Well, as if AOL/Google couldn’t shoot themselves in the foot enough this week, AOL/Google announces their intentions to open a free email/domain gateway. Tsk Tsk. What on earth are they thinking? Free? Email? Domain? Are you kidding me? You might as well fly a banner over the sendmail conference asking people to start using you as a spam/SEO gateway.

They announce their intentions to build this out in September. So what I’m more interested in than anything is what they intend to do to secure this horror they are building. CAPTCHA? Sure. Identity/background checks? Maybe, but phishing can provide plenty of those. Wow, just wow. Obviously their intention is to compete with Yahoo who is introducing $1.99 domains and has had free webmail forever. They are also have a free phone service to compete with Skype and Yahoo’s VOIP technology.

Something just freaks me out about AOL doing this. AOL has not historically been good at security. I asked a current AOL employee at one time with their fraud loss rates were, and he told me (not under NDA) that the numbers of compromised users are “in excess of a percentage point.” I asked him how much in excess, and he responded, “No comment.” Let’s just say it’s 1%, even though he said flat out that it was above that. If they have 20MM users, that’s 200,000 compromised accounts, with probably compromised identities, and therefore phone numbers, addresses, and who knows what else. Do they really think that this is a good idea? Those same people are the ones who have the most to gain by phishing. And how do you propagate phishing? Email! All a vicious cycle.

Not to mention the possibilities for SEO spam. Free domains? One of the biggest problems for SEO is getting cheap domains. Well there you have it folks. There’s nothing cheaper than free. Feel free… spam all you like. I can’t wait to see how their ToS reads, and see how they intend to protect against that spam. I wonder what their hosting will look like too. Maybe something similar to pages.google.com (I’m also not sure why they are offering competitive services to a major shareholder’s applications). It all seems very odd and poorly thought out.

Oh well, at least the browser companies are starting to act more intelligently.

This entry was posted on Wednesday, August 9th, 2006 at 12:13 pm and is filed under SEO/SEM, Phishing, spam. You can leave a response as well.