Google employee spied at my gmail account
Google employee spied at my gmail account and activated their 'unusual activity filter'.
What do I do with this? I have a proof. How do I present it to the public? Should I report it somewhere? If so, where?
Did they even had right to do this?
27 comments
[ 3.4 ms ] story [ 72.4 ms ] threadAs for proof: saved web pages, screenshots, copies of any communication you have would be helpful. There was one case I know of when someone at Google was spying on users' email, they took the case very seriously and fired him.
As for whether they have a right to: I'm sure they do. Anyone running any email server has the right to look at your emails for purposes of maintenance etc. From their privacy policy: We restrict access to personal information to Google employees, contractors and agents who need to know that information in order to process it for us, and who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
http://support.google.com/mail/bin/answer.py?hl=en&answe...
I've logged into my account and there was this 'Unusual activity detected' pop-up. At first I thought that someone stolen my password via a Trojan but I don't download anything and my software is up to date.
I've clicked at "more" (or something like that, I can't access the same menu right now) and it showed me the hostname and IP address of the unusual logon. The hostname was 1e100.net, I've checked it and it turns out its owned by Google.
Screen:
http://i.imgur.com/55kUM.png
The IP points to Mountain View and is also owned by Google.
Right now I only have access the list of previous logons and there are my logons and one with the Google IP:
http://i.imgur.com/nTlWg.png
When I check who owns the IP:
http://i.imgur.com/V8a8b.png
I can't access the previous menu which I could access via that security pop-up. Anyone knows how to go there?
I've blurred IPs and dates so they can't track which account it is.
Tell me how I can mirror the original data as proof.
You need a higher standard of evidence. A buffer overflow could root your computer.
Also, I don't believe that you've never downloaded anything - can you show us a screenshot of your installed software?
You're making a big accusation, and I want to see some more evidence. You claimed never to have downloaded anything, which is unlikely to say the least.
1. Can you provide the screenshot of installed apps?
2. Also, let's see the full ip.
I won't show the full IP until I can mirror that report somehow.
Would Google service trigger the unusual alert?
http://support.google.com/bin/answer.py?hl=en&answer=174...
it's their servers, not their workstations. could be a plugin, maybe something on app-engine? at least an access from 1e100.net isn't a proof of anything.I've thought that The Fourth Amendment to the United States Constitution forbids any kind of mail eavesdropping?
It's like you're saying that "Comcast employee spied at your gmail account," because the IP came from Comcast.
So, continue being very concerned, but maybe not at Google's expense.
Also, if you don't already use Google Two-Factor Authentication, now might be a great time to start.
Maybe this, as well:
http://superuser.com/questions/75841/what-is-1e100-net-and-w...
Mountain View has free city wide wifi sponsored by Google.
If somebody hacked into your a/c, they would do it, while being on a n/w belonging to somebody else, to try to cover their tracks.
My suggestion : send a detailed email to google/gmail support, with screenshots & times of access. They might be able to dig up gmail logs & correlate with gmail isp mountain view wifi logs.
The more likely answer is that Google developers screwed up, and made some normal, authorized, server access look like a user-level, unauthorized access.
I still vote for upgrading to two-factor, and I agree with trying to get in touch with support at Google to have someone look at the logs.
http://productforums.google.com/forum/#!category-topic/gmail...
Here is a former employee discussing gmail access:
http://www.quora.com/How-many-Google-employees-can-access-Gm...
If you have proof and they own up to a policy breach, and you deem it newsworthy by all means post a blog entry.
A) You have some unidentified script accessing your account
or
B) You visited a web page that used an XSS attack to intiate some type of account access that you didn't authorize
Neither case implies that you intended this access to occur. Web-based email clients are suceptible to all the same security vulnerabilities as other web apps. In the case of B, it's even possible that the XSS attack was against some third-party service that is authorized to access your email. I know you've said you don't use any of these types of services, but you'd be amazed what you can forget :)
I'd start by looking at what apps you've authorized to access your information, and work backward from there. You can see which apps have access by visiting the page below.
https://accounts.google.com/b/0/IssuedAuthSubTokens
If you're not comfortable clicking the link, you'll want to look for the "Authorized Access" section of your Google Account page. You can get there by:
* Log in to your Gmail
* Click your name in the upper right
* Click "Account" in the pop-up
* Click "Security" in the list on the left
* Click "Edit" next to "Authorizing applications and sites"