Not long ago, when received an email with images, Gmail would block the image by default. You had to press the “Display images below” button to see the images.
However, on Dec 12th, Google announced the that Gmail would once again load attached images by default. Together with the new policy, Google came out a new method to deal with the security issues: Google’s own proxy servers. In this way, all the images would be checked for viruses and malware before being showed.[1]
Although Google claimed it is a safe way, some experts commented it raise new security risks. It provides senders ways to tell whether they emails were read by the receivers. If a sender is clever enough, for example, sending each mail with a unique image, he will easily know the behavior of each receiver. Besides, since image URLs in the e-mail are requested by Google’s servers, it may allow some malicious behavior to be automated by sending e-mail filled with images to Gmail accounts at random.[2]
To these concerns, Google replied that there is an option in settings to revert to the previous behavior for users who don’t like the change.[3]
This new changes is rolling out on desktop and to Gmail mobile apps in early 2014.
For more information, please check out the links below:
http://news.cnet.com/8301-1009_3-57615502-83/new-gmail-image-server-proxies-raise-security-risks/
http://www.wired.com/business/2013/12/gmail-spying-explained/
Reference:
[1] http://gmailblog.blogspot.com/2013/12/images-now-showing.html
[2] http://news.cnet.com/8301-1009_3-57615502-83/new-gmail-image-server-proxies-raise-security-risks/
[3] http://www.wired.com/business/2013/12/gmail-spying-explained/