SoylentNews is people
SoylentNews
from the dont-track-me-while-i'm-tracking-you dept.
wired runs this story on how 'email open' tracking is becoming more ubiquitous than someone would like
"I JUST CAME across this email," began the message, a long overdue reply. But I knew the sender was lying. He’d opened my email nearly six months ago. On a Mac. In Palo Alto. At night.
I knew this because I was running the email tracking service Streak, which notified me as soon as my message had been opened.
...
There are some 269 billion emails sent and received daily. That’s roughly 35 emails for every person on the planet, every day. Over 40 percent of those emails are tracked, according to a study published last June by OMC, an “email intelligence” company that also builds anti-tracking tools.
The tech is pretty simple. Tracking clients embed a line of code in the body of an email—usually in a 1x1 pixel image, so tiny it's invisible, but also in elements like hyperlinks and custom fonts.
...
But lately, a surprising—and growing—number of tracked emails are being sent not from corporations, but acquaintances. “We have been in touch with users that were tracked by their spouses, business partners, competitors,” says Florian Seroussi, the founder of OMC. “It's the wild, wild west out there.”
According to OMC's data, a full 19 percent of all “conversational” email is now tracked.
I STUMBLED UPON the world of email tracking last year, while working on a book about the iPhone and the notoriously secretive company that produces it. I’d reached out to Apple to request some interviews, and the PR team had initially seemed polite and receptive. We exchanged a few emails. Then they went radio silent. Months went by, and my unanswered emails piled up. I started to wonder if anyone was reading them at all.
That’s when, inspired by another journalist who’d been stonewalled by Apple, I installed the email tracker Streak. It was free, and took about 30 seconds. Then, I sent another email to my press contact. A notification popped up on my screen: My email had been opened almost immediately, inside Cupertino, on an iPhone. Then it was opened again, on an iMac, and again, and again. My messages were not only being read, but widely disseminated
...
I wrote Cook a lengthy email detailing the reasons he should join me for an interview. When I didn’t hear back, I drafted a brief follow-up, enabled Streak, hit send. Hours later, I got the notification: My email had been read. Yet one glaring detail looked off. According to Streak, the email had been read on a Windows Desktop computer.
...
IF TIM COOK is a closet Windows user (who knows! Maybe his Compaq days never fully rubbed off) or even if he outsources his email correspondence to a firm that does, then it’s a fine example of the sort of private data email tracking can dredge up even on our most powerful public figures.
...
"During the 2016 election, we sent a tracked email out to the US senators, and the people running for the presidency," Seroussi says. "We wanted to know, were they doing anything about tracking? Obviously, the answer was no. We typically got the location of their devices, the IP addresses; you could pinpoint almost exactly where they were, which hotels they were staying at."
Time to get back to Pine.
(Score: 4, Insightful) by Anonymous Coward on Tuesday December 19 2017, @10:28AM (20 children)
Wait … there are still people who let their email client load external images, or execute embedded JavaScript?
(Score: 5, Insightful) by Anonymous Coward on Tuesday December 19 2017, @10:34AM (10 children)
Because most people don't even know what an external image or Javascript even is.
(Score: 2, Informative) by evk on Tuesday December 19 2017, @10:54AM (9 children)
I thought that most clients had it disabled by default.
(Score: 2) by MostCynical on Tuesday December 19 2017, @11:20AM (8 children)
"Load all images?"
Or
"Images in this email have been blocked. Would you like to see them?"
Worse, "do not ask me again"
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: 5, Interesting) by TheRaven on Tuesday December 19 2017, @11:50AM (7 children)
Apple's mail client has a load images button, but it's not very prominent in the UI so people generally only click on it if the email looks weird. The default is not to load, and if an email just contains a 1x1px image then they probably won't bother.
The more interesting thing is that you can often use these trackers to see the path of an email. A lot of mail servers will load images and so on as part of their spam filtering. A few years ago there was a story of someone tracking their CV with an embedded URL in the PDF from a recruiter to a bunch of companies' HR departments.
sudo mod me up
(Score: 3, Funny) by Wootery on Tuesday December 19 2017, @03:50PM (6 children)
PDFs can silently download images over the Internet?
Is there anything Adobe won't add to PDF? It already supports JavaScript, so Turing completeness is already ticked off. In theory we could even run Linux on it.
(Score: 2) by TheRaven on Tuesday December 19 2017, @06:28PM (3 children)
sudo mod me up
(Score: 2) by Wootery on Tuesday December 19 2017, @09:24PM (2 children)
I'm inclined to blame the anti-virus there. Supporting hyperlinks doesn't seem unreasonable. Animations, JavaScript, and external images, are clearly inappropriate.
(Score: 2) by TheRaven on Wednesday December 20 2017, @05:35PM (1 child)
sudo mod me up
(Score: 2) by Wootery on Thursday December 21 2017, @03:08PM
Good point, hadn't thought of that.
A downside of hypermedia relying on external resources.
(Score: 4, Insightful) by maxwell demon on Tuesday December 19 2017, @11:22PM (1 child)
And then in that emulated Linux, you could run an alternative PDF viewer in order to safely read PDFs. ;-)
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by Wootery on Wednesday December 20 2017, @02:59PM
Shhh, don't let Fabrice Bellard hear you.
(Score: 2) by chromas on Tuesday December 19 2017, @12:26PM (7 children)
Webmail.
(Score: 2) by All Your Lawn Are Belong To Us on Tuesday December 19 2017, @02:56PM (6 children)
Does nothing about it AFAIK. My webmail loads images by default. My Outlook (program, not exchange server) does not.
This sig for rent.
(Score: 0) by Anonymous Coward on Tuesday December 19 2017, @04:06PM (1 child)
yeah "Webmail" had to be the most worstest answer even remotely imaginable besides just agreeing to everything and replying to the sending saying that I did not read this message and haven't replied.
why on earth would you think webmail doesn't track?
It's not like most local SMTP clients are capable of doing the same things that mobile based email reading and browser based email reading will happily sell you out and use your own CPU resources to do it with.
run a local client and turn off the 'display messages as web pages' or other html based features.
don't display pictures, don't render the 'page'. JUST DISPLAY TEXT
If you don't like how it looks or life becomes unusable, I can't help you. this message content doesn't have any of the feature's i'm asking you to disable, so your ability to communicate should be ok.
you can even copy and paste it to notepad and see that I didnt hide any 1x1 pixel links. rendering your emails to plaintext will always show everything they are trying to do to you, althought you might need to actually download javascript to open it up and look--plaintext won't retrieve it for you.
(Score: 2) by chromas on Tuesday December 19 2017, @09:55PM
You mean the most bestest answer. Webmail is already webs and javascripts, so yes, "there are still people who let their email client load external images, or execute embedded JavaScript", because many people use web mail, loading things is default, and they don't know any better.
Sorry; my answer was intended to be the opposite of the way it was taken. I got carried away with too many details, there.
(Score: 0) by Anonymous Coward on Tuesday December 19 2017, @06:08PM
Webmail varies from site to site. Some of them load all of those images whether you've opened it or not, and just don't show them. The net result is that they know that the email was received by the server, but they have no way of knowing whether or not it's been viewed by an actual person.
(Score: 0) by Anonymous Coward on Wednesday December 20 2017, @12:40AM (1 child)
It's my understanding that gmail's servers load and cache all embedded images when an email is received. When you view the email in gmail's web interface, it loads the cached images from google's server. Thus any tracking images will see exactly one ping, with no relation to when the user opens the email, or even whether they do so at all.
(Score: 2) by Wootery on Thursday December 21 2017, @03:14PM
Correct. [ycombinator.com]
(A surprising number of people in that thread seem unable to grasp that if Gmail unconditionally downloads all images immediately upon receiving an email, that means there's no way for marketers to determine if/when the email is viewed.)
(Score: 0) by Anonymous Coward on Wednesday December 20 2017, @08:23AM
Runbox does not load images by default
(Score: 2) by nobu_the_bard on Tuesday December 19 2017, @12:57PM
There's people still running Outlook 2003, the ancient Microsoft Mail under unpatched XP, and old versions of Lotus Notes, among other strange things. I know this because I track what mailers people use (when such can be determined) as mail passes through my systems. A small number of these are fake at least, but I have seen enough to be sure they're still seeing real use.
On top of this I have a few users that wanted external resources to download automatically in their mail clients. I explained why this was a bad idea, but they still wanted it, so I had them sign a document they couldn't hold me responsible for the results. I thought the document would scare them off, but not one of them changed their mind.