From the technical perspective of how emails work and the limited subset of HTML being available inside them. I think this is a case of crying wolf without understanding technical capabilities.
The only way the access described there is even remotely possible is using a vulnerability in a systems image parser or network client stack (using only the URL and server response). Burning an unknown 0-day vulnerability with that level of power wouldn't be wasted on even a high profile military court case.
The only way the access described there is even remotely possible is using a vulnerability in a systems image parser or network client stack (using only the URL and server response). Burning an unknown 0-day vulnerability with that level of power wouldn't be wasted on even a high profile military court case.