Lesson #1: don't use an ISP email address
Lesson #2: don't use Google email at all.
Fuming Virgin Media customers have taken to the telco's forum to complain that their email addresses have been used by Google, instead of being kept private. The customers got a surprise email from Google today, who seemed to think they were all users. The Chocolate Factory is in the middle of updating its users about its new …
People putting their whole live on the internet through social media, buying goods, joining forums, signing up for free email accounts, using broadband, owning a mobile phone etc.
WHY is it such a surprise when these things happen like a breech of privacy.
Not only will it happen but it will get worse to the point that the notion of privacy will cease to exist.
There is an answer, Pay cash, register nowhere, never go online, never fill in a form. Simple, or is it?
People use different email accounts for different things. Many have hotmail or gmail or yahoo mail accounts for the purposes of signing up to services, buying stuff on the internet, etc.
Those same people like to have their own personal address, usually ISP supplied, as their private address to use between them and their select friends/family.
The email account associated with your ISP account is the one that people see that they are paying for. You pay for that email account and as such it should have protections from being sold off, abused or spammed by sneaky companies like Google.
The lesson is for telcos and MSOs - you no longer have a userbase.
By screwing all of your "systems" people, by leaving DNS, Email, News, etc rot as "non-essential" until all of your people go somewhere else and by giving the job to Google because you suck bricks sidewise running these you have now given Google all of your userbase. Voluntarily. If you have not given it to Google it is in the hands of MSFT (or yahoo for the very ones who sucked so bad in being an ISP that they had to "outsource" their email more than 5 years ago).
Now do not complain, bend over and do not wriggle. Resistance is futile. Your users shall be monetised and _NOT_ by you.
Signed - ex DNS, ex Email and ex-Systems person who has changed his profession and who is giggling madly watching the chickins coming home to roost and having diarrhea.
Wouldn't say so. The *only* use for the VM (previously NTL) email account I have is when VM themselves send me mails.
After all, only numptys use ISP specific email addresses when there are so many (better) alternatives. Unfortunately most non-savvy users are foisted on and railroaded into using an ISP's email address and doubtless this is seen as a carrot/stick by the ISP when it comes to retaining the punter - after all changing your email address just because you change ISP (either for cost or provision reasons) can be an extremely annoying process.
It's even more ridiculous when a company has gone to the trouble of getting their own domain name and website and yet still uses <mycompany>@btinernet.com or something equally amateurish. Keeps "web consultants" in a job though...
I think these people (Virgin Media customers) have every right to be upset, I would too most likely. Just check out their website (virginmedia.com), you won't find anything saying something about e-mail. The packages basically include "broadband, tv, phone, mobile". This isn't even mentioned in their faq's.
Only if you check things yourself will you find that....
[xxx@smtp ~]$ dig virginmedia.com mx
<cut>
;; ANSWER SECTION:
virginmedia.com. 3352 IN MX 10 aspmx3.googlemail.com.
virginmedia.com. 3352 IN MX 1 aspmx.l.google.com.
virginmedia.com. 3352 IN MX 5 alt1.aspmx.l.google.com.
virginmedia.com. 3352 IN MX 5 alt2.aspmx.l.google.com.
virginmedia.com. 3352 IN MX 10 aspmx2.googlemail.com.
'nough said I think. I know I'd be outraged.
Still; some people make valid points above. Don't rely on the ISP's e-mail services for your main address(es). Because what happens if you should decide to switch providers? Right now I think you're better of using a free provider (Yahoo, Hotmail) or maybe even a commercial one (Godaddy provides free e-mail with a domain registration for example).
That way you'll be sure that you're entitled to /some/ sense of privacy and should you ever change ISP's then you won't have to manually inform all of your friends & family.
Cost me like $10/month with 'static' IP and everything/ Small little BSD box running Postfix, dovecot and a free cert from StartSSL, I provide mail services to all my friends and family giving them an unlimited number of addresses (At one of domain names of course) and allows me to give a different address to everyone I deal with.
However somehow google got a hold of some of my addresses and I got a bunch of copies of their new Privacy Policy. How they got it, I have no clue at all as I actively avoid the chocolate factory and their services.
As another poster has pointed out, you can run a cloud virtual server with a static IP on a rather better connected host than anything in your spare room for not much more than your spare room's electricity bill. I don't recommend the spare room approach for email . I was doing this myself many years ago on a dialup, but even that had a static IP address, and an ISP (Demon) which ran a secondary MX for the domain. Nowadays you'll get more reliable delivery using a virtual server with a cloud provider or reputable hosting firm such as Bytemark. The spare room approach also has the problem of whoever gets your dynamically assigned IP next being able to obtain your messages just by listening for them and accepting them coming in on port 25.
Surely it's only common sense that Google must know your email address if they are running your email service?
Virgin were upfront with their subscribers that they were moving to Googles mail platform for their email.
For privacy and evil, I think that Google and Virgin are probably on a par; both want to monetize you to their other services, both don't really care how.
And finally, this is just going to turn out to be that someone at Google used the "All" list instead of the "All-gmail" to send the notification. Nothing nefarious, beyond the usual level of nefariousness.
Virgin, allegedly, told their customers that they were sub contracting the mail service to Google, and therefore , implicitly there is a contract with Google.
As its a change of contract between customer and company, the client/company can opt out.
Ready for legal flack (with references of course) from the uninformed and a load of negative points!!!!.
I still have the email on record of the changes, with instructions on how to login. The notification was sent to all 4 of the ntlworld email accounts I had at the time of the switch, giving 2 weeks notice.
And spam for me has dropped to none, with no false positives across 4 separate ntlworld addresses.
Quite frankly, as a customer back from the CableTel days, having email moved over to Google's back end was a massive, massive improvement.
No more outages, no reports of lack of space on the mail server.
"these accounts weren't set up with Virgin or Google either. So where have they scraped them up from?"
If i had to guess id say your kids probably created an account on youtube so they could comment and post stuff/ lie about their age and since google are tying stuff together under one login then this may be something that affects them.
@Robin: "If i had to guess id say your kids probably created an account on youtube so they could comment and post stuff/ lie about their age and since google are tying stuff together under one login then this may be something that affects them."
I say 'kids' from my perspective, but one of them is an adult (and has no interest in YouTube et al). I've checked, and these are these are valid "Changes to Google Privacy Policy and Terms of Service" messages. I'm seriously thinking of avoiding even Google's search now.
...a YouTube account, Blogger account, Picassa account or an account with some other Google owned service? Google unified the accounts for their various services a while ago. If you have got an account with one of these services try going to Google and signing in, just don't be surprised if your login is successful!
You might have a Google account even if you don't use any of those services... some sites are starting to go down the OpenID route with many login options available. So you could have set up a Google account for StackOverflow for instance...
The point being that it's not even necessarily a Google service that gets you your Google account; could be any service that uses Google login - and once you're logged into one, you're logged into all.
...quite right to me.
In my experience - at least - the chances of creating an OpenID account and not knowing with which OpenID provider you are creating it are slim to none. All OpenID enabled sites I've encountered will, for the purposes of OpenID account creation, direct you towards one or more OpenID providers OWN websites, making it completely transparent with whom you are signing up for an OpenID account with.
Using your example of StackOverflow - which only allows logins with OpenID accounts - if you don't already have an OpenID account you are directed towards the OpenID website itself. There you are given the choice of numerous OpenID providers, all of which are made quite CLEAR with whom you can sign up for an OpenID account with, because you have to go to the providers own website.
if you dislike the openness of the internet an still feel violated for your 'adult' children that have clearly ticked or not unticked a box somewhere just box up your pcs disconnect yourself and use the royal mail instead judging from your previous posts I'm surprised you haven't already;
better get your tinfoil hat on-. "moan moan moan..."
http://forums.theregister.co.uk/user/38418/
This post has been deleted by its author
Are you sure it's google sending the email? It could be spoofed. Getting email addresses is simple - just take a prefix from a real email address you've scanned and add it to every free email domain you can think of. ralph5@live.com, for example. Another way I think they might do it is by scanning the addresses in those chain mails that go round. People tend to forward those and include the addresses of everyone on the To list when they received it. Those addresses form the body of the mail when it hits its next bunch of recipients and 2 sets of To addresses get forwarded to the next link in the chain. Eventually you can get thousands of addresses being forwarded all over the world, and it will arrive at a spammer in due course.
in another article comment ...The problem, that a lot of people have in common, is that they fail to read the I'm not trying to be a smart-arse about this but if your with Virgin YOU gave them permission to make changes to the services they, or others on their behalf, provide after you signed on the dotted line AND give your information to third parties in the course of providing those services.
Also, to be fair to Virgin, at the time of the switch they DID give notice on their website, and send out an emails to the same effect, that they were switching to Google as their email provider rather than continue running their own in-house services inherited from Blue Yonder, NTL, etc. Granted, Google should have gone through Virgin first but at least they have notified the users of THEIR services (and as mentioned before, it is their service, not Virgins).
following is from: http://shop.virginmedia.com/the-legal-stuff.html
B (1): General
f. Some parts of the services (for example, television channels that form part of our television services and other content on, or accessible via, our television services) are supplied by other organisations. As a result, due to matters outside our reasonable control or for commercial or contractual reasons, Virgin Media Ltd may change, cancel or postpone all or any component part(s) of the services without notice, but giving you reasonable notice of any withdrawals and changes where it is possible to do so. You will be entitled to end these agreements if the changes are significant, as described in paragraph J5.
G (2): By having the services provided by us installed in your home and/or by using them you are providing your consent to use your personal information together with other information for the following purposes:
a. providing you with the services, service information and updates;
Occasionally third parties may be used to process your personal information in the ways outlined above. These third parties are permitted to use the data only in accordance with Virgin Media Ltd's instructions (as applicable).
H (2): Virgin Media Ltd and/or Virgin Media Payments may at any time improve, modify, amend or alter the terms of these agreements and/or the services and their content if:
b. Virgin Media Ltd decide that the services should be altered for reasons of quality of service or otherwise for the benefit of customers or, in Virgin Media Ltd's reasonable opinion, it is necessary to do so;
c. for security, technical or operational reasons;
f. if the changes or additions are minor and do not affect you significantly or we wish to have all our customers on the same terms and conditions; or
g. in all other events, where we reasonably determine that any modification to the relevant system or change in trading, operating or business practices or policies is necessary to maintain or improve the services provided to you.
W
"When VM moved to Google I asked VM what information would be shared I was told that Google would hold no account information on VM customers including email address.
Clearly someone was being economical with the truth!!!!"
Yes, but who?
Did Virgin really tell you they wouldn't be sharing even your email address with Google? If they did they would be lying, but I don't think even VM would be stupid enough to expect users to believe that the company operating their mail servers would not know the users email addresses. And if VM were that stupid how stupid does that make the users who believed them?
Go on, explain, how do you think Google could operate mail servers without knowing the users email addresses?
Is suspect they told you that they would not share any information OTHER THAN the email address and password for that account.
This post has been deleted by its author