The new setup also means that people and companies who send you email will be able to find out when you’ve opened and read their messages, because loading these images requires a call back to the sender’s server. That said, the sender still has to know how to rig their emails to take advantage of this, and that means that sophisticated corporations are far more likely to take advantage of this privacy hole than your friends and relatives. They’ll have to evade Google’s filters for “suspicious” content, and you’ll have to check your Gmail over the web — not via a local client — for this change to impact you. But it’s an important development.
Other email clients automatically load images, but Google’s change brings this to what is now the world’s largest service. The good news is that you can turn off the new change. But most people won’t know any better.
Here’s how Google phrases the issue with a disclosure in the last paragraph of a recently posted support document: “In some cases, senders may be able to know whether an individual has opened a message with unique image links. As always, Gmail scans every message for suspicious content and if Gmail considers a sender or message potentially suspicious, images won’t be displayed and you’ll be asked whether you want to see the images.”
In other words, Google will try to protect you from malware and scammers, but the new image-loading system can, by its very nature, leak information on your email reading habits. That’s because the images in question, the images that used to be regularly suppressed by Gmail and which will now be regularly shown, are loaded from remote servers and laid into emails constructed like webpages, using the HTML markup language.
In contrast to image attachments, which can be displayed with full privacy, such hotlinked images effectively “phone home” when loaded, since they must be retrieved from the sender’s server. Google is intercepting such image requests and re-routing them through its own servers, a step that shields your IP address and location from the sender. But such proxying doesn’t keep the sender from knowing when you open the message, assuming the sender is sufficiently clever. By inserting a unique, identifying image address into each email, like “http://example.com/flower-pic-for-user-427.jpg,” the sender can know that Google’s proxies are acting on your behalf, and thus infer that you have opened a given email message.
The Google change “means we’ll be more accurate when tracking unique opens,” says Mailchimp. “By leaving images turned off, Gmail has been allowing subscribers to open emails without downloading our tracking pixel, so those opens were invisible to us. If Gmail is going to display images automatically, those previously invisible opens should suddenly become visible.”
For bulk business emailers, this development is a big plus. For ordinary humans, not so much.
Source: http://www.wired.com
No comments:
Post a Comment