A list of online services to regain control over your privacy online

[CaffeineAddict]

meaning that you will see each time different ID and number of visits counted as 1 each time then your browser is good to go.

I by default block JS with NoScript and whitelist only sites I care about, so for this test to work had to whitelist it.
Opened the link 2 times each time it says 1 visit, so this means google and others can't fingerprint me?

One can of course disable js but then most sites will became unusable and just blocking specific sites is not feasible.

It's feasible if you block all by default and whitelist only few as you browse the net.

 

[KGIII]

What's about fediverse?

Those are often 'instance dependent'. Some of 'em are okay but haven't got much activity going on, while others are feedback loops for the mentally ill and the degenerates who lie to them. I want to avoid politics so I'll instead point out that these are the types of people who don't understand science and may legitimately believe that the planet is flat. Those are the people being taken advantage of.

Anything unmoderated turns into a cesspool pretty quickly when it's discovered. Nobody has the time, energy, or stamina to sit there and counter-post with facts with things like links to actual research and data. So, you end up with feedback loops - or what's commonly called an 'echo chamber'. It's pretty easy for a small group of people to control the narrative.

I'd elaborate but politics is strictly off-topic.

 

[Terminal Velocity]

Guys seriously if you don't have Protonmail leave this thread and go make an account now, and pay at least one subscription so your mail account will never be deleted even if you never visit it again. You don't have to delete your old email accounts, just use them parallelly and transfer your traffic gradually to Proton. Google's terms are really not decent, they are disrespectful, not suitable for persons who respect themselves

Never delete your accounts in those nefarious services, because they never actually delete anything, the only thing you achieve by deleting is to lose access to your data. So just shift the traffic gradually and ghost the accounts, leave them be

Google translate is my way to speak English on the internet, without it I just can't speak, but I publish whatever I write there immediately so I don't care if they collect it, for now it is what it is, there are no alternatives for me

 

[Trenix25]

From what I gather google stores and reads your gmail anyway.

As for Gopher, and Archie, weren't they the original search engines long before google even existed?

I remember using telnet and ftp too. Yeah, I'm old too.

In fact, I remember using a BBS in my first college.

Signed,

Matthew Campbell

 

[KGIII]

Gopher,

It was a protocol with a bunch of features.

Gopher (protocol) - Wikipedia

en.wikipedia.org

It has been a minute but I believe Archie was a search engine for said protocol? I don't recall the technical details 'cause it has been a long time.

 

[Fanboi]

Found an interesting article on itsfoss worth reading, it's related to this thread:

How I am Moving Away From Google's Ecosystem

I have to disagree with one thing in that article:

Cloud Storage

Google Drive

pCloud, Proton

Definitely Mega is king. Overall cheapest cloud by leagues. Also Linux friendly MegaSync, and FM, like Thunar, integrations. E2E and zero-knowledge. FYI: a lot of misinformation about losing your key... it's BS. Your key is an account retrieval tool, so long as you have your login details, your key is just like a reset... but TBH, that really is on you, lol. Also, if you subscribe to a paid plan, you get MegaVPN free (for mobile, don't see a desktop client). MegaSync also has version control, BTW. I guess it depends how much you need to store, but pCloud is pricey (I just checked them out) and Proton is pretty standard, but if you care about cloud storage and email in one, I suppose it's a convenient option. I like Mega now, and I lurved MegaUpload back in the 2000s (to download and share Linux ISOs, obviously, what else would I use it for?)

One thing not mentioned here that really helps is compartmentalization. This really makes difficult for google and such to trace user.

This! That's is why I have so many browsers, accounts, etc.
I use NoScript to deny everything, but in my non-personal browsers, I either block all or enable all on each page. One of the biggest mistakes people make is selectively blocking things as it helps add identifiers. So my daily browsers are a binary, I have some with nothing blocked, like Brave, and then I have my personal browsers, each with dedicated purposes.

* That all said I reckon there's always going to be advanced tracking. As it stands I change my mouse DPI on certain sites and I always us yt-dlp instead of watching thinks on YT... and even that ain't a silver bullet.

 

[KGIII]

Sadly, uMatrix is no longer developed. It's like NoScript before NoScript existed - and if NoScript was on steroids.

PaleMoon users:

Pale Moon Add-ons - ηMatrix

addons.palemoon.org

Note the warning. It WILL break sites. It's basically like a detailed old-school firewall, except it's for your browser. You WILL block things that stop sites from working. Once you see how much cruft you're blocking, if you haven't seen it before, you'll likely be a bit surprised.

What you do is you set it up for the sites you regularly view and let it block everything on other sites. When you visit a new site, you go through and allow what's needed to at least view the content and leave it there. It does take time and effort and it is not recommended for new people who aren't technically minded.

(Do not install this on grandma's computer, unless she's savvy with this sort of stuff.)

It doesn't just block scripts. It'll block anything you might think of, from CSS to third party CSS, from images to third party images, from scripts to third party scripts, etc...

If you want, you can still use uMatrix. Even though the author (same dude, Raymond, that does uBlock Origin) no longer develops it, there was a vulnerability found and he fixed that a few years ago. It's still available to download and install if anyone wants to play with it.

I can't find a properly maintained fork for other browsers. Though, it is feature-complete and stable.

 

[Aristarchus]

I by default block JS with NoScript and whitelist only sites I care about, so for this test to work had to whitelist it.
Opened the link 2 times each time it says 1 visit, so this means google and others can't fingerprint me?


It's feasible if you block all by default and whitelist only few as you browse the net.

no, just that js is useless for tracking, there are sites dedicated to no-js fingerprinting and they can easily identify you without js.

 

[f33dm3bits]

browsers: if you can make your browser unique with javascript enabled unique

CreepJS

abrahamjuliot.github.io

That's a cool tool, thanks for sharing that!

Is the "FP ID" at the top the ID you want to looking at to get it unique each time? I did read somewhere that when it comes to fingerprinting different browsers use different techniques. I can't remember where but I'll have to see if I can find it, Firefox uses the technique to make you look like others and Brave uses the technique of giving you a unique fingerprint.

 

[Aristarchus]

That's a cool tool, thanks for sharing that!

Is the "FP ID" at the top the ID you want to looking at to get it unique each time? I did read somewhere that when it comes to fingerprinting different browsers use different techniques. I can't remember where but I'll have to see if I can find it, Firefox uses the technique to make you look like others and Brave uses the technique of giving you a unique fingerprint.

There are/were few sites that explain step by step how exactly they can precisely fingerprint a(ny) browser. Does not matter which one.

At some point I lost interest because whatever I do it is still posible to fingerprint any browser.

 

[Tomedi]

5. Proton Mail instead of Outlook, Tutanota, GMail and others

Proton instead of... Tutanota? I thought they both were privacy focused emails.

 

[Terminal Velocity]

Proton instead of... Tutanota? I thought they both were privacy focused emails.

Tutanota is German under STASI jurisdiction, they can be only so privet. Proton is Swiss, best human rights laws in the world, still not perfect but is your best bet

 

[Tomedi]

Tutanota and Proton do not scan, collect, keep and sell your data, but when asked they will both cooperate with government agencies. Proton has already shared its users data with Spanish and French authorities and I'm pretty sure it will do the same when asked by Germans.

 

[Terminal Velocity]

Tutanota and Proton do not scan, collect, keep and sell your data, but when asked they will both cooperate with government agencies. Proton has already shared its users data with Spanish and French authorities and I'm pretty sure it will do the same when asked by Germans.

Proton doesn't have data to give, once they gave an ip address when asked by the court. It has to come to it by the workings of a court in Switzerland in order to give what they have (an IP adress) They do not lobbying, they do not offer user's info for favors around the world and they don't comply with gag orders from third countries

Proton is banned in india for that reason, they do not comply

 

[Tomedi]

In one case Proton also handed recovery email that help to identify and arrest a protester. Proton is based in Switzerland, so it's not a surprise that a court in Switzerland has to be involved. In case of Tutanota that would be a German court. Are you suggesting that Tutanota is giving its users data to everyone who request it? Including the content of emails?

BTW I use Proton, because I like the interface and it comes with cloud storage. In terms of privacy they are more or less the same.

EDIT Tutanota is banned in Russia and Egypt. They probably don't like Tutanota's name or logo, right?

 

[Aristarchus]

Tutanota is German under STASI jurisdiction, they can be only so privet. Proton is Swiss, best human rights laws in the world, still not perfect but is your best bet

Why so many people talks about Swiss law without even bothering to check the facts? Lazy? Swiss gave up freedom fighter from Spain (latest but not the only one). Why? Read the story, learn and please stop confusing people. Please.

I don't care about Tutanota, but again do you have any idea that this is just identical case as with Proton Mail? Clearly not.
Email providers will give up user's data if user is this brainless and provide all the real information when creating an account. This goes for every internet service and anyone should understand this simple truth unless the word "deniability" is beyond user's comprehension.
One can also look for the answers "how to create and keep my email account private/anonymous". Nothing to do with Swiss law

 

[KGIII]

I believe that both of those companies have zero-knowledge encryption configured. They will, of course, be able to tell the IP addresses - if they log them - but they don't have your password and thus can not decrypt the contents of your inbox.

If they logged it, they could also do things like see who you sent emails to, 'cause the address kind of has to be in plain text.

I can't speak to what they log.

 

[Condobloke]

They will, of course, be able to tell the IP addresses

If you were to join, with a vpn in place at the time, would they still be able to see ip addresses ?

 

[KGIII]

If you were to join, with a vpn in place at the time, would they still be able to see ip addresses ?

Not if your VPN was properly configured and didn't leak (See "WebRTC" for more information about one particular VPN vulnerability.)

If they have a recovery email, that'd likely be stored in plain text (or at least something they could decrypt because they can't really hash that sort of thing) and that could be another route to find your IP address. So, you'd have to ensure you used good OpSec (operational security) at all times and with all things even remotely attached to it. The long arm of the law is capable of trolling through all that data to find information, when they're sufficiently motivated to do so.

This also assumes your VPN provider honestly doesn't keep logs. If they keep logs, you're as good as done 'cause they're going to hand that data over when given a lawful request. These companies are very unlikely to take this to some sort of court when it's a lawful request according to their lawyers (and they have lawyers).

 

[Condobloke]

With my vpn enabled RTCPeerConnection ✔ True RTCDataChannel ✔ True Your WebRTC IP​ WebRTC Leak Test ✔ No Leak My vpn Users do not need to enter any personal data to access (deleted) services. Users may optionally provide their e-mail addresses to receive courtesy e-mail pertaining to technical support.