This is about cookie banners on websites
There was another time I got into a very serious ontological discussion with a fairly senior engineer about what the difference was between taxes and fines and they didn’t understand there was a difference,” he said.
Private tabs do nothing for the backend, your ISP, browser, search engine, and any sites you visit, can still see everything you do. All private tabs do is they don’t save history or cookies on your frontend.
VPN hides your data from your ISP, but there are still workarounds. Multi-hop can make you harder to triangulate though.
You still need to use a privacy-centric browser and search engine or else the ones you use can still send information about you back to their servers where they can build a profile on you. They won’t have your real IP address as long as you never connect without a VPN, but any little data they collect on you can be collated with the rest to profile you and potentially identify you.
Even with browsers like firefox or waterfox, you still need to enable all of the security settings or else there are gaps that can be exploited. HTTPS-only mode, DNS over HTTPS, anti-tracking extensions, etc…
Even then, I wouldn’t be surprised if there’s an unseen gap somewhere. But it’s a lot better than using google and microsoft and no vpn.
Also, browsers still send so much unique data that they can be reasonably well fingerprinted. I don’t really know all the things, but you can combine info such as OS, browser version, window size, list of extensions, HTTP request headers, timezone, etc…
Plus you could also track behavior.
And even with VPN some analysis might be able to figure out what you’re looking at based on traffic patterns.
We need a browser extension that will add or remove a random number of dummy browser extensions per session to further obfuscate the fingerprinting
Browsers like Tor and Mullvad have the right idea. They do all the most important privacy tweaks out of the box and encourage you not to modify it, so that way everyone using the browser has the same fingerprint which makes it much more difficult to track any one user.
https://amiunique.org/ shows you many of the things they can check for
Holy shit, that’s a lot of data. I had no idea they could see what language packs I have installed on my keyboard. I have a pretty unique combination of languages, so that probably makes me really easy to identify across platforms.
Is there an easy way to disable or block fingerprinting?
VPN is only blocking your IP. Every other way they track well still work. I mean what does a VPN gibe you? encryption all sites are https hide DNS from ISP there is DOT and DOH. Last one is SNI that could be fixed by ECH if sites used it.
Some VPN providers offer a setting that makes it harder to analyze traffic patterns. They make every packet the same size and send them at regular intervals along with extra noise. It makes everything look uniform so that AI can’t match your traffic to/from the VPN server with traffic between the VPN server and your web activity.
It might be overkill, and it adds latency and uses extra data. But for maximum paranoia, it’s an option
Your ISP and browser can see everything you do, but your search engine can only see what you’re doing when you’re actively on the site, and through cookies. Same with those other sites. Using incognito absolutely helps with that.
That’s plain false. With a VPN enabled, the ISP can see data volume and time stamps, and what VPN server you’re connected to. Nothing else.
Your browser, depends on the browser. Chrome, Edge, etc., yeah, they’re watching everything you do. An open-source privacy-focused browser with maximum privacy settings enabled is not watching as much, if anything at all.
And incognito doesn’t hide your fingerprint from search engines or websites. It’s basically worthless for privacy. All it does is clear cookies, caches, and browsing history from the local device.
I was talking about this statement:
Obviously if you use a VPN your ISP can’t see it.
If you use a private browser they’re not watching you, but again, your browser can easily log all that information if they are inclined to.
I didn’t say anything about fingerprinting and neither did you. Cookies are a large part of tracking, I never said it was the only way they’re tracking. But if I go on one site and they fingerprint me, and then I go on another site and they fingerprint me, the first site doesn’t automatically know I was on the second site because of the same fingerprint. They would know because of the cookies.
Vpns are over rated.
If you trust your ISP to examine all your web traffic, and if you don’t mind every site you visit knowing your real IP address, and if you’re not worried about hackers and sniffers on public wifi stealing your data, then I suppose you don’t need one.
But if by overrated, you mean they only handle certain aspects of security and aren’t a complete solution by themselves, then I agree. But no one who understands VPNs expects them to be a complete solution by themselves.
Depends on why you’re using it.
Check out Konform Browser. Least leaky one out there.
Never heard of it, but I looked them up and they use Codeberg, so I like