So a bit ago I got an add for “canned rambutan”. I had looked up Rambutan a few days prior after hearing it mentioned 10 hours into the video game Baby Steps. I wasn’t using a VPN at the time and I didn’t have fingerprinting protections active but I only mentioned it to a few sources (according to my browser history) all of which generally are implied to be private.
Which of these do you think is the reason the ad networks know?
- Wikipedia
- Startpage Search
- Duckduckgo Search
- My ISP
- Firefox
- My Firefox Extensions
- Kubuntu
- CachyOS
- The omnipotent algorithm connecting my mentions of Baby Steps with my progress through the game.
- Does this only make sense if my browser history is incomplete?
- Maybe I was using DNS over HTTPS via Cloudflare at the time of my search.
Any guesses as to where the weak link is?
That’s not true, your ISP might see your DNS and unencrypted web traffic sure but web searches use HTTPS so ISPs aren’t reading the query or results
Aren’t they seeing all the urls you access?
No, unless you browse http website. They’ll only see the domain name in the request SNI or during the DNS request. C
But see ip you connect to. Reverse dns using own dns could show set of url possible on ip.
Reverse DNS would only show domain name, not URL. And even then a lot of websites are sharing IPs. No point in doing that when you’ve got SNI.
True only domain. TIL about sni. But vpn still protect against sni analysis no?
With a VPN it’s the VPN that has access to the list of domain you visit instead of your ISP. Whether you should put your trust in your ISP or a VPN is another question.
…and if you use DoH, they won’t even see DNS.
I would argue that you don’t need a VPN. It’s just another entity that can see your traffic, and there’s no reason to trust them over your ISP. They’re all for-profit companies.
But they’ll still see the SNI.