Results 1 to 6 of 6

Hi, Like many of you, I have upgraded my OS to 4.5.0.52 (Orange). I am ... General Blackberry forum

  1. #1
    Bobboya's Avatar
    Bobboya no está en línea Stack level 2
    Join Date
    Oct 2007
    Posts
    20

    HTML email security alert

    Advertisement



    Hi, Like many of you, I have upgraded my OS to 4.5.0.52 (Orange). I am generally happy with the upgrade, have had few problems. I wanted you all to be aware that, while the HTML feature is great (it's super to be able to see graphics in the messages), there is a major security issue.

    Check out the site didtheyreadit.com. This site provides a service, which I am sure is being used by all the spammers. If you open an HTML email message that has gone through their service (and there are other, similar services), you immediately alert the sender that you have opened the message. The sender will know not only whether you have opened the message, but also where you are (the city) and how long you have spent reading it.

    The way it works is that each message is tagged with a hidden image (blank pixel), which must be downloaded from a remote server. The moment you open the email, the remote server is notified to download the blank pixel repeatedly, until you close the message. If you use one of the email messaging systems that allows you to look at the full HTML code, you will see what I mean.

  2. #2
    Sems's Avatar
    Sems no está en línea Stack level 1
    Join Date
    Mar 2007
    Posts
    3
    Like in many other HTML email clients, the security is there actually. First, if there is any remote images, it will not download them automatically. You'll simply see placeholders for them. Second, as an additional measure, you have the option to disable automatic downloads of embedded images (the remote ones will not download automatically by default)

  3. #3
    Don LuiG's Avatar
    Don LuiG no está en línea Stack level 4
    Join Date
    Feb 2007
    PIN/ID
    ask
    Posts
    649
    The same goes for BIS and BES

    ~via BB (wap.pinstack.com)~

  4. #4
    Bobboya's Avatar
    Bobboya no está en línea Stack level 2
    Join Date
    Oct 2007
    Posts
    20
    Yes, the security is there as long as you avoid automatic download of images. If you allow automatic downloading, then you have the security problem.

  5. #5
    Don LuiG's Avatar
    Don LuiG no está en línea Stack level 4
    Join Date
    Feb 2007
    PIN/ID
    ask
    Posts
    649
    Quote Originally Posted by Bobboya View Post
    Yes, the security is there as long as you avoid automatic download of images. If you allow automatic downloading, then you have the security problem.
    Only images that are embeded in the email are automatically downloaded but if you have tagged images from other sites they don't automatically get downloaded you have to click on them and then download in order for them to download and even then your phone will give you a warning for that.

    I have used both BIS and BES on it and thats how it shows up on mine as long as you don't click to download the images they don't download even if you got automatically down load images set on your BB. because there only tagged on the emails most of them are not embeded thats the difference here.

  6. #6
    Bobboya's Avatar
    Bobboya no está en línea Stack level 2
    Join Date
    Oct 2007
    Posts
    20
    It does highlight the security issue. Those who are not aware that it is the downloading of the images that puts them at risk should be aware!

    ~via BB (wap.pinstack.com)~

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •