Author here, yes it does. Meaning, email tracking still works regardless of gmail pre-fetching. But accuracy may be slightly off
I'll add this as well, several companies have built products just to allow people to do email tracking in Gmail (boomerang, signals, streak, banana tag). So yes it does work
Is it a bad thing to have your open and clicks "tracked" by an email marketer?
Yes and No.
It depends who the marketer is. If it's a spammer, then the answer is no, it's not good.
However, if it's a company you signed up for their email list, then you want tracking. You want them to send you advert's that you are actually interested in. You want them to not waste you time (and inbox space) with advert's that you will never be interested in. You also want them to send you engaging, funny, provocative emails that don't annoy you.
These things can only happen if the marketer knows what people are clicking on and what type of content is the most engaging.
I'm wary of installing an extension that can access my data in gmail. Is the source code available anywhere?
Edit1: Found a chrome extension that lets me view the source code of chrome extensions[1]
Edit2: The inclusion of bootstrap.css is changing the appearance of some things, namely the "show original" message view. It also doesn't seem to detect the tracking image included by yesware
Edit3: Could I break this by adding "safe-img" somewhere in my tracking pixel url?
I understand your concern, but chrome extensions for gmail are widely used even across business/enterprise.
If it's any consolidation, I do not store/scan/save any data. It just blocks images that people are using to invade your privacy (ie track your email opens).
p.s.
There is no oauth access required for this extension/app.
Chrome plugins pose a HUGE security problem. This one, for example, gets access to your GMail account. Do you want that? What else could this plugin do since it can read your email? Do you trust the author not to steal your GMail cookie?
Are you installing this at work? What kind of trade secrets could you potentially leak? And how does it affect your corporate compliance requirements? If your email is subject to HIPAA regulation, then you may be leaking protected health information. That's pretty bad.
I, for one, rarely install plugins. I've written plugins for my own amusement that can do some very bad things, and it's just too easy. Think twice people.
I really really really want a better security model for chrome extensions. As an example, I'd be happy to install this extension if it didn't "have access to" my gmail content, but was somehow able to add DOM matching and mutating callbacks that were run under Gmail. The matching part would be under my control and couldn't be updated by the extension. For example I'd be happy to let this extension mutate any img tag. I'm sure you can find a million holes in this idea, but it would be better than what we have today.
Maybe if the permission was something like "Let this extension read and mutate stuff on the page but don't let it make any ajax requests". Would that be sufficient?
Not the person you were responding to, but this could be easily worked around by sticking `img` tags into the page with urls that are crafted to share information.
Perhaps if I threw this on github people could see the code themselves, or better yet; run the extension in dev mode so they can 100% be sure they know the code running.
Appreciate the concerns claudiusd. Just trying to protect people's email privacy :)
Another potential solution to block 'read receipts' is to turn off image loading by default. Its not ideal - because you don't know what images will load until you load them so you may be tempted to load images when you think there may actually be some image content there.
The benefit of this approach is that all marketing email won't be tracked as well.
disclosure: i'm a co-founder at Streak and we offer read receipts for gmail.
Hi Aleem! This is Omar from Waterloo (your co-founder's friend). Big fan of you guys and what you've done with Streak. Contrary to some of the comments, some chrome extensions inside of gmail are very very very useful. Streak is definitely one of those
When I wrote email tracking software about 7 years ago, I dropped the 1x1 pixel, because of spam filters tripping over them. I just used any image in the email to track you and assigned it an unique URL. How do you propose catching that one?
At the moment I just scan for the most commonly known sources of tracking and then things that seem to be tracker images. The logic is quite simple, definitely can be improved to pick up a lot more tracking sources. But for now it works quite well :)
34 comments
[ 2.8 ms ] story [ 65.5 ms ] threadI'll add this as well, several companies have built products just to allow people to do email tracking in Gmail (boomerang, signals, streak, banana tag). So yes it does work
[Edited x 2]
Is it a bad thing to have your open and clicks "tracked" by an email marketer?
Yes and No.
It depends who the marketer is. If it's a spammer, then the answer is no, it's not good.
However, if it's a company you signed up for their email list, then you want tracking. You want them to send you advert's that you are actually interested in. You want them to not waste you time (and inbox space) with advert's that you will never be interested in. You also want them to send you engaging, funny, provocative emails that don't annoy you.
These things can only happen if the marketer knows what people are clicking on and what type of content is the most engaging.
Edit1: Found a chrome extension that lets me view the source code of chrome extensions[1]
Edit2: The inclusion of bootstrap.css is changing the appearance of some things, namely the "show original" message view. It also doesn't seem to detect the tracking image included by yesware
Edit3: Could I break this by adding "safe-img" somewhere in my tracking pixel url?
[1] https://chrome.google.com/webstore/detail/chrome-extension-s...
If it's any consolidation, I do not store/scan/save any data. It just blocks images that people are using to invade your privacy (ie track your email opens).
p.s. There is no oauth access required for this extension/app.
[Edit - fixed the Show Original styling issue]
But more importantly, it's a privacy concern that some people may or may not have.
thanks! :)
I understand people not wanting to be "tracked" by EMS... I'm on the "tracking" side of things... so my opinion is different than most people's.
Are you installing this at work? What kind of trade secrets could you potentially leak? And how does it affect your corporate compliance requirements? If your email is subject to HIPAA regulation, then you may be leaking protected health information. That's pretty bad.
I, for one, rarely install plugins. I've written plugins for my own amusement that can do some very bad things, and it's just too easy. Think twice people.
Appreciate the concerns claudiusd. Just trying to protect people's email privacy :)
Tracking still works and this extension is useful as long as you trust the author.
The benefit of this approach is that all marketing email won't be tracked as well.
disclosure: i'm a co-founder at Streak and we offer read receipts for gmail.