Google in order to verify your phone number.

Does anyone have a better source of information than this one forum comment from someone who thinks scanning a QR code is enough to get your phone to send a text message?

EDIT: It’s just an SMS URI. It doesn’t automatically send anything, just opens a text message for you to send.

This is just the old phone number verification with a QR code convenience method.

mghackerladyabout 1 hour ago
What happens when your phone can't do that? I use a flip phone. It can't scan QR codes despite having a camera
user_783232 minutes ago
Technically if you can copy paste the qr code into any qr reader website and manually do it, I think it's possible? Assuming it doesn't change the code very rapidly every few seconds.
Aurornis40 minutes ago
Apparently it’s just an SMS URI.

It’s not something specific to a phone. It’s just a convenient method to enter your phone number.

croes34 minutes ago
To enter their phone number because you sent an SMS to them.

So if there are any costs for sending this SMS it’s on you.

tom1337about 1 hour ago
then google has decided that you no longer should be able to use GMail (for now) and the internet (in the future)
mghackerladyabout 1 hour ago
eh, they gave up on trying to control usenet and haven't touched gopher so I'll just go there
gruezabout 1 hour ago
https://datatracker.ietf.org/doc/html/rfc5724#section-2
noitpmederabout 1 hour ago
I think it's probably enough to get your phone to open your texting app with a pre populated number and message body, then all the user needs to do is hit send.
yawnrabout 1 hour ago
It probably opens a prefilled text message and the user still has to hit send. That's the only API I know on iOS anyway.
philajanabout 1 hour ago
Can confirm this is what scanning the QR code does. I just went through this to get my Google dev account verified.
goldenarmabout 1 hour ago
Regarding how easy simswap is in 2026, it's dangerously stupid from Google to rely on SMS
cute_boi8 minutes ago
I don't know why verizon etc.. don't charge like $0.25 cents per sms. Then these provider would stop sending too many sms.
mikestew6 minutes ago
Is this the reCAPTCHA crap I just ran into minutes ago? It’s the Cloudflare “verify your humanity” thing, and the checkbox isn’t good enough, so now there is a “mobile verification, the support page for which (that I briefly skimmed) talks about scanning a QR code.

(EDIT: TFA didn’t clear it up for me, but it sounds similar.)

8cvor6j844qw_d6about 3 hours ago
Recently helped a small business set up a Google Workspace account and we hit a wall during registration.

Told the owners that if Google is already being difficult during signup, imagine being locked out later with client work on the line. Pulled up a few horror stories about Google lockouts to drive the point home. They ended up with another workspace solution.

Aurornisabout 2 hours ago
> and we hit a wall during registration.

What does this mean? The scanning a QR code and sending a text message from this article, or something else?

super256about 3 hours ago
With which workspace solution did they end up with?
p0w3n3dabout 2 hours ago
I assume "next leading brand" ;P
cromkaabout 1 hour ago
Hopefully that means Nextcloud ;)
thrownaway561about 2 hours ago
Everyone hates on Microsoft, but their platform is 50x better than Google. Personally nowadays I would be looking at Proton if I was going to setup a workspace for my company.
windexh8erabout 2 hours ago
This is hilarious. Microsoft has had many issues and outages with M365 in the last few years. I mean, I guess if you don't rely on mail, then sure.
SV_BubbleTime32 minutes ago
We are 365 shop… I cannot think of one single time the 365 being down has affected us at all. Maybe you’re right I don’t know. Maybe your region is worse than my region.
b112about 1 hour ago
If one takes the comment to mean, 50x better for support, I can believe that. After all, 50x almost nothing can be achieved fairly easily.
arjie17 minutes ago
I went through it to register just now. No QR code required. Same flow as it has been for years:

1. Personal/Child/Business

2. First/Last

3. Pick email

4. Date of Birth

5. Backup email / Skip

6. Password

7. Enter phone number

8. Confirm with 2FA code

9. Done.

I just made the email testregistrationflow@gmail.com and have since forgotten the password. So that’s one burned. But feel free to try testregistrationflow1@gmail.com and see if it works without a QR code.

The headline is clearly a misstatement of what is a specific flow for someone to make many Gmail accounts programmatically.

guidedlight7 minutes ago
They should probably go back to the original invite only flow they used when Gmail launched.

Every account having the ability to invite an only small finite number of new accounts is one way to thwart scammers.

cute_boi11 minutes ago
I just checked and it asked me to scan QR code and after opening QR code it will attempt to send some random token..

Google is probably doing A/B testing or they are using some sort of ML algorithm....

opengrassabout 2 hours ago
I got this a few weeks ago, it was a URL like "sms?:number" which tries to pre-fill text in app. Didn't work for me (Fossify) so I had to copy the number and verifier text from that URL and send it manually. It's for saving money spent on providers like Twilio.
DivingForGoldabout 1 hour ago
Won't be registering any new gmail accounts in the future and will gladly dump the ones I have if Google tries to force obtaining my phone no.
xchip26 minutes ago
I also receive too much spam, I'll believe in their AI whenever they are able to fix spam.
reconnectingabout 2 hours ago
Gmail has been evil both for client privacy as they use email scanning for marketing purposes, and for 'spam' filters that reject legitimate emails.

The fact that they're introducing QR/SMS/MMS/whatever they want is actually an interesting signal, because it will harm the customer experience, which might result in the growth of responsible paid email services.

rapnieabout 1 hour ago
> Gmail has been evil

It is good to realize that it has never been "Nice Uncle Google" and always an advertisement moloch offering tools to hook their product. All that trust that was bestowed was never warranted.

riddlemethatabout 2 hours ago
The only “real” competition for Google Workspace is Microsoft if you need a full collaboration solution beyond just email, and 99.999% of customers of such hosted solutions need that full solution. It’s why Dropbox worked even though hacker news users probably roll their own sync solution.
reconnectingabout 2 hours ago
Tuta, Fastmail, and Posteo are all much better alternatives to Gmail in terms of privacy.

My comment, as per subject, is about Gmail.

daft_pinkabout 2 hours ago
His point was just that many business users can only purchase Google’s solution or Microsoft’s solution, because they’re the only services that will offer interoperability with many other security and compliance services and advanced functionality like SSO, third party email scanning, compliance journaling etc. The email market is essentially a duopoly as soon as you need any functionality beyond basic email.
CWwdcdk7habout 2 hours ago
Last time YouTube wanted to verify my phone number it was easier to find a free service to receive SMS than for Google to deliver it to my actual phone. And Google didn't care I "verified" a number assigned to other side of the world.
mghackerladyabout 1 hour ago
It's becoming increasingly hard to find a service that lets you see verification messages, and even then google doesn't like a lot of the numbers those services use
Advertisement
dsr_about 2 hours ago
... and gives me a message on my primary phone: "This number has been used too many times."
jmyeetabout 2 hours ago
Everything is going to get so much worse and AI really is to blame. So many websites now have these verification pauses and CAPTCHs because of AI agents. Part of it is agents. Part of it is everyone running their own awful versions of Googlebot.

Years ago IIRC there was a "bug" where the Android emulator allowed you to create real Google accounts. This was found and I'm sure millions of these accounts were created. There's a whole black market for Google accounts. Whereas I lost a Google account I'd created for a relative because it hadn't been used in awhile and it was tied to a mobile number I no longer had.

I don't see how this ends without registering for a service like Gmail being tied to your government ID.

findbizonlineabout 7 hours ago
When did it start?
spwa4about 2 hours ago
The real problem for privacy is that governments are increasingly outsourcing the verification of identity and bot protection to private companies.
carlosjobimabout 2 hours ago
Outsourcing? Governments have never been involved in bot protection or online identity verification for anything else than their own websites.

It's like saying that the government has outsourced burger making to McDonalds.