funsec mailing list archives
Re: Google's "Shared Endorsements"
From: Daniël W. Crompton <daniel.crompton () gmail com>
Date: Tue, 15 Oct 2013 22:24:35 +0200
My apologies Charlie, list, I've recently been trying out different mail tracking software which augments the in-browser mail client with a webbug and all the links with a redirected url, much like you would get in a marketing mail. Signals ( https://app.getsignals.com/) by Hubspot was the current one I was trying, there are quite a number of them which modify the mails in subtle and less subtle ways. I have disabled it, D. On 15 October 2013 21:32, Charlie Derr <cderr () simons-rock edu> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/15/2013 02:52 PM, Dani→l W. Crompton wrote:I had the checkbox unchecked too and assumed that it was because I'm inthe EU were an opt-in is mandatory. Isn'tthe same true in CA? D.Hi Dani→l, I'm curious how the URL (that Rob originally shared) got "changed" in your email to the list. It seems to redirect to the correct url, but I guess I'm confused why my browser hopped through app.getsignals.com rather than going directly to nakedsecurity.sophos.com. (and the apparent attempted obfuscation of this fact in the HTML version of the message also seems odd) eagerly awaiting an explanation, thanks so very much in advance, ~cOn 15 October 2013 20:26, Rob, grandpa of Ryan, Trevor, Devon & Hannah <rmslade () shaw ca<https://app.getsignals.com/link?url=mailto%3Armslade%40shaw.ca&ukey=agxzfnNpZ25hbHNjcnhyGAsSC1VzZXJQcm9maWxlGICAgICn1JYLDA&k=916b5382b2384c9fb1970d15fa0a5e12wrote:A lot of people are concerned about Google's new "Shared Endorsements"scheme:http://nakedsecurity.sophos.com/2013/10/15/how-to-remove-your-face-from-googles-upcoming-shared-endorsement-ads/ <https://app.getsignals.com/link?url=http%3A%2F%2Fnakedsecurity.sophos.com%2F2013%2F10%2F15%2Fhow-to-remove-your-face-from-googles-upcoming-shared-endorsement-ads%2F&ukey=agxzfnNpZ25hbHNjcnhyGAsSC1VzZXJQcm9maWxlGICAgICn1JYLDA&k=429f1ffbc1854ebca32b4f337ed545ccHowever, one should give credit where credit is due. This is not oneof Facebook's functions, where, regardlessof what you've set or unset in the past, every time they add a newfeature it defaults to "wide open." If you havebeen careful with your Google account in the past, you will probablyfind yourself still protected. I'm prettyparanoid, but when I checked the Shared Endorsements setting page ( http://nakedsecurity.sophos.com/2013/10/15/how-to-remove-your-face-from-googles-upcoming-shared-endorsement-ads/ <https://app.getsignals.com/link?url=http%3A%2F%2Fnakedsecurity.sophos.com%2F2013%2F10%2F15%2Fhow-to-remove-your-face-from-googles-upcoming-shared-endorsement-ads%2F&ukey=agxzfnNpZ25hbHNjcnhyGAsSC1VzZXJQcm9maWxlGICAgICn1JYLDA&k=6f5985417a8443d9bde5c12cd26805ef) on my accounts, and the "Basedupon my activity, Google may show my name and profile photo in sharedendorsements that appear in ads" box isunchecked on all of them. I can only assume that it is because I'vebeen circumspect in my settings in the past.====================== (quote inserted randomly by Pegasus Mailer)rslade () vcn bc ca<https://app.getsignals.com/link?url=mailto%3Arslade%40vcn.bc.ca&ukey=agxzfnNpZ25hbHNjcnhyGAsSC1VzZXJQcm9maWxlGICAgICn1JYLDA&k=40a6df2802634d7b87c4ed9e5440e753slade () victoria tc ca<https://app.getsignals.com/link?url=mailto%3Aslade%40victoria.tc.ca&ukey=agxzfnNpZ25hbHNjcnhyGAsSC1VzZXJQcm9maWxlGICAgICn1JYLDA&k=582755915fe04424b5a8f40b20e30ca8rslade () computercrime org<https://app.getsignals.com/link?url=mailto%3Arslade%40computercrime.org&ukey=agxzfnNpZ25hbHNjcnhyGAsSC1VzZXJQcm9maWxlGICAgICn1JYLDA&k=bca9d867624348df837ddf74ba64a545Good people do not need laws to tell them to act responsibly,while bad people will find a way around the laws. - Platovictoria.tc.ca/techrev/rms.htm<https://app.getsignals.com/link?url=http%3A%2F%2Fvictoria.tc.ca%2Ftechrev%2Frms.htm&ukey=agxzfnNpZ25hbHNjcnhyGAsSC1VzZXJQcm9maWxlGICAgICn1JYLDA&k=9d6a28c6e0a045be871bcb0f18374166http://www.infosecbc.org/links<https://app.getsignals.com/link?url=http%3A%2F%2Fwww.infosecbc.org%2Flinks&ukey=agxzfnNpZ25hbHNjcnhyGAsSC1VzZXJQcm9maWxlGICAgICn1JYLDA&k=40883b0e18af4c4fbd4c89c398e73b44http://blogs.securiteam.com/index.php/archives/author/p1/<https://app.getsignals.com/link?url=http%3A%2F%2Fblogs.securiteam.com%2Findex.php%2Farchives%2Fauthor%2Fp1%2F&ukey=agxzfnNpZ25hbHNjcnhyGAsSC1VzZXJQcm9maWxlGICAgICn1JYLDA&k=b3638b63f46f418aa3dfb9f5e6296c58http://twitter.com/rslade<https://app.getsignals.com/link?url=http%3A%2F%2Ftwitter.com%2Frslade&ukey=agxzfnNpZ25hbHNjcnhyGAsSC1VzZXJQcm9maWxlGICAgICn1JYLDA&k=70e358074bd84116a8e015d8b43d8e67_______________________________________________Fun and Misc security discussion for OT posts.https://linuxbox.org/cgi-bin/mailman/listinfo/funsec<https://app.getsignals.com/link?url=https%3A%2F%2Flinuxbox.org%2Fcgi-bin%2Fmailman%2Flistinfo%2Ffunsec&ukey=agxzfnNpZ25hbHNjcnhyGAsSC1VzZXJQcm9maWxlGICAgICn1JYLDA&k=6ec565e7a0bf4a47ac042bb89b004684Note: funsec is a public and open mailing list.-- blaze your trail _______________________________________________ Fun and Misc securitydiscussion for OT posts.https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is apublic and open mailing list.-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Icedove - http://www.enigmail.net/ iQIcBAEBAgAGBQJSXZhDAAoJELuLPXMxqTZ/td0P/iMzUQ7xMJ51/0kIBS9mu0pq hLNajZWKkZ+Ts5DO+HxdiAXWOJOHrr2iLVqXKEpwWjwxOW4tuJ5OSKe0FiaotWYi LSS0sxrMqWsdpz+CqojfQfJKNzpB7XyjZlmzgo0hTt+hYw4C2804x6gnD8lx6Dr7 XDCsWjG01rsNLmrvsEPs7utswfq1kJrF7bT1vFGRWYSxeojXSLrQ0oUiLe1HfR0p HYRORLc9odjxMASP26z5Xg0S8cfk5+vXeneM4Q8nDzzmR/46zdkSUGUcQYj5eBHo G0uvq/oVk0p06IW/nATYjB4jtSmC5Zfqb//c7FRiPbMU5LJGyLYK25yqLJhp47RP SfTTq1k7JXZiacrMGIfWvI8uezwfqEetQGI2wGgFTcZnvN5hWJ1kcGgjFEHSelR7 2VsNzC8oDf0chikLzYCGFWyaKGDQhV3UUxMbwPrJOMO3TxA0UtfFmwLLNS1QpKD5 OP7sH+pcJQdR/mSKZc1jxtQ3cSL5Q3r82DaniflmrZgDUTd6Gib/Ghpo/9eSnSwu c+alVsd25R7sV3DfHvE2NGwkQo7WyI/LnvxJxp8CZVRG6EMX7uLBU/6m6DiW9wUW R5JmeSzsOW5vCRWORwTarCiyuH1p/kj9YLHQ/OBmCAlEfol1mi2ivjEqJVP6gv8S Z+hLagWG08xs+UG4Yxrc =bgsj -----END PGP SIGNATURE-----
-- blaze your trail -- Daniël W. Crompton <daniel.crompton () gmail com> <http://specialbrands.net/> <http://specialbrands.net/> http://specialbrands.net/ <http://twitter.com/webhat> <http://www.facebook.com/webhat><http://plancast.com/webhat><http://www.linkedin.com/in/redhat>
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Google's "Shared Endorsements" Rob, grandpa of Ryan, Trevor, Devon & Hannah (Oct 15)
- Re: Google's "Shared Endorsements" Daniël W . Crompton (Oct 15)
- Re: Google's "Shared Endorsements" Charlie Derr (Oct 15)
- Re: Google's "Shared Endorsements" Daniël W . Crompton (Oct 15)
- Re: Google's "Shared Endorsements" Rich Kulawiec (Oct 22)
- Re: Google's "Shared Endorsements" Daniël W . Crompton (Oct 22)
- Re: Google's "Shared Endorsements" Rich Kulawiec (Oct 26)
- Re: Google's "Shared Endorsements" Charlie Derr (Oct 15)
- Re: Google's "Shared Endorsements" Daniël W . Crompton (Oct 15)
- <Possible follow-ups>
- Re: Google's "Shared Endorsements" Chester Wisniewski (Oct 15)