Gmail Has a Privacy Problem
You might have already read elsewhere that it is possible to reveal the real name of any Gmail user by sharing a calendar in Google Calendar with him. Let me explain how this is done. Google Calendar can be loaded in the header area of Gmail after logging in. A click on settings will load the settings where users can change all sorts of information like the date format and time zone.
A click on the Calendars tab loads the calendars that are currently active. A click on the Calendar loads the details of that calendar with information about the calendar timezone and addresses. There is also another tab in that view that lets the user share the calender with other users.
A click on the Share This Calendar tab displays a list of all users who have access to this calendar with the option to add new users by pasting their email address into the form field.
The problem arises if a Gmail email address is pasted into that field. Nothing happens until the changes have been saved and the question if the user should be invited if he does not use Google Calendar is denied.
The full name of the user is disclosed int he Share This Calendar tab even if that user has chosen a gmail address that is not made up of his first and last username.
This might not seem like a big deal for many users but this is a honeypot for spammers. All they need to do is enter email addresses to find out the real name of the user to send out personalized spam. You probably would not react to a phishing mail asking you to login to your eBay account if the name would be missing or be wrong but what about if the real name would be there ?
Advertisement
while spam filtering,the entire body of the email is scanned in gmail or in any email service providers..so is this spam filtering reduce the privacy of the users or security of the email is reduced..?
What has spam filtering to do with that?
Personally, it does not bother me all that much. I really have been lucky that my GMAIL account (which is my primary account that I use) has been virtually spam free. I used my real name! and I haven’t gotten any personalized spam ever that I am aware of, and I had a gmail account from day 1. I do share my calendar with a select few but again, no problems, YET. Still for those with the conspiracy theories against GOOGLE and everything they do… just great more FUEL for the FIRE.
That’s funny. I tried it just before I wrote the article and it worked.
You’re a little late to the game on this one. Google has closed this hole. I tried it after I read about this a few days ago and it worked. Now it does not.
What I want to know is where the spam comes from on gmail! I created a new gmail account a few months back that I use for sending resumes (strictly professional use and to a very limited number of people). Yet within a few days, I was getting spam mail on that account.
While Google does a good job of dumping most all spam into the spam folder, I’d like gmail even better if they could find a way to not even send me the spam (or not allow it into the system in the first place).
THAT’S SHOCKING! It’s a valid point. But many users access other Google services like Adwords or Adsense where they have to use their real names.
This is a privacy problem assuming every used their real names on gmail, for example I’m not John Shaw :)