Offering frequent news and analysis from the majestic Evergreen State and beyond, The Cascadia Advocate is the Northwest Progressive Institute's unconventional perspective on world, national, and local politics.

Thursday, April 22, 2010

Gmail hacking epidemic demonstrates the peril of trusting Google's "cloud services"

Are my email and contacts safe?

The above is a question that anybody who uses the Internet's messaging protocols should be asking themselves on a regular, frequent basis. Sadly, all too often, people blindly trust the companies they do business with to keep them and their data protected, rather than making their security online their own concern.

Case in point: Over the last few days, I've received a spate of emails which appeared to come from other people I know in the progressive movement, but in reality were sent by spammers who had hijacked their Gmail accounts.

The emails contained nothing but a meaningless subject line and a link in the body to Canadian pharmaceutical companies selling cheap drugs.

Some of the people whose accounts were hijacked realized what was going on before I could warn them, and sent out a note asking their acquaintances not to click on the link and apologizing for the inadvertently generated spam.

Gmail, which is one of Google's oldest non-search offerings, has had a strong allure ever since it debuted six years ago. It has a slick interface, generous storage limits, it supports the POP and IMAP standards, and it doesn't cost money.

But Gmail has never been free.

Anybody who opens a Gmail account is forced to agree at the time they sign up to let Google robotically peer over their shoulder and index their messages so it can serve up customized ads. That's always been the "price" of Gmail.

It's bad enough that Google figuratively looks over the shoulders of its users, but now spammers seem to have the power to do the same thing.

And they're unfortunately doing more than just looking.

It's amazing how many accounts have been hijacked. Google claims Gmail is secure, but of course it would be foolish for them to say otherwise. If they said anything to the contrary, people would panic. It would be bad for business.

But just because Google says there isn't a problem doesn't mean that's the case. The hijackings are evidence that Gmail is clearly not secure, in addition to not being private. Since Gmail's flaws outweigh the strengths of its featureset, it's not worth using. There are many better alternatives. The best alternatives cost money, but they also tend to come with real technical support.

Those who decide to stick with Gmail ought to at least take the opportunity to change their password. The best passwords consist of a mixture of letters, numbers, and punctuation, and don't contain any words. Words make passwords easier to crack. Changing passwords regularly is also a good idea.

Finally, having internet security software installed can help reduce the possibility that spammers will be able to capture sensitive information using malware.

Comments:

Blogger Sean said...

This happened to me this morning.

As far as I know, I never clicked on an offending link or visited a phishing site, so how was it hijacked? On Google's end? If so, that's very scary.

1:36 PM  

Post a Comment

<< Home