|14 Dec 2013||#1|
Gmail Image Proxy Change Has Privacy, Security Implications
Google’s decision to automatically display images in Gmail messages has security experts on edge about the privacy and security implications of the move. Of particular concern is the ability of an attacker, or marketer, to learn whether messages are being opened, as well the possibility of an attacker spiking an image URL with additional attacks that could lead to denial of service conditions or worse.
“Any image URL in the email is now requested by Google’s servers. This may allow some malicious behaviors to be automated just sending image-laden messages to dozens of random Gmail account holders,” said HD Moore, CSO at Rapid7 and creator of the Metasploit Framework, in email to Threatpost. “For example, some Web application flaws can be exploited simply by requesting a URL. Granted, this is no different than viewing a webpage or displaying images manually, but due to the automatic’ loading of the image URL, it becomes a much more practical attack.”
How to disable
Choose whether to show images
Gmail automatically shows you the images in your messages. In some cases, for example if you have a slow Internet connection or if your device has low battery, you can choose to have Gmail ask you before showing images.
|My System Specs|
|Similar help and support threads for2: Gmail Image Proxy Change Has Privacy, Security Implications|
|Google's Terms of Service changes boil down to privacy, security||News|
|Please could you check my Security/Privacy||System Security|
|How do I change the image in the Windows Security||Customization|
|Security - The Best Paid Proxy Service.||Security News|
© Designer Media Ltd
All times are GMT -5. The time now is 01:16 PM.