By John Gruber
WorkOS: APIs to ship SSO, SCIM, FGA, and User Management in minutes. Check out their launch week.
Linked List: February 24, 2021
Wednesday, 24 February 2021
- From the DF Archive: Superhuman and Email Privacy ★
-
Yours truly, back in July 2019:
They call them “read receipts”, and functionally they do work like read receipts, insofar as they indicate when you read a message. But real email read receipts are under the recipient’s control, and they’re a simple binary flag, read or unread — they don’t tell the sender how many times or when you view a message.
This post was about Superhuman in particular, but it applies to all email services using tracking pixels. Email has an official “read receipt” feature, a feature that is under the recipient’s control, as it should be. These spy pixels are a surreptitious circumvention.
I know that mailing list software generally includes tracking pixels. I don’t think that’s ethical either. On a personal level, though, with Superhuman, tracking when and how many times a recipient views a message is simply absurdly wrong.
It’s also something the vast, overwhelming majority of people don’t even realize is possible. I’ve told the basic Superhuman tracking story to a few people over the last few weeks, and asked whether they realized this was possible; all of them expressed shock and many of them outrage as well. Email should be private, and most people assume, incorrectly, that it is. You have to be a web developer of some sort to understand how this is possible. Email is supposed to be like paper mail — you send it, they get it, and you have no idea whether they read it or not. It bounces back to you if they never even receive it, say, because you addressed it incorrectly. The original conception of email is completely private.
But also, the original conception of email is that messages are plain text. No fonts, no styles, just plain text, with optional attachments. But those attachments are embedded in the message, not pulled from a server when the message is viewed.
Once we allowed email clients to act as de facto web browsers, loading remote content from servers when messages are viewed, we opened up not just a can of worms but an entire case of canned worms. Every privacy exploit for a web browser is now a privacy exploit for email. But it’s worse, because people naturally assume that email is completely private.
It’s a little depressing re-reading this piece today. Everything I’m arguing today, I argued then. Email privacy in the face of these trackers remains an industry-wide disgrace.
- The Apple Store App Has an Easter Egg ★
-
Search for “10 years” and you get a fun animation. Any others?
Updates:
- Also in the Apple Store app: “Let it snow”.
- The Hidden Message in the Parachute of NASA’s Mars Rover ★
-
Joey Roulette, writing for The Verge:
The parachute that helped NASA’s Perseverance rover land on Mars last week unfurled to reveal a seemingly random pattern of colors in video clips of the rover’s landing. But there was more to the story: NASA officials later said it contained a hidden message written in binary computer code.
Internet sleuths cracked the message within hours. The red and white pattern spelled out “Dare Mighty Things” in concentric rings. The saying is the Perseverance team’s motto, and it is also emblazoned on the walls of Mission Control at NASA’s Jet Propulsion Laboratory (JPL), the mission team’s Southern California headquarters.
The parachute’s outer ring appears to translate to coordinates for JPL: 34°11′58″ N 118°10′31″ W.
Tonya Fish posted a handy guide on Twitter (also available as a PDF) explaining how the code works. (Via Kottke.)
Seems sad to me that NASA and JPL are willing to have some fun with clever Easter eggs with a Mars rover, yet Apple, of all companies, no longer does any Easter eggs at all. Computers are supposed to be fun.