From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/70288
Path: news.gmane.org!not-for-mail
From: Ted Zlatanov <tzz@lifelogs.com>
Newsgroups: gmane.emacs.gnus.general
Subject: Re: Built-in HTML renderer in Emacs?
Date: Wed, 01 Sep 2010 15:20:32 -0500
Organization: =?utf-8?B?0KLQtdC+0LTQvtGAINCX0LvQsNGC0LDQvdC+0LI=?= @
 Cienfuegos
Message-ID: <87tym96wrz.fsf@lifelogs.com>
References: <m3bp8mz7bk.fsf@quimbies.gnus.org> <87sk1uzjap.fsf@lifelogs.com>
	<m3zkw2sial.fsf@quimbies.gnus.org> <871v9dlgqp.fsf@lifelogs.com>
	<m3d3sxwncv.fsf@quimbies.gnus.org> <87lj7ljyxd.fsf@lifelogs.com>
	<m34oe9v5rv.fsf@quimbies.gnus.org> <874oe9jwv3.fsf@lifelogs.com>
	<m3pqwxqwxx.fsf@quimbies.gnus.org> <87vd6pig2y.fsf@lifelogs.com>
	<m362ypqusq.fsf@quimbies.gnus.org> <87occhfl77.fsf@lifelogs.com>
	<m3occhpez0.fsf@quimbies.gnus.org> <87d3sxfkhc.fsf@lifelogs.com>
	<m339ttbchs.fsf@quimbies.gnus.org> <878w3lfjgd.fsf@lifelogs.com>
	<m3y6bl9wsg.fsf@quimbies.gnus.org> <87d3sx8gkq.fsf@lifelogs.com>
	<m3sk1t9uno.fsf@quimbies.gnus.org> <871v9d8dj2.fsf@lifelogs.com>
	<m3y6bljkyh.fsf@quimbies.gnus.org>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: dough.gmane.org 1283372467 25009 80.91.229.12 (1 Sep 2010 20:21:07 GMT)
X-Complaints-To: usenet@dough.gmane.org
NNTP-Posting-Date: Wed, 1 Sep 2010 20:21:07 +0000 (UTC)
To: ding@gnus.org
Original-X-From: ding-owner+M18674@lists.math.uh.edu Wed Sep 01 22:21:04 2010
Return-path: <ding-owner+M18674@lists.math.uh.edu>
Envelope-to: ding-account@gmane.org
Original-Received: from util0.math.uh.edu ([129.7.128.18])
	by lo.gmane.org with esmtp (Exim 4.69)
	(envelope-from <ding-owner+M18674@lists.math.uh.edu>)
	id 1Oqtno-0001m9-Ni
	for ding-account@gmane.org; Wed, 01 Sep 2010 22:21:01 +0200
Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu)
	by util0.math.uh.edu with smtp (Exim 4.63)
	(envelope-from <ding-owner+M18674@lists.math.uh.edu>)
	id 1Oqtnh-0002V0-0O; Wed, 01 Sep 2010 15:20:53 -0500
Original-Received: from mx1.math.uh.edu ([129.7.128.32])
	by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256)
	(Exim 4.63)
	(envelope-from <postmaster@quimby.gnus.org>)
	id 1Oqtnf-0002Uo-TO
	for ding@lists.math.uh.edu; Wed, 01 Sep 2010 15:20:51 -0500
Original-Received: from quimby.gnus.org ([80.91.231.51])
	by mx1.math.uh.edu with esmtp (Exim 4.72)
	(envelope-from <postmaster@quimby.gnus.org>)
	id 1Oqtnb-0004Uc-VV
	for ding@lists.math.uh.edu; Wed, 01 Sep 2010 15:20:51 -0500
Original-Received: from lo.gmane.org ([80.91.229.12])
	by quimby.gnus.org with esmtp (Exim 3.36 #1 (Debian))
	id 1Oqtnb-0001xz-00
	for <ding@gnus.org>; Wed, 01 Sep 2010 22:20:47 +0200
Original-Received: from list by lo.gmane.org with local (Exim 4.69)
	(envelope-from <ding-account@m.gmane.org>)
	id 1Oqtna-0001fW-Cq
	for ding@gnus.org; Wed, 01 Sep 2010 22:20:46 +0200
Original-Received: from 38.98.147.130 ([38.98.147.130])
        by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
        id 1AlnuQ-0007hv-00
        for <ding@gnus.org>; Wed, 01 Sep 2010 22:20:46 +0200
Original-Received: from tzz by 38.98.147.130 with local (Gmexim 0.1 (Debian))
        id 1AlnuQ-0007hv-00
        for <ding@gnus.org>; Wed, 01 Sep 2010 22:20:46 +0200
X-Injected-Via-Gmane: http://gmane.org/
Original-Lines: 39
Original-X-Complaints-To: usenet@dough.gmane.org
X-Gmane-NNTP-Posting-Host: 38.98.147.130
X-Face: bd.DQ~'29fIs`T_%O%C\g%6jW)yi[zuz6;d4V0`@y-~$#3P_Ng{@m+e4o<4P'#(_GJQ%TT= D}[Ep*b!\e,fBZ'j_+#"Ps?s2!4H2-Y"sx"
User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/24.0.50 (gnu/linux)
Cancel-Lock: sha1:xkswUinaRXG4ogr52tY0dt7OPDQ=
X-Spam-Score: -0.7 (/)
List-ID: <ding.gnus.org>
Precedence: bulk
Xref: news.gmane.org gmane.emacs.gnus.general:70288
Archived-At: <http://permalink.gmane.org/gmane.emacs.gnus.general/70288>

On Wed, 01 Sep 2010 21:57:26 +0200 Lars Magne Ingebrigtsen <larsi@gnus.org> wrote: 

LMI> Ted Zlatanov <tzz@lifelogs.com> writes:
>> Katsumi Yamaoka and I had a similar discussion about safe URLs.  I think
>> fighting spammers by filtering all images is a losing battle and
>> everyone will just set that to nil, but maybe the filter can at least
>> take the image size into account.

LMI> I don't think spammers are the main problem -- it's a question of loss
LMI> of privacy.  There are people selling tools that lets you know whether
LMI> somebody has read the email you sent them just by exploiting the
LMI> sloppiness of mail readers in this area.  I don't think that's a good
LMI> idea to have enable by default.

OK, s/spammers/evildoers and other miscreants/.  I believe 99% of the
users will set this to nil or give up.  We should at least try to give
this some nuance; a regex is not the best solution.

So, looking at http://w2.eff.org/Privacy/Marketing/web_bug.html and
http://en.wikipedia.org/wiki/Web_bug...

Gnus doesn't let w3m use cookies so session tracking won't work.  We're
only worried about images.  We should maybe look at w3m-filter-rules and
structure gnus-blocked-images after it.

Also image URLs that have GET parameters could be filtered out
explicitly as a separate rule.  That's very likely to be a web bug.

>> 1x1 images are suspicious but a 800x600 image is probably safe.
>> Basically the pixel count should be over 8 and each dimension should
>> be over 2.

LMI> You don't know the size of the image before you download it.

It's pretty common to set the width and height explicitly to 1 for web
bug images in the HTML.  That's what I was thinking of; sorry for being
unclear.

Ted