Re: Although...
Er, I think the point is that Netflix do distinguish between agmailuser@gmail.com and a.gmail.user@gmail.com. To Netflix, they're different addresses, so different accounts. Google don't make a distinction.
So if you learned that someone with the address agmailuser@gmail.com had a netflix account, you can have an account on netflix under the name a.gmail.user@gmail.com. Emails sent to a.gmail.user will actually arrive in agmailuser's inbox. If they're not paying attention, phish!
Effectively Google have given gmail users an infinite variety of email addresses, meaning that it's possible for literally everyone else on the planet to cybersquat on their identity on all other services on the planet. If you are a gmail user, and you have an account on, say, Netflix and want to prevent anyone else taking out an account in your name you'd have to also take out accounts in the name of a.g.m.a.i.l.u.s.e.r@gmail.com (and every combination of letters and dots in your email address), plus all combinations of agmailuser+<insert any string here>@gmail.com. Clearly that's not possible.
Google's "handy feature" is stupid.
Biting the hand that feeds IT
