New Gmail image server proxies raise security risks
A new Gmail policy that allows e-mailed imaged attachments to load automatically comes at a price, say two security researchers.
Google announced on Thursday that Gmail would once again load attached images by default. The feature had been disabled years ago, as a way of clamping down on malware and phishing attacks.
The news was accompanied by an explanation: Google proxy servers would host the images, thus preventing any malware they were hiding from surreptitiously showing up in the e-mail. However, security researcher H.D. Moore determined that the proxy servers posed a tracking risk to e-mail recipients.