more Gmail security NOT

since my post discussing Gmail security, or the lack of, Google have done, well, nothing to address the situation.

Actually that’s not entirely true they have posted this article stating that users cannot register addresses similar to yours, but with a dot in it

therefore, according to Google

another@gmail.com also regsiters a.n.other@gmail.com

at least that’s what they say…today i received the full details of a purchase someone with a similar but subtly different email address  (add a dot) made, with enough information to easily acquire their identity. I have since delete this email and told the intended recipient (assuming Gmail doesn’t just send it back to me).

 

this seems to be an intermittent fault, I cant believe that uses would continue to use a Gmail account that never received email and I only seem to get partial threads but Google really need to sort this out,

not good enough

 

post script

it gets better, looking into this a little further it is possible for me to access this persons account and credit details for this purchase by simply using the forgot password link and emailing the password to their email address…which goes into my account!!!

/shakes head

 

Technorati Tags: google,security

Higher Education and Content Management

 

We at Eduserv are conducting some research into the needs of Higher education (to be followed by  cultural and government) and their demands for Content Management. 

We’re not so much looking the solutions that institutions use, what we really a interested in the features, functions and future needs of the institutions and what they look for when they are considering a CMS, and indeed what comprises they are forced to make when choosing.

We’re considering the usual needs for a CMS, ease of editing, compliance, migration, workflow, DM and KM integration. But also thinking about interoperability, VLE's and MLE's and course management, what is needed to support students, staff and partners when using HE facilities.

Content management should be a great enabler but only when it meets the needs of the institution *and* the needs of the users, are HE’s getting what they need, or even need what they are asking for?