Today Google announced that they will mail proxying images received via GMail by their faster safer servers, proxy. At first glance, this seems like an incredible step in the right direction in terms of privacy. After all, Google has decided to provide a proxy to access the masking images as your IP web / remote servers picture. However, unfortunately, there were many decisions that could have been better thought out.
Frequently Attempted Google privacy
To be fair, Google did make a serious attempt to protect the privacy of Gmail users. By loading images via a proxy, web / picture Remote servers are not able to see the IP addresses of Gmail users. This offers a good amount of protection, such as an IP address can certainly provide a significant amount of credentials. monitoring in combination with a monitoring E-mail / Web / IP IP does sound like it would be very intrusive in terms of our privacy.
Life is not just a buzzword
The problem, however, is that the opponents of Gmail users are not really based on IP addresses. They just want to be sure that the email address is valid. To do this, many spammers can use the functionality in their emails so that they are able to track the e-mail addresses are active and which are not. For example, a mass spammer could send a specially automatically generated email with image links in the form:
http://www.someimageserverspam.com/img/thisimage.jpg?to= you @ gmail.com
When you load the image, whatever, they will know that the "to=you@gmail.com" was consulted that in general imply that the e-mail address you @ gmail. com open / loaded and the image is an active email address.
the right approach vs the approach Wrong
Some very smart HN readers raised a compelling case that Google can preload all images when receiving that effectively remove the possibility of follow if an email address is active or not. It was a very good point, and Google had implemented this, it would have been a much better approach to protecting the privacy of the user.
However, I run a simple test by sending an email with a picture for one of my GMail accounts 3 times. Every hour, no matter how I changed the schedule, the image was loaded when I click the email. In other words, the spammer would have known that my email is active and when I click on
Google Hit HTTP
Note :. One of our developers suggest that if they had rolled the proxies, but simply kept the original behavior (ia, asking whether to display images or not the user), then they would have had priority to privacy first, the security and usability second period. However, as it remains a deployment focuses on usability first, safety second and third privacy.
Endnotes
It would be better in the future, so when introducing privacy features, all the pros and cons are weighed that decisions taken by a company the size of Google has a serious impact on society. It would also be appropriate when changes have dramatic effects on the privacy of the user, to send an update to the privacy policy rather than a blog post.
That being said, it is warming to know that Google cares about privacy and is committed to taking the necessary measures to ensure as such. For this, they deserve applause.
0 Komentar