Jump to content


DidTheyReadIt E-mail web bug

  • Please log in to reply
9 replies to this topic

#1 moley3491



  • New Member
  • Pip
  • 2 posts

Posted 07 June 2004 - 06:11 PM

I attach the bones of an article from Zdnet UK, concerning web bugs in emails, together with its url so you can visit.

Not mentioned in the article is all the mischief to which these web bugs could be put in, say, spam or possibly as virus carriers in addition to privacy issues.

This development, as many others, alarms me and I thought Mike might be interested to comment in a future newsletter.

"Do senders have a right to your inbox?

Rafe Needleman

June 07, 2004, 11:55 BST

Email-tracking software tends to evoke disgust in recipients

The people in my personal focus group (my wife, my mother, and some co-workers at CNET) agree that this is one of the creepiest things they've ever heard of: a new service that will tell your correspondents exactly when you opened the email they sent you. It will also tell them how long you took to read their message and which computer you used to do so. The kicker: You'll never know all this information is being collected. It's a supercharged return receipt that's completely invisible.

The service is called DidTheyReadIt. What it does is insert a small tracking device, often called a Web bug, into the email that you want to track. When your recipient opens your message, the bug (a one-pixel, transparent GIF file) is pulled from the DidTheyReadIt server, generating a logged event that shows when the message was opened and for how long.

Whose mail is it, anyway?

The existence of this service raises interesting privacy issues. Do we have the right to read email without sending a beacon back to the sender that we're doing so? Certainly it's customary that no beacon is sent. However, while personal messages don't usually send such beacons back to their senders, many commercial messages and most commercial Web sites have been closely metered for some time. You can't twitch a mouse on a big site like Amazon (or ZDNet, for that matter) without creating a log file entry that probably has your IP address attached to it.

The difference is the one-to-one nature of email from friends or associates. Big sites aggregate log file entries and use the information to design more effective overall sales strategies or more compelling content. Individuals could use the data for other purposes that you might not like.

Furthermore, such tracking eliminates one of personal email's big charms: plausible deniability. "Sorry, I haven't read your email yet," will vanish as an excuse for a tardy reply. And worse, if a sender knows you read his or her email and you don't reply in a timely fashion, you could be in line for social or business awkwardness of a very high order.

DidTheyReadIt adds presence to email; with this live tracking, email becomes similar to instant messaging. With IM, you can tell if your recipient is online and awake; with email, to date, you haven't been able to. DidTheyReadIt changes that. In fact, it goes beyond IM, by hiding the fact that people are watching your activity. Most IM systems at least require that you approve the addition of people to your buddy list before they can see your presence."


#2 Mike


    Dark Lord of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 514 posts

Posted 09 June 2004 - 03:43 AM

That is really disgusting in my opinion.

Moving to open forum.
SpywareInfo: How are you gentlemen?? All your base are belong to us!!
Spyware: What you say!!
SpywareInfo: You have no chance to survive. Make your time!

#3 moley3491



  • New Member
  • Pip
  • 2 posts

Posted 23 June 2004 - 02:50 PM

Further to my earlier post, I'm surprised that there are not more responses on this subject

Go here and read this article to reinforce the increasing risks from spammers and other mischief makers from web bugs hidden in emails.



#4 VashonDude


    Forum Deity

  • Trusted Advisor
  • PipPipPipPipPip
  • 1,255 posts

Posted 23 June 2004 - 02:58 PM

AOL has (or did have) something similar to this. There's a feature where you can find out if an e-mail you sent to another AOL member was read, not yet read, deleted, or ignored (hidden option... you had to right-click on a header to be able to "ignore" a message).

-- LB
Want to help in the fight against malware? Join the SWI boot camp.

#5 Mike


    Dark Lord of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 514 posts

Posted 24 June 2004 - 08:30 AM

AOL can do that because all of their email is on their own system. It only works between two AOL member.
SpywareInfo: How are you gentlemen?? All your base are belong to us!!
Spyware: What you say!!
SpywareInfo: You have no chance to survive. Make your time!

#6 nateface



  • Full Member
  • Pip
  • 53 posts

Posted 25 June 2004 - 04:37 AM

I'm not sure I fully understand how the 1 pixel GIF can pull all
this information, but it does some extremely underhanded,
especially for non-work email. I don't like the idea for work
email either, but could see some of the arguments for this
type of service at certain jobs.

Could somebody enlighten me on the information pulling, as in
how it works and such? Also, since I use Mailwasher and
Benign, I kind of have the feeling that I may be somewhat more
protected, or is this a false sense of security?


#7 YoKenny



  • Retired Staff
  • Pip
  • 10 posts

Posted 26 June 2004 - 05:51 AM

nateface, welcome.

All HTML (Web page) must be served up from a source and that source can track the IP address of the request.

So you request a Web page from your system then it is routed to the correct server. The server sends the HTML to your browser and it reconstructs it into the requested Web page.

As the server knows the IP address of the request it can store it. This information can be used for many things from as simple as hit (visit) count that is used to monitor how popular the site is. Much more complex things can be done with this info such as visitor location that can be used to drive ad promotions and pay-per-click search engines success.

Pay-per-click search engine browser hijackers like the CoolWebSearch (CWS) gang (some would call them thugs) are masters of this technology.

Spam HTML email is used by spammers/scammers to varify email delivery and by encoding information inside the email can varify valid addresse. This is why making your email reader only "Read in plain text only" an imortant setting.
Install IE-SPYAD and SpywareBlaster updated regularly available in the following links .
Calendar Of Updates http://www.dozleng.c...p?&act=calendar
How did I get infected? http://boards.cexx.o...topic.php?t=957
A.S.A.P. member

#8 Freebird


    Advanced Member

  • Full Member
  • PipPipPip
  • 196 posts

Posted 26 June 2004 - 10:46 AM

Yahoo allows you to block images from being served:

Step 3 of 3: Image Blocking

"Some images and graphics in email alert the sender that you've opened the message, which verifies that your email address is active. If you block these from being downloaded, the sender won't get this information -- and spammers are less likely to buy your address in the future if they don't know it's active."

Will this be enough to thwart this creepy practice?

We know the speed of light......but, whats the speed of dark? Steven Wright - Scientist and Comedian

#9 Tuxedo Jack

Tuxedo Jack

    Creator of TuxPE, a Cat5-o'-9-Tails, Etherkillers, and more

  • Expert
  • PipPipPipPipPip
  • 1,758 posts

Posted 27 June 2004 - 01:19 AM

I don't believe that this would work on recipients who only allow plaintext e-mails - none of that HTML-ized crap. Webmail clients such as SquirrelMail and Horde should be fine.

If someone wants to test that, PM me and we can test with my SquirrelMail server.
Signature file is under revision. This will be back shortly.

#10 dave38


    Devout Murphyite!

  • Retired Staff
  • PipPipPipPipPip
  • 8,508 posts

Posted 27 June 2004 - 04:18 AM

Mailwasher should prevent it working, if these are used in "non legitimate" emails, as only the header is downloaded.

I agree with Mike, it's disgusting!
Be wary of strong drink. It may make you shoot at tax collectors, and miss!
Please support SWI forum

Member of UNITE
Support SpywareInfo Forum - click the button