Hacker News new | past | comments | ask | show | jobs | submit login

I would suggest the following when connecting to this site.

1. use a dedicated browser, and only use that browser for this site.

2. utilize private mode if you don't want to dedicate a browser only for this site

3. use different profiles in your normal daily browser. for example firefox, and chrome allows you to have multiple profiles. Create a new profile to use when going to this site.

4. analyze the javascript and see if it is coming from a 3rd party/CDN url. if so download the javascript files, modifiy it to just return a success state, etc..., deploy it to your own server running apache or nginx. clone the URL structure on that server. then edit your hosts file to cause your computer to point that host in the url to your own server, serving up your modified version of the .js files.

5. least level of effort: Get a different credit union.

Why isn't there a browser that provides a sandbox or container for every website I visit? I want cookies to persist between visits for obvious reasons, but I think its absurd that breadcrumbs are so easily reachable and used for building an advertising profile on me.

I want every website I visit to act as if I have a dedicated computer just for browsing that one site, and have zero knowledge of anything else I do on the Internet or on my computer.

That's basically what Firefox Containers does.


Nice! I'll check it out!

Safari sandboxes each tab so you could simply dedicate each one to a specific website.

You trust the credit union with your money, but don't trust them with a fingerprint of your browser identity?

Yes. Money is easily verified (balance = deposits - withdrawals), and there are centuries of law/customs for preventing fraud/theft.

Meanwhile, tying browser fingerprints to a pretty solid real-world identity has deniable value, is discreetly sold (private surveillance bureaus operate with no oversight), and is just the type of gimmicky revenue stream that consumer-capturing industries are on the lookout for.

Trust is neither binary nor universal.

Uh... yes. They're not allowed to give random companies all your money.

Without blacklisting a bunch of 3rd party scripts using a different browser or even device would be useless. Once you log in to your account, this new browser/device is automatically linked to all your old browsers/devices, so there is no difference.

From 2015: https://adexchanger.com/data-driven-thinking/when-evaluating...

Qubes OS pretty much solves this problem!


The criticism above is wholly unwarranted. You are basically running a collection of VM's. You can create, clone, and dispose of operating systems at will.

Gotta laugh at people criticizing without knowing...Unless connecting from Linux throws major flags, you are good.

It's a much safer OS than Windows, standalone linux, on any given day. Anything touching the web can be disposed and replaced at will. Along with the network management VM.

...or "how to immediately get flagged as a paranoid weirdo nerd and die without credit FOREVER ALONE"

A little like the paradox that by using more secure browsers and configurations, any browser fingerprinting algorithm will single you out reliably from all the other sheep.

Connecting from a Linux based VM will get you flagged? How about one VM used exclusively to connect to banking sites with cookies remaining?

Not sure if you are familiar with how it works, or how using a VM OS works. It's a bare metal hypervisor with VM's to be used at will.

it's like the old adage that "the NSA really love people using PGP email, as it immediately reveals who's worth watching"

I use a different computer for every single website.

With that level of rigor, you're certain to be flagged as a bot. ;)

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact