Good reason not to obfuscate URLs (was: Fishing from PyPI ?)
Ian Kelly
ian.g.kelly at gmail.com
Tue Aug 14 16:25:04 EDT 2018
On Tue, Aug 14, 2018 at 1:41 PM Peter J. Holzer <hjp-python at hjp.at> wrote:
>
> On 2018-08-08 05:18:21 +0000, Gilmeh Serda wrote:
> > And if you read email in blasted HTML, chances are they also have an
> > image that they serve to you on their "beautiful" page you receive, an
> > image whose link which may or may not be equally personalized, and more
> > often than not has its origin on the spammer's server. in which case they
> > also know *exactly when* you opened the email. If at all.
> >
> > Oh, and thank the developer of Outlook, and similarly badly constructed
> > programs, for that preview pane. It's really helpful for all the spammers.
>
> I hate to defend Outlook (which I think is a really bad MUA), but it
> gets this one right: Properly configured[1] it does NOT load inline images
> from web-pages, so you can't be tracked simply by opening a mail.
>
> hp
>
> [1] Not sure whether this is the default or whether our admins
> configured it that way.
Same for Gmail, I believe. It doesn't show the external images unless
you explicitly click something to load them. I would expect any
competent MUA of at least the past decade to do the same.
More information about the Python-list
mailing list