
GitHub spy on user reading emails (2014) - nohawp
https://bugzilla.mozilla.org/show_bug.cgi?id=1031899
======
tedmiston
This is one of my favorite features of GitHub, alongside reply by email to
comment.

Does anyone know how their beacons get around Gmail's tracking buster?
([https://gmail.googleblog.com/2013/12/images-now-
showing.html](https://gmail.googleblog.com/2013/12/images-now-showing.html))

~~~
detaro
What's there to get around? the gmail proxy fetches the image, which tells
GitHub that the email has been opened, which is all they need to know. The
proxy does protect against leaking the IP address, cookies and potential code
injections, but not against the signal "image requested by user".

------
jjbiotech
This is a very commonly implemented practice in HTML emails. Nothing to bust
out your tinfoil hat over (just keep it on your desk, I'm sure it will be
needed after reading other HN posts). Just disable loading external images by
default in your email client if you don't want these services to know if
you've read their email.

------
heeton
"I'm paranoid enough to be worried about an email beacon. But instead of
protecting myself with a secure client or text-only mode, I'd like to trust
that people aren't going to track me."

Right.

------
desbest
A beacon doesn't mean they're reading the content of the email.

~~~
MelmanGI
Well, they _sent_ the email in the first place. So they obviously already know
the content.

------
tehwebguy
If you want to add this to your Rails app with basically no configuration
check out the Ahoy gem.

