funsec mailing list archives
Re: Google's "Shared Endorsements"
From: Daniël W. Crompton <daniel.crompton () gmail com>
Date: Tue, 22 Oct 2013 18:11:46 +0200
On 22 October 2013 17:17, Rich Kulawiec <rsk () gsp org> wrote:
On Tue, Oct 15, 2013 at 10:24:35PM +0200, Dani??l W. Crompton wrote:I've recently been trying out different mail tracking software which augments the in-browser mail client with a webbug and all the links witharedirected url, much like you would get in a marketing mail.I wouldn't recommend it. These are spammer-originated, abusive, invasive methods that are never used by responsible professionals. I think a substantial argument can be made that they're a form of malicious spyware, and there's no doubt that they attack both the privacy and security of recipients. So my recommendation is to never, ever use them.
As I implied this was for research purposes. I agree that there is no benefit to use them for personal use cases, as for the professional use cases I'm unsure if a blanket statement such as "spammer-originated, abusive, invasive" apply here. Recently I have seen some really nasty and really innovative use cases in which this technology is used, and I'm sure I will see more as time goes on. As for the tools themselves almost all of them have integrations for sales, customer service or marketing SaaS such as KissMetrics, SalesForce, Google Analytics, etc. The number of add-ons which are currently being offered for this kind of "privacy intrusion" is growing, for browser and mail clients. They are obviously meant for the professional market, and they are obviously being used. This is beside the mail receipts (Message Disposition Notifications) and home grown varieties that organizations have been offering in the 'standard' signatures for quite a number of years. D. blaze your trail -- Daniël W. Crompton <daniel.crompton () gmail com> <http://specialbrands.net/> <http://specialbrands.net/> http://specialbrands.net/ <http://twitter.com/webhat> <http://www.facebook.com/webhat><http://plancast.com/webhat><http://www.linkedin.com/in/redhat>
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Google's "Shared Endorsements" Rob, grandpa of Ryan, Trevor, Devon & Hannah (Oct 15)
- Re: Google's "Shared Endorsements" Daniël W . Crompton (Oct 15)
- Re: Google's "Shared Endorsements" Charlie Derr (Oct 15)
- Re: Google's "Shared Endorsements" Daniël W . Crompton (Oct 15)
- Re: Google's "Shared Endorsements" Rich Kulawiec (Oct 22)
- Re: Google's "Shared Endorsements" Daniël W . Crompton (Oct 22)
- Re: Google's "Shared Endorsements" Rich Kulawiec (Oct 26)
- Re: Google's "Shared Endorsements" Charlie Derr (Oct 15)
- Re: Google's "Shared Endorsements" Daniël W . Crompton (Oct 15)
- <Possible follow-ups>
- Re: Google's "Shared Endorsements" Chester Wisniewski (Oct 15)