Heyha !

This is probably going to be long take and it’s late here in europe… So for those who bare with me and are ready to read through my broken English, thank you.

I’m personally concerned about how my data and my identity is used against my will while surfing the web or using/hosting services. Self-hoster and networking enthousiast, I have some entry/medium security infrastructure.

Ranging from self-hosted adblocker, dns, router, vlans, containers, server, firewall, wireguard, VPN… you name it ! I was pretty happy to see all my traffic being encrypted through wireshark and having what I consider a solid homelab.

Also having most undesired dns/ads blocked with adguard in firefox with custom configuration, blocking everything, and changing some about:config options:

  • privacy.resistFingerprinting
  • privacy.trackingprotection.fingerprinting.enabled

I though I had some pretty harden security and safe browsing experience, but oh my I was wrong…

From pixel tracking, to WebRTC leaking your real ip, fonts fingreprinting, canvas fingreprinting, audio fingerprinting, android default keyboard sending samples, ssl certificate with known vulnerabilities…

And most of them are not even some new tracking tech… I mean even firefox 54 was aware of most of these way of fingerprinting the user, and it makes me feel firefox is just another hidden evil-corp hiding with a fancy privacy facade ! Uhhg…

And even if you somehow randomize those fingerprint, user-agent and block most of those things, this makes you stand out of the mass and makes you even easier to track or fingerprint. Yeah something I read recently and it actually make sense… the best way to be somehow invisible is actually to blend into the mass… If you stand out, you are pretty sure to be notices and identified (if that makes sense :/)

This really makes me depressed right now… It feels like a losing battle where my energy is just being wasted to try to have some privacy and anonimity on the web… While fighting against the new laws ringing on our doors and big tech company always having two steps ahead…

I’m really asking myself if it really matters and if it actually make sense to use harden technology or browsers like arkenfox or the tor browser whose end node are mostly intercepted by private institutions and governemental institutions…

I’m probably overthinking and falling into a deep hole… But the more i dig into security and privacy, the more I get the feeling that this is an already lost battle against big tech…

Some recent source:

https://avoidthehack.com/firefox-privacy-config

  • illah@lemmy.world
    link
    fedilink
    arrow-up
    18
    arrow-down
    11
    ·
    11 months ago

    I’ve kind of come full circle on all this to where I no longer care. The slippery slope arguments are largely hypothetical imo…Google knows some stuff about me and attempts to show me ads, the vast majority of which I block, so what?

    I pay taxes, have a social security number, my bank and credit card companies know my purchase history, the credit bureaus know my mortgage payment and lender, etc…

    The myth of an off the grid life is exactly that, a myth. And what does it achieve for you other than some vague sense of idealistic pride?

    Google provides tremendous utility to the world essentially for free; its search engine, maps, mail client apps, browser, etc. are tools billions of people use every day. How do they maintain a global network of data centers and localize their products to hundreds of languages…none of that is free. If big companies want to give them money in an attempt at to get me to pay attention to them then so be it, let them finance it. Imagine if only those who could afford to pay could use these tools.

    • edric@lemm.ee
      link
      fedilink
      arrow-up
      4
      ·
      11 months ago

      It doesn’t have to be black and white. As many comments have already mentioned, it all depends on your threat model. Sure, it’s literally impossible to be completely private or anonymous unless you never go online and live like a hermit, but that doesn’t mean you can’t take steps to minimize what personal information companies get from you. You can still care about your private data while at the same time not sacrificing convenience.

    • Trainguyrom@reddthat.com
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      11 months ago

      I’ve kind of come full circle on all this to where I no longer care.

      I’m at a similar point. I saw how people who don’t think about privacy handle the world and realized its not so bad.

      In the end its all datamining for targeted ads, which only works if I can see the ads they’re trying to target me with.

      It also helped that I had a job directly working with the kind of data I worked so hard to block and saw both how unreliable the data was, and how much companies struggle to actually put that data to use

      • illah@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        11 months ago

        Haha yes! People assume data brokers “know” a lot about a person, but really it’s fuzzy signals. It is far from a crystal ball or a perfect record of every website you’ve ever visited, etc…

    • sbv
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      3
      ·
      11 months ago

      Pretty much this. I get the “you don’t know what the bad guys will criminalize next” argument, but I have a hard time seeing it, when it comes to my browsing patterns.

    • Agent_Engelbert@linux.community
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      11 months ago

      Yeah, so what ?

      Do you know how Gnu / Linux makes money ?

      At some point it is not about individuals but big corporations that need their services, and they buy them.

      They should have built their business model as per their financial requirements from the outset then, if that was the problem for them.

      But that should not justify or excuse them for doing things that are immoral and unethical.

      Sounds more like a greedy approach than anything.

      If I was an ethical and moral CEO of Google, and sought it costly to maintain such a huge infrastructure for millions of people around the world that are using their services freely, I would have made measures to shut them down or close them, instead of maliciously inserting things and harvesting stuff from them.

      Then if they have such data, then they should be held accountable and responsible in the future for any damages as a result of their work processes, and that happened many times historically speaking. And any crime that happens, they either offer evidence or be complicit to hiding fugitives. Which alone is a process that will cost them alot, just having to do it, and cooperate w them any governmental party.

      If I get in trouble in the future, I sure would love to have Google assist me in proving that I was innocent, by providing evidence through data that it has. But would they be willing to do so?

      This is very interesting in a way to think about, as it shows where their weakness lies in their business model, and where they are strong.

      But it goes to show how monopolistic they are, and, if anything, neglectful to basic human rights. Where I’m from, privacy is a human right. So there are many dimensions to take into consideration here - but ultimately they are only a small aspect of this whole complex dimension to boot.

      Ultimately, it is their fault for not setting up their business model to meet up with their own financial requirements. And not ours.