On Tue, Jul 24, 2018 at 09:39:37AM -0500, Glenn Cooper wrote:
> 
> You may have noticed recently that URLs in messages to the [log in to unmask] mailing list are often converted to a longer version where the original URL is routed through "urldefense.proofpoint.com", e.g.,
> 
> This is an anti-phishing measure adopted by Fermilab.
>

Some people dislike these email manglers because they replace obviously
safe URLs (zzzz://triumf.ca, https://urldefense.proofpoint.com/v2/url?u=http-3A__bnl.gov&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=9MsrWO_OsZsUg1N098OjP5FVq11d4xFs7FQSsO0fvOg&s=hNpBcmIgNIJC38WgFxk6q0e-BDk3eAeFQnaJXmIOK3Y&e=, zzzz://gnal.gov, etc)
with magical "eat me" cookies.

Maybe these manglers cut down on nigerian fishing, but I think there
is a net decrease in security because everybody is forced
to click links without knowing exactly where they go.

And there is a privacy violation element to this, now a 3rd party has a record
of when I visit what web sites. (And after the recent Facebook scandal,
only the naive disbelieve that these records are not available for sale, cheap).

-- 
Konstantin Olchanski
Data Acquisition Systems: The Bytes Must Flow!
Email: olchansk-at-triumf-dot-ca
Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada