What is with everybody suggesting this or that browser? They're all going to be fingerprintable. Using a less common browser just makes that easier... not that it will ever be hard.
You might get some relief from some tracking, including via fingerprinting, by using comprehensive ad and tracking blockers. Or you might not, since CDNs are still probably going to track you.
It is because Google want a situation where they have a monopoly over being able to track web users, and Chrome is a major part of that.
Because that is so blatantly anti competitive the adtech industry manipulates it into a sort of war of opaque identifiers (“user resettable device identifiers”) , attached to things like Roku, smart TV and phones, which then can be passed along with bid requests for ads and later used to effectively target people even on other devices in the same household, conveniently only by some players in the adtech world who then charge more.
Breaking the Chrome monoculture will not solve this problem by itself, but it is a necessary step in getting there.
You're not going to even improve the problem without completely shutting down the entire "personalized" advertising industry. Which I'm totally on board for, mind you.
That is true, and part of that would have to be enabling people to make money from web type content without shoving ads in it (or it being an ad for something else).
My personal, controversial, conception of the future is to return to the notion of the Internet as a network of other networks, and then enable devs and content creators to sell apps and experiences which operate privately within those networks.
> That is true, and part of that would have to be enabling people to make money from web type content without shoving ads in it (or it being an ad for something else).
While I think that would be good, I did say personalized advertising, not all advertising. If every visitor to site.com sees the same rotation of ads, there's no need to track anybody. Still obnoxious and a vector for malware, of course. But not really the same problem.
> My personal, controversial, conception of the future is to return to the notion of the Internet as a network of other networks, and then enable devs and content creators to sell apps and experiences which operate privately within those networks.
It never really was that, you know. And I think putting everybody in walled gardens would be even worse than ad spyware.
My guess is that the way aggressive captchas and similar tools work these days is fundamentally incompatible with the original wording in Google's policy.
Doesn't make it any less sad, though. The web is very hostile to the end user these days.
I guess it'd make a difference if anybody'd been following the policy or Google'd been doing anything effective to enforce it. I find this, um, improbable.
Perhaps so, but with JS disabled, Chrome uninstalled and all Google apps disabled and or removed together with a myriad of other tweaks including phone rooting, regular rebooting of routers to change IP address as well as using multiple different IP providers seems to minimize the problem.
Can't remember when I last saw an ad (except for some static one within the page), and the last time I actually clicked on an ad was about 20 years ago.
Oh and BTW, I use a dumb/feature phone for telephone, my smartphones have no SIMs and they connect to the net via a WiFi router (usually a pocket type), and no email is sent from smartphones. Nor do I use any social media (perhaps one if by some stretch HN could be classified as one).
And Gibson Research's ShieldsUP can't find anything of note.
Finally, without JS the web runs like a grayhound. Sites that break without it are not worth visiting anyway (and they're usually the worst privacy offenders).
I've no need of them, as they say, there are pleanty more fish in the sea.
All this nonsense is only a problem if you expect something for nothing and or like the trinkets and pretty baubles Google pretends to offer for free.
PS: and I don't send or receive email from those who've gmail addresses. Boycotting those with gmail addresses sends a message that one is actually serious about privacy.
Playing Devil's Advocate, maybe browsers are still too incomplete. Once browsers are the operating system, everyone can simply speak Chrome and be done with it. The success of Electron strongly suggests both devs and users want to singularize on Chrome, so why not take it to the logical conclusion?
Chrome is the abstraction layer to WindowsMacOSiOSLinuxAndroidBSDx86ARMRISC-Vspaghettisoup.
This seems like nothing. Had Google ever enforced or even inspected its ad partners for use of fingerprinting?
My assumption is that every site that knows how to do fingerprinting is doing fingerprinting and probably deanonymizing against a shared signature database.
Very hard to link with your name or other elements of your "real identity" (unless you ever give them out over Tor).
Probably only slightly hard to link all the things you do using a given installation of the browser to each other. They do at least try, but it's still basically Firefox, and it's not clear that it's even possible to make an unfingerprintable browser.
The simplest, readily available solution ---use Brave or LibreWolf.
These can't prevent all fingerprinting but they can make it less reliable and more difficult and costly for a fingerprint to be relayed back to the mother ship.
Personalized advertising is one of the dumbest ideas of the 21st century. Studies show it is less effective than context sensitive ads and it costs more. Participants in ad auctions are essentially flying blind with little reliable, verifiable insight into the process.
They were adding their own referral code to queries made in the search bar, not replacing or altering referral codes on websites. They apologized and reversed this after criticism back in 2020 (https://brave.com/blog/referral-codes-in-suggested-sites/).
Overall Brave is pretty good, they build in ad-blocking by default and their own ad service is opt-in. They also have Tor and IPFS support that does not exist in Chromium, and are maintaining Manifest V2 support.
I don't think you know what I mean about ads. The pages are setup different on Chrome and Google inserts ads into everything, over the website itself, it doesn't matter what content you are viewing, you just need to be viewing anything.
There are no ads on Brave. Not on the side of the pages, not in the middle the content scroll, not behind the content scroll, not before or after - no ads.
If you use pirate streaming sites - I rarely, rarely have a popup ad on those when I do use them.
It's not just ads, it's all about the user with Brave - most sites open in reader mode, I have to actually select to see the website itself, otherwise I just get all the content I want by default and only that content.
I have 2 different compromised gmails - both of which happened during my years using Chrome, tho one was the Experian hack I'm pretty sure, Google is not secure, I don't know why anyone would ever think that.
I never have any ads whatsoever on any website that I visit. I legitimately cannot understand what you're talking about. Pages on Chrome and Brave look exactly the same.
So... humor me... let's say that this is exactly true, and Brave adds or replaces referral codes. Is that a privacy problem? The only information that the website gets is that you're using Brave, but not where you got the link. We can absolutely talk about the ethics of the thing or such, but I can't see why privacy conscious people would care.
Brave was caught inserting their own referral code in signup forms on websites. This is basically exactly what Honey is doing and under fire for right now.
Brave basically does a man-in-the-middle attack on those websites. This goes MUCH further than just a privacy issue, it's a security issue.
I don't care about privacy, it doesn't exist, and I use Chrome. But I won't compromise my security by using a browser that is happy to pirate the pages I view.
Oh, I suppose I do see some ads. Every now and then there will be a little popup recommending something - occasionally it's something even relevant. It's funny bc those ads are from Brave but they don't use the Browser, they come thru as desktop notifications and I only see them there. I do have an ad blocker that has always been on also, so I maybe augmenting the Brave experience a little but I just don't see ads online.
I use Edge occasionally - which is far superior to Google and I don't kno how ppl deal with browsing the Internet like that, it's wildly frustrating.
And Chrome had one with severity "High" just three days ago, browsers will always have security issues that seem to be patched reasonably fast in the big three. Might as well pick one that's not part of the monoculture by a big advertising company, depending on your threat model of course.
QubesOS is great if you need to do work and personal stuff on the same computer. I do most of my stuff in the browser and have a separate computer for work. I am mostly interested in making initial access as expensive and difficult as possible.
You are still just as vulnerable or more vulnerable to malware stealing browser sessions, passwords, and everything you have on the AppVM the browser is running on than you are on a regular Fedora Workstation. Unless you only use disposable VMs, which you probably don't. If QubesOS had hardened templates, I would use it. When I used it, SELinux was not enforced, and I believe it still has passwordless sudo. Not sure what other mitigations are disabled in the default templates compared to regular, non-QubesOS Fedora Workstation.
> QubesOS is great if you need to do work and personal stuff on the same computer
This is significantly underestimating the benefits of Qubes. Are you using your online banking in the same browser that you use for random web surfing? I do it in separate VMs with hardware isolation. Same compartmentalization with all other things.
> You are still just as vulnerable or more vulnerable to malware stealing browser sessions, passwords, and everything you have on the AppVM the browser is running on than you are on a regular Fedora Workstation
This is not true. I'm not using the same VM for everything but dedicated VMs for bank, email, HN, instant messaging and so on. A malware on a random website would only get the access to an empty VM, nothing more. Passwords can be securely saved in the related single-purpose browsers and in a plain text file (in an offline VM).
> If QubesOS had hardened templates, I would use it.
You misinterpret the Qubes' approach to security. If your VM is compromised, no hardening will save your data (https://xkcd.com/1200/). On Qubes, you should compartmentalize your digital live into security domains, such that you never run anything untrusted in trusted ones and never have anything valuable in untrusted ones. With such approach, hardening is irrelevant. More examples: https://www.qubes-os.org/news/2022/10/28/how-to-organize-you...
> Unless you only use disposable VMs, which you probably don't.
I don't understand why one wouldn't use them for everything not requiring saving the data. Of course I do use them and wrote this comment from one.
> This is significantly underestimating the benefits of Qubes. Are you using your online banking in the same browser that you use for random web surfing? I do it in separate VMs with hardware isolation. Same compartmentalization with all other things.
What about NetVM? All AppVMs us that so what if that get's compromised? Since the templates are not hardened at all, could the attacker jump from NetVM to AppVM?
> I'm not using the same VM for everything but dedicated VMs for bank, email, HN, instant messaging and so on. A malware on a random website would only get the access to an empty VM, nothing more.
So how many Templates and AppVMs do you have? Each of those dedicated VMs would need their own AppVMs at least. You have Domain: Bank, Domain: Email (do all email accounts get their own domain?), Domain: HN, Domain: Github, Domain: Stackoverflow, Domain: Signal and so on.
> If your VM is compromised, no hardening will save your data
So that means layered security is totally meaningless and instead of keeping it default, let's remove mitigations?
> you never run anything untrusted in trusted ones and never have anything valuable in untrusted ones.
In practice, this is close to impossible.
> I don't understand why one wouldn't use them for everything not requiring saving the data
Disposable VMs were the best part of QubesOS, but unfortunately, it's is pretty common that you need to login to something or save something, which means you can't use DisposableVMs for everything.
You might get some relief from some tracking, including via fingerprinting, by using comprehensive ad and tracking blockers. Or you might not, since CDNs are still probably going to track you.
reply