Thanks for filing an issue! Please answer the questions below so I can help you. * iTerm2 version: 3.0.15 * OS version: 10.12.6 * does not seem necessary: Attach ~/Library/Preferences/com.googlecode.iterm2.plist here (drag-drop from finder into this window) * does not seem necessary: Attach a debug log, if possible. Instructions at https://iterm2.com/debuglog * does not seem necessary: Are you reporting a performance issue or a hang? Please attach a sample. Instructions at https://gitlab.com/gnachman/iterm2/wikis/HowToSample * does not seem necessary: Are you reporting a crash? Please attach the crash log. Instructions at https://gitlab.com/gnachman/iterm2/wikis/crash-logs Detailed steps to reproduce the problem: 1. Install iTerm 2. Hover on things that remotely resemble URLs and touch Cmd 3. Watch iTerm leak things in plain text over DNS What happened: iTerm sent various things (including passwords) in plain text to my ISP's DNS server What should have happened: iTerm should not have done that I monitored my DNS traffic for a while, and I kept noticing lookups that made no sense, for things that had been printed to my terminal. Initially I blamed bash-completion, but when I noticed it also happened for remote ssh sessions, it became obvious that iTerm2 was to blame. A coworker then found #3688 and #5303. I immediately disabled this feature. Having this feature on by default is a terrible security and privacy risk. Please disable it by default. I personally never even noticed the blue vs. white on clickable links, which suggests (n=1) that usability will not be reduced that much by setting this feature disabled by default. And, to stress the impact, in the act of selecting text and Cmd-C'ing it to Copy, it is very easy to trigger this for passwords (for example, when I generate them using pwgen).