
Superhuman embeds tracking pixels in user emails - minimaxir
https://mikeindustries.com/blog/archive/2019/06/superhuman-is-spying-on-you
======
midnightmonster
Nearly every email marketing platform does this for every email they send
already, and that’s part of why thunderbird has had images off by default in
email since a really long time. (Or maybe I set it that way years ago, but at
least it’s an easy setting.) Is it weirder because it’s mail from an
individual? I guess so.

~~~
ajiang
I think you answered your own question. Email marketing platform? Yes they do
track emails, but only providing the data for open rates, not a list of
timestamps and locations where you opened the email.

~~~
manigandham
CRMs do. Just about every email-sending tool collects that data, even if they
don't show it to you in the UI.

------
ChuckMcM
I resonated very strongly with this well written piece. The description of how
early decisions become part of your company's "genome" is spot on. This
comment in particular;

 _" When faced with making a product decision that is even mildly
uncomfortable, employees often first look towards expressed company principles
like “Always put the customer first”, but the next thing they look for is
_precedent _. "_

It is reminiscent of the "two wolves" Cherokee story of two wolves inside a
person one evil, one good. The one that wins out and determines your character
is the one you feed. These sort of company decisions, individually small but
repeated over time, are food for the ethical wolf and the unethical wolf that
lives in the soul of a company. One way to know that you probably don't want
to continue at a startup is when you notice they are feeding the unethical
wolf more than the ethical one.

~~~
Sebguer
A really good article speaking to this is:
[https://www.theatlantic.com/magazine/archive/2016/01/what-
wa...](https://www.theatlantic.com/magazine/archive/2016/01/what-was-
volkswagen-thinking/419127/)

Though, honestly, I find the use of Johnson & Johnson in that article to be
more problematic by the day considering they clearly have done a lot of evil
at this point.

------
peterkelly
One of the many reasons I love Little Snitch [1], which among other things is
great at notifying you and allowing you to block requests for external
resources when reading mail.

[https://www.obdev.at/products/littlesnitch/index.html](https://www.obdev.at/products/littlesnitch/index.html)

~~~
consumer451
I just recently got back into Linux as a part-time driver and use this for the
same purpose:
[https://github.com/evilsocket/opensnitch](https://github.com/evilsocket/opensnitch)

Admittedly, I'm a noob so I would be happy to hear about alternatives.

~~~
hadrien01
There's also Douane: [https://douaneapp.com/](https://douaneapp.com/)

------
jhunter1016
The amount of pixel-tracking apologists make red herring arguments in these
comments is proof that tech, and probably specifically SV tech, is not ready
to embrace privacy.

~~~
pcmonk
I hate tracking pixels, read receipts, and all similar stuff. The only thing
worse than lack of privacy, though, is privacy theater, and that's what we've
had. It's a good thing for more people to realize that this stuff happens all
the time, so they can take action about it if they want to.

~~~
luckylion
That sounds like an accelerationist position: instead of having some remnants
of privacy, make them lose it all so they realize the value and take action to
get back full/more privacy.

What if the revolution never happens? Then what little "privacy theater" stood
between the corporations and the users is swept away. When corporations need
to show some restraint, even if only to not appear completely evil, at least
it's some restraint.

~~~
maemilius
You and I must have very different ideas about what "privacy theater" means.
To me, privacy theater is the _illusion_ of privacy not real privacy.

So, removing "privacy theater" does nothing to your actual privacy and only
shows you how exposed you really are.

------
lwb
I don't see anything unethical about Superhuman using something that's part of
the platform for literally every other business email application (as the
author mentions: Salesforce, Mailchimp, etc). Sure it's a little creepy, but
this is a silly hill to die on.

The author compares tracking email opens and locations with looking into your
neighbor's window and seeing them naked. What's different about the latter is
that it's actually illegal (look up "peeping tom laws"). Storing someone's
public IP address and using it to guess their location is not illegal, and
shouldn't be -- we have massively faster internet from things like DNS
targeting that do exactly that.

If you're going to go after people for tracking user locations then there are
much bigger fish in the sea than Superhuman.

EDIT: It looks like GDPR does go after the big fish here, which is email
tracking in general: [https://www.gdpreu.org/compliance/email-
tracking/](https://www.gdpreu.org/compliance/email-tracking/)

> In its current prevailing form, we expect email tracking to be categorically
> prohibited under the GDPR without express user consent.

~~~
dev_tty01
Are other people doing it? -- So that is a reasonable test for ethical
behavior? Wow. Other platforms similarly unethical behavior is NOT
justification for lack of ethics. That might be a financial argument, but it
is absolutely not a reasonable approach to ethics.

Legal vs. illegal is also not an appropriate basis for proper behavior. I
think if we all used that standard for our personal interactions society would
rapidly descend into chaos.

~~~
matz1
Ethics is relative, what one person deemed to be ethical might be not be for
other.

~~~
mathnmusic
Ethics is not all that relative. Does SuperHuman allow tracking pixels for
INCOMING emails from non-SH users by default? That would at least be non-
hypocritical.

~~~
austhrow743
Not only does it have them on by default, you can't turn them off. It's in the
article that we're all commenting on. In bold.

------
troydavis
I was on Superhuman's waiting list in 2018 – until, on 2 occasions, Superhuman
puts its own growth above customers' needs. 1 involved privacy: when a
Superhuman user emailed an address on the waiting list, Superhuman told the
sender.

I didn't and don't trust them with my email.

I know Rahul and told him then that I thought they had an organizational blind
spot in over-emphasizing growth hacking. I don't think it led to any changes.

(If anyone is looking: I've been a FastMail customers for years and still
trust their staff, ethics, and decision process/priorities completely. Bonus
that their webmail doesn’t load remote images:
[https://www.fastmail.com/help/receive/remotecontent.html](https://www.fastmail.com/help/receive/remotecontent.html))

------
cj
What bothered me the most about tracking pixels in emails (when using Apple
Mail) was false positives:

I would occasionally have someone ask me why I opened their email 20+ times
before responding (I didn't).

After a while, I realized that when using the "arrow down" key to scroll
through your inbox in Apple Mail (with split view enabled), Apple Mail will
open and render every email in the split view when attempting to open an email
further down in the inbox. This would result in every tracking pixel being
loaded/rendered dozens of times, even when the email was open on the screen
for < 200ms.

After a few times hearing people ask why I opened their email dozens of times
but haven't responded (when really hadn't read their email at all), I ended up
disabling images from loading in emails entirely.

Does anyone know if this is still an issue with Apple Mail? Or if this also
happens with Gmail configured in split view?

~~~
AlexandrB
> Does anyone know if this is still an issue with Apple Mail?

What issue? This is marketing wonks and creepy SV companies abusing image
loading in email to implement "read receipts". The fact that some clients load
images differently is their problem, not Apple's.

------
throwaway9010
Aside from remote images, they store all of your emails on their servers. Not
sure why they don't receive the same scrutiny that other email apps like
Edison have [1].

I've heard enough fishy stories from former engineers there — people should
think twice before logging in and letting them ingest your full account
history (as with any third party email app, which Gmail is already cracking
down on [2]).

[1] [https://www.macrumors.com/2018/07/02/third-party-email-
apps-...](https://www.macrumors.com/2018/07/02/third-party-email-apps-reading-
user-emails/)

[2] [https://www.androidpolice.com/2018/10/08/google-updates-
gmai...](https://www.androidpolice.com/2018/10/08/google-updates-gmail-api-
policies-developers-will-require-app-reviews-security-assessments/)

~~~
Cd00d
Edison packages up info from user emails and sells that on the data market.
Maybe Superhuman isn't doing this (yet), and therefore aren't being
scrutinized for this security/privacy lapse in the same way.

------
deogeo
Why do e-mail clients still load images by default? This is not a new attack,
or even hard to predict.

~~~
staunch
I thought Gmail's solution to this was to always download every image in your
email and then proxy the image from their own servers when you view it. This
results in a meaningless 100% "open rate" for Gmail and does not reveal an
end-user's IP address.

~~~
concernedctzn
While you're mostly correct, they do not automatically download every image,
it only initiates the download when you go to read the email. So they're still
letting the sender know when you read the email, but yes they are masking the
IP by using their own servers to download it. This can still be disabled if
you use the setting to not download images, which is frustratingly unavailable
in the gmail for ios app.

~~~
staunch
Ah, okay. I keep meaning to test this out myself. It's unfortunate that Gmail
doesn't mask opens entirely.

------
vultour
What email client loads images by default in 2019? I've used Thunderbird for
years and I am pretty sure it has been disabled for a long time, Outlook at
work doesn't load anything outside of the firm's domain, and I also remember
big news on HN from a while ago saying gmail will start to proxy images which
should prevent these things from working.

Tracking pixels are so widespread that surely it must work, so what do people
use to view their emails?!

~~~
babyslothzoo
> What email client loads images by default in 2019?

Most do. You have to turn it off manually.

~~~
nickfromseattle
I don't believe Outlook or Gmail do.

Am I wrong here?

What other apps or clients load images by default?

~~~
NikkiA
Apple Mail, which most apple users use.

------
mike-cardwell
[https://www.emailprivacytester.com](https://www.emailprivacytester.com) will
let you know if your email client is leaking information about you, by sending
you an automated email with various tests embedded (e.g tracking pixels).

If you're scared about giving your address to this tool, I wrote it. You've no
reason to trust me, but you can scan the about/privacy pages for information,
and it's also available to download and self-host.

------
joshe
Mixmax has an accidentally helpful guide to the only way to block tracking:
block images. (They also mention how aggressively they try to get around email
blockers.)

There's an inverse relationship between email importance and production value,
seeing a bunch of blank boxes is a great hack to signal that.

[https://success.mixmax.com/article/57-track-
opens](https://success.mixmax.com/article/57-track-opens)

"...An open won't be recorded if:

The recipient opens the email on a legacy email client that blocks all images
from being viewed. This also means that images in signatures and other media
won't carry through to the recipient, so in practice this is quite rare.

The recipient has software to block email tracking. This is also quite rare,
and Mixmax actually circumvents most email tracking blockers."

------
zzzeek
having an email client that automatically loads images is insane. it means
that any spammer / scam emailer can immediately tell if their emails are
getting into your inbox vs. being filtered and they can then see where you
live, and target their next spam / scam to that geographic location and/or try
to find out who you are, etc.

a mail provider like fastmail could in theory be loading image links in emails
they will deliver to their users and store them into their own local cache,
rewriting the email your client receives so that you see the images served off
of your email hosting provider's servers. that would be a straightforward way
of preventing any sort of image link tracking across the board, is this a
thing?

~~~
pkilgore
This is something I've been wondering about for quite some time, particularly
given that large providers can hash the images and conserve storage space by
storing only a single copy of the image per hash.

I would suspect there are privacy implications of google caching what's behind
every image tag in an email, in addition to the massive traffic / CPU spike
such a thing might cause to retrieve the image and hash it, particularly for a
very large email campaign. (But I don't know).

[Edited to include this link, which I found in another comment here] "Gmail
will now serve all images through Google’s own secure proxy servers."
[https://gmail.googleblog.com/2013/12/images-now-
showing.html](https://gmail.googleblog.com/2013/12/images-now-showing.html)

------
RandallBrown
In these sort of articles, I wonder why the author _never_ considers benign
intentions.

The conversation could have easily been

"Read receipts are a useful feature." "Yeah. Let's add them"

And that was it. Lots of people are _not_ privacy focused and don't think of
this as a problem, so it would never occur that their seemingly benign feature
could have bigger consequences.

It's pretty easy for people who care to "turn off read receipts" by disabling
images or blocking it through proxy/vpn/whatever.

I personally don't like read receipts, so I will likely not use superhuman. I
just don't view it as some major problem.

~~~
harryh
_It 's pretty easy for people who care to "turn off read receipts" by
disabling images or blocking it through proxy/vpn/whatever._

What about non technical people who have no way of learning that they are
being spied upon?

~~~
RandallBrown
My thesis is that if you care about being tracked enough that you'd want to
turn it off, you're also technical enough to do it.

I may be wrong.

~~~
harryh
Go find a non technical person and ask them these two questions:

"Do you care if your ex-girl/boyfriend can tell every time you read an old
email s/he sent you?"

"Have you disabled loading images by default in your email client?"

You will see that you are wrong.

EDIT: decided to listen to my own advice and conduct a (very non scientific
obvs) twitter poll.

[https://twitter.com/harryh/status/1146120438432616450](https://twitter.com/harryh/status/1146120438432616450)

------
bartkappenburg
Not trying to be too much of a conspiracy thinker but 227 points in 1 hour
should give the first spot on HN (it was though) but now it's on #12. Are the
investors pulling some strings?

~~~
steveklabnik
You don't know how many people have flagged the article or not. There was a
very sudden drop, so _something_ happened, but it's impossible to give the
actual root cause unless you're on the inside of HN itself. I'd assume flags
over any sort of conspiracy here.

~~~
sh1ps
I saw the drop and wondered if there was something afoot, then talked myself
off that ledge and assumed this was probably some kind of normal flag like
ring detection triggered, etc.

Interesting additional note, though, the title has (relatively recently)
changed to "Superhuman embeds tracking pixels in user emails" versus the
actual article title of "Superhuman is Spying on You"

------
Kique
After reading this I'm now more interested in the showerhead he loves so much
and seems so enthusiastic about. It does have great reviews online so I might
have to pick one up now.

~~~
kabwj
It’s a Commando 450.

------
Pt_
This sort of open tracking with geoIP based location has been around for a
while. There are numerous GMail add-ons that provide this functionality eg.
Streak there are equivalent's for other clients too.

This is written as if Superhuman are the first people to do this, that doesn't
justify the behavior but there are others to blame here and the precedent was
set prior to Superhuman's implementation with these email tools

------
iandanforth
If you're concerned about this behavior (and you should be, it's creepy as f)
you might be interested in this EFF article:

[https://www.eff.org/deeplinks/2019/01/stop-tracking-my-
email...](https://www.eff.org/deeplinks/2019/01/stop-tracking-my-emails)

------
hedora
I guess I’m mostly surprised people have auto load images turned on in their
mail clients.

This does make me want to find a mail client that automatically finds these
tracking images, uploads them to a pool of tracking URLs, and then loads a few
hundred members of the pool at random (preferably with randomized cookies,
etc).

I’d pay for something that does this to the top 100 tracking firms, especially
if it worked with web browsers.

------
kop316
While this may be "what aboutism", I noted that the post sets a cookie on your
browser by just visiting the site.

Considering the person is saying how bad it is to have a tracking pixel in
email, the site that hoats this article can now do similar things by putting
that cookie in your browser

~~~
ryanisnan
Not quite the same. With email pixel tracking, anyone can theoretically obtain
your broader geographical position just by sending you an email via
Superhuman.

~~~
kreetx
Yeah. I guess they try to offer the customer something extra. But this doesn't
look like to be the thing they should offer.

------
rasse
If this is a problem, why is with Superhuman and not the client at the
receiving end? How tracking pixels are handled is a client issue. If anyone's
violating your privacy, it's your email client and not the sender of the email
or the sender's email client/provider.

I think it's analogous with EU's "cookie consent". Cookies too are a client
issue. Instead of annoying mandatory popups on every site, browsers should
handle cookies better by default.

~~~
harryh
It's both.

If someone breaks into my house because my door lock is broken then I should
definitely fix the lock.

But the criminal shouldn't have broken in anyways.

~~~
rasse
In this case the lock would be shipped broken from the factory with the users
and lock manufacturer's knowledge and consent (with regards to email clients'
and web browsers' default settings and the user's ability to change these).

------
Udik
I thought that this trick was as old as html email, and that (at least) gmail
was actually caching images on their side to prevent tracking?

~~~
chipperyman573
I may be wrong but I believe google cached it after you open the email first.
So your IP is hidden and you can't tell how many times someone has opened an
email, but you know the timestamp of the first time they do.

~~~
jalk
The Gmail image-proxy honors the regular http cache headers, so marketing
mails get their open rates ‘correct’ but cannot see cookies/ip addresse

------
tregoning
If I understand this correctly:

(Gmail’s API lockdown will kill some third-party app access, starting July 15)
[https://news.ycombinator.com/item?id=20300008](https://news.ycombinator.com/item?id=20300008)

I think their startup will stop working soon, given that they only support
GMail.

~~~
numair
> One absolute doozy of a requirement kicks in if the app stores user data on
> a third-party server. Google will now require those apps to pass a third-
> party security audit, which the app developer must pay for. According to the
> company, the cost "may range from $15,000 to $75,000 (or more) depending on
> the size and complexity of the application." The message here seems to be
> "Don't store Google user data on your server."

They've surely paid for this. And, ironically, this is the sort of app that
Google supposedly set up this gatekeeper process to keep off their platform,
as this was meant to "safeguard user privacy."

------
sergiomattei
A good alternative to Superhuman is KanbanMail[1]. I've been using it for
quite a while now and it works wonders.

It's pretty productive and the creator is pretty responsive.

Disclaimer: guy who made it is a cool friend.

[1] [https://KanbanMail.app](https://KanbanMail.app)

------
gopher2
I think what gets me is the juxtaposition of the brand name and this
functionality. Superhuman sounds like it should be all about making the email
sender more productive. And not about tracking time-stamped geotags of my
actions as the receiver.

------
human20190310
If Superhuman announced they were going to remove the tracking pixels instead
of doubling down on defending them, they might have turned all this negative
publicity into a benefit. They may have already missed the window for doing
that though.

------
mbrumlow
> no matter what email client you use

Nope, not my email client, Emacs/Mu4e simply flat out won't notify you by any
means that I have viewed the e-mail.

Man, the world has gotten weird. Its like people forgot emails were actually
just text.

~~~
kevincrane
Because for almost the entire world they’re not.

------
LinuxBender
People will do what people can do. Test your email client for leakage and then
plug the leaks. There is some discussion and links on stackexchange [1] If
your client can't plug the leaks on its own, please file a bug with the mail
client developers. Please consider asking them politely to make those settings
default.

[1] - [https://security.stackexchange.com/questions/23718/is-my-
ema...](https://security.stackexchange.com/questions/23718/is-my-email-client-
violating-my-privacy)

------
nojvek
We need a very simple law. “1. You cannot track a user or send marketing spam
without their explicit consent. 2. The user can take away the consent at
anytime and you gotta stop the peepin. 3. The user can ask for what you’ve
tracked and you gotta give it to them. 4. The user can ask you to delete their
data and you gotta respect that.”

I know this is what GDPR is but we need a saner US version of it.

We can’t be technology leaders and still pretend it’s the Wild West.

~~~
Nextgrid
GDPR is also BS.

Not only is it not enforced (why are Google and Facebook _still_ around
considering their entire business is to basically violate the GDPR?), but
there are plenty of exemptions that can be abused to argue that nasty behavior
falls under "legitimate interest".

Making a complaint is also super difficult. The ICO (UK's privacy regulator)
for example insists that you have to first contact the offending company and
give them 3 months to reply which is an insane amount of effort and not always
possible (what if there's no way to contact the company, or you have to
login/create an account first). There should be just a simple form where you
send the URL of the offending page and _they_ take it from there.

------
mikl
I can't imagine why people would want to entrust their e-mail to a company
that's known for disrespecting people's privacy.

 _cough_ Gmail _cough_

------
hawaiian
Whatever happened to hosting your signature as an image at
cutepersonalizedname[.]com and logging the IPs yourself?

It probably wouldn't take much work to use Automator.app to periodically
uniquify the src URL in your sig and map Sent Item => unique hash into a
sqlite database, later asynchronously updating it with IPs seen from an nginx
server hosting your image. Presto, you're a "superhuman".

------
sbr464
From a design standpoint, It would be nice if email clients had an option to
hide image placeholders if images are also blocked from loading.

------
nathan_f77
I do want to be an ethical company, and I agree about all these decisions
adding up over time. This article convinced me to deleted all of my MailTrack
accounts and uninstall the extension.

I was using MailTrack for a while, and it's been a very valuable tool, but I
can do without it.

I was also talking to some lawyers about GDPR, and they said that this kind of
tracking is actually illegal for recipients in Europe, unless I explicitly ask
for their permission to include a tracking pixel. So I was already planning to
get rid of this, and I'm glad that my emails are now GDPR compliant (even for
people in the US.)

[1] [http://mailtrack.io](http://mailtrack.io)

~~~
Nextgrid
Can you tell me more about how they violate the GDPR or quote the relevant
parts of the regulation? I've got an inbox _full_ of otherwise legitimate
emails but every single link is a disgusting stalking link thanks to their
~spamming~ marketing platform (also the links are always HTTP even if the
original link was HTTPS, so they also decrease security) so I'd love to put an
end to that.

~~~
gnicholas
My guess is it's because you're collecting PII on someone (location data and
email address) without their consent. And it doesn't sound like there are
procedures for an EU resident to request that all such data be scrubbed, which
I believe is also required.

------
ilyaeck
How hard is can it be for an email client, e.g. Gmail, to specifically detect
tracking images (literally 1x1 pixels or other similarly small/inconspicuous
images) and to block them by default? Sounds pretty trivial to me...

------
DocTomoe
This is why my private address deletes everything that does not have a text-
only part containing at least 80% of the HTML mail´s user-readable content.

EMail is supposed to be text infomation, not a glorified leaflet.

------
shultays
Why mail seevices doesnt load the images the moment it receives an email? And
cache them?

------
Exuma
IMO who cares. People can do this anyway with dozens of different email
tracking services. What difference does it make if it came from a 3rd party
service or the email client they send it with. I think you should just expect
tracking in email, just like you would expect 90% of websites to track you if
you have adblock off.

~~~
ameister14
I think the difference is you expect it from a marketing email, but you don't
expect it from a personal email.

------
whiddershins
Streak has been doing this forever, why is this new news?

------
nikolay
I got an invite, scheduled a conference call, and the lady said she I need to
screencast how I'm using Gmail. I told her that I'm not letting a stranger
peek into and record my Gmail inbox and she said that I cannot sign up without
this step, so, I refused, and they lost the income from me. Typical overhyped
SV crap. Should rebrand to "Subhuman".

~~~
ASalazarMX
This is bananas. Why would anyone need that in the first place? I can't come
up with any remotely valid reason.

~~~
NoblePublius
Rahul has written volumes on the SH onboarding process. They train you to use
the product so you will actually use it.

~~~
nikolay
I told the lady that I have over 35 years of software development experience
and I've used all kinds of software and I don't need guidance and I do, I will
reach out to them, but she was stubborn and lost a customer. I tweeted to
Rahul and the team, but got no response so far! Well... This is not a scalable
business model. But the lady was clear: "Superhuman is not for everybody!"
Alrighty then!

~~~
NoblePublius
Over 15,000 users paying $30 per month. $260 million valuation. Perfectly
scalable. If you'd like to learn why you're wrong, I encourage you read one of
the many lengthy, sincere, and detailed articles with the founder of
Superhuman, starting with this one. [https://www.drift.com/blog/how-to-
measure-product-market-fit...](https://www.drift.com/blog/how-to-measure-
product-market-fit/)

~~~
notus
You don't need a screenshare to accomplish this. I'm amazed by how much people
buy into a companies bullshit and then defend it online.

~~~
NoblePublius
I literally bought it into, both as a customer and investor. :-)

~~~
alexqgb
And did you update your email signature in the way the OP suggested?
Specifically, do you let everyone getting email from you know that you not
only track that read it, but when they read it, and even _where_ they were
when reading it?

I ask, because that would be the ethical way to handle what this app is doing
for you.

~~~
NoblePublius
I don’t need to be told that an electronic communication may be tracked
because I was born after 1980. Why do you?

------
kmarc
> With Superhuman, it is not. If I send you an email using Superhuman (no
> matter what email client you use)

Dunno, I open mails with (neo)mutt, so none of this works.

------
docker_up
Can I turn off tracking pixels in Gmail?

~~~
modeless
Note that Gmail defeats the location tracking and browser fingerprinting
features by proxying all image requests. So while the read receipts do work,
you are not leaking your location or your browser fingerprint to the sender
even if you leave image loading on.

[https://gmail.googleblog.com/2013/12/images-now-
showing.html](https://gmail.googleblog.com/2013/12/images-now-showing.html)

~~~
docker_up
Thanks, so I can't stop senders from knowing I opened an email?

~~~
modeless
You can, but you have to disable image loading (like any other email client)
because any image may have tracking information in it.

------
sleepyhead
Illegal in Europe due to GDPR.

------
dannykwells
Oh god superhuman. What a hype train. Finally got an invite...only to learn
they don't support Android? And really, only support entirely Mac-based
workflows?

I mean from a baby startup maybe that's reasonable, but in this case, with all
the hype, I think not.

My guess is a very well connected founder who was able to get his VC friends
to hype the tool, make it elite and club-like, and from there, profit.

I look forward to seeing them go down in flames more than most other elitist,
stupid startups around.

~~~
dmix
It's also Gmail only, which they are pretty up-front about in the puff pieces.

Almost every fancy email app I've used has had cross platform issues early on.
It's always either iOS or Android only, often little desktop supports (zero
for linux) besides maybe some half-baked web site. etc, etc.

Superhuman is hardly new in this context. The mac/ios only first approach is
super common for better or worse.

------
notsosuperhuman
I'm a friend of the superhuman CEO and have been following this company over
the time it's been around, both by talking to him and from interactions with
the official channels. Here is my $0.02.

SH started out like any other startup, with the best of intentions and a cool
idea but it just didn't take. The issue is that they're on the line to deliver
and they haven't had the traction they'd like so I've seen it slide, slowly,
over an extended period, into a desperate place that leaves them doing ugly
things. You should read Rahul's blog on finding product fit, it tells you
much.

Personally, I now think they're in a position where they are trying to mooch
everything they can off of users in order to try and build a better product
coupled with finding ways to be "unique" that will make them money/attractive.
This means they end up in sketchy territory i.e. the pixels, forcing people to
reveal how they use gmail in order to sign up, tracking every-single-aspect of
how users are using their site, hyped up bullshit etc. I don't know if they're
harvesting actual user data.

The fact is, they're between a rock and a hard place. They aren't profitable,
and there's no real exit. Whatever features make them unique can be copied in
months, if not weeks by any other provider. Why would Google buy them? Also,
the feature set, as good as it is, only appeals to a tiny subset of users of
email. Other aspects like corporate email not being allowed to be accessed by
third party clients etc makes a difference too.

I wish them all well, but by God I would not want to be a part of this thing.
It stinks.

~~~
SibLiant
So the company chooses to build email. EMAIL! Ok. What about their engineers
or product concept was SOO different that building EMAIL would draw customers?
Looking at their first page, the ONLY item that is unique here is "ENSURE YOUR
EMAILS ARE READ". This almost seems like a parody sight - like it's not even
real. Something is seriously fishy.

------
dotsarefun
> Before we continue, ask yourself if you expect this information to be
> collected on you and relayed back to your parent, your child, your spouse,
> your co-worker, a salesperson, an ex, a random stranger, or a stalker every
> time you read an email.

Yes. I expect analytics to be captured from HTML emails which I open.

------
NoblePublius
Now do Tout. Or Yesware. Or Salesforce. Or every CRM ever invented. Or
LinkedIn posts by Premium users. Also hilarious you think that Superhuman
competes with Outlook.

------
munchbunny
Email marketers have been doing this for a very, very long time. As someone
who used to work in adtech, my reaction was "well of course they're doing
this, every other email marketing tool does it."

Personally I think email software should all turn off third party requests by
default. If you want images, use data urls or attached images.

~~~
luckylion
Superhuman isn't an email marketing tool, and it's not opt-in email.

------
jbob2000
This is just email tech playing catch up with instant messaging, twitter, and
other communication tools.

At least with email I can block images and prevent the tracking from
occurring. I can't do that with facebook or twitter.

~~~
jld
From the article:

> Superhuman doesn’t even let its own customers turn images off. So merely by
> using Superhuman, you are vulnerable to the exact same spying that
> Superhuman enables you to do to others.

~~~
Skunkleton
All superhuman is doing is giving access the same tech that every company uses
to monitor emails sent to individuals. If you don't like it (and you
absolutely shouldn't), then don't use superhuman and turn of automatic image
downloads in your email client.

~~~
ajiang
The problem is that the person that "doesn't like it" isn't the user of
Superhuman, it is the recipient, who doesn't get a choice as to what email
client the sender is using.

~~~
Skunkleton
And my point is that a large percentage of emails sent contain tracking pixels
already. Privacy conscious recipients should already have automatic image
downloading disabled.

