• kekmacska@lemmy.zipEnglish
    2·
    12 hours ago

    If you are worried about privacy, you shouldn’t use Google anyway. I write this from a deoogled android custom rom

  • bitcrafter@programming.dev
    461·
    2 days ago

    What’s scary is all of the ways they can track you even without your browser actively cooperating. For example, they can create an HTML5 canvas, render a bunch of shapes, and then probe individual pixels to get a read on your graphics card and drivers. The EFF has a very educational test you can subject your browser to in order to see how easy it is to fingerprint it based on these kinds of things.

  • HootinNHollerin@lemmy.dbzer0.comEnglish
    533·
    3 days ago

    I don’t use google stuff rn so…

    Not even Google maps since I had an ad placed in my route so it clicked the ad while I was selecting which route to take. Bu bye

    • TheProtagonist@lemmy.world
      15·
      2 days ago

      Me neither, but I guess the tracking will also take place when you just browse the internet and visit websites, that have Google Ad Tracking technologies implemented (which could be the majority of websites). Tracking and Ad-Blockers like uBlock might help a bit, though.

      The specifics are complex—these are the algorithms that ingest all the data signals you give off when browsing the internet on any device, some based on who you are—device, IP and credential identifiers, but also the sites you visit and apps you use as a map to be followed and analyzed.

      • Anonymouse@lemmy.worldEnglish
        3·
        1 day ago

        I’ve been using Noscript on firefox for a while. It basically blocks any JavaScript (and other stuff) unless you specifically allow it. It’s not something that I would recommend for a casual user, because it breaks lots of sites. By using it, I’ve discovered how much nonessential stuff is jammed into your browser. Most of it is analytics and tracking. One home improvement store has over 25 scripts when less than a quarter are needed for a functioning site.

        Some of the biggest offenders: offenders:

        • home improvement stores
        • car dealerships
        • some big box retailers

        Also, a shoutout to decentraleyes, a plugin to use local copies of JavaScript code so that it’s not downloaded (and reported back to) Google.

        • TheProtagonist@lemmy.world
          3·
          1 day ago

          Same here. I was a uMatrix user for a long time and I was astonished sometimes how bloated some sites were with scripts and tracking domains. Nowadays I mostly use Edge on my work machine which is somehow ad-free but all sites work.

          Firefox with uBlock / uMatrix needed often too much fine tuning to make sites work properly.

    • kekmacska@lemmy.zipEnglish
      2·
      12 hours ago

      Use browsers like Cromite, Iridium, Waterfox, Betterfox, Firedragon, Tor, Vanadium. Disabke fingerprinting in hidden settings or in about:config. Don’t install too much extensions, if you can, none. That can be used to fingerprint you. If you don’t have the need, disable javascript and webassembly. Change your useragent to something very common

    • const_void@lemmy.mlOP
      722·
      3 days ago

      Use alternative browsers (Safari, Firefox) and alternative platforms (iOS, GrapheneOS).

      • hollerpixie@lemm.eeEnglish
        2·
        1 day ago

        I’ve had some internal struggles on this. Have used graphene for a long time and the last phone completely avoided using any G products (not even sandboxed) but still worry about the hardware, especially with the new AI chips. Can’t imagine that the ability to fingerprint using their hardware isn’t available.

        So I vacillate between Fairphone/PinePhone with Linux or just anonymity through the masses with iOS. It sucks, the whole turn. Either get a fully functional smartphone and pick your poison or use a limited or dumb phone but know your smart TV/car/computer/etc will still be there for vulnerability.

        • barryamelton@lemmy.world
          451·
          3 days ago

          If it is the Android that comes with the phone, it comes with Google Play and Google Services libraries installed. It is tracking you already. If you use Duckduckgo at least they will not know what you search for (and you will get better search than AI-ridden Google search…).

          If you want an Android that doesn’t track you all the time, listens to you and those around you, etc etc, you need to use a vanilla android like https://lineageos.org/ as it comes, and not install the Google Services packages. This means that you may not be able to use some bank apps or popular apps such as Uber, etc that heavily depend on Google Services. Some chat apps may also have a delay in receiving messages.

          Yes it sucks. It’s doable though. Welcome to the future. If we do nothing it will get even worse.

          Edit: some governments are pushing for apps to not depend on Google propietary libraries. For example in the EU transit apps (city, trains ticket planners etc) are being migrated away from using Google Maps and into OpenStreetmaps, and those apps run nicely with a vanilla LineageOS. We need to keep this momentum.

          • kekmacska@lemmy.zipEnglish
            1·
            12 hours ago

            Any degoogled AOSP rom will do fine. I use InfinityX (made by a well-known indian rom developer, Tejas Singh)

            • barryamelton@lemmy.world
              7·
              3 days ago

              :/ There’s old and cheap phones that are still supported. Support varies between models. I have a Oneplus 6 running the latest Android, 15, perfectly fine. It has 6 years. The camera is ok, but could be better.

              Manufacturers and Google end support for Android phones within 2-3 years of their release (not 2 years since you buy it). Afterwards they don’t get security updates which is quite dangerous given that we do everything on the phones nowadays, and we will do even more.

              Note that those old official, unsecure phones are allowed still to do banking and other things. Even if they aren’t secure. The manufacturers don’t care, they want you to buy a new phone every 2 years from them.

              And the actually secure phones running LineageOS, with up-to-date Kernel and security patches, with latest Android, sometimes are not allowed to run banking apps or other things in the name of security. Google and manufacturers don’t care about security at all. They just want control.

              • HellsBelle@sh.itjust.worksEnglish
                5·
                3 days ago

                Sorry, I meant that I checked the supported device listings and mine isn’t there. They have similar but newer models.

                I also have a somewhat unique processor so even jailbreaking it is a bit crazy.

                • tetris11@lemmy.ml
                  3·
                  2 days ago

                  Check the unofficial builds on XDA. My bet is that it exists. The unofficial builds are rock solid if you’re wondering. I have a 10 year old smartphone that runs Lineage18 flawlessly on an unofficial ROM

                • Metz@lemmy.worldEnglish
                  3·
                  2 days ago

                  I would also have a look at the XDA forum. A very large percentage of devices that are not officially supported have unofficial ports (Lineage and others) that run 99% as well as the official ones.

                  e.g. my old Galaxy S8 was not official supported but one of the staff members of XDA made a port that runs like an absolute dream.

      • The Doctor@beehaw.orgEnglish
        31·
        2 days ago

        Thing is, then you stand out as one of the very few people using that alternative.

    • flatbield@beehaw.orgEnglish
      12·
      3 days ago

      Not sure there is. Dimensionality of the trackble elements is very high. All of them have to either be the same or fuzzed across large groups of users.

      • jatone@lemmy.dbzer0.comEnglish
        1·
        1 day ago

        it can be fixed but would require herculean engineering efforts, the biggest problem atm is the canvas. most of the other things can be fixed via defaults that are returned to the webapps unless explicit permission to access them is granted. like there is never a reason to return errors for session storage if its disable. just return a memory implementation that doesn’t persist beyond the window life. little changes like that would go a long way to removing the bits of information.

  • yoshisaur@lemm.ee
    181·
    3 days ago

    I’m on grapheneOS using Ironfox (fork of Mull because it’s been killed off), I should be safe, right?

  • Hirom@beehaw.org
    91·
    2 days ago

    I strongly recommended installing EFF’s Privacy Badger on your and your relatives browsers.

    This stops many trackers, and causes less side effects and less breakages than most filters (unlock et all).

    • RiQuY@lemm.ee
      24·
      2 days ago

      If you have uBlock Origin then Privacy Badger is redundant. Also, more extensions = easier fingerprinting.

      • Hirom@beehaw.org
        2·
        13 hours ago

        Privacy Badger focus on blocking trackers. uBlock origin blocks all kind of things Ads,Trackers,etc and so it have a higher risk of breaking sites.

        Yes, they’re mostly redundant. Happy uBlock Origin users should probably keep using just uBlock. People who don’t use uBlock to avoid breaking websites, or just want to block trackers, should use Privacy Badger.

    • rickywithanm@aussie.zone
      3·
      2 days ago

      Another option if you wish to protect your whole network is to set up something like pi-hole or AdGuard. I recently set up pi-hole on our network. I’m shocked by the amount of blocked traffic coming from phones and windows machines. Don’t even get me started on the traffic from our smart tv.

        • jatone@lemmy.dbzer0.comEnglish
          2·
          1 day ago

          basically they hijack dns resolution to return does not exist errors when requests are sent to the tracking systems. highly effective, but also many sites are negatively impacted by them because no one codes for failure in the web industry.

            • jatone@lemmy.dbzer0.comEnglish
              2·
              1 day ago

              there are well known distribution lists that people add servers to that these things periodically fetch and use to perform the blocking.