I can't believe Google Analytics is everywhere!!!

Discussion in 'privacy problems' started by DesuMaiden, Jun 30, 2013.

Thread Status:
Not open for further replies.
  1. tlu

    tlu Guest

    I'm not aware of any other way ...

    EDIT: You can delete that data manually, of course, in chrome://settings/clearBrowserData but in an automatic way it can only be done with some extensions, IMHO.

    I see - thanks. BTW, I'm using the Search Box extension which allows me to select different search engines like DDG, ixquick, startpage etc. It also opens in a new tab.
     
    Last edited by a moderator: Aug 7, 2013
  2. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    3,320
    Location:
    Canada
    BTW, do you know if scriptsafe is a viable alternative, and especially does it still suffer from this issue?

    EDIT

    @tlu,

    now I see what you mean about no other way other than to use a 3rd party extension! I did some digging and observed that incognito mode does not delete cookies when the browser is closed. I'm testing click&play and really like it so far :) Thanks!
     
    Last edited: Aug 7, 2013
  3. tlu

    tlu Guest

    Yes, it does :mad: That's why I changed my strategy: I block JS by default in the Chrome settings (which works reliably) and complement it with ScriptSafe running in "Allow" mode. That still blocks 3rd party "unwanted content" as shown in the ScriptSafe "Privacy Settings" if I allow JS for a site (the easiest way to do this is by using the Quick Javascript Switcher extension). This 3rd party blocking might not always be 100% reliable - but in combination with Adblock (with EasyList and EasyPrivacy) and my big hosts file I feel very comfortable with that solution.

    Really o_O Wow! Then the incognito mode isn't incognito at all o_O

    You're welcome!
     
  4. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    3,320
    Location:
    Canada
    That's an interesting approach, and one that no doubt works really well. I may go back to using scriptsafe with some sort of modified options, perhaps similar to yours, but for now I'm not overly concerned. Chrome's security model is very solid by default. I was for a while blocking under Chrome's content settings .com outright, making exceptions for all sites I deemed safe, but of course this does allow all scripts under the domain so I gave up on that idea.

    Yeah it's strange, even after several tests it only deletes browsing history but the cookies remain :(
     
  5. jedisct1

    jedisct1 Registered Member

    Joined:
    Jul 7, 2012
    Posts:
    39
    Location:
    San Francisco, CA
  6. tlu

    tlu Guest

    jedisct1, I must admit that I haven't understood all of what you've written there. I guess I have to read it a second or third time (at least) ...

    Are you suggesting to NOT use Google DNS or OpenDNS but rather another DNS server without edns-client-subnet but in combination with Namehelp (and, of course, configuring dnscrypt to use that one)?
     
  7. jedisct1

    jedisct1 Registered Member

    Joined:
    Jul 7, 2012
    Posts:
    39
    Location:
    San Francisco, CA
    If you connect to compreorgreenic.com (random funny domain name) and you are using a DNS resolver that is not Google or Open DNS, the company hosting compreorgreenic.com doesn't see your real IP in the DNS query. All they see is the IP of the DNS resolver.

    If you do the same thing and you are using Google or Open DNS, these DNS resolvers will send your real network address to compreorgreenic.com. Your packets are changed to tag them with your address before being forwarded to the service you are trying to access.

    The purpose is to make things faster; help CDNs and companies with servers in different geographic locations pick the fastest server according to your IP.

    However, from a privacy perspective, this is a disaster.
     
  8. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    I don't see how it's a problem.

    Sites that you're accessing always know your Internet IP address.

    If you're going naked with no VPN or Tor, both DNS server and sites see your ISP-assigned IP address.

    If you are using VPN or Tor, and everything is configured properly, they both see the VPN or Tor exit IP address.

    If you're using VPN or Tor, and your DNS lookups are leaking, IP reporting by DNS servers would be problematic. But preventing DNS leaks is the best solution, no?
     
  9. tlu

    tlu Guest

    Yes, that's what I don't understand, either. Even if you use another DNS resolver - once the requested website is loaded they have your IP address.

    jedisct1, could you elaborate a bit more?
     
  10. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    3,320
    Location:
    Canada
    Right, it's been like that for years. I've no problem with my IP address being known. Beyond that, such as what Google does where they use all kinds of tracking cookies against the user, is where recently I draw the line. When I close a website I don't want it retaining all kinds of stuff related to my surfing, no matter how harmless it might seem. it creeps me out when I reopen the site later and it displays "recommended" videos for me :mad: I'll choose what I want to watch; I don't want someone choosing for me. Nor do I want history retained. I've deleted my youtube & gmail accounts because of that. Google's become far too intrusive for my liking so now I'm free of them, other than the fact I use their browser and I haven't ruled out the possibility of going back to Firefox. Youtube in its infancy was so much better than it is now.
     
  11. jedisct1

    jedisct1 Registered Member

    Joined:
    Jul 7, 2012
    Posts:
    39
    Location:
    San Francisco, CA
    If all your DNS queries are going through Tor or a VPN, that's totally fine.

    But some people are using dnscrypt or external resolvers to prevent DNS leaks. That doesn't prevent anything.

    Also, when using a SOCKS proxy, DNS queries are not going through SOCKS. If you are using a SOCKS proxy to hide your IP to a web site + a non edns-client-subnet resolver, that's fine. If you are using an edns-client-subnet resolver, the proxy is useless, the web site will see your real network address in DNS queries.

    Timing attacks on edns-client-subnet resolvers also disclose if someone on your network just accessed some web site without having to sniff any traffic.

    So, yes, a properly configured VPN is the best thing you can have.
     
  12. tlu

    tlu Guest

    Frank, forgive my ignorance, please. I think I understand what you're saying. However, I still don't understand how a different DNS resolver makes a difference once a website is accessed (without Tor or VPN). They would have your IP address anyhow, wouldn't they?
     
  13. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    If you're not using proxies, VPNs or Tor, improving DNS privacy doesn't help. Using faster and/or more reliable DNS servers would speed up browsing and/or improve reliability.

    If you are using using proxies, VPNs or Tor, it's most important to ensure that all DNS queries use them. Improving DNS privacy helps only as a backup, in case there are leaks.
     
  14. tlu

    tlu Guest

    Yes, that's how I see it, too. I was only confused because VPNs or Tot were not mentioned in jedisct1's post #57 at all.
     
  15. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,362
    Location:
    Oz
    Oh wow never heard of Torch Browser. That looks really cool. I hope someone comes up with a portable version. I just downloaded it and will give it a spin.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.