Heyha !
This is probably going to be long take and it’s late here in europe… So for those who bare with me and are ready to read through my broken English, thank you.
I’m personally concerned about how my data and my identity is used against my will while surfing the web or using/hosting services. Self-hoster and networking enthousiast, I have some entry/medium security infrastructure.
Ranging from self-hosted adblocker, dns, router, vlans, containers, server, firewall, wireguard, VPN… you name it ! I was pretty happy to see all my traffic being encrypted through wireshark and having what I consider a solid homelab.
Also having most undesired dns/ads blocked with adguard in firefox with custom configuration, blocking everything, and changing some about:config options:
- privacy.resistFingerprinting
- privacy.trackingprotection.fingerprinting.enabled
- …
I though I had some pretty harden security and safe browsing experience, but oh my I was wrong…
From pixel tracking, to WebRTC leaking your real ip, fonts fingreprinting, canvas fingreprinting, audio fingerprinting, android default keyboard sending samples, ssl certificate with known vulnerabilities…
And most of them are not even some new tracking tech… I mean even firefox 54 was aware of most of these way of fingerprinting the user, and it makes me feel firefox is just another hidden evil-corp hiding with a fancy privacy facade ! Uhhg…
And even if you somehow randomize those fingerprint, user-agent and block most of those things, this makes you stand out of the mass and makes you even easier to track or fingerprint. Yeah something I read recently and it actually make sense… the best way to be somehow invisible is actually to blend into the mass… If you stand out, you are pretty sure to be notices and identified (if that makes sense :/)
This really makes me depressed right now… It feels like a losing battle where my energy is just being wasted to try to have some privacy and anonimity on the web… While fighting against the new laws ringing on our doors and big tech company always having two steps ahead…
I’m really asking myself if it really matters and if it actually make sense to use harden technology or browsers like arkenfox or the tor browser whose end node are mostly intercepted by private institutions and governemental institutions…
I’m probably overthinking and falling into a deep hole… But the more i dig into security and privacy, the more I get the feeling that this is an already lost battle against big tech…
Some recent source:
That is all about threat models, which people usually define wrong. They do crazy things, very inconvenient things, than get depressed, fall in deep hole as you say and so on. But if you read a lot about privacy/security, and I mean not reddit with dumb comments (like mine, yeah), you will slowly get the whole picture… Keep calm, find compromises between convenience and privacy, understand personal and non-personal data, telemetry data, etc. Do not overthink they want to know about you everything. They do not actually.
That’s true, they probably already have everything they need… It’s not only about my personal data, and my example only points out to the web technology, but everywhere around us are some data hoarding devices that are either used to targeted ads, campaign, profiling, IA dataset feeding… whatever !
It feels like we already lost our right to privacy and how personal data, telemetry is used as a whole in our society…
No. Most data collected are not personal. Think about telemetry in Firefox, it is anonymous data how people use browser, it helps developers to understand what users do, what should be improved or not, so privacy oriented paranoids turn it off and devs do things for those, who use it dumb way, and we are not happy about it. So telemetry is not your enemy, it helps both devs and users. I turn it off, too, lol. Now Firefox Account collects tons of data, it is a spy tool and it collects personal data, too. LibreWolf turns it off by default, BTW. Anyeay I use Firefox account, I am not that much paranoid after all. But my main browser is Brave, their Sync is done right way, it is accountless, no personal data collected. Even their telemetry done right way, I forgot how they call it, but it drops any data that could potentially identify particular person if his results stands out.
What exactly we lost? Fight is always on! One year ago I was using all Google products, now mostly none. I dont like being under survivalance and whatever I do for it, it counts against them!