Everyone, that is, except for Mr Matthew Brock of Swiss Cottage. I have it on good authority that the gentleman in question, an old friend of mine, is giving Google+ a miss.

It’s not that he dislikes social networking as such. He long ago signed up to Facebook with only a cursory grumble, and he’s frequently to be found sharing photographs on Twitter (@_mattbrock, if you’d like to be friends). But he tells me he’s uneasy about Google’s continued expansion into ever more online markets – and, in this case, about its acquisition of a huge amount of personal information to add to its already vast database. He has therefore decided to be a conscientious objector.

As podcast listeners will know, when it comes to issues like this, my personal privacy policy is “get over yourself”. If Google’s gurus reckon they can make money from me uploading pictures of Mike Jennings in a daft hat then I say good luck to them. Even as I nodded sympathetically along with Brock’s explanation, I admit I felt he was being perhaps a little paranoid. Did he really suppose Google had some evil master-plan?

Little did I imagine that within 24 hours I’d be eating those, er, thoughts.

Changing details

My epiphany began innocently enough that evening, when I decided to change my email address. This isn’t something I do very often, but there comes a point when a mailbox receives so much spam there’s nothing to do but abandon it and move on.

There comes a point when a mailbox receives so much spam there’s nothing to do but abandon it and move on

I should have realised I was opening a can of worms when I discovered there’s actually no way to change a Gmail address. To move to a new address, you must open a new account. That only takes a minute, but I was piqued to find I was unable to migrate my contacts, and to transfer my mail across I had to set up a rather roundabout POP3 transfer.

That wasn’t the only problem, as I realised when I tried to move my Google+ account to my new address. It turns out this isn’t possible either: each profile is permanently linked to the Google account it was created under. Since my Google+ profile was only a few weeks old, it wasn’t exactly stuffed with memories, but it was still irritating to have to ditch it and start afresh.

At that point my phone chirped to tell me I had a new email, and it hit me: my phone too was tied to my old Google account. A quick web search revealed that the only way to set my new address as my primary account would be to perform a factory reset and set the phone up again from scratch.

In the end, moving to a new email address meant losing access not only to my archives and my Google+ account, but also to my Android Market purchases, my Google Docs, my Google Calendar and my Google Checkout history. I also ended up losing all my stars on Angry Birds. (It may have been this realisation that really made me question the wisdom of allowing Google to control so many different services.)

Big mistake

To be fair, the root of the problem isn’t Google’s size as such, but the way it ties its services together. A well-designed database should use some sort of anonymous internal value, such as a serial number, as the key field, so that personal information can be freely modified without breaking the links between tables. Google appears to have ignored this fundamental principle, instead using the email address as the key field. That’s quite literally a schoolboy error – I learnt about key fields way back in GCSE Computer Studies – and Google should be ashamed.

But it wouldn’t be a problem if Google weren’t tying everything together in the first place. Facebook, Twitter and even PayPal accepted my new address without a murmur. If only Android were similarly decoupled from the main Google database, I’d still have my golden eggs right now.

So – to my admitted surprise – I find myself in sympathy with Brock’s position. I’ve never really believed that a big company must necessarily have a malicious agenda; but now I realise you don’t need a plan to cause havoc. With the best will in the world, people – and hence companies – make stupid decisions from time to time. The bigger we allow Google, or any company, to grow, the more scope those stupid decisions have to screw us all.

Update: I’m most grateful to Alan Robertson, in the comments below, for pointing out workarounds for some of the problems mentioned above. The latest version of the Android Market application (which, oddly, doesn’t appear to be available from the Android Market itself) does indeed allow you to install purchased applications from multiple accounts – although this of course means you have to keep your old Google account active alongside your new one, which is a pain.

More usefully, as Alan also mentions, if you have an Android phone or tablet you can configure it to sync your contacts and calendars from your old account – then switch over and resync them to your new account. I’m not sure how you’d do this without an Android device though, as importing contacts directly across Gmail accounts isn’t supported. And it’s still the case that to switch your primary account you must perform a factory reset.

In all, it seems Google is gradually addressing the problems involved in using multiple or changing identities, but there’s some way to go. And, as I mentioned above, the problems are largely ones that in a more diverse market would never have arisen in the first place!

Not everyone has been so lucky, though. As I write this, unscrupulous voyeurs around the globe are sifting through these compromised email accounts looking for… well, whatever they can find. We’ve heard of people finding login details for social-networking sites, online-dating services and even porn sites.

Here at PC Pro we can’t condone such behaviour, fascinating though it would doubtless be to gain such an insight into a stranger’s private life. Happily, the email addresses and passwords themselves are quite revealing.

Where the passwords came from

LulzSec hasn’t said where these credentials came from – in fact, it’s explicitly said they’re “random assortments from a collection.” But the email domains to which the passwords grant access break down as follows:

Nothing too shocking there, except an unexpected skew towards Brazil. More revealing, perhaps, are the usernames and passwords that people have chosen for themselves.

Email usernames

Email accounts must be unique within their domain, so there’s not much repetition. And, unsurprisingly, many people seem to use some variation of their real name: the addresses contain hundreds of Johns, Roberts and Marys (and just as many Diegos and Felipes).

But many more fanciful terms also come up repeatedly in the LulzSec archive. Of 62,000 leaked leaked addresses, 29 include the word “goddess”, while 37 users identify as some sort of “vamp” or “vampire”. Sixty two call themselves either a prince or princess, while 68 call themselves king and a whopping 85 go by queens.

77 users have the word “dragon” in their email address, while 127 go with “bear”

On a similar theme, 77 users have the word “dragon” in their email address, while 127 go with “bear”. Closer to home, 135 of the email addresses include the term “sex”, and 204 of them refer to “love”. Over 300 referred, in some way or other, to “lady”.

Surprisingly, though, the most popular term I could find was “book”, featuring in 326 different usernames.

Why is that? Mikko Hyppönen of F-Secure theorised on his Twitter feed that many of these credentials must have come from a community for aspiring authors. And when we look at the passwords that people have chosen for themselves, that seems a very plausible surmise.

Bookish passwords

Of the 62,000 passwords released by LulzSec, the most-used is “123456”, which comes up 568 times. The next most common password is “123456789”, with 184 occurrences. So far so predictable, and the next hit – “password”, at 133 occurrences – is no more surprising.

The next most common password, however, is “romance”, at 88 occurrences (tying with the rather more prosaic “102030”). After that, with 67 occurrences, is “mystery”.

The theme continues: skipping over some more variations on the numeric theme, other popular passwords include “shadow” (62), “bookworm” (54), “reader” (52), “reading” (47), “booklover” (33) and “library” (26). It all points in a clear direction; and if you’re still doubtful, perhaps the smoking gun is the fact that 30 people have chosen “writerspace” as their password.

What have we learnt?

Clearly, this is a back-of-an-envelope breakdown of a mixed mass of unverified data. But for all that, it gives a fascinating glimpse of some other people’s lives. And it gives an interesting insight into the way people choose their passwords: in this case, apparently, on a theme that reflects the nature of the site they’re visiting.

If you’d like to study the leaked information further – but don’t want to get involved in dodgy downloads – I’ve put together a stripped list of the passwords. I’ve removed the usernames and domains so this data can’t be used for nefarious purposes, but you can still carry out whatever analysis you like, and I’m sure there are plenty more interesting patterns to tease out (I’ve noticed a distinct Disney theme, for example). I’d be delighted to hear your findings.

Also, I’d be very happy to hear if anyone can explain why the seventh most common password in the data file – apparently shared by 62 users – is “ajcuivd289”.

You’ve already doubtless noticed that email marketing outfit Epsilon had fallen victim to a data security breach. US-based Epsilon, a third-party marketing company that sends out emails to customer addresses supplied by well known businesses all over the world, admitted on 30 March that its email database had been hacked.

While only customer names and email addresses were compromised, and then only concerning around 2% (or 50 companies in total) of Epsilon’s client base, the ‘your email address has been compromised’ warnings have been rolling in thick and fast: Hilton Worldwide, Mothercare, Capital One, Barclaycard and Marks and Spencer to name but a few.

But while the security breach itself is serious, it’s tempting to think that the fallout won’t be. After all, what can someone do with your email address and name? The truth is that I expect the Epsilon email attacks to start coming thick and fast, just as soon as lists of names and email addresses tied to specific retailers and businesses have been compiled and sold on the underground criminal market.

Think about it:  getting a generic spam or scam email that isn’t highly targeted (warning you about a bank security issue with a bank you’re not a customer of, for example) is supremely easy to spot and dismiss. When an email arrives that not only names you personally, but connects you with a company that you do business with, then the plausibility factor increases incredibly and your defences immediately lower.

Trusteer set up an experiment to prove that a carefully crafted attack will fool the majority of educated users, and the results are rather shocking

Spam will probably be the first point of attack, but expect to see an increase in phishing emails and malicious links. And it’s the latter that is worrying me the most, especially given the results of an investigation by security outfit Trusteer into just how easily people will click ‘believable’ links in socially engineered emails, despite the best efforts of those in the security business to educate them otherwise.

Trusteer set up an experiment to prove that a carefully crafted attack will fool the majority of educated users, and the results are rather shocking. Using a LinkedIn account set up for the experiment, 100 users were chosen who were known to the company (friends, family, associates) and known to be security savvy. These users were even warned, and asked for permission, to take part in a security experiment but not given any information about what, why or when. You would expect them to have been extra vigilant under such circumstances. An email was sent stating that one of their connections has a new job, complete with a big button for viewing the new job title that actually led to a different website.

The results? No fewer than 41 subjects reached the ‘fake’ landing page within a day, 52 within 48 hours, and 68 people clicked on the potentially dodgy link within a week. Of the 32 who didn’t click, 16 said they hadn’t got the email, seven didn’t read LinkedIn updates anyway and the remaining nine weren’t interested enough in the person concerned to click.

So, if you’ve got one of those warning emails from a company you’ve done business with, be extra vigilant over the coming weeks with regards to your email.

In research which covered more than 1,000 workers from a number of UK-based businesses, OnePoll (on behalf of salesforce.com) concluded that “unnecessary emails are the bane of the modern office, with seven out of ten workers complaining about being sent irrelevant emails or being copied on emails of no interest”.

To be specific (with my specifically sarky remarks in parenthesis) the research suggested that the average office worker receives 43 emails per day (yay, I’m above average in the amount of email I get: 500 per day here) and some 11% get between 51 and 150 emails per day (hah! still above average). That 38% complained about suffering from information overload is the statistic which blew me away. Not because I think it’s one of the big problems facing the average small business today, but exactly the opposite.

I actually found myself thinking that it implies 62% of office workers are sensible enough not to be in trouser-browning territory when it comes to reading their email. That’s a good thing, obviously. But that 38% are apparently incapable of getting to grips with something as simple to deal with as email is hard to believe, and why does the press release accompanying the research results warn me that “trends suggest that this is set to get worse”?

Tim Barker, a vice president of strategy at Salesforce.com reckons that email has become counter-productive as people “blast out” emails to large groups so not to miss anyone, and as a result office workers are faced with the choice of “trawling through countless emails that have nothing to do with them or ignoring them and potentially missing out on vital messages”. Or using some kind of email filtering system which saves them from both scenarios, of course.

In fact, to be honest, I thought that some kind of ’scare the buggers into using our latest email filtering product’ was the point of the press release from Salesforce.com. I was wrong, but not greatly so. What Salesforce.com was apparently doing was suggesting that the “consumerisation of corporate IT” with a “skyrocketing adoption of social media by today’s workforce” mean that businesses should dump email altogether and use it’s new real-time enterprise social collaboration application, called Salesforce Charter.

This, according to the press release, uses profiles, status updates and feeds to enable staff to decide what matters most to them in terms of who to connect with and which groups to collaborate with. It unleashes, I am informed, a “new way to work for people around the world”.

I’m sorry to rain on this strategic sales parade, but I’m not convinced that business needs a new way to work – it just needs to ensure that the current way is working properly and effectively.

Readers of my blog last week will know that I have a penchant for keeping it simple and free when it comes to running the office these days, and that includes my email filtering. Sure, I admit to paying up for my own domain and use a business email hosting company to provide my mailboxes for me. However, when it comes to my day-to-day usage, all the email sent to my happygeek.com email addresses gets forwarded to Gmail where I pick it up. Not only does this provide an instant backup of my inbox, but it also provides a totally free and totally effective method of keeping on top of the email flow.

Of the 500 or so emails that the virtual postman brings in his sack to my door every day, no more than 50 come through my letterbox. The rest end up in the virtual wheelie-bin at the end of my virtual drive, the one marked spam, courtesy of the virtual postman (also known as my email filtering functionality) dumping them there instead of delivering them. But it gets better. Of the 50 emails that are actually delivered, I only have to worry about reading maybe 20 or them with any kind of business-driven urgency.

Priority Inbox

That’s because Gmail now has something called a Priority Inbox function, or spam filtering in reverse if you like. So once all the crap has been filtered out of my email stream, the system goes into reverse and filters what is left into important stuff and not so important stuff. It’s clever, if not exactly at the quantum mechanics scale of brainboxing, looking at what you tend to read, what you tend to throw away, where the mail is coming from, subject matter and keywords etc.

The main thing is that, after a little bit of training anyway, it works: my important email rises like cream to the top of the inbox, leaving the good but milky stuff floating in the middle, and the slightly smelly yoghurt at the bottom. The totally sour content is poured away and I never even see it.

I’ve used the Gmail Priority Inbox example as it’s the new kid on the mail filtering block. It’s not only low-cost but it’s no-cost, it works and I’m using it on a daily basis. But it could be any mail filtering solution, and there are plenty of them out there to suit every business budget and every business size.

I say if you are drowning in email then you are doing it wrong and need to start swimming with the postman….

The beauty of WordPress.com is that it makes exploring what WordPress has to offer so painless. Essentially all you need is an email address and, within a couple of minutes, you can be creating your first posts and pages, changing your theme, monitoring your stats and so on. If you like what you see, you can either stick with WordPress.com’s default free hosting package, upgrade to get your own domain name ($15 a year), redirect an existing domain ($10 a year) or, most powerfully, switch to an independent WordPress host where you’ll be able to extend the framework’s capabilities via third-party plug-ins.

Generally the response has been amazingly enthusiastic – “the difference is night and day” – especially from those owners of existing sites who had previously been paying a fortune to traditional web designers whenever they’d needed to update existing pages.

Recently, however, for one correspondent the dream descended into a nightmare…

Having created a site on WordPress.com he decided it was so good he wanted to replace his existing site with it and sent out a mailshot to advertise the fact. Unfortunately as soon as he switched to his new primary domain (ie. example.com rather than example.wordpress.com) his email stopped working.

Domain mapping, email and custom DNS

Unfortunately things are not as simple as they seem. Indeed the WordPress.com support page includes this:

Warning: Changing the name servers will make any previously setup custom DNS records such as A, CNAME, or MX records stop working. To continue using them, you’ll need to enter new Custom DNS records once you have set up your domain on WordPress.com.

Unfortunately you need to know quite a bit about DNS to realise that this is a serious issue. In particular the Mail eXchanger MX record specifies a mail server responsible for accepting email messages.

At least this pointed to the solution, namely updating the MX record in WordPress.com as discussed on a Custom DNS support page. However, with pitiful support from WordPress.com and existing host alike, this proved easier said than done, as simply adding a pointer back to the original server didn’t solve the problem.

Moreover, based on the support page’s advice that, “it can take up to 48 hours for all the DNS changes to filter through the internet. Don’t panic if it doesn’t work right away”, my correspondent naturally panicked at the prospect of tweaking settings and then having to wait two days without email to see if they had worked.

Thankfully I was able to help him find a fix. On the same page where you enter your custom DNS records, WordPress.com has provided a link to Google Apps for Domains.  This is how WordPress.com provides email handling for those registering a domain with them and, by signing up, my correspondent was able to enter the code Google provided and then click the Generate DNS records command to automatically create the necessary custom MX code to get his domain name-based email back up and running almost instantly. In fact with Outlook-based desktop access as well as webmail access, plus the other benefits of Gmail handling, he was probably better off.

To be honest, I’m not sure how big an issue this is. With well over 10 million sites hosted on WordPress.com, the site must be one of the world’s biggest hosts and domain mapping targets, and clearly most redirects haven’t gone through the same nightmare. Certainly most hosting/domain providers should have experience of how to redirect web traffic to WordPress.com without messing up email. Quite possibly my correspondent’s setup was unusual in some way and I don’t know enough about DNS or email handling to say how (hopefully more experienced readers may be able to shed more light).

However the fact that it happened at all shows that it can be an issue and one that users should be aware of before mapping their existing domain. More importantly it shows that even the simplest content management system (CMS) can occasionally turn around and bite you – failing to backup your all-important database being the prime route from dream to nightmare for those who choose independent hosting.

I still strongly believe that the enormous benefits of CMS handling far outweigh its occasional pitfalls and that the best solution for those looking to create simple sites is WordPress, and that the easiest way to explore how WordPress works and what it can do is via WordPress.com. However I’ll now include a link to this post too.

Now David Allen is a man I admire greatly, and I’m sure there are thousands of people who have converted to his way of doing things with huge success. But he advocates a “system”, a complete change in your habits, and the brutal reality is that most people can’t change their ways. And that includes me.

Instead, I seem to have arrived at a way of doing things that can be best thought of as a kludge. It doesn’t always work and it has its faults. Sometimes I drown in so much email that I want to scream, and sometimes I forget things. But in my mind it’s a 20% of the effort with 80% of the result kind of approach, so for better or worse I share it here.

The ingredients

1. Any email client. It doesn’t matter whether you use Outlook 2003, 2007, 2010 or Thunderbird.

2. A to-do list. This is anathema to David Allen, but I like having a physical to-do list where I can quickly see what needs to be done.

3. A nice big screen. You can get away with a resolution of 1,280 x 1,024 for your main screen, but don’t go lower.

4. A fast-enough computer. One that doesn’t break your thoughts every couple of seconds as it thinks about doing that thing you just asked it to do.

The key “dos”

1. Deal with any email that can be dealt with straight away. Your goal should always be to never look at a simple email twice.

2. Keep emails short. Not only are you wasting your time, you’re wasting the receiver’s time too.

3. Pick up the phone sometimes. As BT always said, it’s good to talk, especially if you need to exchange ideas or explain something complicated: phones let people ask questions you could never anticipate!

4. Switch off alerts in your email client. We all have to put up with enough interruptions in our working day without adding to the burden.

5. Keep a to-do list on your desk. While some people love electronic to-do lists, nothing matches that feeling of crossing out a completed task.

6. Create appointments as reminders. If an email comes in that needs to be dealt with in a week rather than now, convert it into an appointment on your calendar – that way you don’t need to think about it until you’re reminded.

7. Type quickly. Now I appreciate this takes time to learn, but I find it immensely useful to be able to touch-type. It’s a skill I learnt when I was about 20, and I’ve never regretted those evenings I spent with Mavis Beacon.

8. Clean out your inbox each day. I don’t always manage this, and also appreciate that not everyone likes an empty inbox as they see all the emails they’ve been sent as a handy searchable reference, but I find an empty inbox always makes me happy – even if I’ve got a dozen emails sitting in my Deferred folder.

The key “don’ts”

1. Keep an email open while you think what to do with it. By the end of the working day, it will still be sitting there. If you need more time, either close it – if you can guarantee you will get back to it – or move to a “Deferred” folder within your email client.

2. Keep Outlook, or Thunderbird, in view all the time. I used to have Outlook sitting on a second monitor, but since switching to one big screen I’ve found myself much less distracted by incoming mail.

3. CC everyone in your emails by default: do they really need to see what you’ve just written? You could be wasting their time and providing yet another reason for someone to email you.

And that’s it. For me at least. As ever, I’d be fascinated to find what other people do to keep on top of their email.

firstname.portman-early-childhood.westminster@lgfl.net

Just imagine for a second that was your email address. Would you ever attempt to tell people what it is? You can’t even hand out a business card as it would need to be double-width (note that my poor friend isn’t even given a business card… and only gets access to the work email computer once a week).

Anyway, I’m open to alternative suggestions. Have you ever met someone with a worse email address? Or is your own more ridiculous? And while I’m at it, has anyone got a shorter email address than my nice, succinct editor@pcpro.co.uk?

(Obviously, don’t quote your address in any way a bot can harvest it.)

Perhaps understandably, she thought that by using capital letters, her fellow employees would PAY MORE ATTENTION to her missives than if she used regular, lower case.

An employment tribunal also heard that Vicki Walker behaved “provocatively” by highlighting the REALLY IMPORTANT phrases in bold or red.  In one office-wide email presented as evidence she had typed in bold blue letters: “TO ENSURE YOUR STAFF CLAIM IS PROCESSED AND PAID, PLEASE DO FOLLOW THE BELOW CHECK LIST.”

She did say ‘please’ though, which I don’t think is shouty at all.  Mrs Walker said that it was “ridiculous” to describe the email as confrontational, arguing that she was only trying to ensure that her colleagues filled out their forms correctly.

So what is it that we find so offensive about receiving emails peppered with upper case, bright red, bold and underlined instructions? I’ll admit, I think it’s imbuing your own communiqués with a sense of urgency and importance they probably don’t deserve.

Regardless, Mrs Walker was awarded £7,000 ($17,000 NZD) after the tribunal found that she had been unfairly dismissed, as her employer had no email style guide, meaning employees couldn’t be certain about what kinds of communication were deemed unacceptable. But how many companies have email style guides?

Perhaps this may be the safest course of action for some companies.  According to the Daily Telegraph, over-familiar or misjudged emails to clients can costs firms tens of thousands of pounds in lost orders. Quite often I will receive emails from PR executives dotted with smiley/sad faces and even kisses. But I just put that down to them working in PR, and move on.

However, the folks at Microsoft reckon that breaches of unspoken internet etiquette can cost companies in terms of lost orders and offended clients. Last year it teamed up with a British finishing school to compose a ‘netiquette’ guide that explains what is – and isn’t – acceptable behaviour in the internet age.

Since the dawn of email there have been incidents where the recipient has misunderstood a sarcastic or flippant comment, particularly where that good old breakdown in communication happens somewhere over the middle of the Atlantic.

Common mistakes consist mainly of failing to separate personal messages from corporate communication. This includes sending over-familiar emails, making bad jokes (who hasn’t done that?) and flirting with clients online. Less fun that way, you’d imagine, but still a problem, apparently.

Email etiquette is clearly a minefield, which it appears companies will have to navigate very carefully.

Christine Horton is editor of PC Pro’s sister site Channel Pro

Hiya – This is a slightly odd question, but I’m hoping you may be able to help me…

Can you tell me whether a full computer hardrive weighs more than an empty one ? And if it does what does the extra weight comprise of?

Again, I know it’s a strange question, but I would be v grateful if you could shed some light!

Names and email addresses removed to protect the innocent, needless to say.

But it does raise the important question of whether spreadsheets are, metaphorically speaking, heavier than word-processing documents. Are TIFFs heavier than JPEGs? Is Windows heavier than Linux?

Answers on a postcard. And if anyone’s received a stranger email than that, I’d love to hear about it.

For the last few days, I’ve had to “rely” on mobile broadband as I wait for my broadband connection to go live in my new house. The trouble is, it doesn’t work at all well. The first problem is reception: I don’t live in central London but in deepest Bucks, and that means I can only get a GPRS connection.

Or at least, I could. On Saturday last, I had a solid connection for an hour, and though browsing was a slow, awkward affair (anyone remember dial-up?) I managed to get a few things done, and make myself numerous cups of coffee in the spare minutes as I waited for pages to load.

But then, firing up my laptop on Sunday, I was faced with a series of error messages. And, as with all error messages, the recommended steps were of no use whatsoever. I’ve since worked out that it was due to two processes working at the same time (why doesn’t the error message say this is the likely cause?) but as the processes aren’t terribly easy to kill I only had success after a couple of reboots.

And today comes the final nail in my mobile broadband coffin. I’m sitting on the train writing this, with a Vodafone dongle sitting proudly in my machine, but travelling from Aylesbury to London I’ve barely managed a solid connection of longer than five minutes. GPRS network detected, it says. By the time it’s gone through its handshake procedure, we’ve shifted onto another network. GPRS network detected. Signal very poor.

The fact is, I can’t do anything like this. I’ve sent two emails and read five in the same time I’d have sent a dozen and read 50 normally. It’s a long way from being productive. And it’s unfair to single out Vodafone – I’ve had similar experiences with 3, and its software is even worse than Vodafone’s.

Perhaps one day all this will be solved, but bearing in mind how long the 3G network has had to mature it’s incredibly disappointing that the service is so frustrating and unreliable, especially for people on the move. If it hasn’t been sorted by now, will it ever be?