Holy Toledo: Would You Give all your Personal Emails to Your Boss?

Posted on February 17, 2012 by Davidcomp

Man Scared by Computer

Your Most Private Emails were just Posted . . .

You’d never give your Password to someone you don’t know, right?

But would you give a copy of all your emails to a random Stranger? How about a secret person who doesn’t like you – that jealous co-worker, your angry neighbor?

You may already have done this if you use Gmail, Twitter or Facebook – and have tried out Apps for backup services, email utilities, inbox organizers, or productivity apps.

That includes apps like TripIt, Greplin, Rapportive, Xobni, OtherInbox, Unsubscribe, Backupify, Blippy, Threadsy, How’s My Email, Email Game, Boomerang, Kwaga, Mozilla F1, and Cloudmagic.

I was alerted to this with an excellent article “The Perpetual, Invisible Window Into Your Gmail Inbox” by Andy Baio about a new technical feature called “0Auth.” Andy warns about a potential for a “privacy meltdown.” (nice phrase)

He points out that this is not as big a problem for Twitter users because most Twitter posts are public. Facebook is a bigger problem (but then, by now you’re used to Facebook exposing your private photos and notes – kind of on a regular basis).

However, now imagine giving access to ALL your Gmail emails to your ex, your boss and oh yeah – that guy/gal who slanders you behind your back.

They can get every email sent by and to you if your allow Apps access to your Gmail “to help you.”

Privacy Meltdown

Andy raises the giant serious and valid concern that thousands or millions of people’s authentication tokens could be leaked (or lost to a hacker) by a service that simply isn’t careful.

And then each of your most private emails will be exposed for all time.

Bottom line – Don’t give any App access to your Gmails.

Remedy: If you’ve already given access to your Gmails, Facebook or Twitter – change your password right now.

Here’s where you can get genuinely strong passwords – for free as a public service (Gibson Research):
https://www.grc.com/passwords.htm
. If you are worried that the generators have your password too, you can modify the password they give you. Since they are so long, you can arbitrarily delete or edit a single letter – and you will be 99.9999999 percent safer than everyone else.
strong

This entry was posted in Privacy and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *