Slashdot Mirror

← Back to Stories (view on slashdot.org)

Stopping "PattyMail" Email Bugs

Posted by ryuzaki0 on from the quit-bugging-me dept.

An anonymous reader writes, "In the U.S. Congressional Inquiry into the HP spy scandal, it was revealed that HP used Web bugs to track the source of leaks. HP's Fred Adler considers them a useful investigative tool which HP will keep using. Since dubbed PattyMail after HP Chairwoman Patricia Dunn, Web bugs have been around for a while. But it turns out the vulnerability they represent is far worse than first thought. Microsoft Outlook won't have a patch until 2007. The company at the center of the scandal claims they've done nothing wrong. But could repressive governments use them to track down critics? Can anything be done to stop Web bugs?"

9 of 248 comments (clear)

  1. Mutt ! by mpapet · · Score: 2, Informative

    Mutt!

    --
    http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
  2. Re:Get rid of pics in emails by DaveCar · · Score: 4, Informative


    The issue discussed in TFA does not involve image bugs but iframe bugs.

    Now, I don't know, but they would potentially still be triggered if you were using a "convert to plain text" filter???

  3. Re:Yes. by John.P.Jones · · Score: 2, Informative

    In this case it isn't HTML that is the problem it is the automated referencing of external data (images) via HTML, my mail program kindly asks before downloading these images, a really nice sender would attach the images so I know they aren't tracking me.

  4. Re:Nothing new here... by DaveCar · · Score: 3, Informative

    Bah. RTFA. It's not about image bugs.

  5. It is NOT about images by DaveCar · · Score: 2, Informative


    IFRAMEs _not_ images!

    http://www.freedom-to-tinker.com/?p=610

  6. Problem NOT Solved by DaveCar · · Score: 2, Informative

    This is NOT about image bugs, it is about IFRAME bugs.

    http://www.freedom-to-tinker.com/?p=610

  7. Sendmail/MailScanner/Pmail by Medievalist · · Score: 4, Informative

    www.sendmail.org
    www.mailscanner.info
    www.pmail.com

    Problem solved, oh, maybe five years ago. It amazes me that anyone just figured this was a problem NOW.

    I've received hundreds, if not thousands, of emails with a {disarmed} header modification inserted by MailScanner... it's quite interesting to learn who is routinely inserting tracking bugs in their mailings.

    I suppose you could also use transparent caching a'la squid to bumfuzzle some of the trackers and speed up browsing for your end users at the same time. But it seems like nowadays the bugs usually contain individualized tracking codes that would make it through the cache anyway.

    You just have to strip out external references and tell the end users "that guy who sent you this is using a broken mailer". That's the strategy the HTML addicts used to create this problem, after all - they told the clueless that HTML was normal and that anybody who couldn't read it was using broken or obsolete software. I use the same line (which happens to be true) if somebody complains that they can't read company XYZ's mailings because the image links have been stripped out; "oh, company XYZ is using a broken obsolete mailer that puts external links into the text; until they learn to use the Internet you'd better find a new company to deal with or stick to phone calls".

  8. Re:"Can anything be done to stop Web bugs?" by jackbird · · Score: 2, Informative

    Someday, perhaps someone will write a mail client that disallows loading of remote images in emails unless specifically allowed. Perhaps they could call it "Thunderbird."

  9. Use something simple by bb5ch39t · · Score: 2, Informative

    I use Pine on Linux. Simple, easy for me to use, and it doesn't do a thing unless I tell it to. People who let their computers run their lives get what they deserve.