"Google goes through every Gmail that's sent or received, looking for keywords so they can target Gmail users with paid ads. And there's no way to opt out of this invasion of your privacy. Outlook.com is different—we don't go through your email to sell ads."
How is outlook.com selecting which ads to show? Is there any transparency in that process, or are they showing personalized ads but just going through the title (or some other technicality that isn't a 100% email scan)?
It's enough to be used fairly effectively (if not as topically), for instance by correlating voter registration data with name/location data for highly targeted political ads:
For instance, surfers may be shown a shoe ad if they recently visited a shoe site. Most of this sort of targeting doesn't require your name. Political targeting does. Campaigns may want to reach only reliable party members, or independents who might swing their way....
Finding voters online is difficult, since no public record connects voters to a particular Internet address. That's where Microsoft, Yahoo, AOL and other lesser-known companies come in. Their enormous stores of registration data can serve as the bridge between particular Internet users and their voter information....
Microsoft and Yahoo's targeting service combines two crucial factors: their knowledge of users' personal information and their ability to add cookies to browsers. Over the years, Internet users have given these companies their name when they signed up for free programs like the Microsoft suite of services known as Windows Live, which includes Hotmail. (Microsoft said it does not sell campaigns access to information users provide when they register for Office or other Microsoft products they've bought.)
Microsoft and Yahoo both said the cookies aren't connected directly to names or other personally identifying information. Instead, they use a complicated process to match coded voter information back to anonymous cookies on particular users' browsers.
And yes, they scan your email... news flash - every online email service has access to your email by definition. Either send it encrypted from the client, or don't send things you don't want other people reading.
- Junk filtering, fishing protection and other security protections; all impossible to implement without deep scanning, analysis and correlation (this last item is important: some information extracted from your email is combined to information from other people's emails, in big statistical models and fancy machine learning jobs).
- Index content so you can search it (unless you want to only be able to search by subject and other headers... no, 1988 called, wants its Eudora back). Bing.com may not include results from email, but this is irrelevant, Outlook.com certainly has full-text search so there's indexing.
- Implement all kinds of cool stuff, e.g. Google Now right now shows that my last Amazon order has shipped, a single click on that shows the USPS tracking, how cool is that. Or more modestly, integration with other services from the same provider or from others such as cloud storage, office apps etc., or even simpler features like Outlook.com's ability to automatically sort email into categories, I doubt very much they can do it only looking at headers. (Even if they do, in many cases there's enough private info in headers that just not looking at the email body shouldn't reduce your paranoia.)
In the big picture, the extra scanning for ad targeting is really a very minor part of the whole. So it all boils down to discussing whether you prefer targeted ads or untargeted ads, and whether you trust the cloud service to protect the private information used for this. Notice that this same potential issue exists for all functionality above, not just for ad targeting; so if you don't trust GMail as a matter of principle, then you shouldn't trust Outlook.com either.
Is it just removing ads? Or is it a premium product?
e.g. Gmail has no ads when you buy a Google apps account, but you pay $50 for it because they give you a load of other features as well (Which you may or may not need).
I still think it's good to give the option, but your selling points could get diluted pretty quickly once you start adding more little things to justify your paid memberships.
Of course that is likely an issue with the advertisers that choose wrong keywords that their ads show up for.
That said, I subscribed to Office 365 (or whatever it's called) and I dig it. It has a modern flat design (eschewing the tacky skeuomorphic look). Also, SkyDrive is a great alternative to Dropbox and the Office suite blows away everything else I've tried.
It's a shame that Google Apps got rid of the free tier. I've started 2 businesses on the free tier (< 10 accounts) and now pay around $200/month for each company as they have grown.
Now Microsoft will gain some ground in the email arena.
Definitely good enough for one time @projectname.com mailboxes.
This of course assumes you aren't worried about Google/M$ reading every email and stealing your trade secrets...
Puts on tinfoil hat
It commonly received as a surprise when I talk about it, but once you give away your email to be handled by someone else, the emails are no longer private. If you give it to google, google then owns it. If you give it to Microsoft, its Microsoft that’s own it. Why are people acting so strange to the idea that if you give something away, its not longer in your control?
Running a email server is not hard. if its a company, running a email server + webbmail is as hard as installing two extra packages in debian and doing a single dns change. If you don't have a server, buy a old laptop/media station. Its email, its not going to demand processing power beyond simple spam filtering.
On that note, wonder if my phone can get postfix installed...
Having a decent spam filter is nice (I've had loads of false positives in things I've tried elsewhere).
There is the idea that google/MS could just fall off the face of the earth, and then I look pretty stupid having loads of things connected to that account. That bothers me enough to where important things get thrown onto an email adress I'm pretty sure won't disappear for a while.
As to reading my mail... robots are reading my mail. This is a pretty valid "Chinese room" in my opinion. Nobody's actually understanding my mail, what do I care. The ads are usually pretty relevant to things I need though (I've clicked on more of the text ads than I would ilke to admit).
Pick a random (not broken) piece of hardware. Install debian stable on it with base install + postfix + roundcube. Configure: grey listing, black listing, and auto-update (relative easy, and there is a bunch of tutorials if needed). Leave it alone until once every 2-3 year where it will need a aptitude update, aptitude upgrade. It will run as long it has power and network connectivity. If you are a company and either the power or network is down, email is unlikely to be high on the priority list.
Spam: ~0. Might get one every full moon or so. After 5-10 years it might get a bit worse, but adding SpamAssassin tend to get rid of it.
As for Chinese rooms, do they leak information? Do they give out mail if asked by someone with money/power? Sure, one can say "I got nothing to hide so what do I care", but then that's what all email then must be. You can never again say: "This email is private and mine. I and only I have control over it". If you are a doctor, lawyer or any person dealing with private information, then it mean that any email given to you are defacto public.
That is true. However, Running an email server properly /is/ hard.
Security, maintenance, patching, journaling, litigation holds, bouncing, ssl/tls, dkim, etc.. It's not exactly as simple as apt-get install teh-emails
SSL/TLS require two additional step. You go to CAcert and add a very simple setting in postfix. If you uses webmail, you can just plug this in and use it there and forget about ssl/tls in postfix.
DKIM is neither required or useful in most use cases. If your a bank with online accounts, then you should use it, but then you really MUST not outsource your email. They should have a sysadmin that can maintain a secure email infrastructure, in the same way that they got a professional installing a lock and alarm on the door. Get a consultant, ie a professional doing the installation if you don't have a sysadmin.
As for journaling (default from the file system) and bouncing emails (defaulting to the user who sent the email), both are given free without any configuration.
Litigation holds, ie concerns about how to comply with being legally forced to retain and hand over emails to the government. That is a bit out of scope for most companies and users, but if you are concerned about this see above statement about DKIM.
So ye, for users and 99% of companies in the world it is indeed as simple as doing an apt-get install postfix and follow some simple tutorial in configuring grey listing, black listing subscription and adding a dns entry.
Hopefully the tutorial mentions how to make sure relay is off. And it explains how to configure those magic auto-updates. And it covers amavisd and/or other anti-spam features. Also, I hope it at least mentions some basic security for the system.
My point is and stands: it is not easy to properly run an email server. Simply running apt-get install postfix does not a properly configured email server make - no matter how easy it is. This fact makes hosted solutions, run by people dedicated to running that type of stuff, compelling. Especially for those "99%".
auto-update is as simple as apt-get install unattended-upgrades.
greylisting is: apt-get install postgrey
blacklisting is the only real "slightly" iffy area, because there aren't a obvious one guide to do it. It is however a very simple way of installing it once and not touching it again. (http://www.howtoforge.com/block_spam_at_mta_level_postfix) looks to be a old guide, through there might be more current methods out there.
As for system harderning... I have yet of hearing a single person having a stable debian installation getting hacked (if they update/autoupdate!). basic security for the system should be left to default, so long one do pick a decent password (or avoid installing ssh).
Its like being a online shop with only paypall. Its an easy method to go bankrupt fast.
No account expiration
Brace yourselves, text ads are coming.
In the terms it says you must log in every 270 days. Sounds like plenty of time but I have old gmail account which I use once or twice a year. It would probably have been deleted if it was with hotmail/outlook.
The worrying thing would be the email address going back into circulation with someone else. Wouldn't they start to get your mail? Couldn't they retrieve you password on websites with the associated email?
This scenario isn't too unlikely as the old gmail account I mention above is associated with login details for 50-100 websites. I simply moved to a new email address and only check it when I need to login into an old site and have lost the password.
I do kinda like the new outlook.com interface, but the way the conversation view works makes it basically unusable to me. Not that MS ever had big taste in that regard, as I still blame Outlook for basically establishing top quoting as standard.
I am an unabashed fan of google voice, but there I know that it would be possible to get the number out (thanks to legislation), see http://support.google.com/voice/bin/answer.py?hl=en&answ... . I don't have similar assurance with gmail.
If it were even vaguely popular all major sites would have found a way to stop it working, they'd be a constant war going on.