Reblogged from Zzyzxian Muses On Speed (a Livejournal that is only open to LJ members)

Google has made changes to their service that allows them to download images sent you automatically without the sender’s web server that is hosting the images getting sensitive data about your computer’s IP address, browser details and so on by using what’s called a “proxy server”.

While this is useful, it in fact gives marketing (advertising) houses like Google and black hats (spammers and other people up to no good) a huge leg up as they will now know when exactly when you opened the email and how many times you opened it.

At the very least this will verify your email address is “live” and ensure it’s kept on the list of known good addresses to spam.

Note that Google has has automatically enabled image downloads with out asking your permission to do so. I did however get this most helpful pop-up notice when I logged into Gmail via the web this morning:

Google is soft balling this and candy coating the risk in the last paragraph here: https://support.google.com/mail/answer/145919?p=display_images&rd=1

I strongly recommend that all Gmail users blow off Google’s reassurances and restore the “Ask to load images” function to regain better control of their privacy:

More details on this can be found here:
http://arstechnica.com/security/2013/12/dear-gmailer-i-know-what-you-read-last-summer-and-last-night-and-today/

Thanks to Mako for pointing this out.

The Old Wolf has spoken.