Google, protecting you from privacy
this post was submitted on 23 Oct 2025
332 points (98.8% liked)
Selfhosted
52803 readers
955 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
founded 2 years ago
MODERATORS
Google protecting Google from FOSS.
They're right too, after using Immich I don't want to go back.
I have identified the problem.
... for which all solutions are pitifully incapable, relatively speaking.
I smell fear.
I knew it was too good to be true when they give away free pic storage for their pixel phones. I just didn't listen to my gut.
They've also started warning against android apps from outside repos. Basically they want to force people to use their ai-filled bullshit apps.
Immich users flag Google sites as dangerous
Stop using google. Don't you know their motto? "Be evil"
Easier said than done, if your end users run Chrome. Because Chrome will automatically block your site if you’re on double secret probation.
The phishing flag usually happens because you have the Username, Password, Log In, and SSO button all on the same screen. Google wants you to have the Username field, the Log In button, and any SSO stuff on one page. Then if you input a username and go to start a password login, Google expects the SSO to disappear and be replaced by the vanilla Log In button. If you simply have all of the fields and buttons on one page, Google flags it as a phishing attempt. Like I guess they expect you to try and steal users’ Google passwords if you have a password field on the same page as a “Sign in with Google” button.
Firefox ingests Google SafeBrowsing lists.
If you are falsely flagged as phishing (like I was), then you are fucked regardless of what you use (except you use curl).
I couldnt even bypass the safebrowse warning on my Android phone in Firefox.
OP is impacted by Google SafeBrowsing which various websites use.
Same when you try to deviate from the approved path of email providers or, dog forbid, even self-host email.
This is why I always switch off that "block potentially dangerous sites" setting in my browser - it means Google's blacklists. This is how Google influences the web beyond its own products.
edit: it's much more complex than simple blocklists with email
I wouldn't recommend turning off safe browsing
If a page is blocked it is very easy to bypass. However, the warning page will make you take a step back.
For instance, someone could create a fake Lemmy instance at fedit.org to harvest credentials.
just use ublock origin and a proper password manager. google safe browsing means google sees what sites you browse.
@possiblylinux127 @A_norny_mousse ungoogled-chromium disables safe browsing, and for Debian's chromium package I keep going back and forth about whether to pull that patch in or not.
@Andres4NY@social.ridetrans.it
Running Debian Stable, I have installed ungoogled-chromium which is also in the repos.
But Librewolf is my main browser, Chromium a rarely used secondary.
What I'm talking about is how these blocklists are used by many other browsers/softwares (e.g. Firefox) as well.
This is why I always don't use Chrome or Google Search
Fuck you google. I can't see youtube videos with my browser because google wants me to sign in. Tells me it is protecting the community.
BULLSHIT.
Because google doesnt make me sign in to view or edit someone elses google docs they are sharing. Which one is more important google? Assholes.
jellyfin had a similar issue too for a long time for servers exposed to the internet. google would always reblock the domains soon after unblocking them. I think they solved it in the latest update. Basically it's that google's scraping bots think that all jellyfin servers are a scam that imitate a "real" website.
But the malvertisements on Google's front page are ok, I guess
What is the usecase for exposing jellyfin to the outernet anyway ?
What's the usecase for Netflix? Same case.
watching it remotely, like at friends. even if you can access it on your phone through VPN, the smart TV won't be able to use it
this is why you disable google "safe browsing" in librewolf and use badblock instead
Librewolf has Google "safe browsing" to disable...? Google?
firefox has google safe browser api protection; librewolf disables it by default under librewolf settings.
https://support.mozilla.org/en-US/kb/safe-browsing-firefox-focus
Similar issues were reported with aves libre early this week, maybe it's related?
From the OP:
Google Safe Browsing looks to be have been built without consideration for open-source or self-hosted software. Many popular projects have run into similar issues, such as:
-
Jellyfin
-
YunoHost
-
n8n
-
NextCloud
I'm sure it's all accidental and coincidental that open source project that rival Google just weirdly got flagged as being dangerous. Google also doesn't know how this happened, it just did! Magic!
It probably is accidental, but they don't care enough to fix the root problem
Uh huh.
Loads of scam projects on play store that rarely get taken down but a competitor on play store gets sabotaged. I'm sure it's purely coincidental
Clearly their run-in with the DOJ and subsequent wrist-slap has emboldened them to new heights of anticompetitiveness.
I got a 'dangerous site' warning and then prompts for crap on my Vaultwarden instance (didn't see it on Immich but this was a while ago). I think I had to prove I owned the domain with some DNS TXT records then let them "recheck" the domain. It seems to have worked.
Google flags F-Droid updates...
Why would people have Google security going on if they have set up F-Droid as their appstore? Doesn't that defeat the entire purpose?
Like I understand that if I buy a phone from Apple, and they control everything on the phone and what I can install - well I mean I bought it from Apple, what else did I expect?
But I didn't buy my phone from Google. They should have no say in what I could or couldn't install.
I mean, I don't think it matters if you bought the phone from Google or not (and you could have). Samsung or Motorola or whoever shouldn't have any say either.
Well according to the OP, it's a list they offer for free and it's integrated with many browsers including Firefox...
Was also flagged recently.
In my case it was the root domain which is
- Geofiltered to only my own Country in Cloudflare
- Geofiltered to only my country in my firewall
- Protected by Authelia (except the root domain which says 404 when accessing)
So....IDK what they want from me :p My domain doesnt serve public websites (like a blog) destined for public consumption...
Google Safe Browsing looks to be have been built without consideration for open-source or self-hosted software.
IMO Google Save Browsing was built with consideration for open-source and self-hosted software, but it has nothing to do with user safety, just like blocking Android apps from 3rd party sites has nothing to do with user safety. The harder they make it to move away from their products by making using alternatives difficult, the more money they make and money is now the only objective. Even if this only adds a fraction of a fraction of a percent to their profit it's something Google will implement.
The old social contract of businesses being of benefit to the community as a whole in addition to making a profit is long gone.
Google has always been evil. Why else was their byline "Don't be evil"?
If you have to make such a disclaimer...
Hopefully your Immich server isn't public facing...