Gmail’s new image display could pose security worry

Gmail’s new image display could pose security worry

Credit: AFP/Getty Images

The Google logo is seen at the Google headquarters in Mountain View, California. on September 2, 2011. AFP PHOTO/KIMIHIRO HOSHINO (Photo credit should read KIMIHIRO HOSHINO/AFP/Getty Images)

Print
Email
|

by DAVE JOHNSON / MONEYWATCH

CBS News

Posted on December 26, 2013 at 7:05 AM

You may have recently noticed a change in the way your Gmail service works. Google has started displaying images in emails as soon as you select a message. This is an important and significant change, and one worth understanding because it’s not as simple as it seems.

First, a little background. There was a time, a decade ago, when all email apps and services displayed images automatically when you opened a message. But then a number of risks surfaced. Not only is it possible to embed malware in images, but senders can actually track your email behavior when an image is displayed. That means they know your email address is valid and that you’ve opened the email. 

As a consequence, all major email apps stopped displaying images by default, requiring you to click a link to display pictures on a per-email basis. It’s inconvenient, but safer.

Now Gmail is the first major email service to reverse that trend. In a blog post on December 12, Google announced that it would soon turn on image display by default – and as of now, that feature seems active for all users.  

Google has changed its image policy thanks to a change in the way it processes its images. Gmail serves the images through proxy servers, which the search company says safely protects your privacy. That’s great, and automatically displaying images is a small convenience that reminds one of the Internet’s earlier, more innocent times.

But some critics aren’t convinced. PC World, for example, suggests that this is an invitation to hackers. Spammers could send the same image to all of its recipients, but give every one of them a unique URL. That would turn image-laden emails into tracking tools that could let spammers know if a message has been opened regardless of Google’s proxy server solution.

If you’re concerned about Google’s new image policy, you can revert back to a per-image permission system. To do that, open Gmail’s settings, and on the General tab, change Images to Ask before displaying external images.

 

Print
Email
|