Fuming Virgin Media customers have taken to the telco's forum to complain that their email addresses have been used by Google, instead of being kept private. The customers got a surprise email from Google today, who seemed to think they were all users. The Chocolate Factory is in the middle of updating its users about its new …
Lesson #1: don't use an ISP email address
Lesson #2: don't use Google email at all.
WITH SO MANY ...
People putting their whole live on the internet through social media, buying goods, joining forums, signing up for free email accounts, using broadband, owning a mobile phone etc.
WHY is it such a surprise when these things happen like a breech of privacy.
Not only will it happen but it will get worse to the point that the notion of privacy will cease to exist.
There is an answer, Pay cash, register nowhere, never go online, never fill in a form. Simple, or is it?
No, wrong lesson
The lesson is for telcos and MSOs - you no longer have a userbase.
By screwing all of your "systems" people, by leaving DNS, Email, News, etc rot as "non-essential" until all of your people go somewhere else and by giving the job to Google because you suck bricks sidewise running these you have now given Google all of your userbase. Voluntarily. If you have not given it to Google it is in the hands of MSFT (or yahoo for the very ones who sucked so bad in being an ISP that they had to "outsource" their email more than 5 years ago).
Now do not complain, bend over and do not wriggle. Resistance is futile. Your users shall be monetised and _NOT_ by you.
Signed - ex DNS, ex Email and ex-Systems person who has changed his profession and who is giggling madly watching the chickins coming home to roost and having diarrhea.
Give us a clue.
Signed - a different ex DNS, ex Email and ex-Systems person who has retired from IT.
People use different email accounts for different things. Many have hotmail or gmail or yahoo mail accounts for the purposes of signing up to services, buying stuff on the internet, etc.
Those same people like to have their own personal address, usually ISP supplied, as their private address to use between them and their select friends/family.
The email account associated with your ISP account is the one that people see that they are paying for. You pay for that email account and as such it should have protections from being sold off, abused or spammed by sneaky companies like Google.
Lesson #3. Do not trust Virgin/NTL (or BT, or TalkTalk... or the UK mobile telcos for that matter...) with the privacy/security/integrity of your personal or commercial communications. Find a trustworthy telco, or learn to encrypt.
Lesson #1 : No option. I've been using the address since 1999, had no option but to let VM shift it to Google.
Lesson #2 : I'm not, apart from the Lesson #1 issue.
Wouldn't say so. The *only* use for the VM (previously NTL) email account I have is when VM themselves send me mails.
After all, only numptys use ISP specific email addresses when there are so many (better) alternatives. Unfortunately most non-savvy users are foisted on and railroaded into using an ISP's email address and doubtless this is seen as a carrot/stick by the ISP when it comes to retaining the punter - after all changing your email address just because you change ISP (either for cost or provision reasons) can be an extremely annoying process.
It's even more ridiculous when a company has gone to the trouble of getting their own domain name and website and yet still uses <mycompany>@btinernet.com or something equally amateurish. Keeps "web consultants" in a job though...
I stopped using Blueyonder/Telewest/Virgin-whatever email years ago, when they first went to Exchange server and kept screwing up. Looks like they've jumped form the frying pan into the fire.
I think these people (Virgin Media customers) have every right to be upset, I would too most likely. Just check out their website (virginmedia.com), you won't find anything saying something about e-mail. The packages basically include "broadband, tv, phone, mobile". This isn't even mentioned in their faq's.
Only if you check things yourself will you find that....
[xxx@smtp ~]$ dig virginmedia.com mx
;; ANSWER SECTION:
virginmedia.com. 3352 IN MX 10 aspmx3.googlemail.com.
virginmedia.com. 3352 IN MX 1 aspmx.l.google.com.
virginmedia.com. 3352 IN MX 5 alt1.aspmx.l.google.com.
virginmedia.com. 3352 IN MX 5 alt2.aspmx.l.google.com.
virginmedia.com. 3352 IN MX 10 aspmx2.googlemail.com.
'nough said I think. I know I'd be outraged.
Still; some people make valid points above. Don't rely on the ISP's e-mail services for your main address(es). Because what happens if you should decide to switch providers? Right now I think you're better of using a free provider (Yahoo, Hotmail) or maybe even a commercial one (Godaddy provides free e-mail with a domain registration for example).
That way you'll be sure that you're entitled to /some/ sense of privacy and should you ever change ISP's then you won't have to manually inform all of your friends & family.
get your own domain name, and set up forwarding for email. The cost is trivial, and you can still use the ISP for delivery if you feel the need. That way you can give out a different email address to each organisation, trace which ones leak it and redirect it to the bit bucket when compromised.
An Amazon Cloud system is pretty good too
Cost me like $10/month with 'static' IP and everything/ Small little BSD box running Postfix, dovecot and a free cert from StartSSL, I provide mail services to all my friends and family giving them an unlimited number of addresses (At one of domain names of course) and allows me to give a different address to everyone I deal with.
You can buy a ( .me.uk ) domain from FreeParking ( as an example ) for as little as £5, they will give you unlimited number of POP boxes. If you're a bit more savvy, set up your own email server on cheap low-power PC in the spare room and route your own mailboxes.
@The Fuzzy Wotnot
As another poster has pointed out, you can run a cloud virtual server with a static IP on a rather better connected host than anything in your spare room for not much more than your spare room's electricity bill. I don't recommend the spare room approach for email . I was doing this myself many years ago on a dialup, but even that had a static IP address, and an ISP (Demon) which ran a secondary MX for the domain. Nowadays you'll get more reliable delivery using a virtual server with a cloud provider or reputable hosting firm such as Bytemark. The spare room approach also has the problem of whoever gets your dynamically assigned IP next being able to obtain your messages just by listening for them and accepting them coming in on port 25.
ALL YOUR DATA ARE BELONG TO US
THEY SET US UP THE MAILBOMB!
I don't get the problem.
Surely it's only common sense that Google must know your email address if they are running your email service?
Virgin were upfront with their subscribers that they were moving to Googles mail platform for their email.
For privacy and evil, I think that Google and Virgin are probably on a par; both want to monetize you to their other services, both don't really care how.
And finally, this is just going to turn out to be that someone at Google used the "All" list instead of the "All-gmail" to send the notification. Nothing nefarious, beyond the usual level of nefariousness.
Not nefarious, but an intrusion nonetheless. If you don't have a contract with Google they shouldn't be emailing you about the terms of ...erm... their contracts.
Its an email.
"Its an email"
So is spam...
Virgin, allegedly, told their customers that they were sub contracting the mail service to Google, and therefore , implicitly there is a contract with Google.
As its a change of contract between customer and company, the client/company can opt out.
Ready for legal flack (with references of course) from the uninformed and a load of negative points!!!!.
No they didnt
Virgin NEVER informed the NTL customers (at least) of their transfer to Google mail. I only discovered this after the Spam influx mulitplied from 1 a month pre transfer to 30 a day post transfer.
I HATE Google mail - stuck with it at work too!
Yes they did
I still have the email on record of the changes, with instructions on how to login. The notification was sent to all 4 of the ntlworld email accounts I had at the time of the switch, giving 2 weeks notice.
And spam for me has dropped to none, with no false positives across 4 separate ntlworld addresses.
Quite frankly, as a customer back from the CableTel days, having email moved over to Google's back end was a massive, massive improvement.
No more outages, no reports of lack of space on the mail server.
Well you got one bit right...
'Uninformed' is exactly the situation. When I signed up to Virgin I didn't get any clear notification that the email account I received as part of the paid package was hosted/run by Google.
Fortunately I don't use it - never signed into it.
Nither did I
But I did notice the gmail folder appear in my folder list in Thunderbird when I first connected to their email server.
It's even worse...
Some of my children have received these emails from Google on accounts that were set up for private family communication, and we don't know yet how Google got hold of them. This is really getting out of control...
...and in case anyone is wondering
...these accounts weren't set up with Virgin or Google either. So where have they scraped them up from?
"these accounts weren't set up with Virgin or Google either. So where have they scraped them up from?"
If i had to guess id say your kids probably created an account on youtube so they could comment and post stuff/ lie about their age and since google are tying stuff together under one login then this may be something that affects them.
Are you sure it's google sending the email? It could be spoofed. Getting email addresses is simple - just take a prefix from a real email address you've scanned and add it to every free email domain you can think of. email@example.com, for example. Another way I think they might do it is by scanning the addresses in those chain mails that go round. People tend to forward those and include the addresses of everyone on the To list when they received it. Those addresses form the body of the mail when it hits its next bunch of recipients and 2 sets of To addresses get forwarded to the next link in the chain. Eventually you can get thousands of addresses being forwarded all over the world, and it will arrive at a spammer in due course.
Have you got...
...a YouTube account, Blogger account, Picassa account or an account with some other Google owned service? Google unified the accounts for their various services a while ago. If you have got an account with one of these services try going to Google and signing in, just don't be surprised if your login is successful!
...not all children
@Robin: "If i had to guess id say your kids probably created an account on youtube so they could comment and post stuff/ lie about their age and since google are tying stuff together under one login then this may be something that affects them."
oh dear really??
if you dislike the openness of the internet an still feel violated for your 'adult' children that have clearly ticked or not unticked a box somewhere just box up your pcs disconnect yourself and use the royal mail instead judging from your previous posts I'm surprised you haven't already;
better get your tinfoil hat on-. "moan moan moan..."
"I'm seriously thinking of avoiding even Google's search now."
If you had any sense at all you wouldn't have been using "even Google's search" for some time.
You might have a Google account even if you don't use any of those services... some sites are starting to go down the OpenID route with many login options available. So you could have set up a Google account for StackOverflow for instance...
The point being that it's not even necessarily a Google service that gets you your Google account; could be any service that uses Google login - and once you're logged into one, you're logged into all.
That doesn't sound...
...quite right to me.
In my experience - at least - the chances of creating an OpenID account and not knowing with which OpenID provider you are creating it are slim to none. All OpenID enabled sites I've encountered will, for the purposes of OpenID account creation, direct you towards one or more OpenID providers OWN websites, making it completely transparent with whom you are signing up for an OpenID account with.
Using your example of StackOverflow - which only allows logins with OpenID accounts - if you don't already have an OpenID account you are directed towards the OpenID website itself. There you are given the choice of numerous OpenID providers, all of which are made quite CLEAR with whom you can sign up for an OpenID account with, because you have to go to the providers own website.
Ha Ha Ha Ha Ha
Prepare to be Assimilated into the GoogleBorg collective, resistance is futile.
The borg were defeated, quite easily in the end, you have not been watching Star trek closely enough, but I wont down mark you for that.
As I posted...
in another article comment ...The problem, that a lot of people have in common, is that they fail to read the I'm not trying to be a smart-arse about this but if your with Virgin YOU gave them permission to make changes to the services they, or others on their behalf, provide after you signed on the dotted line AND give your information to third parties in the course of providing those services.
Also, to be fair to Virgin, at the time of the switch they DID give notice on their website, and send out an emails to the same effect, that they were switching to Google as their email provider rather than continue running their own in-house services inherited from Blue Yonder, NTL, etc. Granted, Google should have gone through Virgin first but at least they have notified the users of THEIR services (and as mentioned before, it is their service, not Virgins).
following is from: http://shop.virginmedia.com/the-legal-stuff.html
B (1): General
f. Some parts of the services (for example, television channels that form part of our television services and other content on, or accessible via, our television services) are supplied by other organisations. As a result, due to matters outside our reasonable control or for commercial or contractual reasons, Virgin Media Ltd may change, cancel or postpone all or any component part(s) of the services without notice, but giving you reasonable notice of any withdrawals and changes where it is possible to do so. You will be entitled to end these agreements if the changes are significant, as described in paragraph J5.
G (2): By having the services provided by us installed in your home and/or by using them you are providing your consent to use your personal information together with other information for the following purposes:
a. providing you with the services, service information and updates;
Occasionally third parties may be used to process your personal information in the ways outlined above. These third parties are permitted to use the data only in accordance with Virgin Media Ltd's instructions (as applicable).
H (2): Virgin Media Ltd and/or Virgin Media Payments may at any time improve, modify, amend or alter the terms of these agreements and/or the services and their content if:
b. Virgin Media Ltd decide that the services should be altered for reasons of quality of service or otherwise for the benefit of customers or, in Virgin Media Ltd's reasonable opinion, it is necessary to do so;
c. for security, technical or operational reasons;
f. if the changes or additions are minor and do not affect you significantly or we wish to have all our customers on the same terms and conditions; or
g. in all other events, where we reasonably determine that any modification to the relevant system or change in trading, operating or business practices or policies is necessary to maintain or improve the services provided to you.
The first sentence was supposed to read:
"The problem, that a lot of people have in common, is that they fail to read the T&Cs."
The reason for that is all the years of agreeing to Microsoft's EULA which says that they can't be held liable for anything (including the 2nd coming)
When VM moved to Google I asked VM what information would be shared I was told that Google would hold no account information on VM customers including email address.
Clearly someone was being economical with the truth!!!!
Check the DP entries for Virgin and I am sure you will find they have covered their derrieres.
Wait, Google will be providing your Virgin mail service but would not know your Virgin email address? Didn't that strike you as illogical?
"When VM moved to Google I asked VM what information would be shared I was told that Google would hold no account information on VM customers including email address.
Clearly someone was being economical with the truth!!!!"
Yes, but who?
Did Virgin really tell you they wouldn't be sharing even your email address with Google? If they did they would be lying, but I don't think even VM would be stupid enough to expect users to believe that the company operating their mail servers would not know the users email addresses. And if VM were that stupid how stupid does that make the users who believed them?
Go on, explain, how do you think Google could operate mail servers without knowing the users email addresses?
Is suspect they told you that they would not share any information OTHER THAN the email address and password for that account.
But I'm sure companies giving themselves the right to change contracts, in the contracts themselves, pre-dates Microsoft by a long way. I'm equally sure people have been failing to read the T&Cs for just as long too.
God damn it!
What the hell am I doing today? The above was supposed to be in reply to Steve Davies 3's reply to my own post above!
It stands to reason...
...that Google have the ability to push a message into all inboxes without having to know user's addresses. It wouldn't be very efficient for Google to mail everyone directly.
As a VM customer I'm not outraged like I was at O2 yesterday.
Darn! Too late...
Imagine setting up a honey pot where the only time the email address was ever used was when it was embedded within an e-mail or document sent and saved to a google user.
Then you can test to see if Google picked up your e-mail address from the content.
I don't really see what the problem is...
People are talking as though Google has just ravaged their hard drives and put all their treasured pictures of them dressed as trannies on the internet.. all they did was send an email...
- Vid Antarctic ice THICKER than first feared – penguin-bot boffins
- Hi-torque tank engines: EXTREME car hacking with The Register
- Review What's MISSING on Amazon Fire Phone... and why it WON'T set the world alight
- Antique Code Show World of Warcraft then and now: From Orcs and Humans to Warlords of Draenor
- Product round-up Trousers down for six of the best affordable Androids