Author

Topic: We are still being targeted (Read 222 times)

sr. member
Activity: 1554
Merit: 413
March 25, 2020, 07:25:31 AM
#8
https://support.mozilla.org/en-US/kb/common-myths-about-private-browsing

You used Chrome incognito but the article above from Mozilla applies as well.

"Myth 1: Private Browsing makes you anonymous on the internet.

Reality: Private Browsing does not mask your identity or activity online. Websites can still gather information about your visit, even if you are not signed in, and so can internet service providers. If you use your device at work your company may be able to monitor the websites you visit. Or, if you surf the web at home, your cable company or their partners may have access to your browsing information."


Other than using VPN, you can also consider using Brave browser. It is the most private according to this research https://www.scss.tcd.ie/Doug.Leith/pubs/browser_privacy.pdf You can also browse with Tor using Brave's private window.
donator
Activity: 4760
Merit: 4323
Leading Crypto Sports Betting & Casino Platform
March 24, 2020, 08:17:23 PM
#7
Nobody concerned about their privacy should be using Chrome, or any Google products for that matter.
member
Activity: 421
Merit: 97
March 24, 2020, 12:50:45 PM
#6


But Wireguard has faster transfer speeds so maybe your VPN program can switch between OpenVPN and Wireguard based on how much security is needed.


That's actually a very good idea. I will keep updates about that implementation. The idea is of course to decentralize VPN snf let people host their own. You may share it with a friend
or more an split the $10/month cost to $1/month.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
March 23, 2020, 09:55:49 AM
#5
Today I opened my incognito Chrome tab (without being logged in on google, gmail or anything), searched for a leasing
deal for a new car. I just looked at those deals and nothing more, closed the tab.

Later today I see my instagram full of leasing ads, 2 in a row from two different companies  Angry Angry Angry

I am an ethical hacking & cyber-security guy so perhaps I know how take care of my security. Have we moved from cookies-based
targeted ads to NAT/PAT IP targetting? (https://en.wikipedia.org/wiki/Network_address_translation)

Perhaps the car dealership site geotagged you and was using facebook analytics to correlate your location with your instagram account. I'm not too certain how that would work though.

Screw this, I am starting my own VPN. Features it will have:

Possibility to change the encryption method:
  • For important things like transactions etc it will be a good security encryption method but it will be slower
  • For normal things that need speed like watching youtube, netflix etc it will have a normal encryption method like nord vpn but it will be faster

100% open source and free, you will be able to host it yourself for max $5/month and don't pay those VPN scam companies. You will have full access to your
own information that is held on the VPN, no logs, no stupid things.

If you really are going to attempt to make a VPN then you should build it off of OpenVPN libraries. Lots of businesses are already using it for remote working and you can change a lot of it's parameters and inner workings. However, the moment you begin to host these VPNs as a service you're opening a weakness in the VPN setup since government officials can send a cease-and-desist notice to your hosting site. It would be better for people to host VPNs on their own servers.

But Wireguard has faster transfer speeds so maybe your VPN program can switch between OpenVPN and Wireguard based on how much security is needed.
legendary
Activity: 1904
Merit: 1277
March 22, 2020, 08:49:19 AM
#4
We are still being targeted by ads, no matter the GDPR regulations and everything to "control what you see".

Under GDPR, you only need to have a "lawful basis" to process someone's data. Article 6.1 of the GDPR legislation explains that consent is one of the six lawful bases - meaning that actually consent isn't always required.

Quote
Processing personal data is generally prohibited, unless it is expressly allowed by law, or the data subject has consented to the processing. While being one of the more well-known legal bases for processing personal data, consent is only one of six bases mentioned in the General Data Protection Regulation (GDPR). The others are: contract, legal obligations, vital interests of the data subject, public interest and legitimate interest as stated in Article 6(1) GDPR.
https://gdpr-info.eu/issues/consent/

The Information Commissioner's Office (UK) covers these five alternatives to consent. You can process personal data if it’s necessary for:
Quote
  • A contract with the individual: for example, to supply goods or services they have requested, or to fulfil your obligations under an employment contract. This also includes steps taken at their request before entering into a contract.
  • Compliance with a legal obligation: if you are required by UK or EU law to process the data for a particular purpose, you can.
  • Vital interests: you can process personal data if it’s necessary to protect someone’s life. This could be the life of the data subject or someone else.
  • A public task: if you need to process personal data to carry out your official functions or a task in the public interest – and you have a legal basis for the processing under UK law – you can. If you are a UK public authority, our view is that this is likely to give you a lawful basis for many if not all of your activities.
  • Legitimate interests: you can process personal data without consent if you need to do so for a genuine and legitimate reason (including commercial benefit), unless this is outweighed by the individual’s rights and interests. Please note however that public authorities are restricted in their ability to use this basis.
https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/consent/when-is-consent-appropriate/#when6

These means that companies are at first glance technically able to apply the legitimate interests basis under 'commercial benefit'. However, the individual's rights and interests also come into account here. The Information Commissioner's Office adds:

Quote
You are also likely to need consent under e-privacy laws for many types of marketing calls and marketing messages, website cookies or other online tracking methods, or to install apps or other software on people’s devices. These rules are currently found in the Privacy and Electronic Communications Regulations 2003 (PECR). The EU is in the process of replacing the current e-privacy law (and therefore PECR) with a new e-privacy Regulation (ePR). However the new ePR is yet to be agreed. The existing PECR rules continue to apply until the ePR is finalised, but will apply the GDPR definition of consent.

So currently PECR/GDPR rules mean that you do need consent for e-tracking practices.
... which brings us (finally) to how these companies are breaking the law: consent must be explicitly given.

From the GDPR legislation again (link above):
Quote
consent must be unambiguous, which means it requires either a statement or a clear affirmative act. Consent cannot be implied and must always be given through an opt-in, a declaration or an active motion, so that there is no misunderstanding that the data subject has consented to the particular processing.

Instead of 'opt in' many companies are treating consent as a failure to opt-out, which is a very different thing, and against both the spirit and the letter of the law. Particularly as this often results in nested consents, where permission is assumed by the company, they sell the data to their clients, you then in turn sell to their clients under the initial assumed permission.

I think the failure here is not in GDPR itself, but rather that compliance is not being policed effectively. Perhaps ePR, once finalised, will lead to greater compliance - although the ePR is not expected to come into force until 2022.
How this will apply to the UK (which obviously is leaving the EU) is unclear; the general assumption is that alignment with the EU will continue, although obviously this may change.
full member
Activity: 305
Merit: 106
March 20, 2020, 08:37:24 AM
#3
Later today I see my instagram full of leasing ads, 2 in a row from two different companies  Angry Angry Angry

I had a similar shock a few days ago.
Have a project website on a VPS and added a GIF as a logo. It's a dumb gif
Have been tinkering with that website for a while now.

One day talking to a friend on whatsapp on my phone, I wanted to send a gif and the same gif I added on my site was in the first 3 recommended ones. I froze! The gif I'm talking about is the Peanut Butter Jelly Time Banana. Not that mainstream I assume. Also don't have facebook on my phone.

Privacy is a wonderful concept but seems everyone is trying to tear it's walls down and no GDPR will stop that.
copper member
Activity: 474
Merit: 3
Exclusive Crypto Rebates for Poker/Sports/Trading!
March 14, 2020, 10:52:04 AM
#2
IP target has its own downfalls because they'd have to assume it's always you on your IP. There could be many people under your household or building and complex. Let me know if I'm off here.
member
Activity: 421
Merit: 97
March 14, 2020, 10:31:30 AM
#1
We are still being targeted by ads, no matter the GDPR regulations and everything to "control what you see".

Today I opened my incognito Chrome tab (without being logged in on google, gmail or anything), searched for a leasing
deal for a new car. I just looked at those deals and nothing more, closed the tab.

Later today I see my instagram full of leasing ads, 2 in a row from two different companies  Angry Angry Angry

I am an ethical hacking & cyber-security guy so perhaps I know how take care of my security. Have we moved from cookies-based
targeted ads to NAT/PAT IP targetting? (https://en.wikipedia.org/wiki/Network_address_translation)



Screw this, I am starting my own VPN. Features it will have:

Possibility to change the encryption method:
  • For important things like transactions etc it will be a good security encryption method but it will be slower
  • For normal things that need speed like watching youtube, netflix etc it will have a normal encryption method like nord vpn but it will be faster

100% open source and free, you will be able to host it yourself for max $5/month and don't pay those VPN scam companies. You will have full access to your
own information that is held on the VPN, no logs, no stupid things.

(for your knowledge, even VPNs are not secure so that's why hosting it yourself is better because you have CONTROL https://techcrunch.com/2019/10/21/nordvpn-confirms-it-was-hacked/?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAAIzsV-id4TYt5JxoHP4MdXifk7ruMmhXGFYwOBFHowFmuaJro6nJ-328EmFzYs67yO93XbV2bakJUxM3afJBMQ-0mUijxg75o4eA7ip2GAtqVpzBwIeO-4_49F0_cbS0mubBGVQehKFWmod3al4LfV_alCTAaZy7uTxhsMaJS6ko )

Will post and update as soon as the solution is ready.
Jump to: