they're not web BUGS, they're web BEACONS!

"Yahoo!'s practice is to include web beacons in HTML-formatted email messages (messages that include graphics) that Yahoo!, or its agents, sends in order to determine which email messages were opened and to note whether a message was acted upon."

Tags: ,

10 Responses:

  1. malokai says:

    this got posted 3x..

    • jwz says:

      this is because lj was being a little bitch.

      I even checked my page to see if it had gotten posted, since know it often lies when it says the connection timed out -- and it hadn't been. Comments were also showing up hours late today.

  2. fo0bar says:

    Gotta love web bugs. The later part of my programming with Evil Marketing Company(TM) dealed with them, along with a rather ingenius (translation: evil) javascript app. Company signs up, we give them a one-line JS include code to put on all their web pages. What it does it goes through every link, every form, anything that could be acted upon... looked at it's onClick/whatever code, shunted it off to an object and replaced with our code that 1) runs the original code, if any and 2) notified us of any action you made on that page via web bugs. Collecting form data was the big thing here, reporting it to us even if you close the web browser before submitting the data.

    It also used cookies to track the user's state, but since this was all implemented in JS, the cookie was actually set within the realm of the client's site! This mean it got around IE6's pesky ignore-3rd-party-cookies-by-default thing.

    The client could go in and design a visio-like diagram of how our shit integrated into their site. IE, user enters shopping cart site, puts something in their cart, then proceeds to checkout. Nowadays the first thing they ask you for is your email address when you check out. Say user puts in email address, but does not finish checkout. Our system sends them an email, giving them an incentive to finish checking out. Say 10% off the purchase. If they leave before an email addess was collected, you may get hit with a popup.

    Evil. Clever, but evil.

  3. kyronfive says:

    how do you avoid this shit?

    • Use pine, mutt, or some other mail reader which doesn't automatically render html by default.

      It's at times like this that I *like* living in the email stone age. I am immune to your foul blandishments! I spit on your javascript bugs! I laugh at your 1x1 transparent GIFs! Ahahahaha!

    • jwz says:

      I use Privoxy (formerly Junkbuster) which is an HTTP proxy that does all kinds of filtering on your connection: it strips out ads, cookies, and can identify and remove these web bugs before your browser sees them, among other things.

      Of course, you have to enable cookies for sites that you actually log in to (record stores, etc.) So they can track you all they want.

      So if you actually use Yahoo, you're kinda screwed, because they already have info about you, and they're going to share it far and wide with whoever they care to, whether you click the link or not.

  4. atakra says:

    This is actually pretty old news. I posted about it on various mailing lists 3 months ago.

    • jwz says:

      I didn't post it because it was news, I post it because web beacon was new to me and made me laugh.