Friday, 28 February 2014

An Image of Betrayal: How email senders can tell your location, device, operating system, if you opened their email.

There is a lot of talk about Streak lately, that dastardly tool that Google Chrome Store sells to marketers.

A Screenshot Streak Provide on their blog.

The thing is, Streak has been around for over a year, but on 26 November, 2013, they launched a new feature that is causing concern: email tracking. Streak, has highlighted an existing weakness in emails, the ability to track the location, device, software, and much more of a recipient of an email without their knowledge. It is thought that Streak uses external images in emails which your computer then attempts to get, revealing your location, when you opened the email, how often you read it and so forth. 182,877 users have installed Streak for Gmail in the Chrome store, so consider that at least one is using it on you.

A Screenshot Streak Provide on their blog.

So, how do you win the war on Streak? Don't let your email client automatically open external images and data, might be one solution.

One concerning factor is that not only is IP address accessible via such a technique, but many tracking technologies now installed on ordinary websites can use a variety of factors such as screen size and so forth in order to create a 'fingerprint' identifying just your device. Systems such as streak could be the sort of link which connects that to your email account and much much more.

The potential use of such techniques by governments and stalkers, and criminals is notable. Imagine leaving a comment on a blog, anonymously and being emailed sternly by the owner. Imagine visiting a website about wedding rings and having your inbox filled with adverts for that. Imagine. Imagine. Imagine. Marketers sure will.

