It's Time To Ditch IndiaTimes Email
When such superior email services like Gmail, Yahoo Mail and Hotmail are available; I’m surprised that some people are still using Indiatimes email. While the Indiatimes email user might have his/her own compelling reason to stick to it (user ID not available in other mail services / first email ID to be created / employed with ToI group :-) etc), there are some glaring security issues because of which you should discontinue using IndiaTimes email.
When the referring link in your blog’s sitemeter indicates that the hit has originated from an email ID (in case the permalink of your blog / blog post is circulated through email), and you decide to click on the referring link, it will normally throw up a login screen for the relevant email service. Gmail, Yahoo Mail and Hotmail ensure that even the User ID of the mail user is not displayed when you try to find out the referrer. In sharp contrast, if the referring link points to an Indiatimes email ID, then the user ID of the Indiatimes user is also mentioned in the referring link. In addition to this, the referring link leads you to the Inbox of the Indiatimes email user. This means that somebody could gain access to such an IndiaTimes email ID without knowing either the email ID or password. Some hit counter services (Sitemeter, Extremetracking and Bravenet to name a few) allow bloggers to give public access to their site statistics. In such a case, when a random reader who visits the site statistics notices that one of the referring link is from an Indiatimes email ID, then such a random reader can gain access to the referring Indiatimes email account.
I may not be technically competent to explain the above security glitch in a language, which is easily understandable to the average user. In case you or your friends use an Indiatimes email ID, please do not to click on any outgoing link directly from your email account (you may copy and paste the relevant link in your browser to avoid any security glitch). In the long term, you may switch to a service, which offers a higher degree of security.
When the referring link in your blog’s sitemeter indicates that the hit has originated from an email ID (in case the permalink of your blog / blog post is circulated through email), and you decide to click on the referring link, it will normally throw up a login screen for the relevant email service. Gmail, Yahoo Mail and Hotmail ensure that even the User ID of the mail user is not displayed when you try to find out the referrer. In sharp contrast, if the referring link points to an Indiatimes email ID, then the user ID of the Indiatimes user is also mentioned in the referring link. In addition to this, the referring link leads you to the Inbox of the Indiatimes email user. This means that somebody could gain access to such an IndiaTimes email ID without knowing either the email ID or password. Some hit counter services (Sitemeter, Extremetracking and Bravenet to name a few) allow bloggers to give public access to their site statistics. In such a case, when a random reader who visits the site statistics notices that one of the referring link is from an Indiatimes email ID, then such a random reader can gain access to the referring Indiatimes email account.
I may not be technically competent to explain the above security glitch in a language, which is easily understandable to the average user. In case you or your friends use an Indiatimes email ID, please do not to click on any outgoing link directly from your email account (you may copy and paste the relevant link in your browser to avoid any security glitch). In the long term, you may switch to a service, which offers a higher degree of security.
Can knowledgeable readers also throw some light on how Rediffmail handles this? I'm more concerned because Rediffmail enjoys a higher degree of patronage.
8 Comments:
This is quite a security glitch! I don't think Rediffmail is like that though. Found it to be relatively secure.
By neha vish, at 11:55 PM
Wow! You need to be a really, really dumb programmer to leave a glitch like that! I am going to create an account now to test this out ;-)
By Anonymous, at 12:03 AM
Tried it, didn't work. Did they fix it or was it a one off error? Either case, stay away!
By Anonymous, at 12:11 AM
OMG that is scary, they can't be that stupid
By Unknown, at 12:34 AM
Now I know better why any email service with an offering of one GB of space is not on the same footing as Gmail and Yahoo Mail.You refer to Hotmail(Windows Live Mail in its new avatar) which i would not recommend.
By Anonymous, at 1:12 AM
rediff does it fine.. it doesnt have this problem.. but the reason y i hate rediffmail and yahoomail is the sheer number of distracting ads that tend to bother u when u browse... and that stupid if u dont login for 30 dyas ur mails r gone.. if u dont login fro 60 days ur account is deleted crap is too much to think abt... and talk abt that dumb registration porcess in rediff where they ask what the heck u own.. and what not is totally unacceptable.. but still the problem with rediff is in accounts created abt 4 years abck when they came out..(they actually had a nice interface.. and a clean layout then) the passwords where in plai text in the long URL which u cna cut and paste... sometimes it was encrypted but 2 min with soem knowedge u could break it.... personally inspite the fact that the new yahoo interface looks nice... its bloatly and has loads of ads and takes a while to load.. ahnds down gmail wins this in all concepts...if only they came out with an IMAP soon.. i know they r doing it... let c
By Villain, at 2:25 AM
@Neha,
Looks like Indiatimes is the only inferior email service.
@Antrix,
This could be one-off, but I have noticed this atleast twice in the past.
@WA,
the sad fact is that not many of Indiatimes users might know about this.
@Anand,
I don't use Hotmail, so can't really relate to it, anyway thanks for the feedback about WIndows Live Mail.
@Villain,
even hotmail deletes the mails if not accessed for a reasonable period of time.
@Patrix,
I thought Yahoo was a definitely better than the rest, this is a shocker.
By Kaps, at 1:30 AM
You are right. I use Indiatimes email, but only for the spam mails :)
IndianArchie
Musings that Amuse
Think Dull
By IndianArchie, at 3:53 AM
Post a Comment
<< Home