Here is an idea. Just an idea. Do not keep sensitive personal information in your web mail inbox. The argument which goes like “Sure, Yelp means well but how do I know they won’t misuse my personal information” can be extended to Gmail, Yahoo, Hotmail or any other web-based service which requires a surrender of personal privacy as a price for “free” service.
I use gmail extensively but never keep anything sensitive in my inbox.
It is beyond me that Gmail, Facebook and others have convinced the masses that we live in oh-so-fuzzy-and-friendly world of online love and interconnectedness, which is primarily used to stuff our throats with useless advertising. I know, advertisers and google board members have to eat too.
I agree this is a big problem. But I also think there is the obvious, if you are lazy and want them to pull your contacts anyways. Just change your password before using the service. Then change it back afterwards.
I’m surprised I haven’t seen this comment (or I missed it in scanning) -
In addition to the FAIL reaction, my first instinct on any form with important information is to look for the https session…the forms I’ve seen don’t have it. So, not only are you trusting the site, but also the network.
The lack of https on a form with username and password upgraded the FAIL to EPIC FAIL for me.
A simple alternative is to have a secondary email account that has just “shareable” contacts. Granted, this is more than a user should have to do (I’m a fan of simply uploading .csv files) but it has the advantage that it will work for pretty much any of the existing sites that do this type of thing.
Now a lot of folk in here are developers, so you guys will disagree, however, I think y’all are making too much out of this issue.
On the average day, I log into 25+ sites/programs/gateways, etc. So are we really saying I should use 25+ passwords? I know the premise behind the “don’t use one password” rule, but it isn’t very practical is it?
Again, we’re talking about “social” sites here. If you guys don’t have a social email separate from a business email, then that’s the problem right there.
It takes 7 seconds to log into Gmail and change a password. So, to go forward then back, that’s a whopping 14 seconds.
I agree it’s a big problem, but there is a bit of common sense that goes into these things. With everything involving a third party, there is going to be a level of risk associate. How many people live in apartments, where maintenance can move in and out? It’s accepted risk.
There are paranoid folks that don’t show their ID when making a credit card purchase; there are folks that don’t use credit cards; there are folks living in caves. Does that mean, we all should, no?
And to close, why trust anybody? The majority of things I sign up for come through my Gmail address. And we know a lot of sites initially sent usernames and passwords. Gmail can “read” your email to do context-sensitive ads, so who’s to say what else they do? What does the “delete” button really do?
I say stop being OVERLY (keyword) paranoid here and just exercise a lil’ bit of common sense. And BTW, yes I use Mint and give them all the passwords to all my online banking accounts.
Couldn’t agree more. I did a (somewhat unscientific) study of this practice a while back (http://www.bitcurrent.com/?p=14); even those who claimed to have cleaned up their acts (the big social guys) were doing it.
It was interesting to see that on top of this practice, many of those sites weren’t using SSL encryption retrieve the password (which the original messaging site did) so you were sending a Gmail password in plaintext despite Google’s best efforts.
There are technical problems with this too. Look at Notchup (which peaked and tanked really fast) – their model had people repeatedly getting invites because they weren’t willing to de-duplicate sending.
Yes, I find it rather poor that sites request this info. Both the LinkedIn.com and Plurk.com websites do this same thing to automatically pull in your friendslist. I never do it either.
Here is an idea. Just an idea. Do not keep sensitive personal
information in your web mail inbox.
You must have missed part of the post. The issue isn’t that they might go scrape existing personal info out of your mailbox. The issue is that your main email account is essentially your master password file for the entire internet. Even if you keep your inbox totally clean, you are not safe. All someone has to do is go to various useful account holders around the net (eg: Facebook, WorldofWarcraft.com, ebay, etc), follow the “forgot my passoword / account name” link, and said info will be freshly mailed into that inbox for them.
I don’t know about Facebook and ebay scammers, but I know the gold farmers that plague World of Warcraft would love to do this to you if you let them. They just recently stole thousands of WoW accounts via a flash exploit they posted on sites WoW players hang out. Doing something like this Yelp thing (or just hacking into Yelp’s servers where your password is stored) would be cake for them.
I think that one piece of the puzzle is being missed here:
Many users of social network sites WANT this. They are more concerned about being able to easily import their contacts than they are about keeping their email secure.
So what do you do? Provide the tool that the users want, or lose them to someone who does?
“Someone mentioned Adium (instant messaging client). Of course it’s OK to enter all your accounts into Adium. The developers of Adium don’t see your passwords. AOL doesn’t see your MSN password. Google doesn’t see your Yahoo password. Etcetera. They are stored encrypted on your hard drive and only given out to the originating services.”
This is likely the case, and as Adium is open source it’s possible to check (not possible, really, for everyone, but that’s by-the-by). My point was that you need to trust the Adium developers that they aren’t harvesting your information for malevolent ends, just like you’d need to trust Facebook. So if Adium is OK, is a web-based IM client like Meebo (setting aside, for the moment, that they don’t use SSL)? Hk’s comment above puts it quite well.
Well, it’s just a matter of you “Do you trust them?”. E.g. you can also tell Google Mail to fetch all your mails from another e-mail account via POP3. In that case they’ll need your master password, too. On the other hand, if you don’t trust Google Mail, you should not even use it, because they will get all your mails (with all your passwords) anyway if you use it actively.
People hand out sensitive data way too easily these days. Often you just need to ask for it and they will tell you without even thinking for 2 seconds that this might be not a good idea at all. E.g. in Europe EC-Cards are much more important than credit cards. Everyone has one and almost every store takes them (credit cards are usually only accepted by some restaurants and by very little stores). In some stores you still pay with them by signing a bill (just like with credit card), however most stores have an online system today. The card is scanned and you are prompted for the card’s pin. Some card data and the pin are calculated to a secret key, an online connection is established to the bank and some challenge/response is performed to verify the validity of the card’s data, of the pin, and last but not least the bank will also say if a transfer of that much money is authorized.
Since you can also use EC cards to get cash (not just for shopping), if you have the card and know the pin, you can easily clear the bank account. Copying an EC card takes a couple of seconds and there are devices that will do so for little money. The only thing that protects your bank account from abuse is the pin. All security depends on that pin.
Here’s a real life story: I was at a supermarket, buying some groceries. The guy in front of me paid by EC card. He gave the card to the cashier and then placed more stuff into his shopping card, not looking what the cashier is doing with his card. She could have copied it, the guy had never noticed. Now the cashier says “Sir, would you please enter your pin at the terminal?” and he, still busy rearanging bags in his shopping card, replies “Just enter XXXX, that’s my pin”. I have heard it, everyone behind me has, and the cashier entered the pin on behalf of the customer. If she had copied the card, she now would have the pin and could go on a nice shopping trip.
Most people have no sense for sensitive data nowaydays. And that is the reason why governments are spying on their citizens that much (every year citizen get less privacy and government organizations get more authorizations), as the citizens don’t care. I wait for the day someone puts his credit card number on Facebook saying “Here’s my VISA number …, but please, don’t abuse it”.
Hi Jeff,
I have read quite a lot on .Net, Programming, Performance. etc. typically very important and very much related to a Jr. developers like me.
But recently your posts seems to getting little away from them. (May be my perception… and may be wrong…)
But it will be great to see some post from you on those topics back.
Hi Jeff,
I have read quite a lot on .Net, Programming, Performance. etc. typically very important and very much related to a Jr. developers like me from your blog.
But recently your posts seems to getting little away from them. (May be my perception… and may be wrong…)
But it will be great to see some post from you on those topics back.
One possible solution could be to allow users to upload their address book meta files in csv or outlook/vcf formats. For eg. gmail allows you to export your contacts in many formats. Sites that want to search your contacts can use this as a reference.
I came across one of these the other day. Someone sent a link to me via live messenger and that was the first page I was greated with. The url reported to hold photos belonging to that person. My friend wasnt online at the time, so I couldnt ask why they trust it. I just stopped and thought exactly like you Jeff, why the hell do you expect me to trust you with my email password. Its like giving them a rubber glove and bending over!
I’m going to break my golden rule and not read through the other 172 comments. Why? Because, even if other people have pointed this out, it bears repeating.
Get a second email address for these things. It really isn’t that difficult to notice that “things that might cost me money through fraud” and “things that are way cool because they’re so, like, you know, Web 2.0” fall into separate categories.
Why on earth should they not fall into separate email boxen?