Slashdot Mirror

← Back to Stories (view on slashdot.org)

"Going Google" Exposes Students' Email

Posted by kdawson on from the visibility-in-the-clouds dept.

A ReadWriteWeb piece up on the NY Times site explores the recent glitch during the move of a number of colleges onto Google's email service that allowed a number of students to see each others' inboxes for a period of more than three days. Google would not give exact numbers, but the article concludes that about 10 schools were affected. "While the glitch itself was minor and was fixed in a few days, the real concern — at least at Brown — was with how Google handled the situation. Without communicating to the internal IT department, Google shut down the affected accounts, a decision which led to a heated conversation between school officials and the Google account representative. In the end, only 22 out of the 200 students were affected, but the fix was not put into place until Tuesday. ... The students had access to each other's email accounts for three solid days... before the accounts were suspended by Google. Oddly enough, this situation seems to be acceptable [to Brown's IT manager, who] 'praised Google for its prompt response.' (We don't know about you, but if someone else could read our email for three days, we wouldn't exactly call that 'prompt.')"

59 of 244 comments (clear)

  1. 3 Days Turnaround by sgbett · · Score: 5, Interesting

    Is that three days after they were notified, or did the affected students keep it quiet for a couple of days for 'research purposes'.

    --
    Invaders must die
    1. Re:3 Days Turnaround by BikeHelmet · · Score: 3, Interesting

      It's a safe bet that that's only a few hours after they found out, and 3 days after the first student did.

    2. Re:3 Days Turnaround by john83 · · Score: 4, Informative

      It's a safe bet that that's only a few hours after they found out, and 3 days after the first student did.

      That was my thinking too, but TFA says that the students notified their admin on the Friday, who notified Google on the Saturday, who fixed it on the Tuesday. It's not clear - bad writing - but they may have suspended the service on the Monday.

      --
      Strange women lying in ponds distributing swords is no basis for a system of government.
    3. Re:3 Days Turnaround by sgbett · · Score: 3, Insightful

      Its conveniently devoid of detail regarding the timeline of things. I don't mean to be a google apologist, but the article seems full of conjecture.

      11 % of users were affected during a migration. OK it could have been better, but a 3 day turnaround (over a weekend) of an outage during planned maintenance doesn't sound *that* bad to me. Is this still the gmail that you don't pay for btw?

      The critical (missing) detail is how quickly did Google turn off access to other people's mail following notification. Yes it may be a contentious decision if it was made without approval, but in areas of privacy it might be a good idea to CYA first ask questions later.

      Heated discussions are one thing, being taken to court over Data Protection is quite another.

      I'm confused at the reaction from Brown, were they advocating leaving people's data out in the open whilst it was resolved?

      --
      Invaders must die
    4. Re:3 Days Turnaround by Runaway1956 · · Score: 4, Informative

      "11 % of users were affected"

      No, ~1% I think. Following the links in the links, you'll find that Brown University transferred 2000 accounts, not the 200 in the above summary. It seemed suspicious that a university was only transferring 200 accounts, to begin with. An individual small college would have that many accounts, or more.

      --
      "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
    5. Re:3 Days Turnaround by Uber+Banker · · Score: 2, Interesting

      If this weren't a free service I'd definitely raise hell..

      Are these students not paying fees, and (were it to occur in most other countries) taxpayers paying also?

    6. Re:3 Days Turnaround by Anonymous Coward · · Score: 5, Informative

      Well, I'm the guy at Brown who actually does the part of the migration that switches over internal email to Google (though others are involved), and I can tell you that we knew about a few almost immediately, from student reports. Google was involved as soon as we found out, but it took them a little while to determine exactly what happened.

      Also, this wasn't as bad as it sounds. Students weren't receiving new mail meant for someone else, the problem was with the tool that migrated their old existing email from our Exchange system to their new Google email boxes. The 22 students got the contents of other students' -old- mail boxes, not new mail.

      It appears that Google upgraded their IMAP migration tool on the back-end, and there was a problem with the new version. Interesting thing about 'the cloud', all the tools available on it are upgraded without the end user being aware. Had there been a 'migrate user email boxes - updated today to version 1.1!' button instead of 'migrate user email boxes', I might have waited a few days to let Google shake-out the bugs.

    7. Re:3 Days Turnaround by sukotto · · Score: 3, Insightful

      Also, have they already arrested/suspended/expelled the students that reported the problem?

      --
      Come play free flash games on Kongregate!
    8. Re:3 Days Turnaround by spyrochaete · · Score: 4, Informative

      Is this still the gmail that you don't pay for btw?

      Schools get Google Apps for free (that is to say, they don't pay for the licenses) but it's the full-fledged Google Apps that normally costs $50/user/year. It's effectively the same as the enterprise version.

    9. Re:3 Days Turnaround by Anonymous Coward · · Score: 4, Interesting

      Is this still the gmail that you don't pay for btw?

      Actually, having worked for a "university" who outsourced e-mail services to Google, it's not free. Not at all.

    10. Re:3 Days Turnaround by Bender0x7D1 · · Score: 4, Insightful

      No offense, but from a privacy perspective there is nothing "less bad" about seeing "just" the contents of old mailboxes.

      If I have nude photos, love letters, an email from porn-porn-porn.com, or just something I don't want someone else to read in my old mailboxes, how is someone else being able to see them not horribly bad even if they are over 90 days, (or whatever), old?

      --
      Reading code is like reading the dictionary - you have to read half of it before you can go back and understand it.
    11. Re:3 Days Turnaround by Anonymous Coward · · Score: 2, Insightful

      Is this still the gmail that you don't pay for btw?

      Regardless of whether or not the universities pay for the google mail service, incidents like this should not happen. What would happen if the same Blackberry organization, say, Rogers wireless, mixes up the accounts of executives from different companies?

      If in the terms and conditions it states: we may mix up accounts from time to time, if you want this to NOT happen, please pay $20/month - everyone would pay the $20/month then.

      These students may have had information about marks, papers, exams, etc, in their emails and I most certainly would rather have my CC number broadcast then my academic information, because at least I can call the CC company and get it cancelled.

      Paid for or not, this shouldn't happen.

    12. Re:3 Days Turnaround by dave562 · · Score: 2, Insightful

      To my knowledge, Google email support doesn't work on sundays.

      For Google's sake I hope that is conjecture on your part and not the reality of the situation. Any organization that is touting their software as "enterprise ready" better have tech support there and ready to take care of problems 24x7x365 for organizations willing to pay for it.

  2. Still more secure than most school systems by muftak · · Score: 2, Insightful

    I bet most of us could read everyone else's email at school...

    1. Re:Still more secure than most school systems by julesh · · Score: 3, Interesting

      I bet most of us could read everyone else's email at school...

      Not convinced. Mine used Solaris's default maildrop security, which is pretty effective, and I think was fairly standard practice until recently.

    2. Re:Still more secure than most school systems by betterunixthanunix · · Score: 4, Insightful

      Google docs is another liability, when it comes to security. A while back, Columbia experienced a major data leak -- tens of thousands of social security numbers, names, dates of birth, etc. (everything you need to open a bank account) -- all because someone was using Google docs. Frankly, if you want the same level of document/email integration, there are a lot of free-libre and proprietary packages that will do that; MS Office, or KOffice+Kontact, for example. Being willing to put up with a slightly less convenient, but far more secure (in terms of data) method is all it really takes.

      --
      Palm trees and 8
    3. Re:Still more secure than most school systems by mcgrew · · Score: 2, Interesting

      Gmail must not ve very secure, and their reaction to glitches makes me want to stay away from it. I had a Gmail account, one day it wouldn't let me log on, saying it had been used for "improper purposes", odd since I'd only used it to email friends, never forwarding anything or sending a mail to more than one person at a time. One of the questions it asked was "do you think your accout was compromised"? I probably should have said yes, because they took the account away. No big deal, they're no better or worse than any other free web based email service, but their attitude was really shitty and there seems to be no way to contact a human at Google.

      --
      Free Martian Whores!
  3. Google's version of... by The+Ancients · · Score: 5, Funny

    ...social networking.

    Taking it to a new level, no joining or other conscious actions required to share everything about your life.

    --
    The Mothership
    1. Re:Google's version of... by Arancaytar · · Score: 5, Funny

      "You have sent an email to Emily. 6 people like this. 3 people have left a comment:"

      "Frank has sent/received 26/20 emails to/from your friend Tom, 20/23 with your friend Megan, 15/12 with your friend John. Your social graph proximity is therefore 45.1. Click here to add Frank to your friend list and read his emails."

      People would love it! :P

    2. Re:Google's version of... by sunjae · · Score: 4, Funny

      Haha... So funny. You know what though. You should file a patent on this. At the current rate of people's acceptance of loss of privacy, this might actually come to pass!

  4. I'm feeling lucky by Anonymous Coward · · Score: 2, Funny

    So that's the use of that button!

  5. Google: Lowering standards for the rest of us by GradiusCVK · · Score: 4, Insightful

    We don't know about you, but if someone else could read our email for three days, we wouldn't exactly call that 'prompt.'

    Look, I think we can all agree that if there were some major security breach like this for which we were responsible and we sat around for 3 days before doing anything, then unilaterally suspended a bunch of accounts before finally fixing the problem, we'd be fired.

    On the other hand, if I were the head of IT at some place and we've decided to migrate everything to some giant, well-liked third party with a reputation for excellence, it'd be really easy to say, "That's just how tech is, it's hard to do right even for Google, get used to it. Oh, and while you're looking for ways to prevent such a 'catastrophe' from ever happening again, consider boosting the IT budget, will ya?"

    I'll bet that IT manager is pretty happy right now, student complaints aside.

    1. Re:Google: Lowering standards for the rest of us by JasterBobaMereel · · Score: 4, Insightful

      The current IT guy is laughing .... it is out of his hands and he cannot do anything about it and everyone knows this ...the person who outsourced it to Google however .....!

      --
      Puteulanus fenestra mortis
    2. Re:Google: Lowering standards for the rest of us by martinX · · Score: 4, Interesting

      we've decided to migrate everything to some giant, well-liked third party with a reputation for excellence,

      Does Google actually have a reputation for excellence? Apart from their search engine and maybe Google Maps, is anything they make "excellent"? Does anything excel; is anything groundbreaking and complete in utility and quality? I remember when a lot of their releases stayed in extended-Beta, which is code for "it's free, it's out there so use it at your own peril". I find a lot of their stuff nifty, and I think they head in interesting new directions, but they seem to be always short of excellence. Personally I think that they have gained years worth of kudos - and, by extension, a reputation for excellence - by creating a great search engine (not to mention the big plus of not being Microsoft) and are spending it.

      --
      When they came for the communists, I said "He's next door. Take him away. Goddam commies."
    3. Re:Google: Lowering standards for the rest of us by KnownIssues · · Score: 4, Interesting

      Apart from their search engine and maybe Google Maps, is anything they make "excellent"?

      I have to say, I'm really glad to hear someone share this opinion. I've been a long time "fanboy" of Google, seldom questioning any of their choices (while finding all manner of things to be critical of with Microsoft, Apple, and *nix/open-source). On reflexion after reading this, I've come to realize something: Google is what would result from my IQ being doubled and a thousand clones made from me. They find some problem-space, develop something with really cool potential, get bored when it comes to refining the product and making it viable, then find some shiny new problem to work on. It's like they're grad students getting paid by a commercial entity to do research.

    4. Re:Google: Lowering standards for the rest of us by artg · · Score: 2, Insightful

      The bar is the expectation of faults arising and time to fix, not faults in specific applications. Compared to Microsoft, a fault affecting 22 students that's fixed in 3 days is well beyond excellence.

    5. Re:Google: Lowering standards for the rest of us by drinkypoo · · Score: 2, Insightful

      He didn't lose his job, he became less efficient than someone or something else at it.

      False. Everything the college has outsourced so far has become a problem. Not having someone onsite will be a bigger one. They are actually settling for less service because they are out of money (in this case, mostly because the administrators get paid very, very well.)

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  6. Re:Breach of privacy by Anonymous Coward · · Score: 5, Funny

    I'm French

    Just save us the trouble and surrender this argument now.

  7. Re:Someone has high demands. by JonJ · · Score: 2, Informative

    You want faster response times, 100% avail and dedicated engineers? For free?

    I don't think they are giving this away for free.

    --
    -- Linux user #369862
  8. Re:Someone has high demands. by olderchurch · · Score: 2, Informative

    Yes they do: https://www.google.com/support/a/bin/answer.py?answer=139019

    --
    Disclaimer: This opinion was created without the use of any facts
  9. Re:methinks he doth protest too much by gbjbaanb · · Score: 4, Insightful

    Most people don't keep that on their email accounts...

    Most people don't keep that *what* on their email accounts?

    Private stuff?
    Passwords?
    User ids?
    $25,000,000 money-making invitations?
    Shakespeare quotes?

    I know one fact about email which makes it an incredibly important security risk - the 'I forgot my password' link. Log on to a site you think the user uses, click that 'forgot' link, read his new password a few moments later. erm.. profit.

    That said, this is google mail we're talking about, the one that bills itself as "store everything on us" we're safe and you'll never lose an email again thanks to our massive storage, indexing and searching facilities. So, for some people email is downloaded immediately and never stored on the server, for many many others, it stays right on the server.

    I'd have cancelled the account, the way it was handled is not acceptable, even a free service has reasonable expectations of security. To let it linger for 3 days... that's simply not good enough.

  10. Re:Someone has high demands. by Trogre · · Score: 5, Insightful

    I'm sorry, perhaps you missed the part where students could read each others emails.

    Microsoft participation is not required in this case.

    --
    "Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife
  11. They must be kidding by trifish · · Score: 5, Informative

    While the glitch itself was minor and was fixed in a few days

    Pardon my ignorance, the glitch was minor?

    What?

    The fact that emails contain back-mailed passwords to many kinds of online services, including those involving payments (which is stupid practice, but the online service providers do it anyway, they send you the password when you sign up)...

    The fact that I can reset your password to any third-party online service account where I know that you use it and that you associated it with this email account...

    Still minor glitch? Reading others emails? Really? I or TFA must be missing something.

    1. Re:They must be kidding by Anarchduke · · Score: 4, Informative
      Small glitch, as in 22 out of 200 students affected on a data migration to Google's free service.

      The glitch itself wasn't fixed for three days, true. However, the glitch occurred on Friday, and the CIS department notified Google of the issue Saturday. Prior to the fix on Tuesday, Google had disabled the accounts. The article also states that during this 24 to 48 hour windows before Google shut down the accounts, the CIS had sent out emails to the students and waited for their replies. I don't know how fast you expect students to reply to an email sent out over the weekend, but I am guessing that those emails didn't get back to the CIS department immediately. Let's give it 12 hours.

      So, a free service responds to your problem and disables the accounts within 24 to 36 hours, then fixes the problem 18 - 36 hours later. All the while this same service is responding to similar glitches at ten other institutions, with no word on how large those universities were.

      Overall, I'd say that is a pretty fair turnaround, all things considered.


      By the way, the author of the article, Sarah Perez, seems like a fairly Microsoft-centric person, considering her personal website. So the guess by miffo doesn't seem that far off.

      Consider the article itself

      Friday, September 11th, a couple of students notified Brown's Computing and Information Services department (CIS) that they were able to read emails belonging to other students. The CIS department contacted Google on the following dayand sent out an email to the 200 students whose mailboxes were in transition

      then she says:

      That means that the students had access to each other's email accounts for three solid days (Saturday, Sunday, Monday) as well as parts of Friday and Tuesday before the accounts were suspended by Google

      The author includes "parts of Friday" even though she had made it clear Google wasn't notified until Saturday. I mean, my God, Google didn't even bother to go back in time to before they were notified!!!

      --
      who prays for Satan? Who in 18 centuries has had the humanity to pray for the 1 sinner that needed it most? ~Mark Twain
    2. Re:They must be kidding by Professor_UNIX · · Score: 2, Insightful

      Who the hell uses their college e-mail account for anything important unless you're part of the staff? When I was in school I just forwarded my university address to my home account.

    3. Re:They must be kidding by agiduda · · Score: 3, Informative

      By the way, the author of the article, Sarah Perez, seems like a fairly Microsoft-centric person, considering her personal website.

      Understatement, she is a contract worker at Microsoft and has what reads to me as a very defensive disclaimer on her site. Her neutrality is questionable.

      --
      How much easier it is to be critical than to be correct.
      -Benjamin Disraeli
  12. Re:methinks he doth protest too much by Arancaytar · · Score: 2, Interesting

    Well, that's one reason why those passwords aren't sent in clear. Breaking into someone's email account to get access to a forum/blog/website account is relatively easy - preventing them from catching on is hard to impossible.

    Another security feature is to force you to leave your account unused for a week, to make sure the account is really not accessible. Few sites actually use it, unfortunately (Gmail does) - it's a substantial convenience trade-off, and people always value convenience above security.

  13. Re:Someone has high demands. by Anonymous Coward · · Score: 5, Interesting

    What the fuck.

    This is a really big deal. And if the excuse is that 3 days (admittedly, 2 of them weekend days) turnaround on an absolute security breach is what you get for free, and to expect better you must pay for it, then the proper response is to pay for better and not use this service because it's shit-broken. It is my understanding that Google Apps for Education is not a tiered service -- you're a school, you get it free; there is no paying for better. If there IS paying for better, then we should spread awareness that the free version is bad.

    Might I point out that losing privacy on your email and THEN losing access is pretty much the worst possible failure mode? This is an enormous fuck-up. This has nothing to do with Microsoft. Why would you bring up Microsoft? YOU are the one twisting something into what it is not to make some other company look bad. If I were as paranoid as you, I'd suggest that Google or Apple or somesuch was paying you to do this, but in fact, I know that you're capable of being fuckwitted all on your own.

    Jesus Christ. Google Apps' security fails utterly, and that's Google kicking Microsoft in the groin to you? Maybe Google can start a puppy-stomping program; I bet that's just like Google ripping Microsoft's arms off.

    I'd be a lot more comfortable if Google said "yeah, we fucked up, here's what we're going to do to prevent this from happening again". Instead we get the self-contradictory "it was a small hiccup [...] it's an issue we've taken extremely seriously".

  14. Re:Someone has high demands. by miffo.swe · · Score: 2, Interesting

    My impression is that this incident is a fuckup at the customer end of things. The problem was getting the emails out of Exchange into the right account in Google Apps.

    This is something where i personally have missed a couple of times and its very common since there are always some accounts that are broken in an exchange system.

    --
    HTTP/1.1 400
  15. Legal issues? by Max+Romantschuk · · Score: 2, Informative

    In Finland reading someone else's mail, of electronic or snail variety, is illegal. What about other legislations? This sounds like something that would be taken rather seriously here.

    (Actually, due to how seriously this is taken a recent law has (unfortunately) been put in place, to explicitly allow employers to read employees' work mail. Google "lex Nokia" for more info.)

    --
    .: Max Romantschuk :: http://max.romantschuk.fi/
  16. Re:Someone has high demands. by st0rmshad0w · · Score: 3, Insightful

    What the FSCK! How lame is your college that it can't run an email system?

    When you finally get out you might want to check and see if your diploma is signed.

  17. Re:Minor glitch! I think not by ubrgeek · · Score: 2, Interesting

    In most (all?) states, universities that receive federal government funds have an absolute requirement to protect privacy-related information. That's one of the reasons nearly 20 years ago the California State University system switched from using SSNs as student ID numbers to some non-related numbering system. I know, because I was part of the group that challenged the use of SSNs. As IANAL, I don't know if what happened in the article email _might_ constitute the same thing, not do I know if the same would be true (i.e. whether it would constitute such a breach) if the system has a "If you use this system, you consent to monitoring" banner that pops up at login.

    --
    Bark less. Wag more.
  18. Re:Someone has high demands. by miffo.swe · · Score: 2, Insightful

    "Why are you diverting a serious matter like this into smearing a company that most likely had nothing to do with it?"

    Because Microsoft is running a big campaign in portraying Google as bad. Google is a really hard hit target right now for FUD. The fact that this was a big Microsoft Exchange customer before makes my radar tingle a bit extra for that reason.

    "E-mail accounts can contain very sensitive data, ranging from bank papers to personal issues. And especially if people you know get access to this, it makes the problem more serious than ever. "

    Yes, and the problem wasnt Google Apps in itself but getting mails out from exchange and into Google Mail to the right account. It was more a migration error than any security problem. Most times the problem with migrations lies in broken accounts in the source system.

    "And the fact that it is free doesn't make it more acceptable. It's like saying that someone volunteering for a non-paid job can act whichever way he or she wants just because it's free. No, you still have to follow rules. "

    The fact that its free does make it more acceptable. Where talking free market here, not soviet russia.

    "Comments like this make me realize why there are so many extremists in this world."

    Different view = extremist? Yay for talibans!

    --
    HTTP/1.1 400
  19. Re:Someone has high demands. by miffo.swe · · Score: 3, Informative

    "I'm sorry, perhaps you missed the part where students could read each others emails."

    If we are to be true, students could not reach other students inboxes. During migration mails wore put in wrong inboxes. Its a pretty big difference if the source system is on crack or if there is a security breach in the target system. In this case the problem could lie in the software used to migrate the users mails but it did not lie in Google Apps itself.

    --
    HTTP/1.1 400
  20. FERPA by wireloose · · Score: 4, Interesting

    Worse than just a breach of privacy of email, students use their college-provided accounts to communicate with their faculty. If other students are able to see their emails, that constitutes a potential FERPA breach. As a college IT administrator, I would be screaming at Google for not sharing info and reacting immediately. Waiting a day to shut the accounts down temporarily is inexcusable.

    1. Re:FERPA by surgen · · Score: 2, Interesting

      As a college student, the possibility of having my own personal emails with faculty members exposed concerns me, but nowhere near as much as the confidential student data emailed between me and the staff members I work for.

  21. Re:Breach of privacy by agentgonzo · · Score: 2, Interesting

    Actually, a lot of people probably would. One of the things that really annoys me is that large companies will dispose of their old IT equipment by throwing it in a skip rather than donating it to local schools who would benefit from them. One of the major reasons that they do this (from what I have heard) is because "if we give it away to a school and someone goes wrong, we would be liable and could get sued". I still don't understand why the school can't just agree (via a disclamer or whatever) not to sue, but that's probably because I'm not a lawyer and live in my own little make-believe world where people shouldn't sue just because they can get away with it.

  22. Re:Breach of privacy by brusk · · Score: 2, Insightful

    Not paying anything? Tuition at Brown is $35,584, and some of that goes to IT services; the fact that they've contracted student email service out to Google is irrelevant.

    --
    .sig withheld by request
  23. Re:Why is it even necessary for "school email" by Ash-Fox · · Score: 2, Interesting

    Why is it even necessary, in this day and age, for a school to provide their students with email?

    Off the top of my head... Facebook, student deals with software companies like Microsoft who verify you're on a .edu domain, people who are incapable of registering an e-mail address themselves etc. are things that come up to the top of my head.

    --
    Change is certain; progress is not obligatory.
  24. Re:The IT manager is praising them by betterunixthanunix · · Score: 2, Insightful

    The article does not give many details on what their email system was before they sold their soul to Google. It may very well have been (or perceived to have been) worse, and this is an improvement in the eyes of upper management.

    --
    Palm trees and 8
  25. Re:Breach of privacy by Dog-Cow · · Score: 2, Interesting

    My understanding is that's it's actually for accounting purposes. The equipment can't be written off the same way if they are donated, or something like that. I'm neither an accountant nor a tax specialist.

  26. Re:Breach of privacy by Culture20 · · Score: 2, Insightful

    What privacy? Those are Google's emails. They were sent by your friends to Google. That they are about you and you are allowed to read them makes no difference to their ownership.
    /sarcasm ...?

  27. Re:Someone has high demands. by Blymie · · Score: 3, Insightful

    It isn't FREE, people.

    Google advertises all over the place. They store your mail for an indeterminate period of time.

    They link your gmail account cookie to your google account cookie, which is linked to various advertising streams.

    Do you think TV is free? Really? Ever heard of commercials?

    TV is a deployment method for commercial advertising. It's at breaks (standard commercials). It's during TV shows, with in show spots for products.. such as actors pumping various products. It's at the bottom of the screen, with dancing advertising logos and such, while you watch the show!

    This is not free. This is an arrangement between two entities. You watch our shows, and we try to sell you things. Clearly your time has value, you watching has value, and that is why TV is on the air. It isn't on the air to be 'free'.

    That is, unless you think that 'free' means 'no hard currency was exchanged'. If you do, then I suppose you help your friends move for 'free', and the beer and pizza after isn't compensation?

    Gmail is not different. It isn't free. Google is making a PROFIT on this -- or if not, it will be. It will make money by examining the relationships between people that use gmail. It will make money by examining those relationships, and what you search for on the web. It will make the same money, by looking at those relationships, your financial data (Google finance), the places you search for on Google Maps, the apps you download with Andoird/Gphone, the people you call in your gphone, and on and on and on.

    Google has become the largest depository of human interaction. They span more than email and searches. They know who you are in contact with, who you buy from, and the list goes on and on.

    Further, they store this information for an indeterminate period of time.

    Whether or not you like this, whether or not you approve, it is what you pay for using their service.

    Free? Hell no!

  28. Re:The IT manager is praising them by glyneth · · Score: 3, Interesting

    This will make me unable to moderate, but what the hell?

    Brown had a unix based backend for years. A few years back, they got a new IT head, who insisted on off-the-shelf packages for everything. So out went postoffice, and in came Exchange. It's been running Exchange since then, and yes, untold numbers of problems (though nothing like this). We're not even on the most recent version of Exchange, which will make my office's future transition to Snow Leopard problematic since afaik the native Mail interoperability with Exchange that comes in 10.6 won't work with anything but the latest.

    AFAIK, the plan is to move everyone to Google eventually, departments too. Once they get all the security figured out. This isn't helping, of course.

  29. Re:Breach of privacy by thePowerOfGrayskull · · Score: 2, Interesting

    And that's why the American legal system is FUTA. In most sensible countries, you *can* sue them *if* you have experienced a major problem due to their behaviour - eg, if you can show that you have lost money/posessions/safety etc as a direct result of someone else having access to your emails. You can't just go "I feel slightly aggrieved that someone read my email - give me a bajillion dollars!!!!".

    Spoken like someone whose only expose to the American legal system is via television...

  30. Re:Someone has high demands. by Albanach · · Score: 2, Interesting

    How lame is your college that it can't run an email system?

    I don't think anyone, except you, is suggesting the colleges can't run an email service.

    Email is time consuming and expensive to provide. 10, 20 or 30 thousand accounts, all demanding storage - and these days you can't give folk 100MB quotas. Accounts that are all attracting spam that requires either constant tweaking of anti-spam rules, or outsourcing spam and virus checking. Add in off-site backups, support, abuse and you are quickly spending tens of thousands on equipment and more on staff.

    Then they get a call, or an email saying Google will offer all that for free. For a school facing budget constraints it's a very tempting offer. It says more about their budget than their technical ability.

  31. Re:Someone has high demands. by afex · · Score: 3, Interesting

    That is, unless you think that 'free' means 'no hard currency was exchanged'.

    Yea, that's pretty much what we all think. do you really think someone is reading your post and going
    "holy crap, he's right - they DO look at my data! and tv DOES have ads! none of this is FREE!!!!"
     Yea, we all know we are giving up time, or letting company X gain something by giving our time, or whatever, but most of the general public (including me!) considers only their pocketbook when thinking about whether or not something is "free". Hell, even if i have to spend 20 minutes doing something (lets say filling out a rebate on something so that the final price is $0), i STILL consider it free!

  32. Re:methinks he doth protest too much by nametaken · · Score: 2, Informative

    I don't know that I'd call that inconvenient. I'd say being locked out of my email for a solid week is unacceptable, and I'd migrate away from that provider immediately.

  33. Re:Someone has high demands. by agwadude · · Score: 3, Informative

    A few mailboxes (20 out of 200) had the wrong mail migrated into them. We don't even know the source of this problem yet, but the university could very well have TOLD Google to put sally.smith's e-mail into sally.jones' new mail box.

    This isn't a google apps security problem. Please RTFA and get off your high horse.

    No, why don't you RTFA and get off your high horse. According to an article linked from TFA, Google acknowledged the problem was on their end, and an earlier comment from a Brown sysadmin indicates that Google upgraded their migration tool right before this happened. It may have "only" been 20 out of 200 accounts, but the problem is squarely Google's fault; stop blaming the Brown sysadmins.