Joe :fedora: :debian: :ferris: (@Joe_0237@fosstodon.org)
fosstodon.org
Today I found out that google docs infects html exports with spyware, no scripts, but links in your document are replaced with invisible google tracking redirects. I was using their software because a friend wanted me to work with him on a google doc, he is a pretty big fan of their software, but we were both somehow absolutely shocked that they would go that far.

@Joe_0237@fosstodon.org wrote:

Today I found out that google docs infects html exports with spyware, no scripts, but links in your document are replaced with invisible google tracking redirects. I was using their software because a friend wanted me to work with him on a google doc, he is a pretty big fan of their software, but we were both somehow absolutely shocked that they would go that far.

Google Docs exports automatically infected with tracking links:

txt - unaffected html + AFFECTED odt - unaffected pdf - unaffected epub + AFFECTED rtf - unaffected docx - unaffected

sample web html tag: https://wikimediafoundation.org/

sample epub xhtml tag: https://wikimediafoundation.org/

  • foksmash@lemm.ee
    62·
    1 year ago

    The MS security feature does work quite well (at least for Enterprise).

    • 𝕸𝖔𝖘𝖘@infosec.pubEnglish
      0·
      1 year ago

      I’m not sure I would categorize it as working “quite well”. At least not in my experience. It’s better than nothing.

      • foksmash@lemm.ee
        1·
        1 year ago

        Ya, I would tend to agree and left out the context. It’s not our only URL filtering tool, we have a full proxy and URL rewrite in email for that but it does help fill in gaps when people click links from devices we don’t manage.