Skip to main content

Why can't we have nice things?

Microsoft. Microsoft is why we can't have nice things.

Michael Downey 🚩

2022-06-29 06:19:45


⚠️ TIL

:microsoft: If you use #Microsoft #Outlook, it scans all of your arriving #email and sends the URLs to #Bing for indexing.

😬 #infosec

https://scribe.rip/@ryanbadger/magic-links-can-end-up-in-bing-search-results-rendering-them-useless-37def0fae994


#microsoft #infosec #Bing #email #outlook
Brad Koehn β˜‘οΈ
Brad Koehn β˜‘οΈ  
I thought that the complaint would be exposing links that are meant to be secured by containing a non-guessable element (eg Google Drive documents) are indexed, but that's not it.

Malware detection already hits a lot of links that come in email, which also blows up the email validation feature. 🀷
Darnell Clayton :verified:
Darnell Clayton :verified:  
That is crazy! I wonder if Google does the same thingβ€½
Mark
Mark  
gmail mobile tracks every clicked link by redirecting the user through their proxy.
Hypolite Petovan
Hypolite Petovan  
Tracking and "publicly indexing by hitting the link with a search crawler" are two different beasts. In the latter case, beyond the privacy implications of a search engine publicly indexing logged-in pages, wouldn't it make magic links useless if the website discards login tokens after the first use?
Mark
Mark  
I see, that's a very important point I overlooked. Thanks for the explanation.
szakib
szakib  
To be fair, a person deliberately choosing to use Outlook has already given up on having nice things.
⇧