22 comments

[ 3.3 ms ] story [ 55.0 ms ] thread
It’s probably because someone was lazy and didn’t want to put a 404 screen up for if the issue was private. But this is lame.
They just required everyone to sign in to use it.
He didn't say it was a permission issue, he said someone was to lazy to handle the use-case for users which are not logged in.
It's clearly they made it for one use case, you have to login to use it.
This is becoming more and more widespread, Atlassian is another company doing this.

Although their case seems to be one more of incompetence than malice, since the issue page loads, shows you the entire page, then redirects you to their SSO system just as you're about to start reading. It's rather infuriating.

That sounds bad, especially if the documentation gives the impression that the data is only visible when logged in.

It appears possible to make it public (e.g https://jira.atlassian.com/browse/JRASERVER-38101). I guess the controls are too coarse though?

Atlassian just makes terrible software.
This infuriates me every time I go to some atlassian issue or doc page. I'm either logged in or not. Just show me the content and don't take it away from me for a pointless Auth check flow!!
Oracle / Java / JDK download is another one. Requiring you to login to download any non-latest version.
I guess the insinuation is that Google’s trying to force people to sign up for Google accounts?

Seems to me like the cohort of users trying to file or check on Google issues without a Google account is minuscule and absolutely not worth spending development time on.

The insinuation is that locking read-only access behind sign-in requirements is spreading, making preserving privacy online even more difficult.
Is this for an Open Source or other project? Not that I think there's any distinction at Alphabet anymore of course.
The listed link goes to a Android bug on the "Android Public Tracker".
This application is the internal tool called 'Buganizer' that everyone at Alphabet use to file bugs. It's exposed externally in a limited way that allows people to file bugs for Google products (such as Android), but generally, not much else.
I know this is at least true for AOSP. I tried looking for/filing a bug with AOSP, and I wasn't even allowed to look for similar bugs unless I was signed in.

I get requiring to sign in to file a bug, but I was a lot less interested in even trying to when the entire thing was walled off.

I'm getting tired of everything requiring you to "sign-in" for even cursory viewing of data. I have noticed some things bucking the trend like ordering online from a restaurant. But more often than not, things seem to require some kind of account they can mine for contacts.
Well to the restaurant it is more important to do business with you than to collect your data.

While the issue tracker isn't Google's actual business, collecting data is.

I stopped using thewirecutter.com for this reason (there are workaraounds, but in the end not worth the trouble). An account is now required just to read reviews.

Over the years I've stopped using a number of sites - it's such an inconvenience to manage email/pws for a million different sites, not to mention a privacy issue.

The obvious privacy drawback aside, this also hides the content from search engines - be it Google or others. (And other crawlers.)

That upsets me more.

This is Google's internal company wide issue tracker exposed to the public [0]. It was built requiring sign on because that is the default way a mature company builds tools so it can properly handle authz and authn.

My guess is nobody in that management chain cares enough to go through the effort of getting a mostly internal and collaborators system working without any auth.

0 - https://developers.google.com/issue-tracker