Your browser is obsolete!

The page may not load correctly.

Spies are everywhere

Шпиономания

Other issues in this category (24)
  • add to favourites
    Add to Bookmarks

Hotspot

Read: 1274 Comments: 3 Rating: 7

We all know how dangerous it can be to open attachments in dubious messages. But can an image in a message do any harm?

#drweb

This red cross is what’s known as a one-pixel image. It can come in handy in many situations.

In responsive web design, images of this kind are displayed in a browser temporarily while a page is being loaded. Most browsers do not support HTTP Client Hints. That's why images need to be loaded completely until JavaScript can be used to replace those one-pixel images with appropriately sized images.

One-pixel images can also be used as default images. If a required image can't be found for some reason, in certain cases it may be better to display a single transparent pixel than a 404-not-found message. You’re never going to see the image you were supposed to see, but it’s more professional not to highlight that fact by putting up a broken image icon.

https://habrahabr.ru/post/306210

However, pixel-sized images, also called tracking pixels, may serve as web beacons. In the simplest scenario, downloading an image will enable fraudsters (or marketers who track how effective their mailings are) to learn when the message was opened as well as the IP address and the name of the host that requested the image.

And this is a piece of valuable information for spammers because it enables them to determine whether a certain email address is being used or not. But tracking pixels can do even more. They can be used to determine the target OS, and acquire cookie files and information about the recipient's mail client.

Our most attentive readers must wonder what JavaScript has to do with it. A pixel-sized element can incorporate not only an image but also JavaScript code that was initially intended to gather system information. This information can be required, for example, to determine the screen size so that images are scaled properly. But if fraudsters are able to use JavaScript, they can also gather information they need, upload files, and do other nasty things—the possibilities are enormous.

Pixel-sized elements can also be hidden. Indeed, such images really can be just one pixel in size; they can be transparent or be in the background colour so users never notice them. You’re being analysed and have no clue about it!

Tracking pixels are often found in website code. And some of their features appear to be truly unique.

Let's assume that site A displays a certain image (perhaps it’s one pixel in size and transparent) from site X which collects user data. Then if a user goes to site B, which also features the same image from site X, the browser won't download the image but will instead use the copy saved in its cache. Thus site X learns that the user previously visited site A. That's why disabling caching can help maintain web anonymity.

https://en.wikibooks.org/wiki/How_to_Protect_your_Internet_Anonymity_and_Privacy

There is also always the risk of attackers compromising a site to replace an image on its home page just for the sake of replacing it with a script.

https://habrahabr.ru/post/140054/

What are we to do?

#JavaScript #cookies #monitoring #surveillance #security

Dr.Web recommends

  • If you don't need to view the images in a message body, configure your mail client so that images are not opened by default. Unfortunately, many free email services are set to display images—indeed, everyone is interested in user data.
  • Use Dr.Web Security Space which can detect malicious scripts.

Rate this issue and receive Dr.Weblings! (1 vote = 1 Dr.Webling)

Sign in and get 10 Dr.Weblings for sharing the link to this issue via social media.

[Twitter]

Unfortunately, due to Facebook's technical limitations, Dr.Weblings cannot be awarded. However, you can share this link with your friends for free.

Tell us what you think

Leave your comment on the day of publication and get 10 Dr.Weblings, or get 1 Dr.Webling for a comment posted any other day. Comments are published automatically and are reviewed by a moderator. Rules for leaving comments about Doctor Web news items.

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments