Slashdot Mirror

← Back to Stories (view on slashdot.org)

Glitch In OS X Search Can Expose Private Details of Apple Mail Users

Posted by timothy on from the where-are-you-now dept.

itwbennett (1594911) writes "The potential privacy risk in Apple's OS X Yosemite, first reported by German tech news site Heise and confirmed by IDG News Service, appears when people use the Spotlight Search feature, which also indexes emails received with the Apple Mail email client. Performing a Spotlight search opens email previews that load external images, including tracking pixels that are used to gather data, even when the Mail client is asked not to do this." From the article: A preview of the unopened emails was shown by Spotlight, which revealed to the operator of the server hosting the pixels the receiver’s IP address, current OS version and some details about the browser used as well as the version of Quick Look, a program that let’s users preview a document.

49 comments

  1. Eh, minor bug by Anonymous Coward · · Score: 0, Insightful

    The real problem is that the iOS mail app doesn't have an option to block image loading for non-trusted user. So, if I open any email on my phone, I get the images and tracking.

    1. Re:Eh, minor bug by Anonymous Coward · · Score: 0

      The real problem is that the iOS mail app doesn't have an option to block image loading for non-trusted user. So, if I open any email on my phone, I get the images and tracking.

      Settings > Mail, Contacts, Calendars
      Switch off "Load Remote Images"

    2. Re:Eh, minor bug by Anonymous Coward · · Score: 1

      I am really confused what the 'Settings.app->Mail, Contacts, Calendars -> Load Remote Images' setting does then.

      Mine is set to off, and I do not see any remote images. Since an Anonymous Coward on Slashdot says it does not have that option, it must be true.

    3. Re:Eh, minor bug by Anonymous Coward · · Score: 1

      Or even that it does not default to blocking (like Outlook) and allow unblock...

    4. Re:Eh, minor bug by grub · · Score: 1

      This is about OSX mail, not iOS mail.

      --
      Trolling is a art,
    5. Re:Eh, minor bug by swb · · Score: 1

      Because I'm inclined to be conspiratorial, I am somewhat suspicious that iOS Mail and Safari are written with advertiser-friendliness in mind which leads to them loading mail images automatically and the lack of an adblocking feature (or add-in capability) to Safari.

      Yes, you can install a third-party browser like Mercury which can do adblocking but there's no way to change the default browser, which leads to Safari getting used (it doesn't help that Mercury's "Open in Mercury" bookmarklet is broken, the URL getting escaped/parsed wrong when it lands in Mercury).

    6. Re:Eh, minor bug by Anonymous Coward · · Score: 0

      Please read the summary more carefully. This is referring to Spotlight Search previews, not the views in mail.app itself.

  2. WHAT?!?!?!? by EVuL_C · · Score: 0, Flamebait

    I thought OSX was impervious to virii, etc!

    1. Re:WHAT?!?!?!? by future+assassin · · Score: 0

      No, that's Linux.

      --
      by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
    2. Re:WHAT?!?!?!? by Anonymous Coward · · Score: 2, Funny

      It's only impervious to criticism.

    3. Re:WHAT?!?!?!? by cheater512 · · Score: 0

      How is this a virus?

    4. Re:WHAT?!?!?!? by saloomy · · Score: 0

      Mail can be set to disable remote images, but Spotlight should follow the mail settings. The real issue I think, is that Spotlight results also include email from junk mail folders, which is mostly useless (unless searching for email incorrectly tagged as SPAM). This should be disabled, and a user should have to knowingly venture into their SPAM folder to find such messages. Loading remote images from the junk folder is just crazy, beyond even the stupidity of indexing and searching in junk folders. Apple is falling further and further away from Sir Issac's tree it seems.

      Is this the post-Jobs era of Apple we should come to expect? I have been using Macs and iPhones since around 2001, and they have been relatively stable, fast, and seemingly more secure than Windows. But lately, it seems they are just riddled with annoyances and bugs I fear will worsen as time goes by.

      Note to Tim: Don't accept mediocre standards, or you will loose what has made you great. Put the features on hold! Fix Fix FIX.... Your users will be happier, and thank you.

  3. Tracking pixels?! by fustakrakich · · Score: 0

    That sounds very cool! How do you buy it, in powder form?

    --
    “He’s not deformed, he’s just drunk!”
    1. Re:Tracking pixels?! by ArcadeMan · · Score: 1

      I got mine from the store that sells dehydrated water and air guitar strings.

      --
      Get free satoshi (Bitcoin) and Dogecoins
    2. Re:Tracking pixels?! by Anonymous Coward · · Score: 0

      A "tracking pixel" is a 1 by 1 sized image containing a single transparent pixel (or any image, really) embedded in HTML content with an external URL that contains some unique identifier. When you view the e-mail, the URL is visited to retrieve the image, and the responding server registers that indeed someone is using this e-mail address, along with your IP number and any other information that can be extracted from the HTTP request.

  4. A job for Little Snitch by GlobalEcho · · Score: 2

    I noticed this with Little Snitch, which I recently installed on my laptop. It allowed me to prevent the queries, for which I was quite grateful. I'm not particularly happy with all of Spotlight's newly introduced web search components, either -- I wonder if there's a way to turn that off.

    1. Re:A job for Little Snitch by Noah+Haders · · Score: 5, Insightful

      I'm not particularly happy with all of Spotlight's newly introduced web search components, either -- I wonder if there's a way to turn that off.

      Apple says

      If you do not want your Spotlight search queries and Spotlight Suggestions usage data sent to Apple, you can turn off Spotlight Suggestions. Simply deselect the checkboxes for both Spotlight Suggestions and Bing Web Searches in the Search Results pane of Spotlight preferences in System Preferences on your Mac. If you turn off Spotlight Suggestions and Bing Web Searches, Spotlight will search the contents of only your Mac.

    2. Re:A job for Little Snitch by Sox2 · · Score: 1

      following apples suggestion for limiting spotlight intrusiveness does not stop spotlight attempting to connect to a large range IPs.

    3. Re:A job for Little Snitch by Ol+Olsoc · · Score: 1

      I noticed this with Little Snitch, which I recently installed on my laptop. It allowed me to prevent the queries, for which I was quite grateful. I'm not particularly happy with all of Spotlight's newly introduced web search components, either -- I wonder if there's a way to turn that off.

      I was also shocked, because the new "features" have caused me to stop using Spotlight

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    4. Re:A job for Little Snitch by Noah+Haders · · Score: 0

      but if you turn off spotlight, it will only search your mac, not the interwebz, so no info will be sent anywhere. note this addresses the GP's specific question at the end of his post, but does not address the submitter's question of how to avoid the tracking pixels.

    5. Re:A job for Little Snitch by Anonymous Coward · · Score: 0

      I was shocked *and* appalled. Then I realized even Johnny Cochran would have said: “If I put this knit cap on, who am I?”

  5. not really a bug just a behavior by goombah99 · · Score: 4, Informative

    any browser, especially ones that do pre-fetching, reveal the same details. pre-fetching can send your OS and browser details, even cookies, to sites you never visit. This isn't seen as a disaster and those are not deep secrets. Mail is doing this one step deeper by automatically pre-fetching all your e-mails. But seriously, most people delete there e-mails by clicking on the e-mail and hitting the trashcan. so that fetch happens. only some folks will devise strategies to actually not look at an e-maiul before deleting it. and for them , they can exclude e-mail from previe and spotlight.

    I already remove e-mail from spotlight just because I don't want e-mails poping up in my searches under an employees name. that could get embarassing if the employee is there while I'm searching for some document we created together.

    --
    Some drink at the fountain of knowledge. Others just gargle.
    1. Re:not really a bug just a behavior by QuietLagoon · · Score: 1

      not really a bug just a behavior

      OK, if it's working as designed, then let's call it a design bug instead of a coding bug.

    2. Re:not really a bug just a behavior by bws111 · · Score: 4, Informative

      Browsers do not reveal the same details. The links in an email (if followed) prove that the email address is valid, something your browser can not do. Email clients (good ones anyway) do not automatically follow the links, either in preview or even if you open the mail, unless you ask them to. This is a bug.

    3. Re:not really a bug just a behavior by goombah99 · · Score: 0

      conversely your mail.app won't necessarily have your tracking cookies. each leaks some privacy. they are just different not worse or better.

      --
      Some drink at the fountain of knowledge. Others just gargle.
    4. Re:not really a bug just a behavior by CanadianMacFan · · Score: 0

      This has nothing to do with following links. What happens is that the spam shows an image. You can set up the mail client to not load images in junk messages so the spammers won't receive a request for the image which will have your IP address, browser info (the email client in this case), OS, and a bunch of other information. But in the spotlight search results it loads the image even for junk messages so the spammer will get that information. If the spammer is even a bit clever instead of just having a static file for the image they will use a script to serve up the file so they can use a CGI call and pass along the email address. And bingo you know which email addresses have read your message.

    5. Re:not really a bug just a behavior by bws111 · · Score: 1

      It shows images by following links.

    6. Re:not really a bug just a behavior by bws111 · · Score: 4, Interesting

      It IS worse. Whether or not to accept tracking cookies is up to me. Whether or not my email address gets confirmed as being active and in use is not up to me, because this search program is doing it.

      Furthermore, since the search program is following these links it obviously must be interpretting the returned data somehow. Is that interpreter known to be perfect, or is it possible someone could create some malicious content that could cause the interpreter to do something bad? Then, all they have to do is send you an email with a link to the content and the search will happily do whatever the malware wants.

      We constantly see comments on here about how stupid people are because they are tricked into following links to sites with malicious content. Here, we have a program doing that exact thing, without user control, and that behavior is being excused. Why?

    7. Re:not really a bug just a behavior by goombah99 · · Score: 0

      It IS worse. Whether or not to accept tracking cookies is up to me. Whether or not my email address gets confirmed as being active and in use is not up to me, because this search program is doing it.

      yes it is up to you. You can turn off spotlight in mail. Nothing breaks.

      --
      Some drink at the fountain of knowledge. Others just gargle.
  6. In case you didn't notice by Anonymous Coward · · Score: 0

    itwbennett is either a spammer or is mocking our friend here. What will it be?

  7. Other mail agent by chthon · · Score: 2

    That's why I use claws-mail

  8. Let's try to punctuate correctly by Anonymous Coward · · Score: 0

    a program that let’s users preview a document

    This should be: "a program that lets users preview a document."
    Let's try to punctuate correctly. Please!?

  9. Segregate mail like the good ol' days by ilsaloving · · Score: 1

    I personally don't understand the need to have system-wide access to email in a moment's notice. Is email not obscenely pervasive enough already?

    I disable it from my spotlight preferences as a matter of course.

    For that matter, I don't even use the default Mail app that comes with OSX cause it has a couple odd behaviours that tend to drive me nuts, so I'm using PostBox instead. Good ol' fashioned indexing and searching, as god intended.

  10. This is serious for users by dhaen · · Score: 1

    I've used OS X since it's release, this is the first of the many published vulnerabilities that actually causes me concern. From a security perspective Spotlight is unusable on Yosemite machines until this is fixed. Thank goodness my main machines are still on 10.9.

    1. Re:This is serious for users by Rosyna · · Score: 1, Informative

      This isn't a vulnerability, and to disable it all you have to do is uncheck "Mail & Messages" in the Spotlight preference pane in System Preferences.

    2. Re:This is serious for users by friedmud · · Score: 1

      It's also only a problem if you're using Mail.app... I'm sure many people are like me and just use GMail, etc. directly through the web interfaces.

      Personally, Google Inbox is _way_ beyond Mail.app...

    3. Re: This is serious for users by Anonymous Coward · · Score: 0

      Yes. Google is everywhere. Giving your personal information to them instead is better.

  11. Outlook by steveo777 · · Score: 3, Informative

    I'm pretty sure MS caught hell for this about a decade ago when their preview pane would preload the entire contents of an email, including VBS scripts and links... It's not like it's the first time it happened, but it looks pretty bad for Apple having made the same mistake twice.

    --
    This sig isn't original enough, it's time to come up with something witty...
    1. Re:Outlook by Kaenneth · · Score: 1

      Funny story, back when I was contract testing at MS, I bugged that as potential privacy issue in Outlook Express before it was released but the triage team didn't think it was important enough to change.

    2. Re:Outlook by Anonymous Coward · · Score: 0

      Funny story, back when I was contract testing at MS, I bugged that as potential privacy issue in Outlook Express before it was released but the triage team didn't think it was important enough to change.

      Thats because you failed to make a compelling case you stupidass.

  12. MOD +5 INSIGHTFUL TO INFINITY by Anonymous Coward · · Score: 0

    MOD +5 INSIGHTFUL TO INFINITY

    1. Re:MOD +5 INSIGHTFUL TO INFINITY by ArcadeMan · · Score: 1

      AND BEYOND!

      --
      Get free satoshi (Bitcoin) and Dogecoins
  13. Name Change by Anonymous Coward · · Score: 0

    Apple should just change their name to "Look At My Vagina"

  14. Umm by easyTree · · Score: 1

    I'm sure they'll both get over it.

    --
    Requiem for the American Dream
  15. All the more reason not to upgrade by Anonymous Coward · · Score: 0

    I'm sticking with my Macpro 2,1 with 8 3ghz cores and 32gb of ram... hacked with a NVIDIA GTX 560. I bought a similar machine on the net... upgraded it to 24gb ram running linux bare metal. Linux will now be my default OS. I used to use OSX for the desktop, linux for development with remote X and shell access.
    Not anymore. Default desktop for is now linux mint 17.1, I have my other macpro on a kvm to run the old apps as I transition to the new linux apps.
    Video editing came a long way on linux. now rendering has CUDA and OpenCL support. Schwweet. I only had macos for that.
    make -j20 on my mac 8 core beasts is actually a little faster on linux versus mac pro 2,1 macos 10.9.2 workstation.

    I think Apple innovation is loosing it. it started with mavericks napping applications in the background.. dump. I hacked the os to disable napping by default.
    dropping support on the older hardware.. dumb. I hacked boot.efi to boot mavericks on my old mac pro 2,1 when I did not know any better that the most polished macos release was indeed 10.6.8 I only upgraded to take advantage of the nvidia support for newer cards.

    I'm hoping to write EFI 32 firmware for my old mac pros so I no longer need two video cards per mac.