Tracker pixels are surprisingly commonly used by legitimate senders… your bank, your insurance company, any company you patronize. These assholes hide a 1-pixel image in HTML that tracks when you open your email and your IP (thus whereabouts).

I use a text-based mail client in part for this reason. But I got sloppy and opened an HTML attachment in a GUI browser without first inspecting the HTML. I inspected the code afterwards. Fuck me, I thought… a tracker pixel. Then I visited just the hostname in my browser. Got a 403 Forbidden. I was happy to see that.

Can I assume these idiots shot themselves in the foot with a firewall Tor blanket block? Or would the anti-tor firewall be smart enough to make an exception for tracker pixel URLs?

You are viewing a single thread.
View all comments View context
3 points
*

I suppose you could even say text-based clients are at a disadvantage because when we opt to render the HTML graphically, a full-blown browser is launched which is likely less hardened than something like whatever profile and engine Thunderbird embeds.

In my case I created a firejailed browser with --net=none so I could hit a certain key binding to launch the neutered browser to render an HTML attachment in a forced-offline context— but I was too fucking lazy to dig up what keys I bound to that which is why I (almost?) got burnt.

permalink
report
parent
reply

Text-Based User Interfaces (TUI; CLI)

!text_ui@lemmy.sdf.org

Create post

Forum for advanced users who grok the power of text-based apps, the advantage of tmux/GNU screen, the keyboard and who often find the mouse a hinderance to a fast workflow. A text-based UI is also a decent escape from enshitified resources.

This forum broadly covers tools, hacks, and advocacy of text-based environments.

Slightly marginally kind of related:

Community stats

  • 18

    Monthly active users

  • 3

    Posts

  • 20

    Comments

Community moderators