GMail Plug-In Streak Snoops Recipient Location

Nothing new here; It's common practice to include tiny images in emails to check whether the email's been read (confirming it's a real address) or to look up IP addresses. The answer, as ever, is to have browsers default to not loading images (I do this on most of my Macs, but it's a pain), or to simply not open mails from untrusted senders. And—as I advised my students this morning regarding sending out unsolicited marketing email—it's becoming a pretty safe bet that anything you sent through as an unsolicited attachment just got deleted right away.

This afternoon, I stumbled across this free Gmail plug-in called Streak. If you send someone an email, Streak will tell you if they opened it, when they opened it, and, most creepily, where they were when they opened it.

How is this possible? Streak doesn't say on their website, but typically email tracking services work in a similar way. They embed a tiny image into the email you've sent. Images in emails aren't actually "in" the emails themselves - they have to be hosted on an external server. When you open the email and your computer asks the external server for the image, your computer pings that server with a request that includes your IP address. Trackers then use that IP address to locate you.