[capableweb]

They have their own tld, .goog, they could surely have put the website under their instead to at least gain some trust, instead of the current abomination of a domain.

Or, you know, just use subdomains which has existed since forever...

[lolinder]

Subdomains don't solve the problem, because Google very much intentionally puts the user session cookie on the root of .google.com, thereby sharing with all subdomains.

[cma]

The tld he is talking about is different though right?

[lolinder]

Yes, but I read that as suggesting they could use their own tld OR use subdomains. If you open a new domain on that tld, you don't need subdomains to protect Google account cookies.