Glitch in OS X Spotlight Exposes Private Details to Spammers and Phishers
LIKE
TWEET
SHARE
PIN
SHARE
POST
MAIL
MORE
Posted January 11, 2015 at 11:30pm by iClarified
A glitch in Apple's OS X Spotlight can potentially expose sensitive details of Apple Mail users, including IP addresses and more to spammers, phishers, and other online tracing companies.
When searching with Spotlight in OS X, Apple indexes emails received with the Apple Mail client; however, when performing the searches, Spotlight shows previews of the emails and automatically loads external images in the HTML email. There is a setting in the Mail application that when switched off, prevents the loading of remote content in messages. Unfortunately, there currently is a glitch with Spotlight that still loads the files even with the setting switch off.
The Spotlight preview loads those files even when users have switched off the “load remote content in messages” option in the Mail app, a feature often disabled to prevent email senders from knowing if an email has arrived and if it has been opened. What’s more, Spotlight also loads those files when it shows previews of unopened emails that landed directly in the junk folder.
Loading external files can reveal private information to the email senders. For instance, some senders include tracking pixels linked with images that can send information back to the sender when the image is loaded. The information sent can sometime help email marketers to gather data the receivers.
Currently, the only way to work around this issue is to disable Spotlight from searching Mail and Messages in System Preferences.
Bugs are not viruses, this is nothing to do with cookies or cache, using a firewall will not prevent this bug from revealing your IP (and confirming you opened the mail) if your computer requests an image (i.e. tracking pixel) in an email.
I do agree with Lolwut that this is news because it's something some people may want to take action over to protect their privacy. Apart from that, everything in this comment thread is misinformation.
Bugs do mean viruses. How else can a glitch be caused in a first place if one os were to be secured perfect. When it comes to downloading, that's when you have nothing to protect what files are carrying let alone firewalls.
Nope.
A virus is malicious code that is programmed with the intention of altering or subverting the operation of a system in a undesired way. A bug is generally the result of a programming error in a piece of software that causes undesirable or unexpected behaviour.
Long story short: viruses are programmed by third parties with the intention of doing harm. Bugs are (generally) introduced by the software developers (in this case by Apple) by accident.
When it comes to downloading, a firewall is not effective in preventing the running of malicious code, as you say. The best way is to your use your common sense about what you run on your system, and for most people ideally to run some kind of anti-virus software. Many of them are resource sapping nightmares, but they can at least identify many types of virus and prevent them from executing, or doing too much damage.
No, it's not just another name, it's a completely different thing. It occurs for a different reason and is avoided or fixed in a completely different way. You may think it's not harmful to say "bugs are viruses" without any real idea of what either word means, but as you yourself said, only with the correct information can we make proper, informed decisions about the way we keep ourselves safe. Spreading totally erroneous information isn't helping anyone.
It's not helping because you just keep going in making excuses all because of one tiny example. I even explained what it is like to have viruses, that's why I used bugs, just let it be. Who cares what it really means anyway. Besides who here is going to be confused over one tiny example. In fact who cares how perfect it has to be? Comment critic!
Check my original comment where I basically agree with you. You decided to pick on the four words "bugs are not viruses", and all I've done since then is respond to your comments and inject some accuracy (iClarification :) into these comments.
![DJI Introduces Its Own Portable Power Stations [Video]](/images/news/93370/93370/93370-160.jpg "DJI Introduces Its Own Portable Power Stations [Video]")
![Apple to Revamp Calculator App for macOS 15 [Rumor]](/images/news/93368/93368/93368-160.jpg "Apple to Revamp Calculator App for macOS 15 [Rumor]")
![New 15-inch M3 MacBook Air On Sale for $149.01 Off! [Lowest Price Ever]](/images/news/93314/93314/93314-160.jpg "New 15-inch M3 MacBook Air On Sale for $149.01 Off! [Lowest Price Ever]")
![Apple 96W USB-C Power Adapter On Sale for 49% Off [Deal]](/images/news/93302/93302/93302-160.jpg "Apple 96W USB-C Power Adapter On Sale for 49% Off [Deal]")
![AirPods Pro 2 With USB-C On Sale for $189! [Deal]](/images/news/92932/92932/92932-160.jpg "AirPods Pro 2 With USB-C On Sale for $189! [Deal]")
![iPad Mini 6 On Sale for Just $375! [Lowest Price Ever]](/images/news/93207/93207/93207-160.jpg "iPad Mini 6 On Sale for Just $375! [Lowest Price Ever]")
