Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Google Advertising

Google Makes It Harder For Marketers To Collect User Data 195

cagraham writes "In a seemingly minor update, Google announced that all Gmail images will now be cached on their own servers, before being displayed to users. This means that users won't have to click to download images in every email now — they'll just automatically be shown. For marketers, however, the change has serious implications. Because each user won't download the images from a third-party server, marketers won't be able to see open-rates, log IP addresses, or gather information on user location and browser type. Google says the changes are intended to enhance user privacy and security."
This discussion has been archived. No new comments can be posted.

Google Makes It Harder For Marketers To Collect User Data

Comments Filter:
  • by Spamalope ( 91802 ) on Sunday December 15, 2013 @02:54PM (#45697279)
    While I applaud the move, it is about competitive advantage for Google.
    • by dotancohen ( 1015143 ) on Sunday December 15, 2013 @02:56PM (#45697297) Homepage

      While I applaud the move, it is about competitive advantage for Google.

      Google already knew which emails you have or haven't read. So does every other email client, web-based or IMAP / POP3.

      • by jaseuk ( 217780 ) on Sunday December 15, 2013 @03:01PM (#45697361) Homepage

        Yes and the point the summary misses, is that the images are used to verify that you have received and viewed the e-mail. This is far more important than browser types / locations etc.

        It also prevents some evil things, such as first time you hit the page you get a drive by, the second time (with cookie set) you get the actual image and all seems fine.

        Jason.

        • by pradeepsekar ( 793666 ) on Sunday December 15, 2013 @03:16PM (#45697489)

          The article does not state of all images would be cached automatically even if you have not read your mail. It only says that images would be served through a Google proxy server, which caches the images.

          So if Google proxies and caches the images when you open the mail, there is no protection added from marketers, except for the fact that Google can scan the images for exploits.

          And if Google proxies and caches the images as soon as the service receives the mail, marketers can verify if the address is a valid gmail address or not by just sending mails and waiting for Google to cache the image. Expect more spam if this is the case.

          There will be true protection from email tracking only if Google caches the images in all emails it receives, even if the email address is invalid - and that would increase the load on Google servers quite a bit.

          • by HiThere ( 15173 )

            But if they're doing reasonable de-duping, then only the first person to click on the image will register. Everyone else will hit the cache. To avoid this every email would need a separate link to the picture.

            • by blippo ( 158203 )

              Isn't this what everyone does today? I thought the whole point of tracker images was personal urls like 'img158294.png'.

              It won't help the users privacy a bit, or actually make it worse since users can't ignore image attachments anymore - google automatically hit the tracker url for them...

              • But Google sees that imgabc123.png is 32x32 pixles and in the same DIV tag on every email. So Google replaces all the "identified" images for every recipiant with the first one they pulled and cached. Your browser is only going to pull the image from Google while the Advertizers don't get any tracking at all.

                Then Google goes to customers with a "deal" for how many of your email subscribers opened emails about your product... The emails you paid SOMEBODY ELSE to send out....

            • by icebike ( 68054 )

              De-duping of images that have unique names keyed to your email address? Really?

              All the spammer has to do is watch his web server logs to know that the address was a REAL email address, because google will be hitting every one of those images.

              Since spammers arrange to never receive bounced mail, the uniquely coded embedded image url has been the favorite tactic for email verification for over 10 years. Google is going to give these guys a gift.

              Read your gmail from a email client (pop or imap) and hope Goog

              • De-duping of images that have unique names keyed to your email address? Really?

                Its called block-level deduplication, and its not terribly exotic as storage technologies go.

                • They'd have to hit the server with the unique name before they could find out if the data is in cache.
            • Every mail does have a separate link to the picture, that is the whole point. They want to know which people opened the emails.

          • by KiloByte ( 825081 ) on Sunday December 15, 2013 @03:45PM (#45697725)

            And if Google proxies and caches the images as soon as the service receives the mail, marketers can verify if the address is a valid gmail address or not by just sending mails and waiting for Google to cache the image. Expect more spam if this is the case.

            Verifying that foobar@gmail.com is a valid address doesn't give spammers any real information: the namespace is so full even most pwgen outputs point to existing names, as long as you don't have embedded numbers (on gmail, addresses seem to have numbers at the end).

            Thus, that check can be quite simplified to "does a Markov chain say this string of letters is pronounceable?". Not a big benefit to a spammer. On the other hand, they don't get told anything about the recipient anymore.

            While for a small mail provider this change might leak some info, for Gmail it seems to be nearly entirely positive.

            I for one don't use Gmail for privacy reasons, and don't fetch remote images, but good luck training aunt Lucy about that.

            • by tlhIngan ( 30335 ) <slashdot&worf,net> on Monday December 16, 2013 @12:46AM (#45701169)

              Verifying that foobar@gmail.com is a valid address doesn't give spammers any real information: the namespace is so full even most pwgen outputs point to existing names, as long as you don't have embedded numbers (on gmail, addresses seem to have numbers at the end).

              Actually, it does. Because it tells the spammers that the recipient opened the email

              Google doesn't fetch the image until you open the email. And the moment you do, Google just confirmed that the email was read. And that information is very valuable.

              There are two ways Google can fix it:

              1) Set "Don't load images" back as default again, as it is now and in every email client.
              2) Simply load every image, so valuable information like that isn't revealed - the marketer just pays for bandwidth and gets zero information - they don't even know if the image is read. No storage requirements as Google can re-write the email to self-contain all the images.

              Of course, Google is probably going into email marketing - given how Gmail has sprouted that "Promotions" tab (yes, you can turn it off, but don't you think it immediately foreshadows something? It's not Spam, but "Promotions" - what, spam that someone paid to bypass Google's filters?). And they don't need competition - best way to squash it is to starve out the existing marketers.

              And of course, since Google's in the information business, selling that information is very valuable - Google knows what you like, so they can sell targeted ads into your inbox.

              • > Google doesn't fetch the image until you open the email.

                Are we sure about that? I didn't see timing information in the article. Google could cache the images as soon as their server receives the message. In fact, the second article says that Google will automatically download all *incomming* messages. That suggests they're pulling them when the e-mail is sent, thus cloaking whether or not the user has read them. And since that's Google's goal, I'll wager that's exactly what they are doing.

        • Comment removed (Score:4, Interesting)

          by account_deleted ( 4530225 ) on Sunday December 15, 2013 @04:26PM (#45698069)
          Comment removed based on user account deletion
      • Yes, but now they can charge for forwarding the data.

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      Yep. And the security angle is overrated for two reasons:

      1. NSA
      2.Most mailing software generates unique images to track opens, so you're still being tracked. It's actually decreases privacy for Google to auto-download the images.

      • by Lisias ( 447563 )

        Most mailing software generates unique images to track opens, so you're still being tracked. It's actually decreases privacy for Google to auto-download the images

        As a matter of fact, it does nothing about privacy. What it does is just make it useless.

        As Google *always* cache the image, the sender does not knows anymore when or even if the image was viewed and, so, doesn't knows anymore if the email was opened.

        • Re: (Score:3, Informative)

          by EvanED ( 569694 )

          As Google *always* cache the image, the sender does not knows anymore when or even if the image was viewed and, so, doesn't knows anymore if the email was opened.

          If they have specific knowledge about Gmail. Unfortunately, mailers that don't would make the more dangerous assumption (that you read the mail) under that behavior.

          But anyway, even that's not true because under Gmail's new setup, the first download will still come when the user opens the mail and loads the images. At least, that's the best informa [techcrunch.com]

      • Ad broker + NSA (Score:2, Insightful)

        by Anonymous Coward

        From the OP: "Google says the changes are intended to enhance user privacy and security."

        I find this lie from google/doubleclick insanely funny yet darkly cynical.

        To enhance user privacy and security, don't use services from this huge ad broker which has a small army of lobbyists working Washington to prevent laws that would harness our privacy, and which works with the NSA to rape our liberty and privacy. If you use gmail, you should have no expectations of privacy or security whatsoever. That would be ins

    • by perpenso ( 1613749 ) on Sunday December 15, 2013 @03:06PM (#45697411)
      Yeah. The move is to make things harder for **other** marketers. For the marketer named Google it confers advantages.
    • by icebike ( 68054 ) on Sunday December 15, 2013 @05:40PM (#45698689)

      While I applaud the move, it is about competitive advantage for Google.

      If you applaud this you haven't thought it out very far.

      Almost ever SPAM has small uniquely named images embedded. Often single pixel images.
      These are encoded to your email address. If you fetch this image, your email address is VERIFIED. You just did the spammer a favor.

      If you were reading the email with a mail client, you would NEVER fetch these, because 1) spam is spam, and 2) most
      email clients don't download images by default and most email recipients are just fine with that.

      With Google pre-fetching all of these, every GMAIL address id Verified for the Spammers.

      Its not a well thought out scheme at all. No sensible person would read Gmail with a web browser from now on.
      The wise choice is to use a traditional Email Client, (something like Thunderbird, Kmail, k-9 mail, Evolution, etc), and set them not to load images at all.

      • Uhmmm... what if google reads the images *regardless* of whether the recipient is known?

      • With Google pre-fetching all of these, every GMAIL address id Verified for the Spammers.

        But Google doesn't need to prefetch all of them for everybody. That would be merely equivalent to just flat out *removing* their "Load Images" link feature. Maybe that is what they're doing, if their marketing department has gotten vicious enough. But they may be smarter than that.

        Presumably, a spammer will send the same image to a million email addresses using a unique image URL for each one. For this maneuver, all Google needs to do is load some images that arrive in emails that bounce or that are address

        • by icebike ( 68054 )

          Your example of devious spammers using single-pixel images is a really poor one. Google probably has all those images stored somewhere already.

          No, its not a poor example. I get them all the time.
          Here's one for you: (it took me all of 15 seconds to find one in my spam bin)

          https://q4fg3t1i.emltrk.com/q4fg3t1i?p&d=3D3215081772,F2A9FJZZ,TC05EM,CMNC04,U007 [emltrk.com]

          Grep the raw text of your UCE and SPAM mails. LOTS AND LOTS of companies use emltrk.com In fact, that's all that company does.
          But lots of companies don't use a service like that, they just have a bazillion random images on one of their own web servers.

          Further, google can't very well decide by i

      • > With Google pre-fetching all of these, every GMAIL address id Verified for the Spammers.

        Not necessarily. The article says Google is pre-fetching all incoming images. It could be doing that *regardless* of whether or not the e-mail address is valid. I'm willing to bet that Google engineers thought through all of these arguments and has implemented a system that actually achieves their goals of blocking that sort of information.

    • by mwvdlee ( 775178 )

      Yes, caching HTTPS content is good if Google does it.

    • by StripedCow ( 776465 ) on Sunday December 15, 2013 @06:50PM (#45699213)

      The solution is simple:

      if(connection.ip_address in google_ip_addresses)
          write(connection, "Sorry Google, only the user may open this image!");

      • by mysidia ( 191772 )

        In which case, a broken link or no image will be shown to the user, and it might result in your message being marked spam.

  • by Anonymous Coward on Sunday December 15, 2013 @02:56PM (#45697293)

    Of course they're cracking down hard - stealing user data is Google's job...they don't like the competition.

  • by Anonymous Coward on Sunday December 15, 2013 @02:58PM (#45697317)

    The cache system honors no-cache headers. As long as your images are served no-cache, you do see exactly when the email was opened, since the GMail servers refetch it every time. If each user gets a unique URL, you know exactly who opened the email.

    • by Anonymous Coward on Sunday December 15, 2013 @04:16PM (#45697961)

      Multiple tests by multiple individuals have shown that they do NOT honor any of the various no-cache headers.

      Tracking unique users is still easy (using a unique URL) - but tracking how many times they opened the email, or where they opened it from (IP address) or on what platform is now lost.

  • Possible? (Score:4, Insightful)

    by Tim12s ( 209786 ) on Sunday December 15, 2013 @02:59PM (#45697323)

    Well, pulling all the images certainly solves the problem of having to display emails with images. The only reason we (I) don't click the display-images button is because the images allow us to be tracked, the images may have some sort of exploit (rare). Originally this used to be due to limited download speeds.

    I suspect caching the images allow pre-processing of the images and therefore making the whole system more secure by default. Images could therefore be displayed in full by default with images, preferably with some large images being intelligently excluded by default.

    Google could release a mass marketing email API/gateway and monetise that allowing marketeers access to data regardless of whether you open the images/email or not. This is slightly more valuable information.

    • by EvanED ( 569694 )

      I suspect caching the images allow pre-processing of the images and therefore making the whole system more secure by default.

      I saw mention that Google will be transcoding them, so yeah, you should be more protected by exploits.

      That said, I still turned off the showing of images by default because of the first issue you mention -- otherwise Google will still go out and download the tracking bugs.

    • Re:Possible? (Score:5, Informative)

      by symbolset ( 646467 ) * on Sunday December 15, 2013 @03:50PM (#45697761) Journal

      Image formats have been used to compromise browsers in the past, so automatically loading images in your webmail or email client is a bad idea. Fortunately this is just a change from the default behavior so you can turn it off in the options.

      In fact, Microsoft just patched a .tiff image format exploit last Tuesday [pcworld.com].

  • You'll get hit automatically! It's a win-win!

    • Re: (Score:3, Interesting)

      by Anonymous Coward

      No, because Google will scan the images for viruses and common inconsistencies, then convert them to raw pixel data, using there decoding libraries that don't have these exploits, and then re-encode them into consistent and buffer-overflow-free images, that will work on any old and/or bug-riddled operating system or browser used by the recipient.
      I hope google will also re-sacale images when people embed 3000 DPI company logo's in HTML-emails.

  • As long as you're giving a unique url to each user who you email, this actually makes open-rate calculations a lot more accurate, doesn't it? Instead of a large percentage of your users never seeing the image, they'll all get loaded.

    Sure you can't track cookies, get IP addresses, or any of that anymore...

    I'm assuming Google is only downloading images of emails that people open. If Google is downloading every image of every email they get, then never mind.

    • If Google is smart, they'll download approximately 1 copy of each image, ignoring the tracking ID in the URL.

      "Most successful tech company in the world" suggests that they may in fact be smart.

      • Re: (Score:2, Informative)

        by Anonymous Coward

        You make the tracking ID part of the image name. Set up a cgi to always return the same image regardless of what it is called. Use a fake hashed etag thingy so they are always different.
        Google has to download the image to see if it is the same, marketing mission accomplished.

        e.g. http://examplemarketing.com/images/gjdfkadfdhkhkfdhkdsfhkhfdsqiuqr.gif

        Oh. Please send royalties to A.C. @ Slashdot.

  • by Kvasio ( 127200 ) on Sunday December 15, 2013 @03:02PM (#45697373)

    This fixes: opening ratio, opening time, user's IP.

    This breaks: spammers will now have confirmation is the @gmail email is valid or not.

    • by Cassini2 ( 956052 ) on Sunday December 15, 2013 @06:17PM (#45698979)

      If I were google, I would download images in all incoming messages regardless if they are intended for real email boxes or not. This would let them know which websites are being used for spam. The spam detector could use this information by pattern matching every image (regardless of relabling or website copying), and mark spam accordingly.

  • img source = "img/target/example.com/0xDEADBEEF.png"

    Yes, target@example.com received our email.

    We don't know where he was, what tool he used and anything more.

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      I suspect Google will load the image even if the gmail address is invalid, or else it would be an easy way to build a list of all valid gmail addresses. So your example does not indicate that it ended up in someones in-box (or spam box!), let along that someone actually opened the email.

  • What this is really (Score:3, Interesting)

    by Rosco P. Coltrane ( 209368 ) on Sunday December 15, 2013 @03:02PM (#45697383)

    is a monopoly tightening its grip on the market it monopolizes.

    • s a monopoly tightening its grip on the market it monopolizes.

      On email? You really should look up the definition of monopoly.

      I use gmail because i like it. I use it because it's the best free email service I can find, and I've tried quite a few of them.

      I use google search because I like it. Back in the day when new search engines were coming out I used to switch between them quite often. Remember Altavista? Jeeves?

      Google is not a monopoly. They play in markets with very very low barriers to entry. And a lot of users choose to use them, despite the numerous choi

      • by penix1 ( 722987 )

        Oh popycock! The market you refuse to acknowledge they are a monopoly in is... Wait for it... Marketing which this move is directed at. It attempts to limit the tracking to themselves being the only one who can track you albeit very poorly. Other marketers will have to find the loopholes in this strategy which gives Google the upper hand for a while.

        • Are you seriously saying google has a monopoly on Marketing?

          Even assuming you're talking about just online media, there are plenty of other places to market than google. If you decided to boycott google you could :

          • Market directly on websites relevant to your product. Selling viagra? You might consider the AARP site
          • Market via Facebook and their "social advertising" platform. Analysts in the know are betting whether Facebook might conquer google.
          • Banner ads on general interest sites people go to to waste
          • by penix1 ( 722987 )

            Market directly on websites relevant to your product. Selling viagra? You might consider the AARP site
            Market via Facebook and their "social advertising" platform. Analysts in the know are betting whether Facebook might conquer google.
            Banner ads on general interest sites people go to to waste time (I'm looking at you slashdot)

            Inefficient because Google is already there. Just try and find a site that doesn't use Google adsense and google analytics.

    • by Anonymous Coward

      I'm surprised that everyone is focused only on how this affects advertisers. That might be just a decoy excuse for the modifications.

      A far more fundamental change is that Google will now be transcoding all images, which inherently blocks the sender's ability to transmit steganographically hidden information with plausible deniability. I bet the NSA has been requesting Google to do that for ages, as it must have been an extreme headache to have to scan all images just to find the few with a hidden payloa

  • If I could likely deduce that inside our local software you owned an item with the id 9, I could email you:

    Because the request goes out with your authorization cookie it'll executes successfully.

    This is why you should only accept post requests for actions that change data and use xsrf tokens (that aren't stored in cookies, local storage, etc).

    • Did you accidentally a URL?

  • Google Makes it Harder for the Competition to Collect User Data
  • by patrixmyth ( 167599 ) on Sunday December 15, 2013 @03:08PM (#45697415)

    Is this a new change, because after I saw the google announcement, I saw a report that they would share all that data about loading of images with marketers. End result: safer images, but just as much information for marketers, as along as they make nice with Google as 'official' email marketers. Would love to be wrong. Here's my source, Ars Technica article.
    http://arstechnica.com/security/2013/12/dear-gmailer-i-know-what-you-read-last-summer-and-last-night-and-today/ [arstechnica.com]

    • by Bogtha ( 906264 )

      No, you are completely misunderstanding that article.

      Before mail clients stopped loading images by default, it was possible to embed a "web bug" image in an email. Essentially a transparent non-image that is referenced with a unique ID for each user. When the email was viewed, the mail client would request this web bug, and their server could record a) that this particular user opened the email, b) when they opened it, and c) whatever information they could glean from a normal HTTP request - where in t

  • by saikou ( 211301 ) on Sunday December 15, 2013 @03:09PM (#45697425) Homepage

    Actually, this is rather awesome for spam/tracking of "real" addresses.
    Before silly users could refuse to load external tracking pixels with unique IDs, assigned to each email.
    And now? It's auto-downloaded for everyone. Yay!

    While absence of IP address, Referral (if tracking image was loaded via https) and Browser info is sad, "everyone now auto-loads images" waaaay outweighs it :P You won't hide from confirming that email address that easily ;)

    • Re: (Score:3, Interesting)

      by Stonent1 ( 594886 )
      Now all the spammers will get their servers overloaded. If they send out millions of e-mails and they all immediately get "opened" by google trying to pull in the picture data.
      • Now all the spammers will get their servers overloaded. If they send out millions of e-mails and they all immediately get "opened" by google trying to pull in the picture data.

        I seriously doubt that. It would be rather dumb for them to cache these images on a per-email basis and not a per-URL basis. It sounds like they're just using a (modified) caching proxy. They'll likely grab and cache the image on its first ever request. All subsequent requests for that same image would then be served by the proxy's cache.

  • You mean, like, attachments? Those are part of the email anyway.

    Or are we talking about this weird new HTML-email thing I've been hearing so much about? Who even uses that crap. :P

  • Tho, im sure they will do the tracking for their own purposes, this will help reduce 'bad things' from questionable sources. As always, its a trade-off.

  • Marketers will at least know that the user opened the email because the images were loaded somewhere. See MailChimp's [mailchimp.com] post on the subject. This means that you can not longer look at a message even once without the marketer knowing that you did.
  • by ledow ( 319597 )

    So, presumably they don't actually rewrite the message as such, just change the way it's displayed in the web interface (through an intermediate proxy). Rewriting the message would break all those nice email verification systems, no?

    So what about those people using IMAP and not GMail's web interface? Presumably, it's business as usual.

    Fact is, if I don't want you to be able to know when I've loaded your images, I won't load your images unless I think they are vital. Which is why my mail-client doesn't do

  • by Dynedain ( 141758 ) <slashdot2@@@anthonymclin...com> on Sunday December 15, 2013 @04:46PM (#45698277) Homepage

    This summary is garbage and complete misrepresents the implications of Gmail's change. (I already researched this last week and developed a solution to avoid cacheing with in-progress email images that might get replaced with final versions)

    Every singe email marketing system already uses a unique image URL to identify a given recipient. This is frequently called a "tracking pixel" because it's usually a 1px transparent gif stuck in the corner of an email where it won't be distracting. In fact, this method has been used for web tracking as well for many years. It's how Google Analytics originally worked.

    Since these unique images will still get loaded when an email is opened in Gmail, marketers will still be able to track your opens. What they won't see, however, is how many times you re-opened the email. And since the image gets cached and requested through Gmail's proxy, marketers won't get information about your machine like browser, IP address, etc. But if you click-through on a link, or you visited their site before (highly likely if you're on their mailing list) then they have most of that info anyways.

    This caching by Gmail is primarily to speed up Gmail since it means images can be loaded and shared on Google's Content Delivery Network which is almost certainly faster than servers owned by the email campaign provider for image hosting.

    • by yahyamf ( 751776 )
      It would be interesting if Google would hash the images and replace the image URL with a comon one per hash that is stripped of tracking info and shared by all users who got the same hashed image in their mail. It would even reduce storage requirements as the images would get deduplicated.
    • by Monoman ( 8745 )

      Spammers still do the 1px thing? Who downloads images by default? .... probably most people not commenting on this thread.

      • by cdrudge ( 68377 )

        Raises hand, at least from sources that I have flagged to do such. I have a variety of retailers, newsletters, etc where I prefer to read the full HTML email, with images, rather than just text only with markup that might look correct without images turned on.

        Yes I understand the implications of having images turned on. Yes I don't give a crap if Newegg knows which emails that I read or my kids school knows that received their newsletter.

  • I read somewhere that salesforce did this years ago to allow people to track who actually read emails. I then renamed SalesForce to UsedCarSalesForce as that is a pure scumbag thing to do. I am a huge fan of some kind of privacy law where a company may not collect data that people haven't had clearly pointed out is being collected with the option to opt-in. You will notice opt-in as the operative word. Thus I don't even want my power company being able to sell my data even in aggregate and say that my neigh
  • by crossmr ( 957846 ) on Monday December 16, 2013 @02:45AM (#45701571) Journal

    So do they want privacy or not?
    On one hand they're claiming to serve up images by proxy to protect users privacy, on the other hand, they're using Google+ and youtube to force users to display their real name.

    We had the issue where Google started forcibly customizing google services for you based on you signing up for Google+. When I signed up a couple years ago, it broke my news archive search, because it would only search news sites in Korea, and in Korean despite having everything in English and my account being created in Canada (I happen to be in Korea). While several months later that was actually fixed, they also went ahead and first removed the insanely useful timeline from the archive, and then just recently killed off the archive entirely, because who could ever want to read news more than 30 days old.

    Butchering services, heavy handed user manipulation, my patience with google is quickly wearing thin.

As you will see, I told them, in no uncertain terms, to see Figure one. -- Dave "First Strike" Pare

Working...