[OT+Rant] Google's requirement for OAuth2 is pathetic

[JJ]

The fact that Google _requires_ users to enable 2-factor authentication, in
order to use OAuth2, is just pathetic. It's very clear that it's just a way
to trick and force users to give up their phone number. OAuth2 does _not_
require 2-factor authentication. Period.

I'd rather use web based GMail via browser rather than giving my phone
number to Google. I don't have to worry about Google's usage tracking and
ads, since I can block them. Or write my own UserScript to block/cripple
them, if necessary.

And I'll be migrating to other email service provider, and gradually
updating the email setting for all accounts in other website that I use.

[Shadow]

Can you recommend a free POP email provider?
GMX (Powered by Google-TM) just sent me an email that it will
no longer support email clients like Thunderbird and Sylpheed. OAuth2
is not mentioned, it just says "for security reasons" and advises to
use their Web interface which is rife with datamining scripting.
Not worried about security. I use Proton Mail for "secure"
stuff. Via their Web Interface (Uggh) on Linux.
TIA
[]'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012
Google Fuchsia - 2021

[JJ]

I actually use GMX, but the .net one (German version). I've only started to
use the .com one because it's in English. I haven't received any notice from
gmx.net regarding OAuth2.

Does GMX requires phone number to use OAuth2? If not, then Thunderbird in
the future, may probably add support for generic OAuth2 authentication to
support OAuth2 email providers other than Google crap.

Almost forgot, I still have my old Yahoo email account (SMTP+POP3 OK). No
notice about OAuth2 from them also. Don't know if new account registration
requires phone number or not, now.

[Yuhler Speertraeger]

On article <18tmzqvh34n3i.1...@40tude.net>, JJ wrote (at
least in part):

I am also a user of GMX.com and Yahoo. No notices from either of them
so far regarding OAuth2, but that could change in the near future.
I'm a Pegasus Mail user too, so I want to share a link to David
Harris' (Pegasus author) statement about this OAuth2 thing. In short,
Google wants to charge certification fees for every OAuth2 code that
accesses its servers! And they are not cheap.

http://www.pmail.com/newsflash.htm

In early May 2022 he also published a statement on the status of the
OAuth2 code he was working on and which was nearing completion. Also
worth reading.

http://www.pmail.com/devnews.htm

--
Best,
Yuhler

Reply-To: partially ROT13, invalid=com
Due to spam I'm filtering-out GoogleGroups. Sorry. :(

[JJ]

On Tue, 17 May 2022 10:30:26 -0300, Shadow wrote:

> I use Proton Mail for "secure"
> stuff. Via their Web Interface (Uggh) on Linux.
> TIA
> []'s

I've tried ProtonMail. Although it doesn't support POP3, they claim it
supports SMTP and IMAP. But it turns out that, SMTP and IMAP are available
only from "ProtonMail Bridge" which is a local proxy server software to
provide local SMTP and IMAP servers that connects to ProtonMail's email
website or access emails using a web API. IOTW, ProtonMail has no support
for SMTP and IMAP directly from their server.

FYI, I just found a pretty good email provider: Zoho Mail. POP3, SMTP, IMAP
OK; with 5GB storage. No phone number requirement whatsoever. Though, POP3,
SMTP, and IMAP needs to be manually enabled in the "Mail accounts" settings.

[John C.]

Appears to be headquartered in Chennai, India. My observation over the
years is that companies and people from India have little respect for
privacy. Sorry but I, for one, will pass.

--
John C. BS206. No ad, CD, commercial, cripple, demo, nag, pirated,
share, spy, time-limited, trial or web wares for me please. I filter out
posts made from Google Groups and cross-posted (sent to more than one
newsgroup at a time) messages. I recommend you do likewise.

[Shadow]

Thanks, I'll try it.

Maybe not ...

Was redirected and read the Brazilian page. Requires a
cellphone(checks ID with a SMS code), no POP or EMAP for free
accounts, recommends(and hints they will become mandatory)
facial/fingerprint security. Apparently designed for cellphones. No
privacy policy. Available from Google Apps.

Do you have the sign-up address? Maybe I got an eViL
look-alike. LOL.

[JJ]

On Fri, 20 May 2022 19:12:44 -0300, Shadow wrote:
>
> Thanks, I'll try it.
>
> Maybe not ...
>
> Was redirected and read the Brazilian page. Requires a
> cellphone(checks ID with a SMS code), no POP or EMAP for free
> accounts, recommends(and hints they will become mandatory)
> facial/fingerprint security. Apparently designed for cellphones. No
> privacy policy. Available from Google Apps.
>
> Do you have the sign-up address? Maybe I got an eViL
> look-alike. LOL.
> []'s

That's same for me, where it'll regirect to a page with my own native
language, but without phone number requirement. Perhaps it varies from
country to country.

But think I've made a mistake. Forget about Zoho Mail...

Apparently, Zoho Mail's free email registration is for evaluation purpose
only (presumable for 15 days). It's odd that when I register my account,
there's nothing mentioned about evaluation account.

[Wolffan]

On 20 May 2022, JJ wrote
(in article<1v9kbhpeaaeoz.vrsou6aej82a$.d...@40tude.net>):

errr... I’ve been using Zoho’s free mail for four years now. unless
they’ve changed things but grandfathered in old users, you should have
rather more than 15 days of free service.

[s|b]

On Tue, 17 May 2022 08:54:53 +0700, JJ wrote:

> The fact that Google _requires_ users to enable 2-factor authentication, in
> order to use OAuth2, is just pathetic. It's very clear that it's just a way
> to trick and force users to give up their phone number.

I thought that too... and then I considered I'm using a Pixel 6
smartphone, so it's possible they already have my phone number (even
though they shouldn't).

--
s|b