The Spotlight search feature in OS X Yosemite appears to be a vulnerability that causes accidental personal data will be exposed. This can happen when the Spotlight e-mail searches.
According to the German news site Heise is the problem in the fact that Spotlight automatically previews with the search results. Because the search engine also e-mail searches, can in this way automatically the attached images are opened. This may possibly attached tracking information, which is hidden in the images, to do his work.
Also, if users have chosen to make the images in e-mails does not open automatically gets the search engine access: according to Heise keeps Spotlight not adhere to this setting. In addition, e-mails searched in the junk folder are up to. Such e-mails will have a more than average tracking information.
By the leak in the Spotlight, among other things, ip addresses are captured and it is possible to trace when and how often the user the image will be viewed, just like the e-mail addresses that have received it. Such information is for example interesting for spammers, who want to know whether their e-mails are received and reviewed.
Now there is a plug-in designed that allows Spotlight only the text versions of e-mail searches. Therefore, images are thus left alone. It is still unclear whether Apple leak repair.
