Minnesota
Google+ security
I am new on this board so maybe many of you know about what could be a feature of Google+ and Gmail that could expose your clients. I was emailing with a provider using my Gmail account and her Gmail response included a picture. I clicked on the picture and it took me to her Google+ profile, which listed people in her circles. Some appeared to be true names of clients, and some were providers. I clicked on those and found links to other providers, some very well known locally and some in other cities, and agencies, as well as many true name people. I think those people would be very surprised and dismayed to see their names publicly linked with providers and agencies, especially ones with partially nude pictures, mixed in among all their other contacts. I don't know how you unlink Gmail and Google+, so providers may want to delete their Google+ accounts if there is no other way to prevent clicking through from emails. If you are all aware of this problem, I apologize for taking up your time.
They gather up as much information as they can based on what you do online and find links between different pieces of info which they then use to market their products and that of their advertisers. This includes showing you profiles of people Google may think you know based on what they know about you and about others in contact lists it can link to you somehow. Google's not the only one that does this; it is the way the internet is with the various search engines and/or social media sites. Google is probably the best (or worst depending on your perspective) at it.
In this case, my best guess is the provider for whatever reason created a Google+ profile around her escorting Gmail email account and some of her clients had used their real names or emails that traced back to their real names in dealing with her. Bad idea. I don't use Gmail for anything hobby related precisely because Google is so good at what they do. I also use a different browser for all my hobby related activities than I use for other activities including my Google account and I never login to my Google account in that browser. I don't for a moment claim this is foolproof but it does help.
-- Modified on 5/28/2013 9:56:54 PM
Welcome to the modern world! Not to sound too harsh or anything, but I think you would need to be living in a cave to not realize by now that:
(a) Google (and Facebook and ...) really do know who you are and will freely use that knowledge to whatever advantage they see fit (for social-network based advertising in this example .. google "google mail mining" and starting pulling on threads ... many quite old by now).
(b) If you are using a Gmail account (or communicating with a provider that uses a Gmail account (spoiler alert: don't)) for hobbying, then you aren't just making it an easy data mining problem for Google to figure out what your "interests" are -- you are literally sending them an email telling them -- and they are free to do whatever they like with that information.
(c) You really shouldn't discuss anything via Gmail that you wouldn't want the whole world to know about. (That's really true for unencrypted email generally, but we can save that rant for another day.)
So, if you care even a little bit about security, then just say "No!" to using Gmail for hobbying in any way, shape, or form.
Same goes for Google voice, btw.
And if you are really paranoid, well, just stay the fuck away from any Google service for anything related to your hobby. ;>
---
And just FYI ... simply using various "pseudonym" Google accounts that you've never explicitly linked together may help you feel secure, but it's a poor kind of "security through obscurity". You need to also use Tor, VPN or some other IP hiding/randomizing scheme to make sure that accounts aren't correlatable by network usage. (For example: I occasionally create throwaway Facebook accounts for testing and if I'm not careful about IP addresses used when these "users" are created and log in to Facebook, they will almost immediately get recommended to be "friends" since, well, they probably are. Facebook correlates these different users because they frequently use a common IP address and so they are probably family, friends or cohabitants
that are not as tech savvy out there...
Telling them to cease communications over Gmail with any provider that uses it is easy but not that effective. The easy part is to stop sending emails to a provider with a Gmail account. But for those that use the booking form (never recommended) on her website or the P411 booking feature, guess what those are?
Those are basically variations of email and the info collected in those forms gets forwarded directly to her email account. If she uses the same Gmail account to receive the information collected from her website booking form or P411 then Google would continue to have access to the information once it arrives in the providers' Gmail account.
In the case of the OP, the provider in question was reckless and careless in setting up a hobby related Google+ account with the same email address she uses as a provider. Google+ accounts are not automatic, you have to Opt In. To compound matters, it appears she befriended without permission and moved many or all clients / providers from her contact list into her different circles of friends in her Google+ account thereby giving all members of her Google+ account the equivalent of total access to her Gmail account plus the email accounts of all those who have ever sent her an email.
My best recommendation is to set appointments and communicate over the TER Private Mail system. It has become invaluable to me. TER will not forward the message contents to a providers' email account but a simple message that she has a Private Message.
safe, private and secure... plus, free
because they can disable your account if they discover you use it for illicit activities and the hobby is one. read the TOS
n fact, under the terms of service "Hush may terminate your access to the Service and any related service(s) at any time, with or without cause, with or without notice, effective immediately, for any reason whatsoever." That is pretty standard language for any of the email providers. Doesn't mean they are looking for reasons to do so, however.
Hushmail is based in Canada where the hobby is legal. And they go to great lengths to explain they cannot read any of the encrypted emails on their servers, and won't respond to requests for access without a subpoena from a Canadian court. So I'm not at all clear how they would find out an account is being used for the hobby in the first place.
So I'm also in the group that doesn't understand why more people don't take advantage of the security Hushmail offers. It's not perfect, but it's certainly better than Google, which basically considers your personal information to be a starting place for focused advertising.
I'm moving right on back out of gmail and back to hushmail. It might slow down my ability to read on my iPhone though and that stinks because I enjoy reading and sending messages from the phone email application.
Unfortunately it looks like your attempt to purchase VIP membership has failed due to your card being declined. Good news is that we have several other payment options that you could try.
We thank you for your purchase!
Membership should be activated shortly. You'll receive notification!