Read emails unobserved: How to protect yourself against tracking pixels in newsletters and Co.

Many services for sending newsletters use tracking pixels to analyze your behavior: Retrieval time of the e-mail, bounce rate, clicked links, location. Here you can find out how it works, why you should fight it and what you can do.

Ping. There's a newsletter coming into your digital mailbox. One click later you'll hopefully be a little smarter. In any case the senders of the newsletter are smarter after your click. They know at what time and where on earth you open the e-mail. They know which links from the newsletter you clicked on and which e-mail program you use. Depending on the newsletter service, you may know even more. Sounds creepy, but is everyday in email marketing.

Many professional newsletters are sent with the software of special service providers. They offer very different services. Tracking of the readers: inside belongs almost always to it. For some it's about being cheap. Others advertise with the fact that they can pursue visitors: inside with the help of individual tags also outside of the E-Mail on the web page of the sender. Still others make so-called A/B testing possible, with which similar target groups are presented different contents, in order to test for example the success of different formulations.

☣️ 1 pixel × 1 pixel = ∞ Tracking
Usually, these providers use HTML emails: that is, they embed the text to be displayed in HTML encodings so that the email becomes prettier and gets more design elements. Images can also be integrated via HTML code. The graphic can either be attached to the e-mail or downloaded externally.

Almost all newsletter services have in common the use of so-called "tracking pixels". They are integrated in the way described above via HTML codes and reloaded by an external server when the e-mail is opened. These tracking graphics are usually one pixel times one pixel in size or completely hidden. For each reader:in, a unique identifier is added to the graphic, which makes it possible to assign the behavior to individual profiles. A link could look like this:

https://newsletterversand.domain/trackingpixel.gif?identifier=123456789

Consequently, the server from which the pixel is loaded can analyze your behavior. A program stores on the server: When exactly was this link retrieved for the first time? And from where? From this it is also possible to determine which links from the newsletter you click on and thus also your more precise interests. The IP address is used to read out your supposed whereabouts.

👉🏼 Read the fully translated guide:
https://rwtxt.lelux.fi/blackbox/pstrongread-emails-unobserved-how-to-protect-yourself-against-tracking-pixels-in-newsletters-and-costrongp

👉🏼 Source 🇩🇪:
https://netzpolitik.org/2019/unbeobachtet-mails-lesen-so-schuetzt-ihr-euch-gegen-tracking-pixel-in-newslettern-und-co/#trick-applemail

#mail #tracking #guide #DataProtection #privacy
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

Keep your email safe from hackers and trackers

Make an email alias with 1 click, and keep your address to yourself.

💡 How does using an alias protect me?
Do you worry about giving away your email address? Sick of receiving emails you never signed up for? Do those unsubscribe links really work? By using aliases, you keep your real email off spam lists and away from sketchy companies you may not trust.

💡 How does Private Relay work?
When a form requires your email address, click the relay button to give an alias instead. We will forward emails from the alias to your real inbox.

💡 Take back control of your Inbox.
If any alias starts to receive emails you don't want, you can disable it or delete it completely.

https://relay.firefox.com/

#firefox #mozilla #browser #mail #private #relay
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

We live in a Sad World - Purism Anti-Interdiction Services are Popular

A few years ago, we learned the NSA may intercept networking gear during shipping in order to modify it to provide backdoor access to the hardware, and it’s likely other national security agencies around the world also modify hardware on transit for spying purposes.

I’d think most people would not really care, and only high-profile business and governmental targets may take preventive measures, but according to a recent post from Purism, their Anti-interdiction services are fairly popular among their customers.

https://www.cnx-software.com/2020/05/21/purism-anti-interdiction-services-popular

https://puri.sm/posts/anti-interdiction-update-six-month-retrospective/


📡 @cnxsoftware
#interdiction #mail #tampering #NSA #purism #why

Bunker.is - a non-profit isp

collaborating to create shared platforms with open products and no vendor lock-in

👉🏼 #Cloud:
A nextcloud instance for our contributors

👉🏼 #VPN:
We provide vpn services to our contributors

👉🏼 #Search:
A non-tracking search engine

👉🏼 #Etherpad:
A shared open etherpad instance

👉🏼 #Mail:
We provide mail accounts to our contributors

👉🏼 #Ethercalc:
An open public ethercalc instance

👉🏼 #Cryptpad:
We provide an open public instance of cryptpad

Our free services are possible due to the generosity of our users. Becoming a contributor gives you access to a wider range of services.

We dont think the users should be the product. We think you should know who has access to your data and why. Meet us and find out more.

👉🏼 https://bunker.is/ 👈🏼

#bunker #isp
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

A data fail left banks and councils exposed by a quick Google search

Details of more than 50,000 letters sent by banks and local authorities were left online for anyone to see

Private details relating to more than 50,000 letters sent out by banks and local authorities were indexed by Google after a London-based outsourcing firm left its system hopelessly exposed. Details about everything from insolvency to final reminders of unpaid council tax and mortgage holidays were left available for anyone to view since June.

Thousands of names and addresses – and the types of letters they were sent – were left exposed, affecting people in the UK, US and Canada. Virtual Mail Room, the firm responsible for the data breach, worked for clients including Metro Bank, 14 local councils, the publisher Pearson and insolvency specialist Begbies Traynor. The specific content of the letters sent to individuals were not visible.

The privacy breach raises doubts about the due diligence carried out by companies and local authorities using outsourced mailing services to handle sensitive customer data. It also comes at a particularly painful time, with many of the names and addresses contained in the breach belonging to people who have been hit hard financially by the pandemic. Such missteps could fall foul of GDPR, with data controllers and processors potentially facing fines totalling tens of millions of pounds. A spokesperson for the Information Commissioner’s Office, the UK’s data regulator, confirmed it was aware of the incident and was making enquiries.

The details exposed by the breach are hugely personal. Amongst the tranche of exposed personal data were the names and addresses of 6,500 customers of Aldermore Bank. The back-end system left exposed reveals which customers received pre-delinquency and remediation letters. A spokesperson for the bank says it is investigating the issue. Elsewhere, more than 250 Metro Bank customers were identified with their company name and address. A Metro Bank spokesperson says the company has “temporarily suspended sharing data” with Virtual Mail Room as a precautionary measure while its investigation continues.

👀 👉🏼 https://www.wired.co.uk/article/virtual-mail-room-data-breach

#virtual #mail #room #privacy #breach #uk #canada #usa
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

mailbox.org came after the Snowden revelations: a talk with Peer Heinlein

We spoke with Peer Heinlein of the crypto email service mailbox.org. But there is much more at stake. They're expanding their business model.

We recently spoke with Peer Heinlein, founder of the crypto e-mail service mailbox.org. But it’s about much more than mail: the company is expanding its business model.

A detailed conversation with the CEO of mailbox.org

We enjoyed an extended conversation with Peer Heinlein, the founder and managing director of the e-mail provider mailbox.org. But not only that: Heinlein also runs JPBerlin, a provider for socially and politically engaged people, in addition to Heinlein Hosting, another consulting firm and his own Linux academy. You can read the german version here.

There is a lot of competition among crypto-mail providers, with Posteo’s offices literally just around the corner. Another, Tutanota is based in Hanover, to name just the two best-known German competitors, and there are many more abroad.

But there is more: Heinlein, the law graduate, who used to work as a journalist over the years has grown into the role of an entrepreneur, and he also lobbies on his own behalf. His topics include the increasing hunger of the German authorities for access to online services that manage their customers‘ data. A recent example is the ongoing revision of the German Telecommunications Act (TKG). If the EU gets its way, all providers would have to integrate official backdoors for the authorities. IT security or digital seclusion would no longer be possible.

https://tarnkappe.info/mailbox-org-came-after-the-snowden-revelations-a-talk-with-peer-heinlein/

#interview #mailboxorg #crypto #mail #service
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag