Something Random

Chewy509

Wotty wot wot.
Joined
Nov 8, 2006
Messages
3,359
Location
Gold Coast Hinterland, Australia
Timely discussion on slashdot about misdirected emails...

http://ask.slashdot.org/story/14/01/11/1753223/ask-slashdot-what-to-do-with-misdirected-email

Since I have an rather uncommon surname that my ISP and gmail accounts are registered, I don't have any on gmail, etc. But for my handle, so far I've counted 8 different people using the same handle I use for various services... So depends on what you find, I could be a programmer, a young woman who likes MySpace and has an XBox360, an elderly lady who loves her dog, a housewife who posts recipes, etc ... I've only ever got 1 "confirm registration" email to my mailcity account, but I'm 99% sure that was spam, and not a legitimate person...
 

snowhiker

Storage Freak Apprentice
Joined
Jul 5, 2007
Messages
1,668
/rant begin.

I'd really like to get off of Gmail as Google has really turned to crap these last few years but where to go?

Any suggestions?

Any interest and/or demand for a secure/private/encrypted <username> @ storageforum.net email service? I'd be interested in paying for such a private service.

Google already knows, by reading my email:

1) Real first/last name. And family members names.
2) Real address.
3) Real home/cell phone #s.
4) Real auto license place and VIN number.
5) Bank acct balance.
6) What/where I buy with CC.
7) Every sick thing I've ever google'd.
8) etc, etc, etc.
9) Profit.

...partly my fault for setting up bank/cc alerts and such, but companies/gov't are so "I don't give a shit about our users privacy." I mean I get emails from the AZ MVD (motor vehicle division) saying, " Hello <real name> @ <real address> your <full car description> and <plate#> and <VIN #> registration is due and btw is <real phone number> still correct? Ummmm thanks for plastering my private info to my gmail account to be sold/stolen from me.

Newegg, Barnes & Noble, etc, also mention your real name/address/etc and what you bought and how/what you paid in their confirmation email(s). Most other on-line retailers act the same.

I'm not really too concerned with fraud and such, just the general "lack of privacy and control" over my private affairs is leaving me in a melancholic mood.

Sigh. what to do?
/end rant
 

ddrueding

Fixture
Joined
Feb 4, 2002
Messages
19,747
Location
Horsens, Denmark
Nothing. If you are under the impression that all the major governments and corporations can't get this data on anyone regardless of what they do, you aren't paranoid enough. My guess is that even if you tried to get off the radar by going all caveman (no internet, renting under a false name and paying cash, no car, cash for public transport, disposable cell phones, etc) you would simply get their attention.
 

Chewy509

Wotty wot wot.
Joined
Nov 8, 2006
Messages
3,359
Location
Gold Coast Hinterland, Australia
I personally don't care about the government "spying" on me, they already know everything about me... As for foreign governments, well if their respective intelligence agencies are not sucking up every bit of unencrypted traffic for analysis, one could argue very successfully that they are not doing their jobs. (And let us not forget, that most military forces and defence forces typically have a mandate, of "protecting the nation against enemies both foreign and domestic", or some variation of). So all this ho-ha about NSA and Snowdon is rather mute IMHO.

What troubles me most, is the amount of information corporations have on the general public and how this flow of information is very typically, handled by people who should not have this information or handled without any regard to users privacy. Snowhiker makes the point, of how much Google actually knows about him... well, they are his mail provider, so there a level of trust that is involved. But, that's not the issue... the issue is government department and corporations are sending private information that should not be shared over unsecure communication channels that anyone could snoop on. While one could argue about postal mail being insecure, but that is typically enclosed in an envelope to safe guard against casual reading... but email, is more like sending personal information on the back of a postcard that anyone can read. SMTP traffic (like HTTP traffic is starting to), should be encrypted between each node to avoid MITM snooping...

Also for the example of his motor department sending information, why couldn't that email just be:

Dear XXXX,
We note that your registration for vehicle (registration number) is coming up for renewal. Please contact xxxx or visit www.xxx.gov for renewal information if you have not received information in the post.
Regards, The crappy DMV.

Simple, limits the amount of information, and still offers the service...

Back on topic: Wait for the day, when someone does a DNS highjack or a massive BGP takeover and starts sucking up every Gmail, Outlook.com, Yahoo email for a few hours. (So IPs start pointing at rogue servers, or traffic is routed through rogue serves). Imagine the amount of ID theft that could occur if that only happened for say 1 day... F*(ing goldmine...
 

ddrueding

Fixture
Joined
Feb 4, 2002
Messages
19,747
Location
Horsens, Denmark
I didn't really specify who or how because those are so broad. Hack, sniff, insider, laptop, etc. The point is that if there is information about you that matters, it is on a computer that you don't control and is likely to end up "in the wild" at some point.

A friend mentioned that they don't do online banking because of hackers. I pointed out that them gaining the benefit of online banking would only increase the traffic of their data by a few percent; his information is being sent between merchants and banks all the time already. And even if he never logs into his bank account online, the portal is there for anyone else to try and hack anyway.
 

snowhiker

Storage Freak Apprentice
Joined
Jul 5, 2007
Messages
1,668
Private user data contained within emails

Nothing. If you are under the impression that all the major governments and corporations can't get this data on anyone regardless of what they do, you aren't paranoid enough.

I know the government already has or can get any info they want/need about me. If government hired a private investigator they can find out all kinds of stuff on/about me. But that's costly. Sucking data up via an email is almost free. We have gone from investigating the FEW guilty people to investigating ALL the innocent to find a few guilty.

I have many issues with privacy but I only have two major concerns: Identify thief and Databases abuse.

It's not just gmail (or any web based email) but other web sites as well. Another example. My company doesn't do paper checks/stubs anymore. A lot of companies are moving away from paper. If I want my stub I have to log into the ADP web site. ADP = Automatic Data Processing, a company that handles paycheck/stubs for many, many companies in the USA. My login (can't be changed) is <first initial><last name> @ <company> then your password. I don't know if this is standard or just the way my "multi-billion-$$$-company" set up their account with ADP. If someone hacks my ADP account they have my REAL: name, address, email address, company name/address, gender, DOB and SSN (all digits). Not to mention the last three years worth of paycheck stubs. ID theft in the making. Or my gmail is hacked and they send ADP a "password reset" request they'll obtain my private info.

So yes. The govt has my info, but I don't want ANYBODY else from "big company" to "asshat-hacker" to obtain it.

Databases. I don't want my private info in one. Each company has me in their database. One database my be completely anonymous but by combining two or three or 8 you can find shit out. One database my be secured by a company that cares about security and knows how to implement it without allowing cluster fucks to happen. A lot don't. You'd think a big company like Target would give a shit, and/or know how to prevent data loses but apparently they don't care, don't know how, or don't care that they don't know how.

(side note/rant: Big Biz bought/paid off all the politicians to get laws passed so there are no real consequences when they screw up.)


What troubles me most, is the amount of information corporations have on the general public and how this flow of information is very typically, handled by people who should not have this information or handled without any regard to users privacy.

this. This. THIS. A THOUSAND TIMES THIS!!!

Say a company collects user info on people. They want to keep track of what I buy and how I buy it. They want to use that data in increase their sales, increase their profitability, target me with ads, etc, etc. That's not really a problem for me. It's our modern world.

The problem is this info may be stolen by outsiders or sold or given away from within. This is how the government get databases on citizens, either bought or stolen from companies. Or forced out of their servers via a National Security Letter 'cause terrrer'ists gonna git us.

Snowhiker makes the point, of how much Google actually knows about him... well, they are his mail provider, so there a level of trust that is involved. But, that's not the issue... the issue is government department and corporations are sending private information that should not be shared over unsecure communication channels that anyone could snoop on. While one could argue about postal mail being insecure, but that is typically enclosed in an envelope to safe guard against casual reading... but email, is more like sending personal information on the back of a postcard that anyone can read. SMTP traffic (like HTTP traffic is starting to), should be encrypted between each node to avoid MITM snooping...

Also for the example of his motor department sending information, why couldn't that email just be:

Dear XXXX,
We note that your registration for vehicle (registration number) is coming up for renewal. Please contact xxxx or visit www.xxx.gov for renewal information if you have not received information in the post.
Regards, The crappy DMV.

Simple, limits the amount of information, and still offers the service...

Yes. Thanks for understanding.

It seems companies and government agencies have fully realized how useful and helpful the internet and email are, but I think their privacy procedures need major overhauls. Chewy read my post regarding the email sent to me by my MVD and two seconds later came up with a solution that would tell the user everything he needed to know without revealing any private or confidential information. Everybody who has worked from a company using computers in the past 20+ years has been told email is not private and you should never consider it private. And everything you write in an email can/will be read by the company. I think everybody know and understands this. So why are these idiots sending out private information in a email?

Do they really not understand that revealing private data is not in anybodys best interest.
 

jtr1962

Storage? I am Storage!
Joined
Jan 25, 2002
Messages
4,379
Location
Flushing, New York
this. This. THIS. A THOUSAND TIMES THIS!!!

Say a company collects user info on people. They want to keep track of what I buy and how I buy it. They want to use that data in increase their sales, increase their profitability, target me with ads, etc, etc. That's not really a problem for me. It's our modern world.

The problem is this info may be stolen by outsiders or sold or given away from within. This is how the government get databases on citizens, either bought or stolen from companies. Or forced out of their servers via a National Security Letter 'cause terrrer'ists gonna git us.
And that's exactly why it bothers me personally when companies use my personal info to do "targeted advertising". They may not intentionally want to use my data in a manner which can cause me harm but by the same token their bottom line dictates they're not going to take all measures to keep it as secure as possible. Moreover, even if they do, there's no guarantee their "associates" will do the same. I would rather have laws prohibiting corporations from sharing any data they have on me with anyone else for any reason whatsoever. Yes, it'll totally kill off one of the methods they use to increase their sales, but you know what? I don't really care. For the last 25 or 30 years we've acted like corporate profits are sacrosanct regardless of how annoying or intrusive their measures to increase profitability are. I'm not just referring to getting targeting ads when I surf online. Those are only mildly annoying in that I can easily tune them out. Rather, I'm referring more aggressive marketing like loud TV ads, and especially telemarketing/telesurveys. I've hated the telemarketing industry from day one with the kind of passion Merc hates WD with. Since when did it suddenly become OK for a company to interrupt what I'm doing by calling me at home to either sell me something, or do a survey to tease out what kinds of products I might be interested in (presumably so they can use that info to send more advertising my way)? Thank goodness I've had caller ID so I no longer pick up the phone when I see numbers I don't recognize, but for years I was bothered constantly by overly aggressive telemarketing. Corporations did just fine before they started using intrusive, aggressive marketing. I think the time will come fairly soon when this all finally bites them in the behind. Advertising has long lost its effectiveness. There may soon be a backlash where people intentionally don't buy from companies which share too much information. I'd love to see privacy policies where I legally have to be automatically opted out of allowing a company to share my info or contact me, especially by phone. The fact that you have to opt out now not only for one company, but for all those they give my info to, basically ensures I'll be continually bombarded with advertising I don't want. Moreover, far too many privacy policies specifically don't allow you to opt out of having your info shared with certain associates.

All this is one reason I buy as much as I can from eBay. Yes, eBay/Paypal has its own set of privacy issues, but at least I know if I buy, say, bike parts from some seller on eBay, I won't be bombarded with catalogs from a bunch of bike part stores, as well as related businesses like camping supplies, for the next year. That happened sure as the sun coming up every time I ordered from places like Performance Bike Shop.
 

mubs

Storage? I am Storage!
Joined
Nov 22, 2002
Messages
4,908
Location
Somewhere in time.
What Dave said.

With new mobiles, you're getting f*ed multiple ways () and most don't even know it. They leak data constantly. I wanted ringtones for my Android, but guess what: it wants to see my contacts, it wants to know my location, it wants network access, and on and on. I'll happily pay for privacy, but even the paid versions do this. So I decided screw it and am using a built in tone.

Facebook has made most people in the world insensitive to privacy. Look at the kinds of things that are shared there.

Private companies consciously rape your privacy. Government employees don't know better and have so much power, they don't realize the Pandora's box they open when thy behave like this (like the AZ DMV). A little thought and respect for privacy, and they could have implemented things the way Chewy suggested. Fat chance of it happening.

Things are only going to get worse, IMO. The only thing we can do is to be aware of issues as much as we can, and keep as low a profile as we can.
 

Howell

Storage? I am Storage!
Joined
Feb 24, 2003
Messages
4,740
Location
Chattanooga, TN
Dear XXXX,
We note that your registration for vehicle (registration number) is coming up for renewal. Please contact xxxx or visit www.xxx.gov for renewal information if you have not received information in the post.
Regards, The crappy DMV.

Asking the company to include some data that only they have about you goes a long way toward distinguishing from a phishing scam. Off course the insecure nature of email means it won't be long until those details are in the wild. Until locations where data is stored are locked down and secured, having keys that can be stolen won't amount to much.
 

ddrueding

Fixture
Joined
Feb 4, 2002
Messages
19,747
Location
Horsens, Denmark
Citibank has a small box at the top of each e-mail including the name on the account and the last 4 digits of the account or card number. I really like that.
 

mubs

Storage? I am Storage!
Joined
Nov 22, 2002
Messages
4,908
Location
Somewhere in time.
Did you read the article? It's not entirely without merit. Practically speaking, it ain't gonna happen. The US has still not gone metric, fancy something like this happening!
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,303
Location
I am omnipresent
Squee!
Demonoid's web site isn't back up, but there is activity on its tracker again.
Yes I still have five year old torrents open and there now there is activity on them. So for that guy who has been trying to download my copy of the Complete Works of J.S. Bach since 2011, mazel tov.

Also, I just got a book called "Public Parts: How Sharing in the Digital Age Improves the Way We Work and Live" which I suspect would be of interest to some of the other members, especially in the context of the above discussion about the amount of data we allow companies like Google and Facebook to access.
 

Handruin

Administrator
Joined
Jan 13, 2002
Messages
13,931
Location
USA
Squee!
Demonoid's web site isn't back up, but there is activity on its tracker again.
Yes I still have five year old torrents open and there now there is activity on them. So for that guy who has been trying to download my copy of the Complete Works of J.S. Bach since 2011, mazel tov.

Also, I just got a book called "Public Parts: How Sharing in the Digital Age Improves the Way We Work and Live" which I suspect would be of interest to some of the other members, especially in the context of the above discussion about the amount of data we allow companies like Google and Facebook to access.

That book looks interesting. I know this is a remedial question but if I wanted the kindle (digital) version, is there an easy way to get it on my Android tablet or would it only work using a Kindle app?
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,303
Location
I am omnipresent
The magic glue of all things ebook is Calibre, which runs on everything and deals with every format. If you buy the book from Amazon, you can use Amazon Kindle for Windows (NOT Cloud Reader, which is a different product) to get a copy protected .mobi on to your PC. Once it's there, you can use Calibre with some plugins to strip Amazon's copy protection and translate the file to the much more portable .epub format if you so desire.

One plus side to leaving it in Kindle and doing your reading there: Kindle will keep track of where you are in the book, no matter where you're reading.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
17,497
Location
USA
Did you read the article? It's not entirely without merit. Practically speaking, it ain't gonna happen. The US has still not gone metric, fancy something like this happening!

Merit has little to do with anything. Humans are creatures of habit.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
17,497
Location
USA
Had another MRI scan. Apparently there is nothing going on in my head, so nobody has a clue.

So now I am scheduled for the surgery, but there is a problem. One must be accompanied to the hospital by an adult and then depart with one. It is not permitted to take a taxi home. :cursin: Seems like BS to me.
 

ddrueding

Fixture
Joined
Feb 4, 2002
Messages
19,747
Location
Horsens, Denmark
Indeed. But if they didn't find anything, have they just decided to start poking around during surgery?

I'm pretty sure they want you not only accompanied on the way home, but for some hours afterwards.
 

CougTek

Hairy Aussie
Joined
Jan 21, 2002
Messages
8,729
Location
Québec, Québec
I don't know why HP bragged so much about their entire website being served by their Moonshot server, launched several months ago. Their website has been unresponsible all week long, just like a server that is too saturated to timefully answer all requests. The Moonshot might be a good idea once they fit the new 8-core Atom into it, but in the meanwhile, it doesn't deliver.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
17,497
Location
USA
I'm sure it is just a liability issue: Hire an obvious prostitute.

Yes, I'm sure it is for liability reasons. Patient care is far down on the list. A prostitute is probably far more expensive than a nurse or whatever I really should have.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
17,497
Location
USA
Yes, I'm sure it is for liability reasons. Patient care is far down on the list. A prostitute is probably far more expensive than a nurse or whatever I really should have.

They seem to have no clue. Apparently everyone is supposed to have social media or something. Options are not good. if I don't get the surgery, then I won't be able to work much longer.
 

sdbardwick

Storage is cool
Joined
Mar 12, 2004
Messages
609
Location
North San Diego County
Then, if the Agency doesn't support transport, arrange for non-emergency medical transport to and from your surgery through somebody like these folk. The transport company might even provide the necessary companionship that makes the hospital happy.
 

Handruin

Administrator
Joined
Jan 13, 2002
Messages
13,931
Location
USA
My company's IT now officially supports Firefox and Chrome as of today. Exciting times.
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,303
Location
I am omnipresent
One of the multinational insurance companies a couple customers of mine deal with still requires IE6 for at least one of their internal portal sites. Everyone has an XP Mode VM that's a shortcut to THAT SITE and I even went through the trouble of changing everyone's IE favorites to launch the shortcut to start the VM session rather than using an open browser to get there because whatever ridiculous combination of ActiveX they're using renders properly with absolutely nothing else.
 

mubs

Storage? I am Storage!
Joined
Nov 22, 2002
Messages
4,908
Location
Somewhere in time.
So much for progress, eh?

My order for flashlights was canceled by Fenix-Store.com after charging my credit card (they credited back). Reason: bill-to address outside USA, ship-to address to California. I protested, saying I had used a one-time-use CC #, so how could it be fraud. Answer: we can't tell that it was a one-time-use #.

The CC industry in the US is still in a primitive state. Over here, they've moved to chip-based cards, and all online transactions have to be vetted by an additional password the CC holder has to set up with the card issuing bank. The payment sequence goes like this: Online store ---> payment gateway ---> aggregator like Citibank ---> Card issuing bank ---> authenticate payer by asking for preset pw ---> aggregator ---> payment gateway ---> online store. This guarantees that the payer is the card holder.

Many online stores in the US don't even ask for something as basic as the CVC code on the back of the card. With such a lax approach to security, no wonder there are periodic hemorrhages of card numbers.

I finally ended up ordering from AMZ; three different vendors, seven packages when it could all have been one.

Despite being at the cutting edge in so many respects, the US is so backward in some areas it's mind boggling.
 

Handruin

Administrator
Joined
Jan 13, 2002
Messages
13,931
Location
USA
One of the multinational insurance companies a couple customers of mine deal with still requires IE6 for at least one of their internal portal sites. Everyone has an XP Mode VM that's a shortcut to THAT SITE and I even went through the trouble of changing everyone's IE favorites to launch the shortcut to start the VM session rather than using an open browser to get there because whatever ridiculous combination of ActiveX they're using renders properly with absolutely nothing else.

We have a nice compatibility matrix list of internal websites and supported browsers. We still have several that need earlier versions of IE to work. At least now they officially support the better alternatives even though I've been using Firefox at my company since it was called Phoenix. Your situation sounds like a real pain in the ass to support just because of a browser. I don't envy that one bit.
 

Handruin

Administrator
Joined
Jan 13, 2002
Messages
13,931
Location
USA
So much for progress, eh?

My order for flashlights was canceled by Fenix-Store.com after charging my credit card (they credited back). Reason: bill-to address outside USA, ship-to address to California. I protested, saying I had used a one-time-use CC #, so how could it be fraud. Answer: we can't tell that it was a one-time-use #.

The CC industry in the US is still in a primitive state. Over here, they've moved to chip-based cards, and all online transactions have to be vetted by an additional password the CC holder has to set up with the card issuing bank. The payment sequence goes like this: Online store ---> payment gateway ---> aggregator like Citibank ---> Card issuing bank ---> authenticate payer by asking for preset pw ---> aggregator ---> payment gateway ---> online store. This guarantees that the payer is the card holder.

Many online stores in the US don't even ask for something as basic as the CVC code on the back of the card. With such a lax approach to security, no wonder there are periodic hemorrhages of card numbers.

I finally ended up ordering from AMZ; three different vendors, seven packages when it could all have been one.

Despite being at the cutting edge in so many respects, the US is so backward in some areas it's mind boggling.

I look at the hemorrhages of card number and personal information a separate issue from our overall credit and banking system. I don't understand why checks can even be allowed to bounce or even need time greater than a couple minutes to clear. I agree that the banking and credit industry in the US needs some updating to get with the times and learn from other nations. The US is flip-flopped on some of the most bizzarre things and I think it almost always has to do with great wealth being had in the areas with poor performance. Look at our Internet speeds in relation to the price compared to places like Japan or Korea. You might think the US would be a leader in this area but due to many reasons (primarily monopolies and corporate greed) we are stifled here.
 
Top