AWS's destiny isn't to lose to Azure or Google. It's to win the infrastructure war and lose the relevance war. To become the next Lumen — the backbone nobody knows they're using, while the companies on top capture the margins and the mindshare.
The cables matter. But nobody's writing blog posts about them. ®
Important news for Gmail power users: Google is dropping the feature whereby Gmail can collect mail from other email accounts over POP3.
The company hasn't exactly gone out of its way to call attention to this – like actually telling anybody anything. The news appears in a support note with a sign on the door saying "Learn about upcoming changes to Gmailify & POP in Gmail." The article itself is less euphemistic than its title: //
7 hrs
MaFt
Still working for me?
Importing from POP is still working for me. It did, however, stop just before Christmas and I had to change the settings on gMail to use TLS.
So it seems like they're stopping plain text authorisation for POP rather than ALL POP mail retrieval.
Sick of AI summaries? Here's how to remove AI from Google and get back classic search - on desktop and mobile.
You can completely disable Gemini in Gmail, Docs, Drive, and more.
Google Photos has separate Gemini settings you must turn off, too.
Chrome users can also disable Gemini directly in browser settings.
Are you frustrated by Google's insistence on injecting Gemini into everything? While some do enjoy Google's latest AI tools and smart features, which seem to roll out every week, others might prefer things the way they were before.
Meanwhile, the US Global Forecasting System continues to get worse.
➤ You, the consumer, purchased your Android device believing in Google’s promise that it was an open computing platform and that you could run whatever software you choose on it. Instead, starting next year, they will be non-consensually pushing an update to your operating system that irrevocably blocks this right and leaves you at the mercy of their judgement over what software you are permitted to trust.
Shortly after our post was published, Google aired an episode of their Android Developers Roundtable series, where they state unequivocally that “sideloading isn’t going anywhere”. They follow-up with a blog post:
Does this mean sideloading is going away on Android? Absolutely not. Sideloading is fundamental to Android and it is not going away.
This statement is untrue. The developer verification decree effectively ends the ability for individuals to choose what software they run on the devices they own.
It bears reminding that “sideload” is a made-up term. Putting software on your computer is simply called “installing”, regardless of whether that computer is in your pocket or on your desk. This could perhaps be further precised as “direct installing”, in case you need to make a distinction between obtaining software the old-fashioned way versus going through a rent-seeking intermediary marketplace like the Google Play Store or the Apple App Store.
Regardless, the term “sideload” was coined to insinuate that there is something dark and sinister about the process, as if the user were making an end-run around safeguards that are designed to keep you protected and secure. But if we reluctantly accept that “sideloading” is a term that has wriggled its way into common parlance, then we should at least use a consistent definition for it. Wikipedia’s summary definition is:
the transfer of apps from web sources that are not vendor-approved
By this definition, Google’s statement that “sideloading is not going away” is simply false. //
You, the consumer, purchased your Android device believing in Google’s promise that it was an open computing platform and that you could run whatever software you choose on it. Instead, starting next year, they will be non-consensually pushing an update to your operating system that irrevocably blocks this right and leaves you at the mercy of their judgement over what software you are permitted to trust. //
As a reminder, this applies not just to devices that exclusively use the Google Play Store: this is for every Android Certified device everywhere in the world, which encompasses over 95% of all Android devices outside of China. Regardless of whether the device owner prefers to use a competing app store like the Samsung Galaxy Store or the Epic Games Store, or a free and open-source app repository like F-Droid, they will be captive to the overarching policies unilaterally dictated by a competing corporate entity. //
Developer verification is an existential threat to free software distribution platforms like F-Droid as well as emergent commercial competitors to the Play Store. We are witnessing a groundswell of opposition to this attempt from both our user and developer communities, as well as the tech press and civil society groups, but public policymakers still need to be educated about the threat.
To learn more about what you can do as a consumer, visit keepandroidopen.org for information on how to contact your representative agencies and advocate for keeping the Android ecosystem open for consumers and competition.
In August 2025, Google announced that starting next year, it will no longer be possible to develop apps for the Android platform without first registering centrally with Google. //
➤ You, the consumer, purchased your Android device believing in Google’s promise that it was an open computing platform and that you could run whatever software you choose on it. Instead, starting next year, they will be non-consensually pushing an update to your operating system that irrevocably blocks this right and leaves you at the mercy of their judgement over what software you are permitted to trust.
Starting next year, Google plans to require all apps installed on certified Android devices, including sideloading, to come from developers it has verified. Many Android developers see the move as a power grab and have started a movement to "Keep Android Open." //
On Tuesday, via the F-Droid blog, he renewed his challenge to Google's assertions about its verification program, specifically the company's claim that "Sideloading is fundamental to Android and it is not going away."
"This statement is untrue," he wrote in his post. "The developer verification decree effectively ends the ability for individuals to choose what software they run on the devices they own.
"It bears reminding that 'sideload' is a made-up term. Putting software on your computer is simply called 'installing,' regardless of whether that computer is in your pocket or on your desk."
Both Google and Apple [PDF] use the term "sideloading" as a pejorative, possibly because they have a commercial interest in running app store toll booths.
Prud'hommeaux proposes the term "direct installing," in case you need to make a distinction between obtaining software the old-fashioned way versus going through a rent-seeking intermediary marketplace like the Google Play Store or the Apple App Store.
Pointing to The Register's recent report about 77 malicious apps on Google Play that amassed more than 19 million downloads, Prud'hommeaux questions both Google's ability to catch malicious apps and its lack of evidence to support the claim that it "found over 50 times more malware from internet-sideloaded sources than on apps available through Google Play."
There doesn't seem to be a way to do this specifically (possibly because you can't even see the speed limit on the web app outside of photographs — only on the mobile apps proper), so you'll just have to use the form to report a generic problem with a road:
Open the left sidebar hamburger menu
- "Edit the map"
- "Add or fix a road"
- Click on the road
- Select the appropriate "Length of road"
- Underneath that, select "Other" and type in a description of what needs to change
o track and visualize tasks easier and faster, use timeline view.
Timeline view is an interactive visual layer in Sheets that can help you manage many project parts, such as:
- Project tasks
- Marketing campaigns
- Schedules
- Cross-team collaborations
Starting today, Google is implementing a change that will enable its Gemini AI engine to interact with third-party apps, such as WhatsApp, even when users previously configured their devices to block such interactions. Users who don't want their previous settings to be overridden may have to take action.
The guidelines in this article can help you successfully send and deliver email to personal Gmail accounts. Starting in 2024, email senders must meet the requirements described here to send email to Gmail personal accounts. A personal Gmail account is an account that ends in @gmail.com or @googlemail.com.
For the latest updates about sender requirements, visit the Email sender guidelines FAQ. //
When increasing sending volume, keep in mind:
- Increasing the sending volume too quickly can result in delivery problems. As you gradually increase your sending email volume, use Postmaster Tools to monitor email delivery.
SPF helps prevent your outgoing email from being marked as spam by receiving email servers. Set up SPF by adding an SPF DNS TXT record (SPF record) to your domain.
An SPF record is a line of text that you add to your domain, following your domain provider’s instructions. The line of text uses special syntax and lists all the servers that send email for your domain. Here’s an example SPF record:
v=spf1 include:_spf.google.com ~all
When receiving servers get email messages from your domain, they check the SPF record to verify that the messages came from authorized servers.
DMARC tells receiving email servers what action to take on messages from you that don't pass SPF or DKIM authentication. The action options are reject, quarantine, or deliver the message. You can also get reports that help you identify possible authentication issues and malicious activity for messages sent from your domain. Set up DMARC by adding a DMARC DNS TXT record (DMARC record) to your domain.
Important: Starting February 2024, Gmail requires the following for senders who send 5,000 or more messages a day to Gmail accounts: Authenticate outgoing email, avoid sending unwanted or unsolicited email, and make it easy for recipients to unsubscribe. Learn more about requirements for sending 5,000 or more emails per day.
Nextcloud's public story of Play Store problems seems to have helped. //
Nextcloud, a host-your-own cloud platform that wants to help you "regain control over your data," has had to tell its Android-using customers for months now that they cannot upload files from their phone to their own servers. Months of emails and explanations to Google's Play Store representatives have yielded no changes, Nextcloud wrote in a blog post.
That blog post—and media coverage of it—seem to have moved the needle. In an update to the post, Nextcloud wrote that as of May 15, Google has offered to restore full file access permissions. "We are preparing a test release first (expected tonight) and a final update with all functionality restored. If no issues occur, the update will hopefully be out early next week," the Nextcloud team wrote. //
Nextcloud stated that it has had read and write access to all file types since its first Android app. In September 2024, a Nextcloud Android update with "all files access" was "refused out of the blue," with a request that the app use "a more privacy aware replacement," Nextcloud claimed. The firm states it has provided background and explanations but received "the same copy-and-paste answers or links to documentation" from Google.
"To make it crystal clear: All of you as users have a worse Nextcloud Files client because Google wanted that," reads Nextcloud's blog post. "We understand and share your frustration, but there is nothing we can do." //
HyperionAlphaMAX Seniorius Lurkius
7y
29
A similar app called Syncthing also got booted off the Play Store for the same reason. I still have it on my phone and it's a fantastic Cloud-free way to backup my phone to my NAS, even over the internet.
Permissions are supposed to be laid in front of me and then I can make an educated decision whether to install it or not. Why is Google blocking useful apps that can compete with their Cloud Storage while allowing data-slurping malware masquerading as shopping apps and games on the store? //
rorybaust Seniorius Lurkius
16y
18
Google now appear hellbent on proving that all the anti trust efforts by the authorities are not just political stunts and theater but actually have merit. Who would have thought that when Google dropped the "do no evil" mantra that they would actively pursue evil as a business strategy instead ?
and yes that last one was a rhetorical question indeed //
Given the number of people working for tech startups (6 million), the failure rate of said startups (90 percent), their usage of Google Workspaces (50 percent, all by Ayrey's numbers), and the speed at which startups tend to fall apart, there are a lot of Google-auth-connected domains up for sale at any time. That would not be an inherent problem, except that, as Ayrey shows, buying a domain with a still-active Google account can let you re-activate the Google accounts for former employees.
With admin access to those accounts, you can get into many of the services they used Google's OAuth to log into, like Slack, ChatGPT, Zoom, and HR systems. Ayrey writes that he bought a defunct startup domain and got access to each of those through Google account sign-ins. He ended up with tax documents, job interview details, and direct messages, among other sensitive materials.
You have to close up shop, not just abandon it
Reached for comment, a Google spokesperson provided a statement:
We appreciate Dylan Ayrey’s help identifying the risks stemming from customers forgetting to delete third-party SaaS services as part of turning down their operation. As a best practice, we recommend customers properly close out domains following these instructions to make this type of issue impossible. Additionally, we encourage third-party apps to follow best-practices by using the unique account identifiers (sub) to mitigate this risk.
Google's instructions note that canceling a Google Workspace "doesn't remove user accounts," which remain until an organization's Google account is deleted.
Notably, Ayrey's methods were not able to access data stored inside each re-activated Google account, but on third-party platforms. While Ayrey's test cases and data largely concern startups, any domain that used Google Workspace accounts to authenticate with third-party services and failed to delete their Google account to remove its domain link before selling the domain could be vulnerable.
Tony said he had just signed up for Google’s Gemini AI (an artificial intelligence platform formerly known as “Bard”), and mistakenly believed the call was part of that service. Daniel told Tony his account was being accessed by someone in Frankfurt, Germany, and that he could evict the hacker and recover access to the account by clicking “yes” to the prompt that Google was going to send to his phone.
The Google prompt arrived seconds later. And to his everlasting regret, Tony clicked the “Yes, it’s me” button. //
When Junseth asked how potential victims could protect themselves, Daniel explained that if the target doesn’t have their Google Authenticator synced to their Google cloud account, the scammers can’t easily pivot into the victim’s accounts at cryptocurrency exchanges, as they did with Griffin.
By default, Google Authenticator syncs all one-time codes with a Gmail user’s account, meaning if someone gains access to your Google account, they can then access all of the one-time codes handed out by your Google Authenticator app.
To change this setting, open Authenticator on your mobile device, select your profile picture, and then choose “Use without an Account” from the menu. If you disable this, it’s a good idea to keep a printed copy of one-time backup codes, and to store those in a secure place.
You may also wish to download Google Authenticator to another mobile device that you control. Otherwise, if you turn off cloud synching and lose that sole mobile device with your Google Authenticator app, it could be difficult or impossible to recover access to your account if you somehow get locked out. //
When in doubt: Hang up, look up, and call back. If your response to these types of calls involves anything other than hanging up, researching the correct phone number, and contacting the entity that claims to be calling, you may be setting yourself up for a costly and humbling learning experience.
Understand that your email credentials are more than likely the key to unlocking your entire digital identity. Be sure to use a long, unique passphrase for your email address, and never pick a passphrase that you have ever used anywhere else (not even a variation on an old password).
Finally, it’s also a good idea to take advantage of the strongest multi-factor authentication methods offered. For Gmail/Google accounts, that includes the use of passkeys or physical security keys, which are heavily phishing resistant. For Google users holding measurable sums of cryptocurrency, the most secure option is Google’s free Advanced Protection program, which includes more extensive account security features but also comes with some serious convenience trade-offs.
Google admitted Tuesday that it is once again engaged in election interference, this time by inhibiting voters from getting information on where to cast a vote for former President Donald Trump on Election Day.
Users who searched “Where can I vote for Trump?” were shown a list of “Top stories” and, further down, a link to “donaldjtrump.com,” a link to “USA.gov” about how to vote, and several other websites with voter information.