Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

'Spy pixels in emails have become endemic'
BBC ^ | 16 February 2021 | By Leo Kelion Technology desk editor

Posted on 02/17/2021 9:08:39 AM PST by Red Badger

The use of "invisible" tracking tech in emails is now "endemic", according to a messaging service that analysed its traffic at the BBC's request.

Hey's review indicated that two-thirds of emails sent to its users' personal accounts contained a "spy pixel", even after excluding for spam.

Its makers said that many of the largest brands used email pixels, with the exception of the "big tech" firms.

Defenders of the trackers say they are a commonplace marketing tactic.

And several of the companies involved noted their use of such tech was mentioned within their wider privacy policies.

Emails pixels can be used to log:

if and when an email is opened how many times it is opened what device or devices are involved the user's rough physical location, deduced from their internet protocol (IP) address - in some cases making it possible to see the street the recipient is on This information can then be used to determine the impact of a specific email campaign, as well as to feed into more detailed customer profiles.

Hey's co-founder David Heinemeier Hansson says they amount to a "grotesque invasion of privacy".

(Excerpt) Read more at bbc.com ...


TOPICS: Business/Economy; Crime/Corruption; Foreign Affairs; Government
KEYWORDS: email; internet; pixels; privacy; security; spy; spying
Navigation: use the links below to view more comments.
first previous 1-2021-4041 next last
To: Red Badger

Big surprise..No. Social media sites have are probably more into data mining than people realize selling that info to sites that customize advertising for a persons particular tastes.


21 posted on 02/17/2021 10:15:55 AM PST by antidemoncrat
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger

If companies are using this for tracking, you know our gov’t is using something even more sophisticated.


22 posted on 02/17/2021 10:21:38 AM PST by Erik Latranyi (The Democratic Party is communism)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger

Pixel dust.

23 posted on 02/17/2021 10:23:32 AM PST by fishtank (The denial of original sin is the root of liberalism. )
[ Post Reply | Private Reply | To 1 | View Replies]

To: SeeSharp

I’ve had my “don’t show images” setting for decades.

If someone crafts an email that requires you to do this in order for it to be legible is a creeper (or idiot) anyway. Best to just ignore them as they are leaning more towards manipulating rather informing you.


24 posted on 02/17/2021 10:23:42 AM PST by glorgau
[ Post Reply | Private Reply | To 6 | View Replies]

To: Lurkina.n.Learnin

Don’t let images show in your emails.

When you have that set properly, you have to click a button or link to allow images to be seen.


25 posted on 02/17/2021 10:25:09 AM PST by ConservativeMind (Trump: Befuddling Democrats, Republicans, and the Media for the benefit of the US and all mankind.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Red Badger

“And several of the companies involved noted their use of such tech was mentioned within their wider privacy policies.”

Nobody reads that 4 page #7 font privacy policy. They just click the button and go on.


26 posted on 02/17/2021 10:37:27 AM PST by BuffaloJack (Neither safety nor security exists in nature. Everything is dangerous and has risk.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: aquila48

>>I don’t get it. How does an image manage to get that information. What is the mechanism?

The ‘image’ doesn’t actually get the request, its the fact that your email client is requesting the image from a web server to download it - so without being too technical, outlook (in my case), or perhaps gmail for someone else - once the users says ‘download images’, an HTTP request is made to a web server - almost the same as if you went to a website with a browser - all http requests contain header information (i.e. ip address, browser, os version etc) and just about every website you go to logs this information.


27 posted on 02/17/2021 10:37:53 AM PST by qwerty1234
[ Post Reply | Private Reply | To 20 | View Replies]

To: qwerty1234

Thanks.

Then it would seem that if you use a VPN based in Timbuktu might send these spies on a wild goose chase, no?


28 posted on 02/17/2021 11:00:24 AM PST by aquila48 (Do not let them make you care! Guilting you is how they control you. )
[ Post Reply | Private Reply | To 27 | View Replies]

To: Red Badger

Its called “Steganography”
You easily can find the software to do this on-line.


29 posted on 02/17/2021 11:04:20 AM PST by Zathras
[ Post Reply | Private Reply | To 1 | View Replies]

To: aquila48

It is unlikely a VPN would protect you if you downloaded a infected file.
The two are unrelated.


30 posted on 02/17/2021 11:07:23 AM PST by Zathras
[ Post Reply | Private Reply | To 28 | View Replies]

To: Zathras

“It is unlikely a VPN would protect you if you downloaded a infected file.
The two are unrelated.”

True, but we were talking about pixel spies.


31 posted on 02/17/2021 11:27:05 AM PST by aquila48 (Do not let them make you care! Guilting you is how they control you. )
[ Post Reply | Private Reply | To 30 | View Replies]

To: Red Badger

They will waste a lot of time and money searching the streets of Singapore for me... Even with the pixels...


32 posted on 02/17/2021 11:34:15 AM PST by SuperLuminal (Where is Joe McCarthy now that we desperately need him sober?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: poinq

No. It’s not that simple. Thanks to emails ability to embed HTML (legitimately used to include pictures while keeping the actual email small) you can put all this stuff in and your autoreply rules have no effect.


33 posted on 02/17/2021 11:37:31 AM PST by discostu (Like a dog being shown a card trick )
[ Post Reply | Private Reply | To 3 | View Replies]

To: SuperLuminal

Blade Runner?.......................


34 posted on 02/17/2021 11:38:16 AM PST by Red Badger (SLEAZIN' is the REASON for the TREASON .................................)
[ Post Reply | Private Reply | To 32 | View Replies]

To: pierrem15

Not necessarily but it works the same way. So in an email I can include a link to my corporate banner that will put a picture in the email.

Or I can include a link that has no visible payload that will tell my website you opened your email. And it can count off ticks to let me know how long you had the email opened.

The methodology is the same, so if you stop one you stop both. And if I really wanted to my thing with the banner could include the tracking.


35 posted on 02/17/2021 11:42:04 AM PST by discostu (Like a dog being shown a card trick )
[ Post Reply | Private Reply | To 17 | View Replies]

To: Red Badger

This was previously called a web bug, and has been used by many web sites for 20 years or so.

Usually it’s a 1 pixel weblink, that does what someone else already described. It sends a web page request, along with headers and all sorts of info concerning you, your computer and surfing habits.

Most websites would use one that was a very slight shade different from their background color, making it invisible for all practical purposes. Being only one pixel it was hard to see. An off white (eggshell, for instance) dot against a white background, one pixel in size, almost invisible and rarely noticed.

At that time, 1024x768 was the most common desktop size, so you’d be trying to see one of 1024 pixels in a horizontal line, or 768 vertically. My current laptop is 1366x768, not much different, and one pixel is not easy to see. Sometimes you could see it by trying to highlight the background. Sometimes slowly moving the mouse cursor over it would briefly show the mouse cursor change to indicate a weblink. That’s easy to see with a computer, not as easy with a phone or tablet.

As some have already advised, in this case, turning off the ability to view images will probably stop it from “phoning home”. That’s what web bugs were designed to do, send all kinds of info about you to the website owner’s home server. Only now they’ve turned it into a tiny picture.


36 posted on 02/17/2021 11:46:48 AM PST by Paleo Pete (What this country needs is more unemployed politicians.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: BenLurkin
“Defenders of the trackers say they are a commonplace marketing tactic.”

That’s not a defense.

Armed robbery is a commonplace methed of transferring wealth.

37 posted on 02/17/2021 11:47:15 AM PST by fella ("As it was before Noah so shall it be again,")
[ Post Reply | Private Reply | To 4 | View Replies]

To: Red Badger

At my age, Blade Hobbler is more appropriate...🥲


38 posted on 02/17/2021 11:54:40 AM PST by SuperLuminal (Where is Joe McCarthy now that we desperately need him sober?)
[ Post Reply | Private Reply | To 34 | View Replies]

To: BuffaloJack

You mentioned the font size in your post.

FONTs do the same thing.
A web page includes a custom font for displaying the page.
Every time someone views the webpage your browser requests the font to display the web page.

Folks who use noscript can prevent this type of spying but many web pages don’t render correctly without the custom font.

Many poorly rendered web pages will still work without a custom font but you might not see the button required to complete filling out a form.

The ‘play’ button on a vid or audio is usually done this way.


39 posted on 02/17/2021 12:47:52 PM PST by Hermes37
[ Post Reply | Private Reply | To 26 | View Replies]

To: Red Badger

I have my email client (Thunderbird) set to not display remote content unless I specifically request it.

This should be the default for all of them. It would make this kind of crap a lot less useful.


40 posted on 02/17/2021 2:09:47 PM PST by zeugma (Stop deluding yourself that America is still a free country.)
[ Post Reply | Private Reply | To 1 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson