this post was submitted on 05 May 2024
60 points (96.9% liked)
Privacy
31978 readers
309 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
tldr; no, if you trust your vpn more than your ISP always use it, as any hit to fingerprinting is menial.
it really can't hurt much to always be using it. any fingerprinting metric it would give is outweighed by the hiding of your IP behind the proxy. this is the #1 unique identifier that is tied back to people/locations.
the other fingerprinting metrics also are still exposed anyway & could probably be linked back to "you" regardless of your IP changing if they wanted too.
if you are worried about fingerprinting look into some projects like mullvad, librewolf, or even tor. clearing cookies on quit &/or having a separate browser for permenant logins/tokens to live in is also a good mitigation technique.
Thanks for the detailed response. I'm sure my IP is most relevant in tracking me, but if I'm tracked while visiting Lemmy/YouTube it would do no harm, while correlating my YouTube activity with my e.g. me reading websites the government doesn't like would do harm.
I use mullvad, and previously read using tor through a VPN doesn't really make sense. I have Firefox set to not save cookies, but I have made an exception for YouTube as it is to troublesome to log in with 2fa all the time.
My thought was that it may be easier to match up the fingerprint of @somelemmyuser accessing lemmy with the fingerprint of @somelemmyuser downloading capitalist propaganda while living in China if they come from the same VPN in a similar timeframe, while it would be harder to match the fingerprint of @somelemmyuser acsessing Lemmy from an normal ISP to the fingerprint of @somelemmyuser accsessing capitalist propaganda from a VPN, as you would need both datasets to find matches.
And since me accessing Lemmy is not a problem but my lemmy account could be tracked back to me as a physical person, it could be smart to not do it with the same VPN.
ahhh I see what you mean.
your thoughts on spacing out your connections & isolating is smart. unfortunately if you connect from the same device & browser any government agency or dedicated company with a big enough dataset (google, meta, etc.) would still be able to link you regardless of you IP by browser fingerprint alone. this does make YouTube more specifically being linked to your exact browser fingerprint porblamatic in a high stakes situation. As it, as you said is linked to your identity.
for lower level tracking changing IP regularly is effective. however, instead of switching to your local IP it would be more privacy conscious to just switch to a different VPN server.
unfortunately if you are genuinely worried about government level surveillance or the likes u enter into territory where VPNs often no longer cut it (or at least can't truly be trusted too) as they are centralized & can be forced to make exceptions for law enforcement. traffic analysis is also easier, which makes time correlation deanonimization a more realistic risk when talking about government agencies specifically.
the tor + vpn debate is one that lots of people argue & is excedingly complicated. tor is generally more than enough, unless you are wanted by INTERPOL haha. if you are genuinely worried about suppressive government or world powers targeting you look further into tor, & do not connect directly to your ISP at all as that data is essentially up for grabs to local authorities (depending on locale).
for you specifically I would consider doing your more sensitive tasks in the tor browser without the VPN & then having your normal browser always on the VPN so they would be more difficult to correlate. anything torrent related is low enough stakes that I would imagine just about any proxy would suffice. hope this was helpful 🙏.
It was, that was the kind of information I needed, as it helps to differentiate what kind/level of privacy I have and what kind/level of privacy different actors can circumvent etc.
As I am mostly looking at not generating useful data for shitcompanies like amazon, google, Microsoft etc. The always onvpn and no cookies except YouTube should be more than sufficient. If my country decides that my political opinion is no longer permitted I should nevertheless be using Tor and check if I'm unique (fingerprint wise).