Tag Archives: privacy

Privacy: Don’t let Gmail show images by default

Recently Gmail started caching all images sent to its users and by default will now display them when you look at your email. At first glance it seems like a good idea. It protects your IP address, stops the sender dropping cookies in your browser and possibly speeds up image loading for you. What it doesn’t do is stop the sender knowing that you opened the email. Your privacy is at risk if you enable this. Marketing efforts just became a lot easier.

A carefully crafted image filename will let the sender know that a particular user viewed his spam email, even if Google host the file on their own servers. Google has to fetch the file from the sender’s server and that will contain a number or string identifying that user.

http://example.com/logo.jpg?email=joe@example.com

As soon as that image is opened by Google the sender knows they have a valid email address.

How easy is it to track usage? It’s simple! I wrote a plugin in 2007 called blog voyeur that could track visitors who viewed my blog through RSS readers if they had left comments here. (I’m not using that plugin any more, don’t worry, your anonymity is safe!)

The documentation on the new settings says as much but I doubt many people will look there.

In some cases, senders may be able to know whether an individual has opened a message with unique image links. As always, Gmail scans every message for suspicious content and if Gmail considers a sender or message potentially suspicious, images won’t be displayed and you’ll be asked whether you want to see the images.

Gmail does a good job of spotting spam but legitimate email can contain these tracking images too. I get promotional emails from companies I’ve dealt with. I would much rather they not know when I open or even if I have opened their emails. If I wanted them to know, I’d tell them.
So, when you see that popup informing you that images will be displayed, click on Settings and disable image loading.

disable-images

Spy on your visitors with Blog Voyeur

Do you ever wonder what pages your regular visitors look at? Do they dig deep into your blog exploring old posts or do they sit in their feed reader and only read your latest posts?

By using my Blog Voyeur plugin you can find out.

This is the first release of the plugin. It appears to work well on the couple of blogs I tried but your mileage may vary. Download link is on the Blog Voyeur homepage above.

blogvoyeur screenshot