This kind of issue is absurdly common. I’ve seen basically the same thing with Microsoft, Amazon and Google—personally and with others.
With Google, it’s well-documented that sometimes, even if you don’t have 2FA turned on and you know your password, they simply won’t let you log in without some sort of additional verification… which may not be possible. This hit me once while overseas, I think I managed to get in by tunnelling through my VPS in Australia. And if you can’t do this, you’re stuck, because Google simply doesn’t have support.
With Amazon, I was finally able to find one way of contacting them that didn’t require signing in, and when I finally got to a human, the problem was immediately fixed.
Exactly! The OP’s surprisal is surprising, given that 95% of all support interactions across the board are exactly like this. In fact, the internal support - i.e. the support for employees is just as bad and nonsensical.
It goes pretty much like this. If your problem needs “reasoning” that entails more than matching a direct solution, you’re getting the default answer that’s the closest match to the solution.
The only difference between live support and support docs is that live support has access to some of your data and controls over some flows (e.g. reset password)
Now the real kick - it’s like this across the board outside of tech. If you go to a hospital with a problem that is not the 95 or 99 or whatever they are “tuned” to deal with, your pretty much fucked, unless you can be resourceful or luck enough to navigate the structure until you find someone that actually knows how to.
Bureaucracies? Same.
It’s effectively the same dumb machinery with dumb human cogs that you’re always dealing with.
I think it’s simply the “limit” of average human intelligence and find it hard to believe AI will end up being dumber than this.
The problems isnt the cogs, its the business owners setting up the incentives. Providing reasoned support is expensive from a time and effort perspective, so they dont invest in it. Service reps are specifically trained and incentivized to just fuzzy match the SOPs
And AI cant reason either, so it wont be able to provide any real reasoned support either. And the pwners dont care because they already provide shit service, people like you will just hype the AI up and then make excuses for it when its just as shit
Bureaucracy didn’t emerge in the 21th, contrary to lack of customer support for big companies. Bureaucracy is a symptom part of the enshittification, the root cause is Monopoly (direct or through organized shareholders across an industry). You don’t need support or good service when customers don’t have the choice to go elsewhere.
> The OP’s surprisal is surprising, given that 95% of all support interactions across the board are exactly like this
If your point is "it is today's norm, let's accept it and shut up", I feel the opposite. If the "norm" is like that, expressing it aloud is my way of contributing to society.
These businesses are all about scale. Each user makes them a paltry amount of money, but they have an enormous number of users.
A single support incident that reaches a paid worker on their side costs them more than the profit you’ve brought them for the year. It probably costs them more than the profit you’ll bring them for your entire life.
With less scale-y businesses, it’s worth it for them to put some effort into fixing problems, as an investment in your future business. Here, the only reason would be to avoid reputational damage. And who’s going to stop using Google or Microsoft because some guy had trouble getting support?
There’s a story (no doubt apocryphal) about Bill Gates telling people working on Windows that a customer calling their support line cost as much as the profit they made selling that copy of Windows. The point was to make it so Windows users didn’t need to call support by making Windows work better. The modern equivalent of this would be to make sure that users can’t reach expensive support in the first place.
If business are all about scale then you are not fixing one user problem but you are fixing the same problem experienced by thousands or millions of user.
I feel like once they've gotten everyone on the planet using their services, and then fucked them all over, maybe then there'll be a market un-fucking them over.
The complete lack of any human customer service that is actually answering is the reason I‘ll never again trust my private eMails to be managed by Google.
Oh man, I’m pulling my hair right now because Google _decided_ consistently that someone else has my password and locked them out. They’re so proud of themselves about it I can imagine. But in reality, I’m trying to login my Gmail account on my second iPhone which is next to my original Android that has this Gmail account installed. When I logged in on the iPhone they showed a code and asked me to pick the same code on the Android, I did follow but they insisted that it wasn’t enough and still locked me out.
The common thread is that all these tech giants concentrate on scaling their ability to deliver the product and generate revenue, making service for exceptional situations a lower priority, with solutions that do not scale.
While you are consuming product and paying, you are basically identical to everyone else doing that (except for your varying personal info). That can be scaled in straightforward ways.
If you have some problem that requires attention to your account, that doesn't scale well. Even if it could, it's not worth it to them; it's off the happy, revenue-generating path.
Google wiped all my codes from their authenticator app
It really drove home that trusting my identity and online presence to these entities that do not care or even know how to be responsible about it is a very bad idea.
It is true that google's (lack of) customer support is awful.
>it’s well-documented that sometimes, even if you don’t have 2FA turned on and you know your password, they simply won’t let you log in without some sort of additional verification
However, this isn't quite fair on google - it's not arbitrary "sometimes", it's that accounts get locked if there's been unusual or suspicious activity that may indicate an attempt to compromise the account, such as failed login attempts or logins from a new location. The account is locked from single-factor (password only) authentication for a period of time to prevent compromise (which isn't disclosed but as I understand can vary and is usually a week or two), but will allow login with an MFA challenge.
If the account is locked and there are no MFA methods set up or other means of recovery like backup passwords, how are they meant to verify that it's you recovering the account and not an attacker?
Supposing you did manage to talk to a live google support agent, you'd still have the same problem of not being able to verify ownership of the account.
I think this is quite fair criticism of google. The idea of the account being locked and requiring MFA to verify is something they made up without consulting the user. If they're going to do this "suspicious account" locking, they must make MFA mandatory beforehand. If they haven't got MFA from the user, they must trust the password. If that means my account gets compromised, that's my problem.
Note that there is no question who owns the account. That's what the password is for!
It gets much worse than this if you think about what they decided to do with Minecraft. They obliged millions of kids - literally, kids - to have a microsoft account to play a game that has nothing to do with any other microsoft products. They apply sub-standard and child-unfriendly security measures and when armies of kids get hacked (mostly phished) every day the only thing they do is to close down their account and FORCE them to buy the game again.
I still have to understand whether it's incompetence or a business model.
If one company becomes massively profitable despite offering literally zero consumer level support, then why would any other company, that covets the same scalability, make any attempt at consumer level support at all?
Google has not scaled it's services, it has ignored hard problems of scaling in favour of solving (relatively) easy technical problems. It has not been punished in any meaningful way for this unbalanced approach, and so "the norm" shall it become.
Had one of the first 10k Minecraft accounts or so. Never changed the name or anything. When Microsoft bought it they spammed me that I would loose my account if I don't transfer it. So after the 3rd email or so I did. It got hacked a few days after that, took several weeks to resolve for whatever reason. Ive had the account a few months after that until it was "hacked" again.
The very few times I played Minecraft since then I just used a hacked client.
I have a friend who bought Minecraft for the full price of 30 USD, and one day microshit decided "hey you know what? fuck you, we're deleting your account". so he went to a 3rd party site and bought a 2nd hand account, sketchy as fuck but it worked and this time he didn't have to pay full price again; but the fact that he had to pay *again* is simply outrageous.
On the other hand, last time I got actually hacked was in 2015, when I intentionally shared the password for a popular kids game that I used to play back then. And I'm not a cybersecurity expert at all, I don't follow the best security protocols, heck I don't even have good passwords, but I have never been hacked in 9 years.
As a bonus, you can can get completely stuck if you made the mistake of creating a MS family when signing into Minecraft. In the forums there are hundreds of problems like mine where the family becomes completely uneditable and Minecraft offline-only.
But I should've never attempted anything that complicated with MS. They can barely manage simple cases, groups of users is way too hard.
Just going through that myself. My son's Microsoft account was hacked, we contactes customer service and all they did was acknowledge the account was compromised, close it indefinitely asking us to buy the game again, and locked my account as the family manager. Fortunately I am a Linux guy and the last Microsoft thing I've touched was windows xp some 20 years ago. But imagine thinking this is acceptable?!
I guess they still suffer from monopoly syndrome. The EU should get them again.
The business incentive is funneling new users into their walled garden. If they could, they would assign a MS account to every newborn. There are still loopholes to protect your children from Minecraft's new "features" (at least for Linux users, ask privately), but it's only a matter of time until they are closed to appease the gods of enshittification.
The problem is that my kids want to play on online servers and for as much as they are learning to hate Microsoft, they still love Minecraft. I don't think loopholes can help with that, can they?
Well, that's actually 3 failures: UX designed to create an impossible flow, AI-based user blocking, and a lack of customer service.
By comparison, something similar happened when I was hired by Meta. Visiting the 2FA page caused my account to be insta-locked. It turned out that I had another account under an email address domain I no longer had access to. They were eventually able to fix it with an Oops request.
In conclusion, it doesn't matter so much if tech is imperfect if the support is good. But without good support, any small inconvenience or issue can easily spiral to become a show stopper.
Seconded. I got banned by Facebook back in 2015, for no reason. I say no reason because they never told me a reason, even after following up to ask. And when I immediately created the same account all over again, same name, same photo, it stayed up & has for 10 years. Shrug.
I have that with all meta products. As soon as I sign up my account gets locked, then I can unlock it normally most of the time. After a few hours or any interaction it gets locked again. When I usually start to see broken UX where there is no way to proceed anymore.
And this is one of the (many) reasons that I have self-hosted my email for the last 20 years. Sure, I have had outages, and one or two times I have had to drop everything to fix the server due to a botched upgrade. But each time this happened it was my own fault and I myself was able to fix it. I have NEVER lost access due to some automated system putting me in the wrong category.
By the way, the biggest griefs I have had with self-hosting my email has been due to Microsoft. Their way of categorizing spam can pretty much be summed up to: does it come from an explicitly whitelisted commercial email provider? Probably not spam, otherwise: spam. They are criminally incompetent (also) in this area.
Owning your own domain is good enough for me - I use Apple to host my mail, but should they suspend me I’d at least be able to move the domain to another provider.
I should consider a solution for backing up my email, though.
Yep, on the rare occasion I deal with someone who uses Microsoft for email, I give them a heads-up that they probably miss an email every now and then. I remember my last employer's mails often didn't reach them, and at some point they added a big warning to their sign up page when you used one of the Microsoft domains for your email.
I remember a time long ago when Microsoft support was great. I had a problem with Windows 3.11 crashing on my computer. Called the free telephone support, and the person went through a rigorous unscripted troubleshooting session with me to finally find the problem. Turned out some dram timing was slightly of in the bios setting which was only tripped by Windows and not by other software.
You are right. Must have been early 90's. Might have been Windows 3 or 3.1 as well. I remember you had to install a 3rd party tcp/ip stack, as Windows did not come with one.
Yes! I had an issue with my original Xbox where it wouldn't power on properly, blinking light. After some back and forth with a very Texan man, we determined that I just needed to reseat the video cable. It was fantastic support! I miss those days.
As a network engineer I once had a project involving an infrastructure for a deployment of thousands (so I was told) of SQLServers. My part was pretty straightforward and ready well ahead of schedule, but the DB team got stuck because the SQLServer build process kept getting hung. The only response ever heard from microsoft was "It's a network problem"
So I dug into packet captures and found that the switches were using all-zeros gratuitous arps to populate the forwarding table more quickly, which is a fairly common practice. The SQL servers saw this as in indication of a duplicate IP address (the garps were for 0.0.0.0).
Technically this did trigger the duplicate IP address detection RFC, but was never a problem for other server builds or any other server operational capacities. Cisco was the other vendor involved and came out with an update to allow for a timing delay for the all-zeros GARP. However given the timeline runway and the need to do a bug scrub for just one access area in a large data center with other much more lucrative capacity builds the only fiscally responsible thing was to look to the vendor at the heart of the problem.
However it was not possible to get any response from microsoft on it in spite of having the most expensive support contract they offered. The monthly late fees for the project were in the 8 figure range, so microsoft was dumped since they were not answering the phone. It was not for a lack of trying either. Our so-called "high touch" liaisons were equally frustrated.
It was weird since we were not a small customer - we were one of their largest. If a fortune 10 can't get microsoft to answer the phone, what hope does anyone else have?
Also if you have multiple microsoft 365 accounts, switching between those in the webapp seems to be impossible for years already. There's a switch account option, you can click it and sign in to another account, except you just stay logged in as the previous account.
I am not sure… a microsoft login normally seems to jump across tens of different domains and my firefox containers get confused and it often fails if the stars are not well aligned.
Also: minimum age to sign up is 16. But you need to be 18 to verify your account. And if you’re locked out, you need to verify your account and log in to open a ticket saying that you can’t log in…
Readit News
With Google, it’s well-documented that sometimes, even if you don’t have 2FA turned on and you know your password, they simply won’t let you log in without some sort of additional verification… which may not be possible. This hit me once while overseas, I think I managed to get in by tunnelling through my VPS in Australia. And if you can’t do this, you’re stuck, because Google simply doesn’t have support.
With Amazon, I was finally able to find one way of contacting them that didn’t require signing in, and when I finally got to a human, the problem was immediately fixed.
It goes pretty much like this. If your problem needs “reasoning” that entails more than matching a direct solution, you’re getting the default answer that’s the closest match to the solution.
The only difference between live support and support docs is that live support has access to some of your data and controls over some flows (e.g. reset password)
Now the real kick - it’s like this across the board outside of tech. If you go to a hospital with a problem that is not the 95 or 99 or whatever they are “tuned” to deal with, your pretty much fucked, unless you can be resourceful or luck enough to navigate the structure until you find someone that actually knows how to.
Bureaucracies? Same.
It’s effectively the same dumb machinery with dumb human cogs that you’re always dealing with.
I think it’s simply the “limit” of average human intelligence and find it hard to believe AI will end up being dumber than this.
The problems isnt the cogs, its the business owners setting up the incentives. Providing reasoned support is expensive from a time and effort perspective, so they dont invest in it. Service reps are specifically trained and incentivized to just fuzzy match the SOPs
And AI cant reason either, so it wont be able to provide any real reasoned support either. And the pwners dont care because they already provide shit service, people like you will just hype the AI up and then make excuses for it when its just as shit
Dead Comment
If your point is "it is today's norm, let's accept it and shut up", I feel the opposite. If the "norm" is like that, expressing it aloud is my way of contributing to society.
A single support incident that reaches a paid worker on their side costs them more than the profit you’ve brought them for the year. It probably costs them more than the profit you’ll bring them for your entire life.
With less scale-y businesses, it’s worth it for them to put some effort into fixing problems, as an investment in your future business. Here, the only reason would be to avoid reputational damage. And who’s going to stop using Google or Microsoft because some guy had trouble getting support?
There’s a story (no doubt apocryphal) about Bill Gates telling people working on Windows that a customer calling their support line cost as much as the profit they made selling that copy of Windows. The point was to make it so Windows users didn’t need to call support by making Windows work better. The modern equivalent of this would be to make sure that users can’t reach expensive support in the first place.
What would be the opposite?
With enough blindfolds all bugs are unimportant?
There is no excuse for being lazy.
https://t3n.de/news/google-e-mails-geld-604458/
While you are consuming product and paying, you are basically identical to everyone else doing that (except for your varying personal info). That can be scaled in straightforward ways.
If you have some problem that requires attention to your account, that doesn't scale well. Even if it could, it's not worth it to them; it's off the happy, revenue-generating path.
It really drove home that trusting my identity and online presence to these entities that do not care or even know how to be responsible about it is a very bad idea.
>it’s well-documented that sometimes, even if you don’t have 2FA turned on and you know your password, they simply won’t let you log in without some sort of additional verification
However, this isn't quite fair on google - it's not arbitrary "sometimes", it's that accounts get locked if there's been unusual or suspicious activity that may indicate an attempt to compromise the account, such as failed login attempts or logins from a new location. The account is locked from single-factor (password only) authentication for a period of time to prevent compromise (which isn't disclosed but as I understand can vary and is usually a week or two), but will allow login with an MFA challenge.
If the account is locked and there are no MFA methods set up or other means of recovery like backup passwords, how are they meant to verify that it's you recovering the account and not an attacker?
Supposing you did manage to talk to a live google support agent, you'd still have the same problem of not being able to verify ownership of the account.
Note that there is no question who owns the account. That's what the password is for!
Presumably the excuse is that it happens because you don't use 2fa and your ip changed, but I heard 2fa might not save you either.
Dead Comment
I still have to understand whether it's incompetence or a business model.
Google has not scaled it's services, it has ignored hard problems of scaling in favour of solving (relatively) easy technical problems. It has not been punished in any meaningful way for this unbalanced approach, and so "the norm" shall it become.
To the detriment of us all.
The very few times I played Minecraft since then I just used a hacked client.
On the other hand, last time I got actually hacked was in 2015, when I intentionally shared the password for a popular kids game that I used to play back then. And I'm not a cybersecurity expert at all, I don't follow the best security protocols, heck I don't even have good passwords, but I have never been hacked in 9 years.
But I should've never attempted anything that complicated with MS. They can barely manage simple cases, groups of users is way too hard.
I guess they still suffer from monopoly syndrome. The EU should get them again.
By comparison, something similar happened when I was hired by Meta. Visiting the 2FA page caused my account to be insta-locked. It turned out that I had another account under an email address domain I no longer had access to. They were eventually able to fix it with an Oops request.
In conclusion, it doesn't matter so much if tech is imperfect if the support is good. But without good support, any small inconvenience or issue can easily spiral to become a show stopper.
By the way, the biggest griefs I have had with self-hosting my email has been due to Microsoft. Their way of categorizing spam can pretty much be summed up to: does it come from an explicitly whitelisted commercial email provider? Probably not spam, otherwise: spam. They are criminally incompetent (also) in this area.
I should consider a solution for backing up my email, though.
That was in the 80's.
Don't mess with the timeline, Marty!
So I dug into packet captures and found that the switches were using all-zeros gratuitous arps to populate the forwarding table more quickly, which is a fairly common practice. The SQL servers saw this as in indication of a duplicate IP address (the garps were for 0.0.0.0).
Technically this did trigger the duplicate IP address detection RFC, but was never a problem for other server builds or any other server operational capacities. Cisco was the other vendor involved and came out with an update to allow for a timing delay for the all-zeros GARP. However given the timeline runway and the need to do a bug scrub for just one access area in a large data center with other much more lucrative capacity builds the only fiscally responsible thing was to look to the vendor at the heart of the problem.
However it was not possible to get any response from microsoft on it in spite of having the most expensive support contract they offered. The monthly late fees for the project were in the 8 figure range, so microsoft was dumped since they were not answering the phone. It was not for a lack of trying either. Our so-called "high touch" liaisons were equally frustrated.
It was weird since we were not a small customer - we were one of their largest. If a fortune 10 can't get microsoft to answer the phone, what hope does anyone else have?
Also: minimum age to sign up is 16. But you need to be 18 to verify your account. And if you’re locked out, you need to verify your account and log in to open a ticket saying that you can’t log in…