I thought this is completely pointless nowadays:<p>- Gmail USED to block images unless you do "allow images"<p>- Gmail changed to a system where gmail pre-fetches the images and runs them through safety checks.<p>- Gmail only does this check if you open the email.<p>- Even if you block the pixel, you only block the gmail cache of it. NOT the original.<p>Unless I misunderstand.
I could very well be wrong but I always thought that if you disable loading pictures by default, that tracking pixels would be blocked as well. Unless you click on "Show Pictures" that is.
Maybe it is because I'm on FF and not logged in, but other than the name 'omar.w.qureshi' (I think he submitted this on HN) I don't see any other info other than the 5 sentence privacy policy. I would be hesitant to install such black-box extension. Could OSS this, or is there a reason not to do so?
I know gmail does some image caching / proxying.<p><a href="https://news.ycombinator.com/item?id=6898454" rel="nofollow">https://news.ycombinator.com/item?id=6898454</a><p>I guess the vector here is when you read an email versus where from / using which device / etc.
If you really care about gmail privacy (ha) you should also<p><pre><code> var matches = document.querySelectorAll('a[href*="www.google.com/url?q="]');
// remove all google spying redirects
for (var i = 0; i < matches.length; i++)
{
if (/^(https?:\/\/(www\.|encrypted\.)?google\.[^\/]*)?\/?url/.test(matches[i])) {
var match = /[\?&](url|q)=(.+?)&/.exec(matches[i]);
if (match != null) {
matches[i].href = unescape(match[2]);
}
}
}</code></pre>
Tracking is just one of the many reasons why it should be considered common courtesy to communicate in plain text (and attachments if necessary).<p>My email based workflow and toolchain has been plaintext only for years and I think I've been better off for it. The recent <i>efail</i> vulnerability just made me shrug. Plain text mail is all around more reliable, more accessible, less obfuscated, more to the point by the nature of the medium, easier to implement [...].
Gmail and every other webmail vendor should block all of these by default. That would be a nice hit to all these "new" drip campaigns (aka personalized spam newsletters).
I'm stunned every time people try to get privacy with Google.<p>It's Google! I wish I could make you understand but I probably can't.... :(
I don't think having tracking pixel in gmail is a big thing. Almost every modern messaging system such as whatsapp has read receipts. Since gmail has image proxy, it doesn't leak any information. And most modern email client doesn't open remote image unless allowed explicitly.<p>PS: I have built <a href="https://www.mailtag.io/" rel="nofollow">https://www.mailtag.io/</a>