R
Retired
http://news.com.com/How+HP+bugged+e-mail/2100-1029_3-6121048.html
Does WD offer any protection against this?
Does WD offer any protection against this?
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
B
Bill Sanderson MVP
You don't need WD for this. Just run Outlook Express or Outlook in a
current version, with the current default settings, which are read in plain
text, and resist the impulse to hit Ctrl H to see the web view.
They mention two methods this tracking company uses. I looked into at least
one, and maybe two such arrangements earlier in the course of this beta, and
both of them used a web bug--an invisible web object in HTML email which
will record the IP address of the person opening the message.
If you read in plain text, you won't see the bug and it won't see you. Even
if I looked at such mail in HTML, my IP is dynamic. I don't have a lot of
faith in Verizon's promise that they will only disclose information linking
a specific date and time to that IP to my name to law enforcement with
appropriate legal documentation, but it wouldn't be real easy to get, I
suspect. Yeah--they'd know it was opened in Philadelphia.
The other method they mention requires a return receipt file that gets sent
back. My email client also asks my permission to send such receipts, and I
recommend that setting, unless you are in some environment that requires
them on all mail, so clicking OK would get onerous.
So--Windows Defender isn't needed for either of these methods--and, I don't
think it would see them--they don't rise to the level of something that
Defender can intercept and check on.
current version, with the current default settings, which are read in plain
text, and resist the impulse to hit Ctrl H to see the web view.
They mention two methods this tracking company uses. I looked into at least
one, and maybe two such arrangements earlier in the course of this beta, and
both of them used a web bug--an invisible web object in HTML email which
will record the IP address of the person opening the message.
If you read in plain text, you won't see the bug and it won't see you. Even
if I looked at such mail in HTML, my IP is dynamic. I don't have a lot of
faith in Verizon's promise that they will only disclose information linking
a specific date and time to that IP to my name to law enforcement with
appropriate legal documentation, but it wouldn't be real easy to get, I
suspect. Yeah--they'd know it was opened in Philadelphia.
The other method they mention requires a return receipt file that gets sent
back. My email client also asks my permission to send such receipts, and I
recommend that setting, unless you are in some environment that requires
them on all mail, so clicking OK would get onerous.
So--Windows Defender isn't needed for either of these methods--and, I don't
think it would see them--they don't rise to the level of something that
Defender can intercept and check on.
R
Retired
Thanks for the quick reply, Bill. Now a quote from page 2 of the article:
"ReadNotify uses a combination of up to 36 different simultaneous tracking
techniques," Chris Drake, the company's Sydney, Australia-based chief
technology officer said in an e-mail interview. "One or more of these
usually works in all different e-mail clients and operating systems, making
us the most powerful and reliable tracking service on the Internet."
In short, ReadNotify uses more technologies than simple Web bugs, Drake
said. "All good e-mail programs have blocked these now and most anti-spam
programs reject them too, so we no longer rely on this simplistic tracking
idea."
-------------End Quote---------------------------
Of course WD or any anti-spyware program isn't needed if we read everything
in plain text mode, but I don't think most users are content to run Outlook
Express or Outlook in plain text mode. How are they to be protected?
"ReadNotify uses a combination of up to 36 different simultaneous tracking
techniques," Chris Drake, the company's Sydney, Australia-based chief
technology officer said in an e-mail interview. "One or more of these
usually works in all different e-mail clients and operating systems, making
us the most powerful and reliable tracking service on the Internet."
In short, ReadNotify uses more technologies than simple Web bugs, Drake
said. "All good e-mail programs have blocked these now and most anti-spam
programs reject them too, so we no longer rely on this simplistic tracking
idea."
-------------End Quote---------------------------
Of course WD or any anti-spyware program isn't needed if we read everything
in plain text mode, but I don't think most users are content to run Outlook
Express or Outlook in plain text mode. How are they to be protected?
B
Bill Sanderson MVP
Hmm--should have read more carefully!
I don't know that I've got time at the moment to test their service--I
believe you can test it for free--just send some emails back and forth
between a couple of addresses and see what happens.
I don't like this kind of thing and I'm in favor of stamping it out--I
suspect it is going to get used in situations where ex-spouses need to
communicate but wish to conceal their current whereabouts, for example--lots
of potential for harm.
Still--I tend to doubt their advertising copy--they have every reason to
exaggerate their effectiveness--and it isn't an easy thing for the customer
to check up on in advance.
Thanks for the links--maybe I'll get some time and dig deeper, and learn
something.
--
I don't know that I've got time at the moment to test their service--I
believe you can test it for free--just send some emails back and forth
between a couple of addresses and see what happens.
I don't like this kind of thing and I'm in favor of stamping it out--I
suspect it is going to get used in situations where ex-spouses need to
communicate but wish to conceal their current whereabouts, for example--lots
of potential for harm.
Still--I tend to doubt their advertising copy--they have every reason to
exaggerate their effectiveness--and it isn't an easy thing for the customer
to check up on in advance.
Thanks for the links--maybe I'll get some time and dig deeper, and learn
something.
--
R
Retired
Thanks, Bill! I appreciate your comments.
--
--
Bill Sanderson MVP said:Hmm--should have read more carefully!
I don't know that I've got time at the moment to test their service--I
believe you can test it for free--just send some emails back and forth
between a couple of addresses and see what happens.
I don't like this kind of thing and I'm in favor of stamping it out--I
suspect it is going to get used in situations where ex-spouses need to
communicate but wish to conceal their current whereabouts, for
example--lots of potential for harm.
Still--I tend to doubt their advertising copy--they have every reason to
exaggerate their effectiveness--and it isn't an easy thing for the
customer to check up on in advance.
Thanks for the links--maybe I'll get some time and dig deeper, and learn
something.
V
Vanguard
Retired said:http://news.com.com/How+HP+bugged+e-mail/2100-1029_3-6121048.html
Does WD offer any protection against this?
Web bugs have been around a L-O-N-G time. It's nothing new and
there's no big secret on how it works. Just configure your e-mail
client to block linked images. You configure your e-mail client to
read in plain-text mode instead of in HTML mode, but blocking linked
images is sufficient.
http://en.wikipedia.org/wiki/Web_bug
Why would WD bother with web bugs in e-mail? Those are images, NOT
malware!
G
Guest
You are expecting WD to "cure" a problem which it was not designed to
resolve. Much of this falls back in the configuration of your mail and news
reader (and sundry plug-ins installed).
I have "preached" *PLAIN TEXT ONLY* email to customers for much of the past
decade. (You may always opt to view individual "pretty" HTML messages if you
deem them as safe).
Some listen. Some don't.
Some prefer a constant stream of "pretty" messages. Some don't.
Those who do may reap the "rewards" of hidden threats. Those who exercise
prudence are unlikely to be bothered.
It's as simple as that.
resolve. Much of this falls back in the configuration of your mail and news
reader (and sundry plug-ins installed).
I have "preached" *PLAIN TEXT ONLY* email to customers for much of the past
decade. (You may always opt to view individual "pretty" HTML messages if you
deem them as safe).
Some listen. Some don't.
Some prefer a constant stream of "pretty" messages. Some don't.
Those who do may reap the "rewards" of hidden threats. Those who exercise
prudence are unlikely to be bothered.
It's as simple as that.
G
Guest
Retired said:http://news.com.com/How+HP+bugged+e-mail/2100-1029_3-6121048.html
Does WD offer any protection against this?
To all of those who replied by top-posting with excellent advice, I'd
like to provide some of my own:
http://en.wikipedia.org/wiki/Top-posting#Snipping.2Ftrimming
It's considered proper netiquette; unfortunately, some products don't
facilitate it (even though they prevent web-bugs by default!).
G
Guest
With all due respect, Spamfighter, this ain't 1980's Usenet. ;-)
I played netcop myself some years ago. It is a waste of energy and bandwidth.
If you want to criticize us, home in on the lack of bottom snipping (see
below), of which I am often guilty.
But having to scroll through miles of mind-numbing blather to reach a
salient new tidbit is tedious, and can discourage continued discourse --
especially when newbies are concerned. Some say the same about weeding
through in-contect replies for the same reasons.
Top-posting definitely has its place in 21st century forums.
--
Scott D
Internet Security: http://SecorConsulting.net/pages/security.html
CIS Benchmark: http://SecorConsulting.net/pages/benchmark.html
<Snippopotamus>
I played netcop myself some years ago. It is a waste of energy and bandwidth.
If you want to criticize us, home in on the lack of bottom snipping (see
below), of which I am often guilty.
But having to scroll through miles of mind-numbing blather to reach a
salient new tidbit is tedious, and can discourage continued discourse --
especially when newbies are concerned. Some say the same about weeding
through in-contect replies for the same reasons.
Top-posting definitely has its place in 21st century forums.
--
Scott D
Internet Security: http://SecorConsulting.net/pages/security.html
CIS Benchmark: http://SecorConsulting.net/pages/benchmark.html
<Snippopotamus>