iOS Mail (all versions) undermines user privacy by loading remote content
| Originator: | kevinchen2003 | ||
| Number: | rdar://10982526 | Date Originated: | 04-Mar-2012 10:19 PM |
| Status: | Behaves correctly | Resolved: | |
| Product: | iPhone/iPod touch | Product Version: | all iOS versions |
| Classification: | Other Bug | Reproducible: | Always |
SUMMARY: Overview of email tracking (web beacons) Many sources of email, including spammers and Facebook, embed remote content (web beacons) in their emails to track when users open the messages. The sender knows when the recipient has opened the message because email clients load the remote content hosted by the sender's server, such as an image, CSS, or audio file. Apple has always been an industry leader in privacy. As tracking becomes more prevalent, this issue becomes more important to protecting the privacy of Apple's users. Email tracking and iOS Mail Mail on iOS (all versions) automatically loads remote content, without any option to disable this as there is on Apple Mail for Macs. Thus, iOS Mail undermines user privacy by leaking data like Titanic after the iceberg--something that is undesirable for consumers and unacceptable for corporate users. We can watch this happen in realtime by sending specially crafted test emails to our iOS devices. STEPS TO REPRODUCE: 1. Set up any email account on any iOS device running any version of iOS. 2. Send a specially crafted test email to that email account. I used the Email Privacy Tester to automate this: <https://grepular.com/email_privacy_tester/>. (It redirects to a results page once the test email has been sent.) 3. Open the test email on the device while it is connected to the Internet. 4. Wait a few moments for the remote content to load. Watch the results page on Email Privacy Tester. EXPECTED RESULTS: The device does not automatically load remote content, or provides an option to disable remote content. ACTUAL RESULTS: The device loads about 18 types of remote content of the 32 types tested by the Email Privacy Tester, indicating to the sender that the user has opened the email. Because the results of email tests are deleted after 24 hours, I cannot provide links to the results of specific tests I ran. If this is an issue, let me know. REGRESSION: None--the issue is present in every iOS device I've tested, spanning all major iOS releases (1.x to 5.x) and all iOS devices (iPhone, iPod touch, iPad). NOTES: A workaround is to download all new email and turn on Airplane Mode while reading and/or responding to the email. However, this is very cumbersome and not practical for day-to-day use.
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!
03-May-2012 12:52 PM Apple Developer Bug Reporting Team :
Engineering has determined that this issue behaves as intended based on the following information:
Turn off "Settings > Mail, Contacts, Calendar > Load Remote Images" (which actually applies to all remote contents -- OSX Mail also only refers to "Images" for "any content").