Some very interesting reading on the legal shit storm that may be facing Facebook.
From Wired:
When The Pirate Bay released new Facebook features last month, the popular social networking site took evasive action, blocking its members from distributing file-sharing links through its service.
Now legal experts say Facebook may have gone too far, blocking not only links to torrents published publicly on member profile pages, but also examining private messages that might contain them, and blocking those as well.
“This raises serious questions about whether Facebook is in compliance with federal wiretapping law,” said Kevin Bankston, a lawyer with the Electronic Frontier Foundation, responding to questions from a reporter about the little-noticed policy that was first reported by TorrentFreak.
It’ll be interesting to see if they get a legal colonoscopy.
From the Official Gmail Blog…
Turn on Undo Send in Gmail Labs under Settings, and you’ll see a new “Undo” link on every sent mail confirmation. Click “Undo,” and we’ll grab the message before it’s sent and take you right back to compose.
I’m not entirely sure how I feel about this – I think that it may lead to a certain “carelessness” of the type usually displayed by Edna who frequently attempts to recall messages sent from Outlook. I think that I’m on the side of the good old days – when an email left the MUA, it was GONE. Of course, Gmail isn’t exactly a normal MUA.
How do you feel about it?
Comments please!
Yes, I wanted a pic of the governator up there, but in the end, this feature from Google is all about the rainbow vomiting unicorns that make the Internet a happy place for people who live a carefree life.
(CC licensed image from Scrunchleface’s Flickr stream.)
Tags: google, gmail, message recall, total recall
The dust has cleared. The Gmailageddon now subsiding I emerged from the bunker to do battle with potential zombie hordes…and search for any survivors.
The madness of the great Gmail meltdown of ‘09 (again) had the tubes of the internet all a flutter this morning. Seriously though, why is it such a big deal? Are folks so dependent on Gmail that when it crashes life stops?
If so, wtf?
But, amid the mayhem and carnage of the morning there was an interesting piece that popped up on TechCrunch. Apparently, some ne’er do wells managed to create a group that used background noise to spread porn Google groups in the midst of the carnage of the blue screened clouds.
Google’s response to the outage?
If you’ve tried to access your Gmail account today, you are probably aware by now that we’re having some problems. Shortly after 10 9:30am GMT our monitoring systems alerted us that Gmail consumer and businesses accounts worldwide could not get access to their email.
We’re working very hard to solve the problem and we’re really sorry for the inconvenience. Those users in the US and UK who have enabled Gmail offline through Gmail Labs should be able to access their inbox, although they won’t be able to send or receive emails.
We’re posting updates to the Gmail Help Centre at http://mail.google.com/support/ and Google Apps users can visit the Google Apps help centre at www.google.com/support/a.
Thanks for bearing with us while we sort this out. We’ll report back as we make progress.
Posted by Acacio Cruz, Gmail Site Reliability Manager
So, with all the talk of cloud computing, what happened with Gmail (and other services) yet again?
Another typo?
Is it raining?
Today brings news that the spammers that were using McColo Corp have retaken their botnet and are back in business of blasting out spam. As a tangent, we read Google’s response to the rise in pwned Gmail accounts.
From Google Online Security Blog:
We’ve seen some speculation recently about a purported security vulnerability in Gmail and the theft of several website owners’ domains by unauthorized third parties. At Google we’re committed to providing secure products, and we mounted an immediate investigation. Our results indicate no evidence of a Gmail vulnerability.
With help from affected users, we determined that the cause was a phishing scheme, a common method used by malicious actors to trick people into sharing their sensitive information. Attackers sent customized e-mails encouraging web domain owners to visit fraudulent websites such as “google-hosts.com” that they set up purely to harvest usernames and passwords. These fake sites had no affiliation with Google, and the ones we’ve seen are now offline. Once attackers gained the user credentials, they were free to modify the affected accounts as they desired. In this case, the attacker set up mail filters specifically designed to forward messages from web domain providers.
The thought by some folks was that this was due to a CSRF bug that was discovered in Sept 2007. According to Google this problem was addressed within 24 hours of the initial discovery.
Today I received an email from someone I know who had their Gmail account pinched by ne’er do wells. They were nice enough to blast out spam with his/her entire address book in the “To:” field.
Decidedly uncool.
What does this accomplish? Does this make the spammer money? Of course not. Does it piss off people that would like nothing better than to hunt the little peckerwoods down? You bet.
The long and the short of it is that we all need to take precautions when using any webmail account. Google offers this advice on how to help better protect oneself using HTTPS with Gmail. Is it bulletproof? No. But, it’s better than getting your password snarfed.
I find this interesting. I received this email today,
Dear colleagues
The Internet Society (ISOC) has recently become aware that there is an email scam circulating, which claims to be part of a competition sponsored by ISOC.
The email, which claims that ISOC is a sponsor of the “FAN-OF-THE-WEB Promotion for 2008″, promises a prize will be sent once the recipient provides certain personal details, including passport information, as well as a payment for shipping fees.
Please be advised that ISOC is not connected in any way with these emails, nor does it sponsor the competition named in those mails. Furthermore, ISOC is not involved in any competitions or awards that would result in unsolicited emails of this nature.
ISOC urges all Internet users to be careful of any unsolicited emails that ask you to provide money or personal information. If you have any doubts about any mail which purports to be connected to ISOC, please feel welcome to contact us directly:
Um, here’s a thought. Why not digitally sign your emails?
Hmm?
This great posting showed up on Ars Technica a couple days ago. Mail Goggles is an add-on that is designed to save you from yourself should you find yourself in front of a computer at 3 am and decide, via fuzzy wobbly brown pop logic, that now would be a great time to answer emails. This add-on for gmail will do a WORLD of good for some of my friends.
From Ars Technica:
How many times have you stumbled home after a long night out with friends, only to plop down in front of the computer and start sending e-mails that you would wake up regretting the next day? OK, maybe some of our older readers in the crowd have never moved beyond “drunk dialing,” but many of us are probably more familiar with the embarrassing phenomenon, a technological evolution of the drunk dial.
This is a great tool because before you can send out emails in an altered state you have to tackle some mental gymnastics.
If you have Mail Goggles installed—which you can do by going to the “Labs” tab under your Gmail settings and turning them on—it will force you to answer a series of math questions before sending out any new messages.
Bloody brilliant.
Thankfully those days are behind me now.
Wow, didn’t expect this one today. Apparently some ne’er do well managed to hack into Sarah Palin’s personal Yahoo account and post the lot to Wikileaks.
From Wikileaks:
Circa midnight Tuesday the 16th of September (EST) activists loosely affiliated with the group ‘anonymous’ gained access to U.S. Republican Party Vice-presidential candidate Sarah Palin’s Yahoo email account gov.palin@yahoo.com and passed information to Wikileaks. Governor Palin has come under criticism for using private email accounts to conduct government business and in the process avoid transparency laws. The zip archive made available by Wikileaks contains screen shots of Palin’s inbox, two example emails, address book and a couple of family photos. The list of correspondence, together with the account name, appears to re-enforce the criticism. Wikileaks may release additional emails should they be of political substance.
I wouldn’t wish this treatment on anyone. There is activism and then there is just down right improper behaviour. I’m not a fan of Palin but, I don’t think it was fair for this information to be posted.
Now, bearing in mind recent Yahoo mail hacks I’m wondering how they got in? Bad password or is there a zero day in Yahoo’s webmail?
[UPDATE]: Chris Eng has a posting on how Palin’s email might have been pwned. And some more info on the ctunnel [dot] com site that was used to “protect” anonymity to the activists from the DailyDave. They are so boned.
[UPDATE 2]: Gawker has an “exclusive” that they posted at 1:03 pm with a copy of all of the info from Wikileaks which, along with its mirror sites, is now (5:04 pm EST) offline.
We have no plans to post a copy of the aforementioned ourselves.
[UPDATE 3]: The McCain camp is now calling for an investigation. From CNN: “FBI Spokesman Eric Gonzalez in Anchorage, Alaska confirms to CNN an investigation is underway.” Good. This is one case where I think the folks involved went across that magic line. If Palin was in fact conducting official business via a Yahoo account to avoid being on the public record that should be captured via subpoena rather than a public whistle blower site. The account has apparently been deleted but, this information can be gathered from Yahoo’s backups.
[UPDATE 4]: Palin email hacker has been exposed (Knox News)! The alleged hacker is identified as one David Kernell a college student from Tennessee. He guessed the password. Sad choice of password by Palin if some kid was able to guess it.
Oh, and he’s the son of Tennessee state Rep. Mike Kernell. (thx reccesuave for the tip!)
Tags: Wikileaks, David Kernell, Palin emails, Gawker, Sarah Palin, Sarah Palin Email Hacked, Sarah Palin Yahoo Email, Palin Email Hacked
This is by far one of the more asinine things I have read in a while and speaks volumes to lunacy in the White House. The WH refused to open an email that was sent by the EPA because they disagreed with the conclusion that greenhouse gases are pollutants.
So, they played three monkeys and said, “la la la, I can’t see it. la la la” (not an exact quote) But, that’s not where the absurdity ends. The EPA could have sent a printed copy and that would have been the end of it.
Nope.
Instead they rewrote the conclusions to make more palatable for the dunking bird-set. Email has always been a best effort tool that has morphed into business critical function over the years. But, to say they wouldn’t open an email…wow. Remember folks, if you are a Republican or Democrat be sure to VOTE. You have a responsibility.
From NY Times:
Over the past five days, the officials said, the White House successfully put pressure on the E.P.A. to eliminate large sections of the original analysis that supported regulation, including a finding that tough regulation of motor vehicle emissions could produce $500 billion to $2 trillion in economic benefits over the next 32 years. The officials spoke on condition of anonymity because they were not authorized to discuss the matter.
Both documents, as prepared by the E.P.A., “showed that the Clean Air Act can work for certain sectors of the economy, to reduce greenhouse gases,” one of the senior E.P.A. officials said. “That’s not what the administration wants to show. They want to show that the Clean Air Act can’t work.”
November can’t come soon enough.
No great shock here. I used to be one of “those guys” years ago who read employee email. And let me tell you, most non-spam email (try 90%) is trivial crap.
From Tech Herald:
So who reads your email at the office? Apparently more people than you think. Forty-four percent of the companies responding to the study said that they investigated an email leak of confidential information in the past year. Forty-one percent reported that they employ staff to read or otherwise analyze the contents of outbound email. In addition, twenty-two percent said they employ staff primarily or exclusively for this purpose.
There are several cases where someone has been terminated over the contents of email. Most are fired under a clause in the company’s Internet Usage Policy. The debate is a huge one, with people expecting privacy when they send email, often personal, from a work account or access personal accounts at the office. Simply put, you have no privacy at the office, and if you get any at all, you should expect very little. Some companies will offer some “personal time” and allow internet usage, but mostly everything you send is logged and monitored, and yes even read by someone else.
Mostly? Try damn near everything for most firms. Email was read only at the behest of legal or HR. Thankfully, those requests seldom arrived.
When people start a new job more often than not they are handed a copy of the acceptable use policy for their respective firm. It is staggering how often people glance over it while pondering dinner plans. Then sign off that they read and accept. It’s like people that click on EULA’s mindlessly.
Later, they potentially pay the price for that lack of attention to detail.
The fun and games that is the missing White House email story is ramping up. A federal judge has now issued an order for the WH to prepare a discovery.
Where’s my popcorn? This is getting good.
From Computer World:
District Court Judge Colleen Kollar-Kotelly this week issued an order enabling the Washington-based Citizens for Responsibility and Ethics watchdog group to perform limited questioning of White House officials. The group last May had filed suit against the White House Office of Administration seeking access to White House e-mail under the federal Freedom of Information Act.
The nonprofit group had been seeking White House e-mail documents related to various controversial issues, including the release of the identity of a former CIA operative, the reasons for launching the war in Iraq and actions by the U.S. Department of Justice. The White House has contended that the e-mail requested by the group has been lost.
Kollar-Kotelly ordered the discovery to determine whether the Office of Administration is subject to the Freedom of Information Act. The office contends it is not subject to FOI requests.
Not subject to…? OK, if they cover their eyes and say “lalalala, I can’t see you” that will not make this problem go away.
Tags: White House Email, Missing White House Emails, Colleen Kollar-Kotelly
