443

Google docs infects html exports with google tracking redirects. (fosstodon.org)

submitted 1 year ago* (last edited 1 year ago) by tavu@sopuli.xyz to c/privacy@lemmy.ml

54 comments fedilink hide all child comments

Today I found out that google docs infects html exports with spyware, no scripts, but links in your document are replaced with invisible google tracking redirects. I was using their software because a friend wanted me to work with him on a google doc, he is a pretty big fan of their software, but we were both somehow absolutely shocked that they would go that far.

you are viewing a single comment's thread
view the rest of the comments

[-] mspencer712@programming.dev 12 points 1 year ago

Are there any beneficial side effects? If they discover a URL is malicious after it’s been exported, would this allow them to intercept the click and stop someone from reaching the malicious site?

[-] d0ntpan1c@lemmy.blahaj.zone 31 points 1 year ago

That's how Microsoft markets their "safe links" in Outlook, which is more or less the same behavior of wrapping all links with a redirect. Whether they actually do anything with that to save you from phishing attempts or whatever... who knows. Even if there is a safety feature, it's still an easy way to mine url query params for data or learn about the user for other purposes (which they may or may not be doing)

IMO if you can't turn it off, there's a secondary motive to the feature. Especially when the feature is marketed from a place of fear rather than aid.

[-] foksmash@lemm.ee 5 points 1 year ago

The MS security feature does work quite well (at least for Enterprise).

[-] 01189998819991197253@infosec.pub 1 points 1 year ago

I'm not sure I would categorize it as working "quite well". At least not in my experience. It's better than nothing.

[-] foksmash@lemm.ee 2 points 1 year ago

Ya, I would tend to agree and left out the context. It's not our only URL filtering tool, we have a full proxy and URL rewrite in email for that but it does help fill in gaps when people click links from devices we don't manage.

[-] Linus_Torvalds@lemmy.world 0 points 1 year ago

While I would be sceptical that this is the main reason, this might be a valid argument. Google can track users and protect the stupid users at the same time, who otherwise would endanger the public image of Google Docs('i GoT sCaMmEd oN gOoGlE dOcS')

this post was submitted on 05 Oct 2023

443 points (98.9% liked)

Privacy

31609 readers

316 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS