Privacy glitch in OS X Spotlight reveals IP addresses, but you can fix it

An alarming privacy glitch in OS X Yosemite was revealed today, analysts saying that through the glitch, bots, spammers, phishers and online tracking companies can pull e-mail addresses, IP addresses and other personal information without the user’s consent. According to various tests performed by IDG News Service as well as the original discoverer of the privacy glitch in OS X, Heise, the problem is that even though Apple Mail clients had used recommended safety protocols, Spotlight searches ignore the requests performed and reveal the sensitive information to prying eyes.

The privacy glitch in OS X affects clients of Apple Mail only, as far as we know, and only if you perform a search using Spotlight Search services. That’s because Spotlight Search indexes your emails in your Apple Mail inbox and when the service shows previews of emails, it loads external images that users requested not to be loaded. If you have disabled the “load remote content in messages” option in your Apple Mail application, the privacy glitch in OS X will still affect you.

You can block the harm the privacy glitch in OS X can do to your personal information by blocking Spotlight from including emails in your search results. You can do that by unckecking the “Mail & Messages” option for Spotlight in the System Preferences Menu in OS X Yosemite. Besides revealing IP addresses, the privacy glitch in OS X also reveals operating system versions, browser details and Quick Look version, as far as we know. If you are not sure how this glitch affects you, you should know that when a sender of an email can attack a small gif file into the email, which sends data back to the sender once the email is opened by the recipient. They are used by spammers, phishers and email marketers in general to gather user data so that they can target advertisements better. Apple is yet to comment on the issue, but we are expecting a speedy response.