PixelBlock – Gmail extension that blocks email open tracking
chrome.google.comI thought this is completely pointless nowadays:
- Gmail USED to block images unless you do "allow images"
- Gmail changed to a system where gmail pre-fetches the images and runs them through safety checks.
- Gmail only does this check if you open the email.
- Even if you block the pixel, you only block the gmail cache of it. NOT the original.
Unless I misunderstand.
This is easy to test.
You will find images are NOT retrieved by Google's proxy before or after opening the email when you have external images turned off in Gmail.
1) Ensure Gmail is set to "Ask before displaying external images".
2) Send yourself an HTML email with an img tag pointing to a site you control (doesn't even need to be a real image).
3) Check your server log to see if the img url was retrieved.
4) Open the email in Gmail, but don't click "Display images".
5) Check your server log again.
6) In Gmail click "Display images" and check the server log again.
Only when explicitly clicking "Display images" does GoogleImageProxy fetch the image.
Conclusion - don't install an extension that can spy on everything you do. Just ensure external images are not displayed by default.
I think the point of the extension is that you can keep images _on_ and not have to worry about people tracking your opens. I would imagine the majority of Gmail users keep images on
Or just use https://www.emailprivacytester.com
Gmail proxies an image so a pixel cannot get the source IP address, user-agent, etc. But it still permits message open detection just fine.
> But it still permits message open detection just fine.
This is only true if you allow external images to be displayed by default.
If you set Gmail to ask before displaying external images, then message open detection does not work unless you explicitly tell Gmail to display images on an individual message.
I think dancablam's point with regard to the proxying is that, if the email sent to you contains img5_135986213.jpg, and 135986213 is unique to the email sent to your address, then when the Gmail proxy pulls that file, it still registers as a hit for the email sent to you.
Your point, in turn, would be that if you never give Gmail permission to load the images for the email sent to you, then Gmail never tries to access that image file that is, by filename, linked to the specific email that was sent to you.
dancablam's point is separately valid. If you think Gmail's image proxying is going to hide your reading (with images) of the email, well, these days not so much, depending upon the design of said email and corresponding tracking.
Maybe Gmail still catches crap/malicious metadata in viewed images, including stuff that can be escalated/elevated by parsing bugs and whatnot. As long as their detection is updated to catch whatever's being thrown at you in a particular email.
> - Gmail USED to block images unless you do "allow images"
Google changed the default settings, but you can re-enable this behavior.
What sort of safety check are you referring to? I've never heard of such a thing.
I could very well be wrong but I always thought that if you disable loading pictures by default, that tracking pixels would be blocked as well. Unless you click on "Show Pictures" that is.
Right, that seems to be the real "fix".
(I still can't believe Google turned on remote images by default.)
This was likely the entire intent of this change, to allow email tracking by default. After all, Google tracks email opens too.
Kinda scary to have a chrome extension that can read all of your email. Is the cure more dangerous than the disease?
It ain't so difficult to analyze the code of Chrome Extension [1]. I did (I quite often do this before installing extensions that do not have published source) and as much as you should trust random guy on HN there isn't anything malicious in the code.
On the other hand it is not very effective as the block list is quite limited. 33 entires if I have counted well.
[1] - Check for yourself - https://gist.github.com/chew-z/7b70da3724626ab04cfc9676bee18...
Isn’t it a problem that Chrome extensions have been purchased by others who then update the code to add spyware to them? I’ve never been notified about updates to Chrome extensions; they’re quietly updated in the background.
Several examples are mentioned here: https://www.howtogeek.com/188346/why-browser-extensions-can-...
Google controls the extension, they can swap a new version under your radar at any moment. Happened to me a couple of times (ImprovedTube for example "upgraded" to remove features I used). Not any more, I keep all the extensions I use as a local unpacked copies.
Perhaps. Wish it was an extension offered by Google (or a default feature of Gmail/Inbox) instead of a third party.
Maybe it is because I'm on FF and not logged in, but other than the name 'omar.w.qureshi' (I think he submitted this on HN) I don't see any other info other than the 5 sentence privacy policy. I would be hesitant to install such black-box extension. Could OSS this, or is there a reason not to do so?
It's actually open source. You can find it on github. Or you can view source yourself.
I know gmail does some image caching / proxying.
https://news.ycombinator.com/item?id=6898454
I guess the vector here is when you read an email versus where from / using which device / etc.
If you really care about gmail privacy (ha) you should also
var matches = document.querySelectorAll('a[href*="www.google.com/url?q="]');
// remove all google spying redirects
for (var i = 0; i < matches.length; i++)
{
if (/^(https?:\/\/(www\.|encrypted\.)?google\.[^\/]*)?\/?url/.test(matches[i])) {
var match = /[\?&](url|q)=(.+?)&/.exec(matches[i]);
if (match != null) {
matches[i].href = unescape(match[2]);
}
}
}Tracking is just one of the many reasons why it should be considered common courtesy to communicate in plain text (and attachments if necessary).
My email based workflow and toolchain has been plaintext only for years and I think I've been better off for it. The recent efail vulnerability just made me shrug. Plain text mail is all around more reliable, more accessible, less obfuscated, more to the point by the nature of the medium, easier to implement [...].
Gmail and every other webmail vendor should block all of these by default. That would be a nice hit to all these "new" drip campaigns (aka personalized spam newsletters).
Yeah because Google cares about your privacy....no way would they want to remain friends with the ad industry. No they are YOUR friend. Of course. They don't even charge for their service to billions of people. Truly altruistic company.
I'm stunned every time people try to get privacy with Google.
It's Google! I wish I could make you understand but I probably can't.... :(
I hope this hits the front page as I feel this is an essential extension for email privacy that many people are unaware of.
I don't think having tracking pixel in gmail is a big thing. Almost every modern messaging system such as whatsapp has read receipts. Since gmail has image proxy, it doesn't leak any information. And most modern email client doesn't open remote image unless allowed explicitly.
PS: I have built https://www.mailtag.io/
Love it. Would be great to see as a direct Gmail Add-On instead of a browser extension.
Could the tracking pixels not be blocked via a uBlock Origin filter list?
extremely beneficial extension, you'd be surprised how many marketing emails are tracking when you open the email
something available for firefox?