I guess what I’m thinking is this scenario: if a person never had a gmail account or used any google products ever, google still makes bank off that person by using third-party cookies & scripts, cross-site tracking, fingerprinting, Ad ID / Device ID sync, et al. How can you not call that data theft when you don’t use their products?

Now I’m sure somewhere in the google products TOS, it states you will bend over and spread your cheeks, but for the person that doesn’t use said company’s products, this seems a bit different.

Well, it wasn’t so much an argument as it was a muse. I’m not a marketing guru and again, I am expert at nothing.I do run several businesses, but word of mouth is my advertisement.

The purpose of an advertisement, say in a magazine or on a billboard, is to sell you goods or services. Those goods or services are ‘$Price A’ which is cost to manufacture, taxes/applicable fees, plus overhead and profit. On the internet, yet another element is added and a very invasive element: Data Collection & Brokering. So, without even selling you goods or services, the company in question is making bonus bucks from collecting your data and using it/selling/trading it. So, on the internet, the company in question is double dipping IMHO. Once for enticing you to buy their goods or services, and the most nefarious IMHO, collecting your data via all manner of sneaky ways. So, it seems to me, whether or not they sell you a product or service, they’re already making bank on a global scale, and not affording you due compensation for creating the data in the first place. Creating takes labor and labor is compensated with $$. If it means billions of dollars to the company in question, then it’s worth a lot to little ol’ me. Even if it were just clicking a mouse or typing on a keyboard, your data has high value, and they know it.

I call this data theft. It is the very same offense if I walked into the CEO’s office of a fore mentioned corporation, and picked up a paper weight, stuck it in my pocket, and walked out the door. It’s data theft. Now it may be the bowl talking so feel free to spool me right up if I have err’d in my thought process.

I’ve always thought (anecdotally - no substantiating evidence) that advertising on the internet, which is much different that advertising in a magazine or billboard, is probably a loss leader or close to it. The real value for the product manufacturer is the data they steal from you. In all honesty, I can’t think of a product or service I’ve purchased that was based on an advertisement. 99.999% of the time, I know what I need or have a really good idea, and will research it on the internet extensively, depending on value, and make my purchase based on my research. It also could be that I have made it a concerted effort to never see any online advertisements on my network, so maybe I am not as affected as those who see ads in every square inch of their monitor every day, like they’re on a porn site.

Network so tight I call it virgin. /s

i’ve rebuilt this server multiple times each time i encountered a “gotcha” or a surprise that i had not anticipated and it made some needful component stop working

I feel that. LOL I will reinstall something over and over until I get to the finished project without ‘gotchas’. Probably, most of mine are benign, but I don’t want to always have it in the back of my head that something I did during set up is now hindering me in the present.

the tone changed

It does, especially when you make it a personal connection to their daily lives, which I always try to do. The vast majority of people don’t really think in terms we as privacy advocates do. There are many factors. As I mentioned, shit’s very complex. People are very busy now days just to make ends meet. Usually both parents work, come home, spend a little time with the family and collapse in bed only to do the same tomorrow, until the weekend when they catch up on household chores, spend time with their children, try to rest up for the next 5 or 6 work days. They don’t have the time to read the Unix manual, much less understand it. So I try to break things down in digestible bits so as not to overwhelm.

I’ve had very good success with pFsense. For a freebie, it sure is packed with all the goodies. I’m probably not utilizing it to it’s fullest extent, there are just so many options. I run DNSBL and Suricata for IDS/IPS, and NTOPNG + Graphana for observables.

30 miles covers a lot of potential users.

What about wired connections? I guess I fail to remember, a lot of people use their phones as a mobile compute platform, which I very rarely do, and certainly not a Reddit app.

Something odd happened on Reddit today…

I don’t find that extraordinarily odd at all really. This has been Reddit’s modus operandi for quite a while now. Anything that might pull the curtains back to peep at what/who’s running the show is sternly frowned upon. Usually, they will just shadow ban you which I personally find cowardly. I’d rather you tell me straight out to piss off.

On the topic of browser fingerprinting. I have a more than fair understanding of how it works, however, I am an expert at nothing. What has always struck me as odd is that browser fingerprints change over time, so how do you use a browser fingerprint to source the origin user? Without changing anything, my fingerprint ‘score’ changes daily. Some things that change or affect browser fingerprinting are:

• User-Agent (browser, OS, version)
• Screen resolution & color depth
• Installed fonts
• Plugins & extensions
• Canvas & WebGL rendering
• Timezone & language settings
• HTTP headers (Accept, Do-Not-Track, etc.)
• WebRTC, audio context, hardware info
• Cookies, local storage, caching behavior

About 80% to 90% of all browser fingerprints are unique at any given time. Only 30% to 50% of browser fingerprints change within 1 to 3 months. Users who regularly update, wipe their browser data, or install extensions have the most changes, whereas users who hardly ever update anything, never wipe browser data, or install extensions have the most consistent browser fingerprints that can last months to years. So, in my thinking, a browser fingerprint alone would do little to pinpoint a specific user, if they are regularly maintaining their security envelope. I guess in the case of forensics, a browser fingerprint could be used as a part of complementary evidence.

If they were using a VPN, it could be that their DNS was leaking. However, Reddit usually rejects accounts made with a VPN engaged.

Checking fingerprinting is something I do regularly because I’m very curious. The best I’ve been able to achieve is partial or nearly unique. I also do daily DNS leak tests, which may sound all paranoid, but even with a VPN, and a stand alone pfsense firewall/unbound, and various other obfuscation techniques, VPN IPs change and the IP you had yesterday for a certain locale, might not be the same as today, so it’s worth me taking a minute to check. Not that I have anything to hide. /s

I recommend a daily cleansing with Bleachbit, or Privazer. Schedule task or a cron to run it before shut down.

If someone has expert knowledge of browser fingerprinting, I stand by to be schooled.

I find that people who say ‘I’ve nothing to hide’ haven’t really thought it through. Mainly because, in most of the general public’s mind, there is a disconnect between their daily lives and their online lives. Instead of being condescending to them, run through a couple of obvious scenarios with them:

• You have keys and locks they go to. Maybe they go to your car, front or back door, or tool shed. Why? Keys and locks prevent unauthorized access. They do not portend guilt in any way.
• You have window blinds and even black out curtains covering them. Why? What would be your reaction to a law that made window blinds and curtains illegal because the authorities having jurisdiction can’t see what you are doing in your house?
• Would you be ok if a live feed of your bathroom or bedroom be broadcast to the internet for all to see? Why not?

Usually, running through daily things people do and contrasting them with privacy, security, and anonymity, I can get them to realize that yes, they too enjoy, nay, demand privacy, security, and anonymity in their daily lives, and that their online presence should not be any different.

The average Joe citizen really has no idea what goes on behind all those pretty pictures on their screen, and they could almost be forgiven for that. I’ve had a computer in front of me since the mid 70s and I openly admit, computers and networking are complex beasts. Even I have not plumbed the depths. Someone here made a comment once that if their knowledge was a 25’ tape measure, they might know an inch, and I think that is applicable.

We, as the stewards of the secret knowledge, should not brow beat those who may be unenlightened. They are not sheep, they are not normies, they are not idiots. They just have no clue, so it behooves us to educate and assist those who do not understand, without making them feel like they’re stupid. The more educated the populace, the further our privacy, security, and anonymity mission is spread.

The phrase also derives from a mid 1800 child’s physics book that had review questions at the end of each chapter to check if you understood the information. One of the questions was ‘Can a man pull himself up by his bootstraps?’, which is of course impossible because he is being acted upon by forces greater than himself…namely gravity.

Indeed, the more you know.

Yep. Settings > I am an advanced user (All the way at the bottom of the page). On the Filter Lists tab, I checked everything except ‘Regions, languages’ This lets you ‘dial in’ what you want on your network and what you don’t. After a while of looking at the CNDs, and all the data points in Ublock for a particular site, you start to get a feel for what to block and what not to block.

There are color shades in UBlock that represent different types of blocks and allows. See here: https://github.com/gorhill/uBlock/wiki/Dynamic-filtering:-quick-guide. As you select what to block, you will find that other sites use the same CDNs, etc, so once you have allowed or denied certain ‘services’ you don’t have to do it for all sites.

Awesome! Etymology is a fascination of mine, where language derives itself from and how words and phrases have changed and even been bastardized to mean something else. One of my favorites being ‘Pull yourself up by your bootstraps’.

c. 1400, chokkeful “crammed full;” the first element is possibly from choke “cheek” (see cheek (n.)). Or it may be from Old French choquier “collide, crash, hit” (13c., Modern French choquer), which is probably from Germanic (compare Middle Dutch schokken, and see shock (n.1)).

<----- etymology freak

I posed this in another ‘obfuscation’ thread, but in the case of steganography, wouldn’t AI have the ability to ‘see’ that the a file, say a image’ has odd bits in it that shouldn’t be in an image? Even further, would it be able to ascertain that you have two levels of messages hidden inside the image? It sounds similar to what you can do with VeraCrypt Cryptomater in that you have two ‘levels’ of encrypted data. One to reveal to the authorities and one that’s for the intended target of the data packet.

I do not use Mullvad, however, I have had the same issue with sites, not rt(.com) in particular, but others. All I do is switch locales and usually the problem clears up. I haven’t figured out exactly why. A lot of VPN IPs have a tendency to be abused and so a certain website may have blacklisted your IP number of the VPN locale you were/are using. Could be some scenario such as this.

Well, that certainly is a different take than I’m used to. I sometimes fail to realize that most of the population live in fairly tight quarters, especially in housing developments, etc. Their coverage would entail an acre maybe a little more or a little less and even a doorbell cam has a pretty wide field of vision. So I could understand that concern. Where as, I have some acreage to mother hen. Barns, equipment, etc. and I have zero tolerance for a person who would walk onto my property and steal from me. I’ll help a brother out as best I can, but if you steal from me that’s going to get you in some troubled water.

Anyways, thanks for the explanation. Always down to be educated. Thanks for the link as well. I’ll hit it in a bit.

Huh. I guess I have gotten used to living in farming country. Not too many people out here walking, but that concern seems valid.

• Eufy
• Arlo Pro
• Blink Outdoor
• Amcrest Ultra

I am assuming you are covering something like residential property.

These come to mind. I think all of those have offline and online storage, so storage capacity would be dictated by what you choose. All four of those manufacturers have doorbell cams as well. All four have motion detection.

I would advise against using surveillance cameras, because they violate others’ privacy.

That’s a curious take. I’m keen to know your angle. If you are within range of my surveillance cameras, you’re on my property and are not afforded any privacy. I don’t care what happens out in the street, so I have none that cover the street. However, when it bleeds over onto my square, then I do care.

I’ll have to admit, back in the day Google’s Picassa was the shit.