this post was submitted on 25 Sep 2024
374 points (98.4% liked)

Technology

59374 readers
3846 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 4 points 1 month ago (10 children)

If it’s prefetched, it doesn’t matter that you reveal that it’s been “opened,” as that doesn’t reveal anything about the recipient’s behavior, other than that the email was processed by the email server.

[–] [email protected] 1 points 1 month ago (5 children)

But the path changes with every new data element. It's never the same, so every "prefetch" is a whole new image in the system's eyes.

[–] [email protected] 2 points 1 month ago (4 children)

Even with a unique link, if the behavior is that as soon as the email server receives it, it’s prefetched, what does that reveal about the user?

[–] [email protected] 1 points 1 month ago* (last edited 1 month ago) (1 children)

Server or client, every supposed prefetch would be unique. If I trick an LLM client into grabbing:

site.com/random-words-of-data/image.gif

Then:

site.com/more-random-data/image.gif

Those are two separate images to the cache engine. As the data refreshes, the URL changes, forcing a new grab each time.

For email, marketers do this by using a unique image URL for every recipient.

[–] [email protected] 1 points 1 month ago (1 children)

Cool, all of your images are getting fetched by the server as it receives and processes the emails. You have 100% open rate on all emails to that domain within 3 minutes of send.

What do you know about the user and their behavior? Nothing. The prefetch is not tied to their actions, therefore you cannot learn anything about their actions.

[–] [email protected] 1 points 1 month ago (1 children)

This post isn't about email open rates, it's about data exfiltration. But for email speficially, show me major providers that prefetch by default.

[–] [email protected] 1 points 1 month ago

For data exfiltration, you’re right - this doesn’t help.

load more comments (2 replies)
load more comments (2 replies)
load more comments (6 replies)