Logan 5
Silver and Black and blue in 2009
Premium,MVM
join:2001-05-25
The WasteLAN
 ·Pacific Bell - SBC
|  Ummmmmmm ok.
What's next? Forcing Microsoft to remove the delivery and read reciept notifications from Outlook???
France.....the Jerry Lewis (or is that Jerry Springer?) of technology......
--
"Many times a good overclock is nothing more than running an 'under-clocked' chip at it's true speed...." - L5, 7/3/04 |
|
LrdVader
Premium
join:2003-12-18
San Diego, CA
| said by Logan 5  :
What's next? Forcing Microsoft to remove the delivery and read reciept notifications from Outlook???
That's far from the same thing. Any decent mail client will put in control of whether or not read receipts are sent. If you want to, you can be notified and prompted before any receipt is sent.
These tracking services use spammer-style web bugs and HTML tricks to convince your client to rat you out, even if you've chosen not to send receipts. There's a big difference between requesting a receipt, and trying to sneak one out without your knowledge or consent. |
|
nixen
Rockin' the Boxen
Premium
join:2002-10-04
Alexandria, VA
 ·Cox HSI
·Speakeasy
| reply to Logan 5
said by Logan 5 :
What's next? Forcing Microsoft to remove the delivery and read reciept notifications from Outlook???
France.....the Jerry Lewis (or is that Jerry Springer?) of technology......
Outlook's delivery and read notifications are only guaranteed to work within an exchange domain that has been configured to allow it. Even then, both sender and recipient must be in the same Exchange system. Any notifications outside that Exchange system is purely optional on the part of the receiving mail system's administrators and email recipient.
-tom
--
"There are 10 types of people in the world... those who understand binary and those who don't."
"That's only 2 types of people, moron" |
|
Logan 5
Silver and Black and blue in 2009
Premium,MVM
join:2001-05-25
The WasteLAN
·Pacific Bell - SBC
|  reply to Logan 5
said by lrdvader:
These tracking services use spammer-style web bugs and HTML tricks to convince your client to rat you out, even if you've chosen not to send receipts. There's a big difference between requesting a receipt, and trying to sneak one out without your knowledge or consent.
Any chance of some proof to back this statememt up? I have not seen anything to indicate that this servce is malware or spyware. I'm not saying that maybe it isin't those things, but so far it has yet to be proven because the article has scant real information...
Can you please point out to me where in their Terms of Use for the product that it states that they use spyware or spam tricks? »www.didtheyreadit.com/index.php/···#privacy
Here's a link to a support FAQ that talks about the LACK of spyware in the product: »www.didtheyreadit.com/index.php/···#spyware
--
"Many times a good overclock is nothing more than running an 'under-clocked' chip at it's true speed...." - L5, 7/3/04 |
|
bebenj1
join:2004-07-03
Pittsburgh, PA
| said by Logan 5 :
said by lrdvader:
These tracking services use spammer-style web bugs and HTML tricks to convince your client to rat you out, even if you've chosen not to send receipts. There's a big difference between requesting a receipt, and trying to sneak one out without your knowledge or consent.
Any chance of some proof to back this statememt up? I have not seen anything to indicate that this servce is malware or spyware. I'm not saying that maybe it isin't those things, but so far it has yet to be proven because the article has scant real information...
Can you please point out to me where in their Terms of Use for the product that it states that they use spyware or spam tricks?
Have someone send you an email through this service, retrieve it with an email client that allows you to view the /FULL/ source of the HTML message, and examine that message - you will see that it contains additional HTML tags that were NOT part of the original message.
If you check the FAQ section on the company's site, you'll find "Does it work with non-HTML mail clients" and the answer "in short, no."
A "webbug" is often a 1x1 pixel transparent GIF image. What happens, is that when the HTML document (email in this case) is actually viewed, the client software will retrieve that invisible image. When it retrieves it, the server that it retrieves from then knows that the particular bug being retrieved indicates that the message it was hidden in has been viewed, it will know the IP address of the viewer, what software was used to read the message, etc. (Try »showmyip.com and scroll down - this is all information that is available to a server when an HTML request is made)
In order to also know how long the message was viewed, a more complex approach is required, but the same basic idea holds - something non-visible is added to the HTML of the email message. (for the technically inclined, the only way to determine how long the email was open is to either have dynamic content, IE constantly updated as long as the message is open, or embed some script, IE using the onclose() trigger to reconnect to the server when the message view is closed)
j |
|
LrdVader
Premium
join:2003-12-18
San Diego, CA
| reply to Logan 5
said by Logan 5 :
Any chance of some proof to back this statememt up? I have not seen anything to indicate that this servce is malware or spyware. I'm not saying that maybe it isin't those things, but so far it has yet to be proven because the article has scant real information...
Sure. Here's a thread from another forum where this service was discussed, including posted full source from a test message showing the web bug:
»www.emailaddresses.com/forum/sho···id=21830
This particular service seems to stop at web bugs, but they have competitors that are slimier. Here's a nice discussion, on the same forum, of readnotify.com, which provides the same basic service but uses dirtier tricks (includes links to some pages dissecting those tricks):
»www.emailaddresses.com/forum/sho···id=22267
said by Logan 5 :
Can you please point out to me where in their Terms of Use for the product that it states that they use spyware or spam tricks? »www.didtheyreadit.com/index.php/···#privacy
Of course they aren't going to say "We use spammer tricks!" in their own TOU. But they don't say they don't, either. The privacy policy says they don't keep copies of messages - which is probably true, since that's not the point of the service. The point of the service *is* to spy on message recipients on behalf of senders, so of course there's absolutely nothing in the policy to preclude that.
said by Logan 5 :
Here's a link to a support FAQ that talks about the LACK of spyware in the product: »www.didtheyreadit.com/index.php/···#spyware
That's really more a question of definitions than anything else. If you define "spyware" as being a program that gets installed on your computer and spies on you, then their statement is true. But note exactly what that statement is. They say that the product doesn't contain spyware, not that it doesn't spy.
It's also worth noting the wording of the rest of that answer: "We respect the privacy of our users." Once again, strictly true, but misleading. They respect the privacy of their users because their users aren't the ones being spied on. They don't say a word about the privacy of the recipients of their bugged messages, since they're in the business of violating that. |
|
Logan 5
Silver and Black and blue in 2009
Premium,MVM
join:2001-05-25
The WasteLAN
·Pacific Bell - SBC
| reply to Logan 5
bebenj1: So what if you have outlook 2003 set to automatically block the display of images in the preview pane? Would it not then block the webbug and defeat the purpose of this program?
Also, even if it does contain HTML tags that are not as you say part of the original message, how are they spy or malware?
I thought that the tracking feature was how this software worked..
Or are you saying that anyone who uses a webbug or adds extra HTML code to an email message is a spammer or ???
--
"Many times a good overclock is nothing more than running an 'under-clocked' chip at it's true speed...." - L5, 7/3/04 |
|
LrdVader
Premium
join:2003-12-18
San Diego, CA
| said by Logan 5 :
Also, even if it does contain HTML tags that are not as you say part of the original message, how are they spy or malware?
Neither of us ever said that those HTML tags were spyware; by most definitions of the word, they aren't. They certainly *are* being used to spy on people, though.
said by Logan 5 :
Or are you saying that anyone who uses a webbug or adds extra HTML code to an email message is a spammer or ???
Again, the assertion was not that all users of this service are spammers. Most of them probably aren't. It was that users of this service and other services like it are using some of the same tricks that are frequently used by spammers to track their victims; which they definitely are. |
|
richk_1957
If ..Then..Else
Premium
join:2001-04-11
Minas Tirith
| reply to nixen
said by nixen :
Even then, both sender and recipient must be in the same Exchange system.
I don't think so. I've sent stuff to my home e-mail address from work [and I always ask for a read receipt]. And when I got home & checked my e-mail, there it was, the receipt question. Now we are using exchange 2004 in work and I don't think my ISP is using the same and anyway, we're not on the same domain. |
|
nixen
Rockin' the Boxen
Premium
join:2002-10-04
Alexandria, VA
·Cox HSI
·Speakeasy
| said by richk_1957 :
said by nixen :
Even then, both sender and recipient must be in the same Exchange system.
I don't think so. I've sent stuff to my home e-mail address from work [and I always ask for a read receipt]. And when I got home & checked my e-mail, there it was, the receipt question. Now we are using exchange 2004 in work and I don't think my ISP is using the same and anyway, we're not on the same domain.
That's a different feature. And, as stated it's purely optional for the remote mail client to honor that receipt notification request. When you are within an Exchange domain, it's up to the Exchange administrators to allow or deny the Exchange specific read notification functions.
-tom
--
"There are 10 types of people in the world... those who understand binary and those who don't."
"That's only 2 types of people, moron" |
|
richk_1957
If ..Then..Else
Premium
join:2001-04-11
Minas Tirith | You're right. I stand corrected. |
|
hescominsoon
join:2003-02-18
Brunswick, MD | reply to LrdVader
this can be easily defeated..in outlook/OE read all mails in text mode..in mozilla just tell it not to load remote images..problem solved.
--
God Blesshttp://www.emmanuelcomputerconsulting.com-- carpe ductum -- "Grab the tape" |
|
Logan 5
Silver and Black and blue in 2009
Premium,MVM
join:2001-05-25
The WasteLAN
·Pacific Bell - SBC
| reply to Logan 5
Outlook 2003 also has the "Display HTML images in email messages" feature disabled by default. It's prompts you if you want to d/l images from messages and warns yoou that you can still be tracked if you accept them.
--
"Many times a good overclock is nothing more than running an 'under-clocked' chip at it's true speed...." - L5, 7/3/04 |
|
keith2468
Premium,MVM
join:2001-02-03
Winnipeg, MB
2 edits | reply to Logan 5
it is up to their lawyers to present the evidence
From their website it sounds invasive enough for me:
»www.didtheyreadit.com/index.php?···&affad=1
quote:
When you use didtheyreadit, every e-mail that you send is invisibly tracked without alerting the recipient.
But when they read your message, you will immediately receive the following information:
1 When, exactly, your email was opened.
2 How long your email remained opened.
3 Where, geographically, your email was viewed.
If you read the ruling, the basis is that the user doesn't know the tracking is going on, can't refuse the tracked email and have it returned to sender, and that personal information is gathered, recorded and transmitted in violation of French law.
As the others noted, MSOE, Netscape email, and other email clients let you know when you are about to open a tracked email, or let you have the option of sending an acknowledgement or not. And those acknowledgements only reveal that the email was opened.
So using didyoureadit's service is illegal for French residents, businesses and organizations.
If didtheyreadit is doing something milder in the USA or UK, why are they being so invasive and secretive in France?
And if didtheyreadit isn't being so invasive and secretive in France, how could their legal team have messed up so badly presenting the evidence to the court?
More likely didtheyreadit's website is was created to fulfill marketing objectives just like the websites of most companies, and is omitting details.
I'm sure their legal team did the best job they could of putting the best appearance on didtheyreadits services. And inspite of that, the prosecution was able to successfully make the case that the service contravened French laws on privacy and data protection.
--
(Virus&Hijacking FAQ+Submit suspected malware+Security FAQ) |
|
fonemann13
Premium
join:2004-05-10
Bloomingdale, GA | reply to nixen
Re: Ummmmmmm ok.
LOL I love your sig quote! |
|
