google is trying very hard to convince the world that we can’t live without it, but in truth we don’t need it. i have my own email addresses; i search the web with duck duck go; when i want to video conference i use jit.si; i share big files via wetransfer, owncloud, and ftp; and for collaborative documents i use etherpad. however i work with many people who, sometimes for valid reasons, use google platforms and this means that i have to as well. at the moment i’m working on a book chapter which i’ve been asked to submit by uploading as a google doc. and google mail is undeniably useful for easily creating shared email addresses for specific projects.
so i have a gmail address that i use when i have to, and for years i’ve had it set up to download to my email client (thunderbird) when i check all of my email accounts, which worked fine – but in the last year i’ve started to have problems. whenever i access my gmail account with thunderbird from a location other than home (which i do often), gmail decides that this is suspicious activity and asks me to re-enter my password. i re-enter the correct password, but the gmail server still won’t accept it. sometimes, by logging in to gmail via the web and checking my email from thunderbird while logged in on the web, i can make it work again for a while. then i’ll check it from a different location and hit the same problem again.
every time i try to find a solution via the google help pages, i go round in circles. google wants me to enable two step authentication, to enter a mobile phone number, and to only use google applications to access my account. i’m not going to do any of these things. now, google is even telling me that thunderbird is a “less secure” application. this is pretty hilarious as most of the people i know who have had their email accounts hacked, have been using web-based gmail. i’ve never had my email hacked when using thunderbird (in fact, i’ve never had my email account hacked at all).
today, cursing in frustration over yet another instance of being prevented from downloading my gmail through thunderbird (apparently as a result of logging into google docs yesterday – i’m in exactly the same location and nothing else has changed), i did some more research and found this interesting article, “why does google call thunderbird less secure?”. as i suspected, all of this “security” rigmarole and “just trust us” advice from google is much more about forcing everyone into their interlinked, trackable monopoly than about actual security or even about making us better informed about security issues. in this thread, the poster asks what exactly are the “modern security standards” that google so vaguely refers to (nobody really knows) and someone comments, “I’m sure they just want to make sure that only THEY get to violate your security”. there is a lot of interesting discussion and generally the consensus seems to be that blocking access to supposedly “less secure” apps is silly and pointless since the blocking happens when you’ve already given your login details to that app. “This is looking more like a world-grabbing move hidden in a genuine but partially misapplied security concern”, says another poster.
the solution, obviously, is not to use google at all. which i happily do as much as possible – but unfortunately can’t manage to totally avoid. where is the open source fully functioning alternative to google docs???