Tracker pixels are surprisingly commonly used by legitimate senders… your bank, your insurance company, any company you patronize. These assholes hide a 1-pixel image in HTML that tracks when you open your email and your IP (thus whereabouts).

I use a text-based mail client in part for this reason. But I got sloppy and opened an HTML attachment in a GUI browser without first inspecting the HTML. I inspected the code afterwards. Fuck me, I thought… a tracker pixel. Then I visited just the hostname in my browser. Got a 403 Forbidden. I was happy to see that.

Can I assume these idiots shot themselves in the foot with a firewall Tor blanket block? Or would the anti-tor firewall be smart enough to make an exception for tracker pixel URLs?

  • evenwicht@lemmy.sdf.orgOPM
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    21 hours ago

    In neomutt I ended up customizing the print function. So if I “print” an attachment, it launches a script that runs wkhtmltopdf inside firejail --net=none followed by rendering in Firefox (also inside firejail --net=none), so I get an instant isolated firefox view as well as a PDF.

    I’m happy with that replacement because I would never want to send something straight to a printer anyway. I would want to preview before printing. And the print function is documented right on the screen when looking at attachments, so no key binding to try to remember.