Apple Mail Now Blocks Email Trackers

Apple Mail now blocks email trackers by default.

Most email newsletters you get include an invisible “image,” typically a single white pixel, with a unique file name. The server keeps track of every time this “image” is opened and by which IP address. This quirk of internet history means that marketers can track exactly when you open an email and your IP address, which can be used to roughly work out your location.

So, how does Apple Mail stop this? By caching. Apple Mail downloads all images for all emails before you open them. Practically speaking, that means every message downloaded to Apple Mail is marked “read,” regardless of whether you open it. Apples also routes the download through two different proxies, meaning your precise location also can’t be tracked.

Crypto-Gram uses Mailchimp, which has these tracking pixels turned on by default. I turn them off. Normally, Mailchimp requires them to be left on for the first few mailings, presumably to prevent abuse. The company waived that requirement for me.

Tags: , , ,

Posted on May 9, 2022 at 9:39 AM51 Comments

Comments

Tango Mike May 9, 2022 9:53 AM

I’m a bit confused, if I disable automatic downloading of images by default in my mail client doesn’t that achieve the same thing? Unless I explicitly allow a sender’s images of course?

Tango

bert May 9, 2022 10:00 AM

@Tango Mike:
Yes, but then you have no images in your mail, which often makes them look “ugly”. Looks like Apple want their users to have mails rendered as intended by the sender without the tracking bullshit.

Clive Robinson May 9, 2022 10:13 AM

@ Bruce, the usuall suspects, ALL,

From the aeticle we have,

“Apple Mail downloads all images for all emails before you open them. Practically speaking, that means every message downloaded to Apple Mail is marked “read,” regardless of whether you open it.”

Now who remembers why you should not download images?

That’s right boys and girls the number of times they have been used to put malware on peoples systems…

If memory serves both Apple and Google’s mobile phone OS’s got Smak-Fu’d that way, oh and do I need mention Microsoft and Adobe?

TexasDex May 9, 2022 10:32 AM

Are they also caching the images for emails that go to nonexistent addresses? If not, then they just gave spammers an easy way to validate their target lists.

TimH May 9, 2022 10:41 AM

I thought that the idea of an email client was to pull meesages from your mail service provider directly to your computer. This normalises having the supplier of the email client analysing the traffic.

JonKnowsNothing May 9, 2022 10:54 AM

@All

By pre-downloading images, they might block the Read-Flag but they also open up the entire email chain to image harvesting/image scrapping.

All images get scrapped as they flow along the pathways but this might give whoever is providing the Open It/Store It/Forward It functionality to scrape them easier.

Maybe they could slow track mass mailings from systems that use Read-Flags, but I’d guess that would mean no one would get their e-bills either … (1)(2)

===

1) Nearly every e-bill and solicitation comes with attached v-cards, corporate logos, misc endorsers-advertiser images. There’s gonna be a lot of the same corporate images in those storehouses.

2) Using TEXT mail, probably doesn’t interfere with the Read-Flag, it just means you can’t see the image like in HTML layout mode. The Read-Flag will still get triggered because the images in part of the mail, even if it doesn’t render on the screen.

benr May 9, 2022 10:54 AM

I’m a bit confused, if I disable automatic downloading of images by default in my mail client doesn’t that achieve the same thing?

When did it become normal for email clients to download images anyway? I’d have thought if someone wanted images (or stylesheets etc.) to be visible to their recipients, they’d have attached them to the messages, not referenced them on some external server. I remember these tracking images affecting the first generation of HTML-enabled email clients, in the ’90s; by the second generation, many had been updated to prevent auto-downloading and to attach any image pasted into a message.

Personally, I think the companies behind major email user-agents (Apple, Google, MS) should declare that external content will cease being accessed at all for messages sent after a certain date, and the caching is just to hold us over till then. If the change breaks anything too badly, the senders were already doing something wrong: there should always be a text/plain variant, ALT text for images referenced by HTML, etc.

John May 9, 2022 11:48 AM

Hmm….

I use pine — alpine actually.

Plain text e-mail. Fast. NO LINKS!! No disturbing pictures. No Video. No noise 🙂 :).

I am typing this on alpine.

John

Denton Scratch May 9, 2022 2:47 PM

@bert

but then you have no images in your mail, which often makes them look “ugly”.

To be fair, if you set your mailer to view as text/plain, then they usually look fine (like, much the same as most email viewed as text/plain). But sometimes they’re awful – DPD’s emails are only just readable as text/plain.

It’s the very devil to emit HTML-formatted email that works properly. You have to aim at a lowest-common-denominator of HTML, which means back to about 2001. And then you have various security policies layered on top. It would be a small additional cost to automatically produce a good text/plain MIME-part from the text/html part.

Well, I suppose there must be a bunch of competing libraries to do just that; if that’s true though, and they’re any good, then they’re not being used enough.

Denton Scratch May 9, 2022 3:09 PM

@JonKNowsNothing

Using TEXT mail, probably doesn’t interfere with the Read-Flag, it just means you can’t see the image like in HTML layout mode.

If you mean rendering the email as text/plain, then that won’t request any images, so no flag will be triggered. I’m not speaking of Apple Mail, of which I know nothing; I’m speaking of setting your mailreader to open and view the text/plain part.

I’m also not speaking of any server-side Read-flag, like the one IMAP supports. And I’m not speaking of read-acknowledgements either.

SpaceLifeForm May 9, 2022 3:58 PM

@ Denton Scratch, JonKnowsNothing, Clive, ALL

Objection! Assumes facts not in evidence!

If you mean rendering the email as text/plain, then that won’t request any images, so no flag will be triggered

Whether it is IMAP or POP3, the client will pull the payload. Even with IMAP, you get the headers, but if you read it, it will pull the body. Whether the HTML is rendered on the client or not does not matter. The damage is done. The ip traffic is key. Traffic Analysis 101.

SpaceLifeForm May 9, 2022 4:41 PM

@ Denton Scratch, JonKnowsNothing, Clive, ALL

Your email infrastructure mileage may vary

I avoid email and recommend you do the same.

hxtps://help.litmus.com/article/158-why-do-some-email-clients-show-my-email-differently-than-others

hxtps://news.ycombinator.com/item?id=28240279

hxtps://stackoverflow.com/questions/34346732/do-any-common-email-clients-pre-fetch-links-rather-than-images

John May 9, 2022 4:54 PM

hmm….

From what I can tell, alpine only downloads the plain text and the html with the links in it.

When I want to view a picture, I save the html as junk.html, put it where a garbage browser can access it and eventually view the picture or whatever.

Not all versions of Firefox will actually follow some of the more convoluted links.

Oh well.

John

Clive Robinson May 9, 2022 6:11 PM

@ SpaceLifeForm, ALL,

Re : Assumes facts not in evidence!

Well I do have sufficient evidence on the other side and not just “Traffic Analysis 101”.

As some around here remember, I don’t do personal, private or most other types of Email[1]. And have not done so for a decade and a half, and for the decade and a half before that, the Email had to conform to,

1, Control Character striped.
2, White space compressed.
3, 7bit ASCII, no parity.

Which was what it was supposed to be according to an RFC of the time.

But I’m more “alergic than ever” these days to Email…

In fact you will not find Email servers or clients on any of my computers, or other systems, and there is not a snowball in hells fiery pit chance that I’m going to alow any type of non CTRL-striped 7bit ASCII or above into the gap-crossing systems.

If other people do not like it “tough on them” as the “pub landlord” catch phrase has it “My gaff, my rules”.

If people feel they are offended, let me put it this way,

“Unless you are a fool you don’t let your neighbours tom cat come into your home and spray as it want’s.”

So why should I treat strangers and those people / technology I do not in any way trust any differently?

The “Security Trust” answer is very clear and simple on this,

“I should not, and would be a fool to do so.”

Also, nor should you for the same reason.

The real lesson from the last 30years or more of the Internet is,

“As long as you let marketing idiots, criminals, trolls and worse get away with things, they won’t stop doing it.”

So logically “don’t let them”.

[1] There are always some that claim their rights exceed yours and mine. As I’ve pointed out to them there is a way they can send me text via Radio-paging code No.1 (POCSAG) or Maritime radiotelex as “CCITT R.44” routed “Telex-On-Radio”(TOR) or using SITOR-B/AMTOR-FEC as they are both legaly acceptable[2], unlike Email, or they could just put a letter in the post…

[2] HF Radiotelex is still legal as it is a still being required as part of “Global Maritime Distress and Safety System”(GMDSS). I guess, I’ll have to say PACKTOR fairly soon or Imarsat-C, neither of which is RX only…

JonKnowsNothing May 9, 2022 6:43 PM

@ SpaceLifeForm, @Denton Scratch, Clive, ALL

Clarification of my Text Mode comment:

In TEXT mode the payload images are downloaded (seen as attachments). The only aspect of text mode referenced is that the images are not displayed in-line with the text.

Other observations on TEXT Mode:

Emoji’s often get displayed anyway, even though the display is set to TEXT mode. The code for the emojis is still parsed and rendered and if those have embedded CrappyNess that will be parsed too.

Links and hidden links may or may not show up in line. The text mode parser doesn’t render the favico from the link, or any of the ding-a-ling tack-ons from the JSON fields, if included unless the mail systems define them as attachments.

If you have scripting off, you might not see the hidden link in line but you can find them in View Source, watching out for the Missouri Mule.

What happens after CrappyNess gets parsed?

We all know that PWNED feeling…

@Clive, @SpaceLifeForm

It must be nice to avoid all emails. I wish that were so for me. It’s not. I have to put up with it and do the best I can.

Clive Robinson May 9, 2022 7:11 PM

@ JonKnowsNothing,

Re : It must be nice to avoid all emails.

It is now the mutts have given up.

But my toe-caps got quite some polishing on, expensive trouser seats…

The simple fact is Email is, and always has been poorly designed from the ground up. So rather than fix-it or tear-down-n-start-again, what did they do?

They just kept throwing the garbage over the wall on top… I guess on the old pretence of,

“One big mess down below, where you dare not go”…

Well I guess it’s way past time to chuck a spare five gallon drum of gas over the wall and a lit book of matches to follow…

SpaceLifeForm May 10, 2022 12:39 AM

@ JonKnowsNothing, ALL

The emojis are rendered because your email client is in UTF-8 mode.
The emojis are not images embedded in the HTML, the actual image associated with the emoji UTF-8 is tied to the client software.

If you dealt with email in pure 7-bit ASCII, as Clive described, you would not see them at all, or you might see some question marks mixed with garbage for example.

If I type a colon dash right paren, you may see it plain as 7 bit ASCII, or you may see it as the smiley face 🙂 , and software may convert those 3 characters to the UTF-8 emoji code. But, if they stay as separate characters, i.e., :, -, and ), then even an old 7-bit network could handle that, and even old guys like Clive and myself can understand the message 🙃

Also note: what you see as the actual emoji image is not going to necessarily match what others see, even if their client software understands UTF-8. They may be close, but they are separate.

will ¯_(ツ)_/¯
get converted by the server software to 🤷 ?

Let’s see what happens. No preview.

JonKnowsNothing May 10, 2022 12:52 AM

@Clive, @All

re: avoiding all emails (NOT)

RL tl;dr

When my spouse died, our 41 year history of payments and banking were locked by the financial institutions. That’s 41 years of “proof” gone with a permanent lockout. Per the bank, the entire history will be wiped and deleted. I will not get a copy or download or summary.

As you know, what goes on in one country, other countries must mimic.

The Windrush debacle, which claimed UK Citizens and UK Residents as persona non grata, deporting them hither and yon, because they could not produce 30 years of proofs required by the Home Office, continues unabated (1)… the USA has similar schemes afoot or underfoot.

I need hard copy bills now as proof that I am who I say I am. The bills must have my name on them. They must be current.

I have a running battle with the utility company PG&E over hard copy bills.

  • My initial contact was to be sure the bill is in my name now. Done.
  • I requested hard copy so I can have a tangible proof. OK.

I get an email a few days later stating I have been auto-enrolled in e-billing and I won’t get my hard copy bill but an email reminder. Panic.

  • Contact again for hard copy bill. OK no problem ignore that message it was a “glitch” in the computer that you were auto-opt-in to e-billing. Thanks.

Next cycle I get a message I’ve been auto enrolled in e-billing again. P-S

  • Contact again for hard copy. OK ignore that email it was a glitch again in the computer as we made another change to the database and had to reset everyone again to auto-opt-in but it’s fixed now. /Facepalm.

fwiw They have the worst voice menu tree ever designed. It takes at least 30 minutes of robot-talk to maybe get to a person. There isn’t any short circuit there isn’t any agent, operator, assistant that will connect you to a person. However, I discovered if you continue to talk to the robot, you can trigger the same messages over and over. The robot doesn’t care what you talk about or what you say or the words you use, of course but the AI listening system thinks you want to hear the last message again…. At least that part was fun.

===

1) The Compliantly Hostile Environment

SpaceLifeForm May 10, 2022 1:05 AM

@ JonKnowsNothing

The server striped the backslash out because it is dumb.

So, trying again by escaping the backslash with a backslash, cause nix.

¯\(ツ)

SpaceLifeForm May 10, 2022 1:47 AM

@ JonKnowsNothing

So, the server honored the escape on the backslash, but then in it’s infinite wisdom decided the underscores should be dropped even though first try it left the underscores in place.

This is psycho software, like a really bad voice menu tree.

Going to escape with backslash the backslash and both underscores.

Otherwise, it will be time to say ‘representative’ 😉

¯\_(ツ)_/¯

Clive Robinson May 10, 2022 2:44 AM

@ SpaceLifeForm,

This is psycho software, like a really bad voice menu tree.

More “in two minds” fighting…

Remember for some reason “Markdown” has been included… Why I’ve still no real idea…

But the conversion to “other characters” by the site is more than a pain. My above paragraph was ended with three full stops by me. What you will see when you read this page is a single glyph that has three dots on it. Which means,

1, Text is different and for signing purposes broken.
2, Text nolonger aligns.
3, If cut-n-past via clipboard what you get is OS and application depenedent.
4, In some cases it will be internationalisation dependent.

There is more but does any of it sound desirable?

Probably not unless you are doing some kind of “malware attack” at oh so many different points up the computing stack including “Level 12” (or what ever they call the “legal layer” these days). Just so a bunch of idiots can invent new glyphs every week…

[1] Quite some years ago now, Douglas Adams invented a character “Wonko the Sane” for one of his books. He had the character build a house inside out, –all because of the instructions on a box of toothpicks– as an indicator the world had voluntarily gone quite “insane”. Thus by building the building he had put the world in an asylum.

Well… For me at least “I don’t need no bricks” to build a reminder, instead I just click on,

https://home.unicode.org

Then fairly quickly thereafter I need to find a dark room to rest in, and mumble “make it stop, please make it stop” till the noises in my ears, throbbing at my temples, and the grinding of my teeth subside sufficiently for me to go back into the asylum 😉

John May 10, 2022 3:00 AM

” presumably to prevent abuse”

More likely, “presumably in the hope that you will forget that they are turned on and leave them on.”

Clive Robinson May 10, 2022 3:04 AM

@ JonKnowsNothing,

Re : 41 year history of payments and banking

It has been of concern to me for quite some time now. And to be honest I’m not sure what can be done about it.

One characteristic you will no doubt have noticed is that none of the alledged savings of these schemes ever end up in your pocket, but you are expected to pay the price.

And as you’ve noted there is now a “three way game” where there is at best only one honest player “the victim”. Which the dishonest “Government” and the “Corporate” players quite deliberately play the victim off against each other for their own crooked gain.

The sad thing is we let them do it.

Winter May 10, 2022 3:30 AM

@Clvie

The sad thing is we let them do it.

This describes the whole of the problem, like “I have seen the enemy, and it is us”.

For example, why did the UK have Brexit? Because the British (or rather, the English) loathed the people in continental Europe, Poles in particular. From what I heard from English people, it is not that they were deceived, they wanted to be deceived. And they confirmed this desire in every election since.

There are many examples for this from every country. With peace and a decrease in economic growth in the 1960s/1970s came a political movement to grab the bigger part from the pie. And “we” voted for politicians who promised us the bigger part of the pie. And “we” wanted to believe them so much, that we voted out everyone who told us we could not all have the bigger part of the pie.

In short, we voted for the politicians who gave the robber barons the tools to rob us blind because we wanted them to have these tools to rob the “others” blind. But in the end, we always will be the “others” at the sharp end of the stick.

Peter A. May 10, 2022 4:59 AM

@Clive: yeah, Unicode guys went crazy.

I used to kibitz them in their efforts, ’cause I’m from one of that funny nations
that use funny attachments to Latin glyphs – and I have also learned another language
which uses a different set of glyphs. On top of that, I am born a typo-nazi and
mistyped text, text using plain Latin script just omitting funny glyph attachments,
or text with “creative” transliteration just hurts my eyes and slows my reading to
a grinding crawl. (I do my best to bear with your occasional typos out of respect.)

In the 80-90’s communicating with people over a computer in a non-English language
was a nuisance for me – deducting and converting to and from various 8-bit encodings
was really unnerving. For my language there were about ten named standards in use,
plus some unofficial ones, some even had slightly different variants, and some
software used its own encodings. It got reduced to three and then to two standards
later (while more and more fierce encoding wars ensued), but still configuring all
that software and stitching it together with converters was a nightmare. I am totally
omitting the foreign language which I used to talk with people over IRC – it was
a total mess of improvised solutions. Unicode and UTF-8 came to the rescue, but the
uptake was slow. I really admired the committee for it – then, at least.

For a next decade or so, committee guys went to pursue exotic and ancient scripts,
and some scientific notations, which was probably a blessing for various linguistic
scholars – however they strongly rejected Tengwar, to my personal disappointment.
But then – apparently fearing for their comfy jobs – they entered into the realm
of modern cavemen petroglyphs and it went downhill from there.

Gert-Jan May 10, 2022 5:55 AM

So Apple is going to download and cache all linked images of the HTML email.

How safe it this cache? Because it might contain personal information or otherwise sensitive information?

How long is this going to be cached? Until I delete the email? So for some emails, never?

What if I send an HTML email that embeds a 24 hour 4K video?

Will this preloading delay the delivery of the email?

A decision like this preloading/caching can have many side effects (TexasDex mentioned another interesting possible side effect)

Clive Robinson May 10, 2022 6:56 AM

@ Gert-Jan, ALL,

How safe it this cache? Because it might contain personal information or otherwise sensitive information?

It won’t be safe at all…

Because it’s a “third party business record” it will be available with just a “National Security Letter” or less, long before you potentially see it.

So the question arises as to if Apple can be required to,

1, Not send the image.
2, Send a modified image.
3, Send a faked / substitute image.

Oh and quite a few other possabilities arise, lets extend the idea a little.

What if you have two seperate ways of getting at your held email location?

Apple goes grab a copy and thus has it in perpetuity in their records.

You however go look at the email via some other method not related to your Apple phone…

It means there is now a “wild copy” of that image in a third parties hands without the permission of the first or second parties.

For certain types of corespondance things are “legaly privileged” thus Apple by acting without the second parties explicit consent is actually committing either a breach of a “Private Duty” –tort– or “Public Duty” –crime–…

Not sure they have thought things through…

Ted May 10, 2022 7:18 AM

@JonKnowsNothing, Clive

When my spouse died, our 41 year history of payments and banking were locked by the financial institutions.

I am so sorry.

A while back I was listening to some estate planning podcasts. I had heard enough before then to start worrying how beleaguered and legalistic an incapacitating or end-of-life event might be.

I had some semi particular questions and talked to a few people about them. One interesting place to have discussions is the Bogleheads forum (from Jack Bogle of Vanguard).

I posted a question there and got some really good and multi-angled feedback. People there were generally helpful and put a sincere amount of thought into it. I think the sub forum I posted in was ‘Personal Consumer Issues.’ It’s still taking me lots of baby steps.

https://www.bogleheads.org/#all_subforums

Bryan May 10, 2022 11:08 AM

@JonKnowsNothing

They have the worst voice menu tree ever designed. It takes at least 30 minutes of robot-talk to maybe get to a person. There isn’t any short circuit there isn’t any agent, operator, assistant that will connect you to a person.

Many of those systems attempt to notice angry humans, and react accordingly. Next time you’re dealing with one, start riffing on Carlin’s Seven Dirty Words, and you might find yourself connected to a human much quicker than ever before.

Denton Scratch May 10, 2022 12:14 PM

@SpaceLifeForm

Whether it is IMAP or POP3, the client will pull the payload.

Neither IMAP nor POP3 parses the payload it pulls from the server, which is simply the raw message. They both just pull the headers and body, as they were delivered over SMTP. What pulls in linked images is the renderer in the mailreader. That is, it doesn’t matter what protocol is used to access the mailstore.

If I set Thunderbird (my mailreader) to view messages as text/plain, it will parse the message as a MIME multipart, and render the part labelled text/plain. It will display links as links, i.e. blue and underlined, and you can click on them to follow the link. But the text/html part is NOT rendered, and so embedded images, javascript, CSS etc. are NOT retrieved unless there is a link that you click on.

If the message has no text/plain body-part, then the text/html part is rendered; but it is rendered as if it were text/plain, i.e. you get to read the raw HTML. Because the HTML render isn’t used, the embedded images aren’t fetched.

This is easily established using Developer Tools in Thunderbird. I’d be surprised if any command-line mailreader attempted to render HTML either.

I can’t speak for your mailstore; perhaps yours is some weird program that tries to parse and render the HTML part server-side, maybe while making excuses about accelerating. But neither Postfix nor Dovecot will go through your inbound mail looking for image links and downloading them unbid.

I avoid email and recommend you do the same.

Oh, that’s OK; horses for courses. I wouldn’t use email for exchanging secrets, or communicating with anyone if the very fact of that communication was a secret. I know pretty much where the security flaws in email are (they’ve been known for decades), and there are many; but tracking pixels are not fetched by a decent mailreader set to view as text/plain.

It’s possible to use email safely. To say otherwise is seriously misleading.

Denton Scratch May 10, 2022 12:21 PM

@JonKnowsNothing

In TEXT mode the payload images are downloaded

What mailreader is this? It sounds like you have a widget that sets the HTML renderer to parse the HTML and render it as text, rather than to view the text/plain multipart part.

Emoji’s often get displayed anyway

Emojis are Unicode code-points; a plain-text renderer SHOULD render emojis. Emojis are not server-side images that have to be retrieved from somewhere.

lurker May 10, 2022 1:18 PM

@Peter A

– it was a total mess of improvised solutions. Unicode and UTF-8 came to the rescue, but the uptake was slow. I really admired the committee for it – then, at least.

Amen, brother. Your whole comment echos my experience. But the unicode folks seem to now be drinking something stronger than their own kool-aid.

SpaceLifeForm May 10, 2022 3:26 PM

@ Denton Scratch

We are on the same page.

It all depends upon the client renderer code. The client can parse and pre-fetch links even though the user never looks at them.

I agree, use thunderbird. But, too many use web-based email clients and who knows exactly what that Javascript is really doing? I am not going to spend the effort to research that question.

The equivalent of email could be performed via different protocols.

For example, one could create the payload locally, create a signed and encrypted tarball, put it somewhere, and then communicate to the recipient where to find it.

SMTP is historical cruft from when everything was dial-up. See uucp. In the olden daze, I used that. uuencode and uudecode too. rcp and rsh. Bang path routing.

But, over the years, more cruft was piled on top of the cruft, hence the mess today.

lurker May 10, 2022 4:22 PM

“The internet has always been on a track toward personalization. If it can just predict my needs and desires before I get there, that’s better. I don’t want to have to go out and make decisions.” [Simon Poulton, VP digital intelligence at marketing agency Wpromote][Wired, linked at top]

It’s a pity his parallel universe paradoxically collides with mine on the internet.

SpaceLifeForm May 10, 2022 4:33 PM

@ Clive, JonKnowsNothing, ALL

re: psycho software

As Clive noted, no way to sign a post, because the website software is changing what you type. It is NOT WYSIWYG.

But, I just saw how psycho it is.

https://www.schneier.com/blog/archives/2022/05/friday-squid-blogging-squid-filmed-changing-color-for-camouflage-purposes.html/#comment-404587

Note that what you see is not what I wrote. Specifically, where the website software decided in it’s infinite wisdom, that where I wrote a www, it decided that it should prepend http colon slash slash, AND turned it into a link! The pyscho software completely rewrote the input and added the characters for an anchor with the href!

Note that I was showing snips of nslookup output. I could have posted the results of dig or drill also. I had already done dig and drill previously, but it was easier to grab the output from nslookup.

The point is: One DOES NOT do a DNS lookup on a URL, but on a domain name.

DNS has no clue what protocol will be used.

The pyscho software thinks that if it sees a www that it may be a URL, and therefore must become a link. If it has some other name behind the wwww.

I did not post the links. They were magically created.

Testing. No preview of course.

pressable (no dubs)
http://www.pressable (with dubs)

pressable.sucks (no dubs)
http://www.pressable.sucks (with dubs)

pressablesucks.com (no dubs)
http://www.pressablesucks.com (with dubs)

pressable.really.sucks (no dubs)
http://www.pressable.really.sucks (with dubs)

pressable.reallysucks.com (no dubs)
http://www.pressable.reallysucks.com (with dubs)

Let’s see.

SpaceLifeForm May 10, 2022 5:08 PM

@ Clive, JonKnowsNothing, ALL

I typed no http, colon, or slash slash in the above. Nor any html anchor tag with an a href. They were created out of whole cloth.

I rest my case.

Clive Robinson May 10, 2022 5:13 PM

@ lurker, Peter A,

But the unicode folks seem to now be drinking something stronger than their own kool-aid.

They are not the same folks, and I don’t think the straw they use goes in their mouth…

Those that did the original task of Hercules, and made sure there was substance at the foundation have moved on. As “marketing creative” types decideded their work was insufficient (and madness entered the Temple[1]).

Worse behind them the twittering dilettantes moved in and substance, strength, surety, and sustainability are not words that appear in their froth of bubbles they stir by arm waving.

For glyphs We now have effectively meaningless squiggles and what might even be the next line in ink-well mishaps since the 1920’s. Back when Hermann Rorschach obviously at a loss for an idea, or to meet a deadline, stared hoplessly at his blotter after an ink-well accident and saw in the damp blot a sheep or some such. Much the same as children do with clouds…

Apparently much like staring at “the green putty from your arm pit”[2] or similar… They are a measure not of others skills and ability to perform cogent communications but your ability to child like whack away at where you might think the pignatta / piñata is on Lent Sunday in the vain hope of a cascade of meaning, or atleast something to rot as opposed to put your teeth on edge.

[1] The story of the glyphs, typefaces, chatacter sets and standards about all of them is long… In theory it started several hundred years ago, with a man who had his ideas stolen by a money lender. The first electronic codes behind character sets was probably Wheatstons five needle solenoid telegraph and two diamond boards with the character sets printed on them. Others investigated much less expensive single wire telegraphs and the work of Samual Moorse and his pules width telegraphy code somehow got given magical status. Whilst in Europe a more sophisticated system was being developed (teleprinter codes) that used “natural numbers in binary form”. In 1963 for some now apparently perverse reasons a new code and character set was thought up, which we now call ASCII, which is often seen incorrectly as the base for all ISO-Latin and similar character sets. It was around this time that Computers had an issue… They understand the natural numbers in small sizes, originally of “Octets” or three bits, so why some computers even today have bus widths of 12, 24 or 36 bits. Whilst other computers went with groups of “Nibbles” of 4bits and why we have 8, 16, 32, 64 and even occasionally 128 bit bus widths. But humans use characters, that computers have no knowledge of, which gave rise to mapping issues… Any way the whole kit and kobbodle is still a Stygian mess,

https://techwithtech.com/ascii-vs-unicode-vs-utf7-vs-utf8-vs-utf32-vs-ansi/

[2] It might have started as a throw away line satirical joke about the human condition… But add sufficient snarky impersonation of, bubble heads arm waving and,

http://www.online-literature.com/forums/showthread.php?32140-An-Ode-To-The-Lump-of-Green-Putty-I-Found-in-My-Armpit-One-Mid-Summer-Morning

Clive Robinson May 10, 2022 5:36 PM

@ SpaceLifeForm, JonKnowsNothing, ALL,

Re : I rest my case.

Not a chance… You’ve barely stepped off of the plane, and your journey is not yet close to base camp. You have a long travail over uncertain and oft shifting ground, before you even get sight of the start to your assent… The summit you hope to reach, is hidden, in the clouds, you can not yet see, with a distant horizon in between.

But on a less whimsical note, yes I did spot the www auto complete. It’s as anoying as the disapearing smilies. Where you’ve put a right hand bracket “)” after some punctuation mark the blog software assumes it’s a smilie pulls it out, but can not find a UTF-8 replacment so the punctuation and bracket are now gone, and there is bo sign of what happened…

Makes you wonder about,

“The fundemental rule, of least surprise.”

And why it has been broken… (as those three full stops have just been splated with).

lurker May 10, 2022 6:21 PM

@SpaceLifeForm, @Clive
“They were created out of whole cloth.”

Created by whom? By the AI (Asinine Intelligence) that has crept into a thousand client-side apps, and forces us mere mortals to scrabble for the OFF switch on the auto-spell. When it happens on a server a thousand miles away over which I have no control, it’s tempting to take my custom elsewhere…

Leon Theremin May 10, 2022 9:13 PM

Tracking pixels are just a ruse. The Surveillance State doesn’t need it to track you, just to guilty trip you into thinking you agreed to it because you didn’t block it all.

If You’re Not Paranoid, You’re Crazy – The Atlantic
https://www.theatlantic.com/magazine/archive/2015/11/if-youre-not-paranoid-youre-crazy/407833/

Until people bring the pitchforks to the source of the problem, privacy and security will remain dead and wasting time with these ruses isn’t helping anyone but the Surveillance State.

Boring May 11, 2022 2:50 AM

This describes the whole of the problem, like “I have seen the enemy, and it is us”.

For example, why did the UK have Brexit? Because the British (or rather, the English) loathed the people in continental Europe, Poles in particular. From what I heard from English people, it is not that they were deceived, they wanted to be deceived. And they confirmed this desire in every election since.

I thought this blog was a bit more grown-up than ascribing the most childish and petulant rationale to political decisions you obviously disagree with. Pretty pathetic to be honest.

fib May 11, 2022 1:04 PM

@ SpaceLifeForm, All

Regarding pixel tracking

Lest it be overlooked – since we’re talking about email clients – remember that, afaik, Thunderbird allows images by default on rss feeds. That seems to be some rather annoying problem.

Related:

htps://en.wikipedia.org/wiki/RSS_tracking

SpaceLifeform May 11, 2022 5:54 PM

@ Clive, ALL

To www or not to www, that is the question.

Tis better to manage your DNS properly with CNAME records. See cryptome. Always use www if you control the domain, and create the CNAME so that either will work and point to the same DOMAIN.

hvtps://nitter.net/Serpent/status/1523833573815373824#m

Using an exploit with Google ads, scammers are able to make the real and scam URL look exactly the same.

Well, not exactly the same. The PEBKAC may assume that the DOMAIN with or without the www are the same.

As I noted with cryptome, that is a bad assumption.

lurker May 11, 2022 8:00 PM

@SpaceLifeForm

The PEBKAC may assume that the DOMAIN with or without the www are the same.

They always used to be different,

dubdubdub.some.place
effteepee.some.place
foo.some.place

I think Al Gore tried to change it, and this blog software believes him.

Kenny June 2, 2022 7:00 PM

Bruce, you might be able to pressure Mailchimp to turn off their tracking pixels for everyone by default.

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.