@Joe_0237@fosstodon.org wrote:

Today I found out that google docs infects html exports with spyware, no scripts, but links in your document are replaced with invisible google tracking redirects. I was using their software because a friend wanted me to work with him on a google doc, he is a pretty big fan of their software, but we were both somehow absolutely shocked that they would go that far.

  • d0ntpan1c@lemmy.blahaj.zone
    link
    fedilink
    arrow-up
    29
    ·
    1 year ago

    That’s how Microsoft markets their “safe links” in Outlook, which is more or less the same behavior of wrapping all links with a redirect. Whether they actually do anything with that to save you from phishing attempts or whatever… who knows. Even if there is a safety feature, it’s still an easy way to mine url query params for data or learn about the user for other purposes (which they may or may not be doing)

    IMO if you can’t turn it off, there’s a secondary motive to the feature. Especially when the feature is marketed from a place of fear rather than aid.

    • foksmash@lemm.ee
      link
      fedilink
      arrow-up
      7
      arrow-down
      2
      ·
      1 year ago

      The MS security feature does work quite well (at least for Enterprise).

      • 𝕸𝖔𝖘𝖘@infosec.pub
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        I’m not sure I would categorize it as working “quite well”. At least not in my experience. It’s better than nothing.

        • foksmash@lemm.ee
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          Ya, I would tend to agree and left out the context. It’s not our only URL filtering tool, we have a full proxy and URL rewrite in email for that but it does help fill in gaps when people click links from devices we don’t manage.