3

Just dodged a tracker pixel (I think) -- thanks to a text-based mail client and Tor

posted
*
by
Avatar
evenwicht@lemmy.sdf.orgM
in
Avatar
text_ui@lemmy.sdf.org
8 comments
hidereport

Tracker pixels are surprisingly commonly used by legitimate senders… your bank, your insurance company, any company you patronize. These assholes hide a 1-pixel image in HTML that tracks when you open your email and your IP (thus whereabouts).

I use a text-based mail client in part for this reason. But I got sloppy and opened an HTML attachment in a GUI browser without first inspecting the HTML. I inspected the code afterwards. Fuck me, I thought… a tracker pixel. Then I visited just the hostname in my browser. Got a 403 Forbidden. I was happy to see that.

Can I assume these idiots shot themselves in the foot with a firewall Tor blanket block? Or would the anti-tor firewall be smart enough to make an exception for tracker pixel URLs?

Sort:
HotTopControversialNewOld
You are viewing a single thread.
View all comments View context
Avatar
evenwicht@lemmy.sdf.orgOPM
3 points
*

Indeed, but what what was logged? Suppose the tracker pixel is something like:

https://www.website.com/uniqueDirForTracking/b1946ac92492d2347c6235b4d2611184.gif

and I visit that URL from Tor. The server at www.website.com can easily log the (useless) Tor IP and timestamp, but does it log the b1946ac92492d2347c6235b4d2611184? I’m not an expert on this which is why I am asking, but with my rough understanding I suspect that transaction might break down to multiple steps:

  1. a TLS negotiation just with the www.website.com host
  2. if successful, a session cookie may or may not be sent.
  3. the “document” (“image”) is fetched by an HTTPGET req (using the cookie, if given).

If the negotiation is blocked by the firewall, does the server ever even see the request for b1946ac92492d2347c6235b4d2611184.gif?

permalink
report
parent
reply
Avatar
TheSlad@sh.itjust.works
2 points

It knows when you looked at the tracker pixel, and that youre using tor. Also knows your tor exit node, but thats probably not useful to them.

permalink
report
parent
reply
Avatar
CameronDev@programming.dev
4 points

Yes, the server gets the request for /uniqueForTracking/b19...184.gif, which could be logged.

permalink
report
parent
reply
Avatar
evenwicht@lemmy.sdf.orgOPM
2 points
*

That’s interesting. It sounds like browsers could be designed smarter. I get “403 Forbidden” chronically in the normal course of web browsing. In principle if a server is going to refuse to serve me, then I want to give the server as little as possible. Shouldn’t Tor browser attempt to reach the landing page of the host first just to check the headers for a 403, then if no 403 proceed to the full URL?

#dataMinimization

permalink
report
parent
reply
Avatar
CameronDev@programming.dev
4 points

Its not a browser thing, its HTTP. The return codes are specific to the request, not the server.

GET example.com could validly return 403, while GET example.com/tracking123.gif returns 200 or anything else.

permalink
report
parent
reply

Text-Based User Interfaces (TUI; CLI)

!text_ui@lemmy.sdf.org

Create post

Forum for advanced users who grok the power of text-based apps, the advantage of tmux/GNU screen, the keyboard and who often find the mouse a hinderance to a fast workflow. A text-based UI is also a decent escape from enshitified resources.

This forum broadly covers tools, hacks, and advocacy of text-based environments.

Slightly marginally kind of related:

Community stats

  • 18

    Monthly active users

  • 3

    Posts

  • 20

    Comments

Community moderators