OS X Spotlight Glitch Exposes IP Addresses and Other System Details to Spammers
A privacy glitch in Spotlight search for OS X may leak private details, including IP addresses, to email spammers. The flaw was first reported by German tech news site Heise and replicated in tests performed by IDG News Service.

The issue affects OS X mail users who have followed conventional security recommendations to turn off the "load remote content in messages" option in the Mail app. This setting prevents the loading of remote content such as images, including "tracking pixels" that are used by spammers to harvest information when people open an email.
A glitch arises when OS X Mail users utilize Spotlight search in OS X, which includes emails in the search results. Spotlight ignores the remote content block preference from Mail and loads the remote email files as part of the search process. Once Spotlight loads one of these tracking pixels, spammers can glean details such as the IP address, OS X version, browser details, and the version of Quick Look being used.
The Spotlight preview loads those files even when users have switched off the "load remote content in messages" option in the Mail app, a feature often disabled to prevent email senders from knowing if an email has arrived and if it has been opened. What's more, Spotlight also loads those files when it shows previews of unopened emails that landed directly in the junk folder.
Currently, the only way to block this information leak is to block Spotlight from including emails in search results entirely by opening System Preferences and unchecking the "Mail & Messages" option for Spotlight. Apple has yet to comment on this Spotlight privacy glitch.
Popular Stories
Apple says iOS 16.4 is coming in the spring, which began this week. In his Sunday newsletter, Bloomberg's Mark Gurman said the update should be released "in the next three weeks or so," meaning a public release is likely in late March or early April.
iOS 16.4 remains in beta testing and introduces a handful of new features and changes for the iPhone. Below, we have recapped five new features ...
As previously rumored, the next-generation iPhone 15 Pro and iPhone 15 Pro Max will feature a unified volume button and a mute button, according to leaked CAD images shared in a video on the Chinese version of TikTok and posted to Twitter by ShrimpApplePro.
Instead of separate buttons for volume up and volume down, the iPhone 15 Pro models are expected to have a single elongated button for...
The iOS 16.4 update that is set to be released to the public in the near future includes voice isolation for cellular calls, according to notes that Apple shared today.
Apple says that Voice Isolation will prioritize your voice and block out the ambient noise around you, making for clearer phone calls where you can better hear the person you're chatting with and vice versa.
Voice...
The iOS 16.4 release candidate version that was provided to developers today appears to hint at a new set of AirPods that could be coming in the near future. According to @aaronp613, the beta features references to AirPods that have a model number of A3048 and an AirPods case with a model number of A2968.
There have been no rumors that new AirPods are on the horizon, and it is early for...
Nothing today announced the launch of its second-generation wireless earbuds, the Nothing Ear (2), which offer many of the same features as Apple's AirPods Pro 2 at a lower price point. We went hands-on with the Ear (2) earbuds to see whether they're a viable alternative to the AirPods Pro 2 for those who want to save some cash.
The Ear (2) earbuds are the successor to the Nothing Ear (1),...
Apple today seeded the release candidate versions of upcoming iOS 16.4 and iPadOS 16.4 updates to developers for testing purposes, with the software coming a week after the launch of the fourth betas. The RCs mark the final version of the software that will be provided to the public in the near future. Registered developers are able to download the iOS 16.4 and iPadOS 16.4 updates...
Apple is tracking the attendance of its employees at offices using badge records in order to ensure they are coming in at least three times a week, according to Platformer's Zoë Schiffer.
Since April 2022, Apple employees have been operating on a hybrid home/office work policy as part of a gradual return strategy following the pandemic, with staff required to work from the office at least...
While the iPhone 15 series is still around six months away from launching, there have already been plenty of rumors about the devices. Many new features and changes have been rumored for the iPhone 15 Pro and iPhone 15 Pro Max in particular.
Below, we have recapped 10 changes rumored for iPhone 15 Pro models that are not expected to be available on the standard iPhone 15 and iPhone 15 Plus:A1...
Top Rated Comments
Let me explain. If you block the tracking pixel from loading, the spammer will never realize that you received the email, and may eventually stop sending them. If they do realize that you receive the email, then they can get your IP address, know that the email address is valid, cross reference your purchasing habits with your IP address, and target you specifically with Facebook ads.
That's a major gaping privacy hole in OS X that needs to be patched.
/s
Will Apple ever get their act together and overhaul the damn app and actually make it usable?