The problem here is that misapplied empathy can lead to terrible decisions. Having Google change their 2FA system for this group would be one such decision. It's similar to the 'think of the kids + terrorism' attacks on encryption. It's socially difficult to argue against these ideas because you are then labeled as a terrible and non-empathetic person, but the solutions themselves make one other thing worse without really being helpful other than for garnering retweets and likes.
In this case, we actually aren't being ambitious enough. Why are we having a system where we give out phones every 12 weeks to each homeless person? We'd probably save money for the program by developing some sort of dedicated device designed to be harder to steal or lose. Maybe a high-autonomy low-powered KaiOS smartphone that can be attached as a strap? It's not like the current devices are working.
Why is it such a hassle to keep the same number after a theft? We could investigate there too. Improving this would be better than decreasing the effectiveness of gmail's measures.
Heck, if we want to focus on Gmail, why not focus on why it's the default choice for the homeless to begin with, as opposed to removing features.
We could try to solve the problem structurally but we prefer the caseworker approach, because it's more easily packaged 'empathy' than actually fixing the homelessness issue. It's like people who travel to developing countries to 'help', when the locals need investments and training facilities, not extra warm bodies. Actually giving homes to the homeless would probably be cheaper than whatever we are doing now, even taking into account the mental illness and drug-abuse problems that factor into this.
Google could put a toggle in Google Account settings titled something like "Allow anyone who knows my password to log in to my Google account (less secure)." It could sit above a description of the risks involved. It would need to be disabled by default, and it wouldn't help users who don't know about it. It certainly would not fix homelessness in society. But it would do a lot of good for a lot of people!
Would this option lead to some increased number of hacked accounts? Probably, but these would be accounts that explicitly opted in to that risk! I think it's excessively paternalistic to not provide the option. Every life situation is unique, and people know their own lives better than Google does.
The solution is to use one that is. Why are case workers directing the homeless to setup gmail accounts? Because they haven't been provided with a better solution by the system they work within.
So its the government's problem to fix. They are the ones handing out phones and setting the expectation to communicate through email. So they can either design an email service themselves that fits their needs. Or they can work with an industry partner, such as google or someone else to provide the service.
Normal gmail is a one size fits all commodity solution. It works well enough for most people, most of the time. Specialized problems call for specialized solutions. Complaining that google didn't think of you is misplaced.
Also, if I was homeless, I wouldn't want my email address to indicate I was homeless.
I broadly agree that it isn't Google's job to cater to everyone, but in this instance, the ask seems overwhelmingly reasonable—and less than what we expect in other circumstances.
Where on the gmail page does it say "not for homeless people, sorry"?
Adding (and forcing) 2FA was a recent decision from Google, which came a long time after Gmail the product was already introduced. There are millions of accounts which were created long before anyone had an idea what a smartphone was, let alone phone-based 2FA.
Not having 2FA is going to allow some portion of users to get hacked. When those users do get hacked they will need a way to regain control of the account. Methods of regaining access to an account are notorious for bad actors social engineering their way to gaining control of accounts.
2FA relieves some of that, because even if you do get hacked you can provide a token from the authenticator that was attached to the account, proving that you do in fact own that account.
> I think it's excessively paternalistic to not provide that option.
I don't find it paternalistic. The goal is to cut down on support costs by reducing the number of users who get hacked and need assistance regaining access to their accounts, and to force users to have a method of demonstrating they own the account even if they can't log in. That it confers some additional security to users is nice, but not really the end goal.
I don't think they do! This would be part of the tradeoff.
Currently, people who cannot use or rely on 2FA are getting locked out of their accounts even if they weren't hacked and knew their password! Isn't that worse?
So we should be mindful of Google's profit margins, instead of homeless people's access to vital services?
1. Go to myaccount.google.com
2. Press "Security"
3. Press "2 step verification"
4. Enter your password
5. Press "Turn off"
6. Confirm the dialog that says "Turning off 2-Step Verification will remove the extra security on your account, and you’ll only use your password to sign in."
If you login from a new computer or unrecognized IP, Google forces you to use the YouTube app on your phone to enter a “code” to login. It sometimes doesn’t even let you get a text code. God forbid I lose my phone or delete the YouTube app and login from a new IP. I don’t know how I would even get into my account.
I don’t know how this isn’t a wider spread issue affecting more people but I guess Google developers live in a perfect world where the YouTube app auth can never fail and you never lose your phone.
> Look, I'd love to stop CP distribution in America! Really, I would! But Google's encryption policies are preventing law enforcement from intercepting pedophile communications now, today.
It's the same "think of [vulnerable group]" type of statement.
But also, yes, there are in fact many times when it's important to consider the needs of different groups of people! That isn't to say that the ends always justify the means—it depends on what the means are—but reasonable accommodations should be made where possible.
Google allows someone of your choosing, who must also have a GMail account, to takeover one's account after x months of inactivity. It's not great but it's better than nothing and it has the benefit of being an option that exists today.
Remember you have the “rescue keys” from google to avoid these kind of problems.
The bigger problem is how you teach those people how to use the services in their situation.
This point is worth reiterating. Homelessness can be solved by providing housing. Yes, homelessness is a complex multi-faceted problem, but the first order solution to the problem is to provide housing.
Homelessness is a problem with huge externalities to society. Put another way, homelessness is an enormously expensive solution to the problem of providing space for humans to live.
Some homeless people aren't capable of the maintenance of a home due to mental or physical issues.
Some homeless people refuse to accept help for mental issues for fear of being trapped in a psych ward.
Simply put, you need to split homelessness into temporary and chronic populations. For the temporary group, homelessness is the problem. For the chronic group, it is a symptom. Treating the symptom will not have a long-term impact on much of the population.
Source: conversations with a social worker friend who spent years working with the homeless population in our metro area.
You've got a good point. These leaves are really starting to pile up, and the snow will be upon us soon. I think I'll just say fuck it and sleep under a bridge, and leave the grounds keeping to the parks department.
You did set up a straw man solely to get knocked down, right? In actuality, the idea of giving "housing to everyone" doesn't mean an idyllic single family stick-and-drywall dwelling with a yard, but rather something communal - like a less-populous more-dignified shelter with a modicum of persistent personal space. The maintenance would be institutional, and come out of the same operating budget as administration, utilities, etc.
I feel like most of the "some homeless just want to be homeless" argument revolves around baking in assumptions that public housing should come with a bunch of strings attached, to make the residents' lives "better". In your comment, this is the responsibility for maintenance or mental health treatment. Such conditions are what turns people off, not some intrinsic love for sleeping rough.
Sometimes mental issues are purely genetic but often they can also arise from or be exacerbated by trauma. And homelessness sure is traumatic.
Most homeless people do not have a severe mental illness (around 70%) [1]. For most homeless people, it's primarily an issue of housing affordability. The solution is to reduce the cost of housing.
For the people who need more support -- due to mental illness or otherwise -- the affordable, effective solution is permanent supportive housing [2].
[1] https://www.treatmentadvocacycenter.org/evidence-and-researc...
[2] https://www.coalitionforthehomeless.org/proven-solutions/
What ends up happening is they generally just destroy the living space in a variety of ways.
It's because the majority of homelessness is an issue of mental health. In the USA, there are pretty much zero mental health resources for people in poverty.
Citation very much needed here. This certainly does happen. But, I don’t believe this the general (i.e. typical) outcome. From what I understand talking to acquaintances who work in this area, wrecking the place is not the typical outcome. And property damage is generally cheaper to address than the constant provision of emergency services.
I agree that mental health (and substance use) are major factors in homelessness, but those issues are more or less impossible to address when people are living on the street with no permanent address and no place to keep e.g. a cell phone without it being stolen.
This isn't true or at least it doesn't start that way. What people don't understand is that there isn't a single homeless population. You have people who are temporarily homeless and people who are chronically homeless. The temporarily homeless are people who lost jobs, fell on hard times, etc etc. The simplest solution for them is yes to give them housing. The chronically homeless is where things get more complicated and those are the people who typically need mental health and abuse services. The simplest and most efficient thing we can do is help the temporarily homeless and prevent them from becoming chronically homeless.
Also your sweeping statement about the destruction of their living space smells to high heaven prejudiced thinking based on myth or hearsay rather than actual data.
https://www.nytimes.com/2021/11/09/opinion/democrats-blue-st...
But yeah let us blame Google.
They used to be called asylums, and the problem is what to do if the homeless person refuses to go. I wonder why you don't hear about homelessness in totalitarian states...
Because vagrancy is punishable by prison time there.
Mark spent considerable time earning the trust of LA's skid row population – a large roadside tent community – and has a series of 1:1 interviews with a slice of the population, exploring their histories, challenges, preferences, and culture.
Mark doesn't believe that many (most?) of the skid row population would benefit from being provided with housing, and that issues of trauma, mental health, and childhood family environment are what he believes would have the highest leverage on the problem.
This is of course just one perspective on the problem, but Mark's perspective taught me quite a bit.
I don't think the temporally homeless, like someone down on their luck. makes up the issues people have with homeless. You see some crazy person, then you see that person is homeless, your answer to that is "oh give them a studio apartment!" and not lets help them with their issue. Police should be policing violent people, for some reason instead of that we want to build homes in the middle of nowhere and drop them off their. They're still going to cause issues.
But instead the justice system is set up to give effective impunity to the worst sort of homeless people; they're back on the street days after being arrested (if they are even arrested in the first place.) They cause incredible damage and commotion, so they hog all the public attention and give all homeless people a very bad name through association.
It could be opt-out.
> It's similar to the 'think of the kids + terrorism' attacks on encryption.
No, it's not. Nobody choosing whether _they_ enable 2FA affects your decision to use it or not. It's more like forcing drugs down somebody's throat because you believe it benefits them and everybody else is doing it anyway.
> Why is it such a hassle to keep the same number after a theft? We could investigate there too.
Sim-jacking. Somebody could claim to have lost it and just take your number. This has happened before. The problem of authentication is fundamental in security and Google are just passing the buck onto phone service providers.
> Heck, if we want to focus on Gmail, why not focus on why it's the default choice for the homeless to begin with, as opposed to removing features.
Because it's free and the emails don't bounce. Most big tech has 2FA now.
We have to break out of the stereotype that homelessness is a city problem. It isn't. Far from it.
Homelessness is more obvious in cities because there are fewer places for homeless people to be. But there are plenty of homeless people camped out in rural and suburban towns, if you know what to look for.
I recently lived in a snooty city suburb where most of the homes cost from $600,000 to $10 million, and guess what — the drainage tunnels beneath the Home Depot, the maintenance underpasses in the parks, the undeveloped wooded lots were all full of homeless people.
Promulgating the notion that homelessness is a city problem is what allows suburban and rural politicians to cut funding for homeless services because "it doesn't affect my constituents."
google isn't requiring specific 2FA data, like address, because they are stalwart guardians of data. They are harvesting data because that is their business.
The homeless don't have enough data to be of value to an entity like goolge
Homeless people don't have enough of anything to be an attractive target for advertisers.
E-mail needs to be a regulated utility, given that getting locked out of one’s email happens all the time with catastrophic consequences.
Sure, it's great that gmail is cheap, after all "it's free". But Google (and MSFT, fuck outlook.com in particular for their completely anti-competitive spam "protection" that only accepts email from other big providers) cross-finances gmail from their ad business, completely distorting every kind of service and product markets.
---
For email in particular what's needed is a LetsEncrypt-like community-driven solution for reputation management and acceptance of emails from reputable sources by the big inbox providers.
The long version (if it’s patronising please skim forward, I’m writing as an explainer for anyone else that comes along):
E-mail was originally a means to communicate informally between two participants over the Internet.
In this early version of the system the message would leave your machine, go to your Mail server, then the recipients mail server, then their inbox. This would complete the transmission and a copy would exist at both ends.
Companies providing ostensibly free online e-mail inboxes have slick sign-up funnels that on the surface seem to be offering a very similar system as the one above, with very little in the way of regulation around either the sign-up funnel or the mailbox (and which do not explain the catastrophic life consequences that can occur as a result of losing access to your mailbox).
These new mailboxes work differently from those of the early Internet, though:
1) Your mail is sent to your mail server. A copy may or may not be retained locally.
2) Your mail server transmits the message to the recipients mail server as before.
3) The recipient receives a notification of the e-mail and may or may not retain a copy locally.
This infrastructure is ubiquitous and now not quite 30 years after the early Internet we have an issue where you’ll be required to have an e-mail address for almost all public services and common accounts that have little to no online component. Your entire life, more or less, may pass through that inbox.
If one day you lose access to the account (in that you insert your password and the provider says no), you will lose access to your entire e-mail history.
You may attempt to reset some passwords for essential services, but you can’t, because they’re sending e-mails to verify your identity - which you’ll never be able to receive.
You move on, create a new account, and attempt to start over. However, e-mails - potentially important e-mails containing personal information - continue to be delivered to a mailbox that you can’t access ever again. Maybe you miss some important alerts.
Perhaps it was a gmail account that had your entire photo and video history in google photos. That’s now gone too. With your passwords, if you’re using chrome passwords.
You rebuild, and a couple of years pass, and perhaps someone else gets access to your account (either through a hack, or a rogue employee with access rights, or someone who guessed a badly thought out password).
You never find out that the account was accessed, so have no-one to complain to, and maybe you end up with savings or 401K/pensions getting emptied. Which in a lot of cases wouldn’t be discovered until they’re due to be collected.
Some of the above might sound far-fetched, but you’d be surprised how much having access to an email inbox is accepted proof-of-identity in 2022.
Hence the need for regulation.
That's not the problem, that's a vague wave at a generic class of innuendo that could be used just as easily to rationalize not allowing your child to eat ice cream or Japanese internment. You have to make the case why Google changing their 2FA system is so much more important than the homeless having phone service, you can't just say "sometimes, empathy can be bad."
I'm not getting that from the rest of the comment, which seems like a gish gallop around a bunch of other things that we're also not going to do for the homeless, and about which you or somebody else can say "it's only human to be worried about other people going through these issues, but empathy can be bad. The answer isn't that HUD should change the second line of the third section of Form B, it's that we should fix the homeless problem completely."
edit: We can't use as an excuse for not making small changes that we should be making larger changes. The excuses that one makes to avoid making small changes will apply more so to larger changes.
It's not a 'gish gallop' but a framework for looking at the issue. I'm not saying that empathy is sometimes bad, I'm saying that it can't be the starting point for our reasoning. It can be the impetus that makes us act, but the actual solution should come first. Sure, maybe none of the things I'm proposing will be implemented. Maybe they're all godawful ideas, but I can't fix the problem in the five minutes it took to write the post or even five decades of intense research on my own. But it's clear that keeping to that pseudo-empathy performative martyrdom mindset is an active roadblock against the more ambitious solutions. And it leads to truly awful ideas such as getting rid of encryption, rights, and so on.
You're putting the cart before the horse. The far simpler solution is for the government to provide the homeless with email. Now the auth can work however you want.
Also, homelessness isn’t the problem we think it is. It’s millions of problems. Any solution will never help more than a subset of the homeless population. We need to iterate on small solutions to make progress.
Then provide contingent housing based on staying sober, sticking to your treatment plan, and getting a job. You can graduate when you’re able to pay your own way.
For non-addict/mentally ill homeless, it’s housing contingent on employment, graduate when you can pay your own way.
This would solve 90% of the problem.
May I introduce you to the concept of scissors?
