jm + gmail   18

Unroll.me sold your data to Uber
'Uber devoted teams to so-called competitive intelligence, purchasing data from Slice Intelligence, which collected customers' emailed Lyft receipts via Unroll.me and sold the data to Uber'.

Also: 'Unroll.me allegedly "kept a copy of every single email that you sent or received" in "poorly secured S3 buckets"': https://news.ycombinator.com/item?id=14180463

Unroll.me CEO: 'felt bad “to see that some of our users were upset to learn about how we monetise our free service”.'
https://www.theguardian.com/technology/2017/apr/24/unrollme-mail-unsubscription-service-heartbroken-sells-user-inbox-data-slice
uber  unroll.me  gmail  google  privacy  data-protection  lyft  scumbags  slice-intelligence 
8 weeks ago by jm
Spammergate: The Fall of an Empire
Featuring this interesting reactive-block evasion tactic:
In that screenshot, a RCM co-conspirator describes a technique in which the spammer seeks to open as many connections as possible between themselves and a Gmail server. This is done by purposefully configuring your own machine to send response packets extremely slowly, and in a fragmented manner, while constantly requesting more connections.
Then, when the Gmail server is almost ready to give up and drop all connections, the spammer suddenly sends as many emails as possible through the pile of connection tunnels. The receiving side is then overwhelmed with data and will quickly block the sender, but not before processing a large load of emails.


(via Tony Finch)
via:fanf  spam  antispam  gmail  blocklists  packets  tcp  networking 
march 2017 by jm
The disturbingly simple way dozens of celebrities had their nude photos stolen
Basic phishing:

'Collins hacked over 100 people by sending emails that looked like they came from Apple and Google, such as “e-mail.protection318@icloud.com,” “noreply_helpdesk0118@outlook.com,” and “secure.helpdesk0019@gmail.com.” According to the government, Collins asked for his victims’ iCloud or Gmail usernames and passwords and “because of the victims’ belief that the email had come from their [Internet Service Providers], numerous victims responded by giving [them].”'
security  phishing  nudes  fappening  celebs  gmail  icloud  apple 
march 2016 by jm
Gmail supports animated emoji in e-mail subjects
Currently only used in spam, naturally. (via Hilary Mason)
spam  gmail  animation  gif  base64  emojis  goomojis 
september 2015 by jm
My wife found my email in the Ashley Madison database
On misdirected emails and the potential side-effects:
The reasons why these people give out my email instead of one that they can access have always been a bit mysterious to me. It’s one thing to save yourself some spam by using a throwaway address. But why use someone else’s for correspondence you actually want to receive? The closest I’ve come to a working theory is that a lot of them, having been slow off the mark to obtain their own gmail, have addresses like eratliff75@gmail.com. Either they believe they can leave off the numbers and receive the messages anyway, or they often simply forget. That or the E. Ratliffs of the world just view eratliff@gmail.com as some kind of shared resource.
email  mail  ashley-madison  gmail  mistakes  misdirected-email 
august 2015 by jm
attacks using U+202E - RIGHT-TO-LEFT OVERRIDE
Security implications of in-band signalling strikes again, 43 years after the "Blue Box" hit the mainstream.

Jamie McCarthy on Twitter: ".@cmdrtaco - Remember when we had to block the U+202E code point in Slashdot comments to stop siht ekil stnemmoc? https://t.co/TcHxKkx9Oo"

See also http://krebsonsecurity.com/2011/09/right-to-left-override-aids-email-attacks/ -- GMail was vulnerable too; and http://en.wikipedia.org/wiki/Unicode_control_characters for more inline control chars.

http://unicode.org/reports/tr36/#Bidirectional_Text_Spoofing has some official recommendations from the Unicode consortium on dealing with bidi override chars.
security  attacks  rlo  unicode  control-characters  codepoints  bidi  text  gmail  slashdot  sanitization  input 
april 2015 by jm
The Oral History Of The Poop Emoji (Or, How Google Brought Poop To America)
'I went over to Japan right around the time Takeshi was deciding which emoji were going to make it into the first cut of Gmail emoji. The [PILE_OF_POO emoji] was absolutely one of the necessary emoji that Takeshi said we have to have. There was actually conflict because there were people back at headquarters who had no idea what emoji were, and thought that having an animated [turd] in their Gmail was offensive.'

'[The poop emoji] got very popular when a comic called "Dr. Slump" was broadcast in Japan back to the ‘90s. Such poop was not an object to be disliked, but it had a funny meaning. This was a very popular comedy animation where a girl played a trick on other people using the poop. The poop was this funny object to play with. It was never serious.' 'In Japanese that’s called “unchi.” It’s a child word with a benign meaning. '
culture  emoji  google  pile-of-poo  turd  poo  japan  gmail  unchi  dr-slump 
november 2014 by jm
'The very first release of Gmail simply used spamassassin on the backend'
Excellent. Confirming what I'd heard from a few other sources, too ;)

This is a well-written history of the anti-spam war so far, from Mike Hearn, writing with the Google/Gmail point of view:

Brief note about my background, to establish credentials: I worked at
Google for about 7.5 years. For about 4.5 of those I worked on the Gmail
abuse team, which is very tightly linked with the spam team (they use the
same software, share the same on-call rotations etc).


Reading this kind of stuff is awesome for me, since it's a nice picture of a fun problem to work on -- the Gmail team took the right ideas about how to fight spam, and scaled them up to the 10s-of-millions DAU mark. Nicely done.

The second half is some interesting musings on end-to-end encrypted communications and how it would deal with spam. Worth a read...
gmail  google  spam  anti-spam  filtering  spamassassin  history 
september 2014 by jm
How Gmail Happened: The Inside Story of Its Launch 10 Years Ago Today
the inside story of the great work done by Paul Buchheit, Kevin Fox, and Sanjeev Singh to reinvent email in 2004
history  gmail  email  smtp  mua  paul-buchheit  kevin-fox  launches  google  web 
april 2014 by jm
Former NSA and CIA director says terrorists love using Gmail
At one point, Hayden expressed a distaste for online anonymity, saying "The problem I have with the Internet is that it's anonymous." But he noted, there is a struggle over that issue even inside government. The issue came to a head during the Arab Spring movement when the State Department was funding technology [presumably Tor?] to protect the anonymity of activists so governments could not track down or repress their voices.

"We have a very difficult time with this," Hayden said. He then asked, "is our vision of the World Wide Web the global digital commons -- at this point you should see butterflies flying here and soft background meadow-like music -- or a global free fire zone?" Given that Hayden also compared the Internet to the wild west and Somalia, Hayden clearly leans toward the "global free fire zone" vision of the Internet.


well, that's a good analogy for where we're going -- a global free-fire zone.
gmail  cia  nsa  surveillance  michael-hayden  security  snooping  law  tor  arab-spring 
september 2013 by jm
al3x/sovereign
'Sovereign is a set of Ansible playbooks that you can use to build and maintain' your own GMail/Google calendar/etc. on a VPS. Some up-to-date hosting tips, basically
sovereign  gmail  google  vps  ansible  al3x  hosting 
august 2013 by jm
Sup relaunched
hooray! Command-line gmailish goodness returns. And with a signed gem, to boot
gems  ruby  sup  mail  gmail  mua 
may 2013 by jm
Archiving Gmail to Evernote
Google Drive and GMail have a built-in scripting engine. I had no idea
gmail  evernote  archival  scripting  coding  hacks  google-drive 
april 2013 by jm
GMail partial outage - Dec 10 2012 incident report [PDF]
TL;DR: a bad load balancer change was deployed globally, causing the impact. 21 minute time to detection. Single-location rollout is now on the cards
gmail  google  coe  incidents  postmortems  outages 
december 2012 by jm
Gmail APIs and Tools: IMAP and SMTP using OAuth
'The Gmail IMAP and SMTP servers have been extended to support authorization via the industry-standard OAuth protocol.' pretty cool, support third parties sending outbound as you, or filtering your inbound gmail
gmail  mail  oauth  smtp  imap  api  from delicious
march 2010 by jm
Gmail now intercepting "mark as spam" and interpreting it using the List-Unsubscribe header
good call. but as one commenter notes: why isn't there an "unsubscribe from this list" button in the normal UI? now if I want to use this as a quick-unsub mechanism for mail I know is ham, I'm _forced_ to use "mark as spam" to get this shortcut, which doesn't make much sense
via:aliverson  gmail  google  spam  filtering  ui  mail  mailing-lists  unsubscribe 
july 2009 by jm

Copy this bookmark:



description:


tags: