Login

Recent searches

No recent searches

Search options

Only available when logged in.
fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software. If you wish to join, contact us for an invite.

Administered by:

Server stats:

10K
active users

fosstodon.org: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.6

Public
Joe :ferris: :nixos:

Today I found out that google docs infects html exports with spyware, no scripts, but links in your document are replaced with invisible google tracking redirects. I was using their software because a friend wanted me to work with him on a google doc, he is a pretty big fan of their software, but we were both somehow absolutely shocked that they would go that far.

Public
Joe :ferris: :nixos:

For those unfamiliar with html: the href section, everything between href=" and "> is the real link, and the section between > and </a> is the display text

This html feature is useful so that a link can display as smething like "Read more", "Profile", "Wiki" etc, but in this case it is misused.

Google tracks people that are not using any of their products by adding hidden tracking links to exports without designer knowledge or end user consent.

Public *
lil5 :golang: 🚲 🇳🇱

@Joe_0237 how manages to do this under the is beyond me,… do you get to see a cookie banner before the redirect (in a private window)?

Nope (see picture), if they are collecting data from these redirect links it’s totally against the gdpr:

Redirect Notice The page you were on is trying to send you to https://wikimediafoundation.org/. If you do not want to visit that page, you can return to the previous page.
Public
Joe :ferris: :nixos:

@lil5 Interesting find. Perhaps they only officially track the google user who made the doc, so users unwittingly help the google collect stats on the author and their site, or only those that are signed with in google are tracked, and almost every person with a computer is usually signed into an account. But even so, this tactic shows that there no trust, so why shouldn't they track everyone, its not like they have to share the code they say only tracks legally.

Public
ADG

@Joe_0237 @lil5 without a logged in account, the google domain gets the same data any other site would have. If they're not setting a cookie, and the link is taking you where it is intended, I don't see what they're doing wrong.

I'm up for being educated on this topic, as it affects my field of work. Thanks

Public
Joe :ferris: :nixos:

@adg @lil5 I have not investigated that very deeply, but I don't think that the fact that any company can track makes it moral.

I don't know if they set a cookie or if not if they use a fingerprinter, but beyond any doubt they have your IP address and user agent which unless you are on a VPN or at a coffee shop or or share a network with your apartment building is probably enough to identify you.

But ...

Joe :ferris: :nixos:

@adg @lil5 ... even if they are not tracking the follower of the link, they are surely at least tracking link traffic on someone else's website or ebook, they know the source page because of the referer http header, they know the destination, and they know the document the link belongs to with the ID numbers the in the "ust" and "usg" url parameters.

Oct 05, 2023, 07:49 PM·Public·Tusky
0boosts·1favorite
ExploreLive feeds
About