Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
my apologies for the long screenshot. i had purchased adguard's vpn service for five years since its primary adguard service is well know in the iapple ecosystem.
on android, though, their app appears to send data to a lot of third-parties. has it always been this compromised? am i a fool to go for their vpn services as well?
That's crazy. I always recommend people to use self hosted Wireguard VPN. Installation is basically one command from github (autoinstaller script). Or use Mullvad VPN, it seems to be privacy-friendly.
This is something I've not understood yet. If you rent a server somewhere to use as a private VPN endpoint, your clear IP will be pretty much the only one connecting to the server. Correlating your traffic and your clear IP to your masked IP is easy for sufficiently motivated, able actors.
Meanwhile, the main benefit of a shared VPN such as Mullvad is that many users simultaneously use the same endpoint, making it much harder to identify the user (taking only IP and traffic into account), provided they don't log your traffic.
So while having control over your endpoint is nice, how does that actually contribute anything meaningful to your privacy?
Mullvad knows exactly who is connecting, when they are connecting and where they are located. If you have payment information on file they also know your name and your credit card.
They can claim to somehow be "log free" but you can't trust one who says they are going to not do something. Even if they aren't abusing your data someone could of compromised them. Its not a good idea to place trust where you don't have control.
Mullvad certifiably doesn't log. Their VPN infrastructure even transitioned to RAM-only a few months back. They've been raided by the police and nothing was confiscated because there was nothing to confiscate. Obviously they have a list of registered accounts and payments, but without any connection to - well, connections.
I get what you mean though and mostly agree: There are only a few providers I trust enough to shift said trust from the ISP to them.
As mentioned in the comment you replied to: Yes, trusting a third party is a compromise. But you are also trusting a third party when renting a server for a private VPN endpoint, as well. A third party provider with probably a lot more logging going on than a trusted service such as Mullvad. While being way more exposed.
Since TOR isn't feasible for most users 24/7, trusted commercial VPNs are the next best thing when the alternative is your ISP logging everything you do.
I disagree. You don't control Mullvad VPN so you don't control how the servers work. There is nothing Mullvad can do to change a fundamental property of the internet. They are no worse or better than your ISP. You shouldn't use device provided by your ISP and using a VPN gives a company insight and sometimes control of your machine. You should use your own device on your own network. From there setup encrypted DNS and lock down your network.
What? So your advice for improving privacy is to not use a VPN, because the provider may log stuff and instead keep accessing stuff directly through your ISP who will log everything you do and simply use DNS over HTTPS/TLS, which does pretty much nothing for your privacy since your ISP still sees the servers you connect to?
That's terrible advice.
You are using that Duckduckgo thing which is not a reliable source of information.
I would be interested in what a "tracking attempt" would look like.
Your VPN sees EVERYTHING you connect to, if you use HTTPS that is not a big deal but can help target stuff to your usage.
If it is tracking or just traffic passthrough is decided on their servers, which no weird Duckduckgo app can access.
i get what you're saying, but the vpn was inactive when the app sent these requests. DDG was active at the time and using the VPN slot.
so it isn't the vpn functionality, per se, of the app that's doing anything here.
Thanks, I think it is very relevant to understand how this DDG VPN "tracker blocking" works.
If it is about an app sending requests to lots of domains, this may have many reasons. For example it could check the IP addresses of all these tracking serverers to block apps from communicating with them via IP and not URLs.
This would be a reason that a trusted app connects to tracking servers to update their internal filterlist.
This "known to collect" seems to be unrelated to the actual connection, just "this service often collects data about x".
If this is true, that is HIGHLY misleading and please update your post to explain that possibility.
this is a possibility. one that i haven't accounted for.
but is there any literature that verifies this? the closest I've found in context is this page, and I'm not able to resolve what you're saying with whats on there: https://adguard.com/kb/general/ad-filtering/filter-policy/
i don't have enough info yet to update the post with this conjecture.
You need to contact them, if they connect to known to-be-blocked sites to get their IPs.
Googerteller does this:
Note: Find it ironic or not, but to query the list of all Google IPs/subnets, this needs to contact one Google domain, actually. (That request does not emit a sound, though.)
And I would ask DDG how their "tracker blocker" works and if it would also block such requests.0