Question for the technically minded - VPN and data protection

Squidfayce

Eats Squid
Other than your claims on device ID (which may be accurate), I'm still waiting for you to provide any actual detail/links on what what that whole bunch of shit is. though! I'm not saying I don't believe you, I'm sure it's actually true. I'm just looking for some, any detail.
I lost interest in this thread. not ignoring your questions. But I think to sum up the response

I gave plenty of starting points and shared my knowledge on the subject. You argument is that almost all of what I've said is user driven. You're arguing that users are responsible and they can manage their risk. Sure some users (like yourself), which are a vastly insignificant number to make any meaningful difference in this space. I know you know this.

I fundamentally disagree that users have control because of the ever changing landscape. You literally have to be a privacy expert and know your shit to avoid your data being collected. Most users don't ever get to a level of knowledge that could help them manage data harvesting, they think that setting their FB profile to private is all they need to do. That is the standard of users the world over. They are not in control. They could be, but they're not as much as you'd like to say they are. And they have little interest in being in control. If its not a slider or a radio button in their settings, in a first or second level menu, it doesn't exist. All the things they agree to in EULAs and other things they accept when viewing sites and using apps just scrapes them wholesale. You said yourself, you know this.

But your argument is still that that's all user driven. Sure. there is absolutely no coercion going on. No manipulation. Nothing to see here. If you want to connect with all your friends on platform x, y or z, you give up a lot of control of your privacy there an then. You never feel it either, so why would you give up connecting with friends for something you dont understand or are not impacted by in any measurable way (measurable by you, the user). If you cant feel it, its not real, right? or the old "I'm not doing anything wrong, they can have pictures of my smashed avo on toast for all I care" because thats all they think they are sharing when they click "i agree".

In todays day and age where convenience is king, and ignorance prevails as a standard default for most users, its hard to argue that all those people could be protected against privacy incursions if they just took a little interest and did some research and managed the risks.

To me it feels like a tasteless victim blaming argument.
"oh you should have known to switch off your location tracking"
"why did you agree to targeted advertising?"
"why didnt you use a VPN?"
"you should know all this privacy stuff"

it all kinda sounds like,
"oh how much did you say you drank?"
"you should have known that was a seedy part of town"
"if you hadnt of told them where you lived, you wouldn't be in this situation"
"did you see what they were wearing?"

Now I KNOW that's not what you're saying, and I fundamentally understand your point of view. I'm just arguing that its unrealistic and unreasonable. The majority of world users have proven already they don't understand what they are doing with technology on a daily basis or how it works and they for the most part implicitly trust it. Its perfect

You know those scenes in legal shows where an opposing firm buries evidence in rooms full of files in the hope it doesn't get found or that the other legal firm just gives up. That's pretty much how data privacy and protection feels like to a normal user. They hear about it, they might take small steps towards it, but they don't watch the landscape or take proactive step like re-reading new T&Cs when they asked to be re-agreed to (if they even read the first one at all), they don't go scouring technical forums about what the various app permissions they are agreeing to are actually doing and whether its reasonable that the app is asking for it. You say device ID can be changed. SO what? how many users even know about Device ID and what it does to even bother changing it? I know what it does and I cant be fucked changing it. How often should I if I cared? After every google search? when i log out of apps? What users stand to lose is pretty intangible to most of them but spending time on managing this level of privacy isnt. It takes effort.

You can take out money and pay for groceries because you don't want data about your purchases being collected, You can not sign up to a free streaming service, You can avoid connecting with friends on FB/Insta etc. Fine. it wont change the insights that are gained in aggregate about people LIKE you. You as an individual are not really unique. The only unique thing about you is your finger prints and your DNA. Everything else fits a profile. Just in this thread, we know a bit about what you do for work, we know you like bikes, we know you have strong opinions about certain subjects and based on a number of these things and other statements we could scrape from these forums it could probably be easy to deduce things like marital status, kids, vehicles driven, location, holiday preferences, what you like to drink, your race etc. All without Facebook, flybuys or any other stuff youve actively opted out of. So i guess power to you for putting in the effort, but in a whole i think youre missing out on all sorts of awesome fun stuff that just costs a little bit of your soul, err data.

 
Last edited:

Squidfayce

Eats Squid
@Minlak That Smart TV thing is terrifying. How complacent have we become to even allow a scenario like that to play out.
We bought a Thermomix a while ago and I opted for the previous model purely because it didn't connect to the internet. I didn't want my food processer even capable of automatic software updates or one day finding that certain functions are ransomed to a subscription service.

If you ask people, would you allow a 3rd party to open your snail mail, read it, slip a couple of coupons in based on what they read and close it up again, most would say no way; but that's Gmail in a nutshell. Most people clearly have no understanding of the power of consolidating minute packets of seemingly innocuous data over time, and defer to the 'if you've got nothing to hide you've got nothing to worry about' argument to hide their ignorance.

The big question that always remains for me is, how responsible is the user for their privacy when the device, apps and services are actively trying to obfuscate what the product actually is, or what they do with the data. Should the default be caveat emptor or caveat venditor, and why? Can you even have 'buyer' beware when most of the offenders are 'free' service based on the collection of freely given information.
bingo.

Our smart TV has a camera installed in it for video calls or "netflix parties" etc. Only now after several years, skype is no longer supported for the tv and I have a tv that can in theory capture audio and visual from a large part of my house. The manual for this tv actually stipulated that the mic is always listening and that you needed to do a couple changes in the settings to set its default to "off". Even then, is it really when it still can act on voice commands from its "off" state? hmmm
 

indica

Serial flasher
Even then, is it really when it still can act on voice commands from its "off" state? hmmm
That is proper fucked.
It's all fucked, we are all fucked.

I just signed up for a VPN for a look, iVPN.
OOh, we don't take your email address, no but you probably sell my IP to Steve Gates Bill Jobs Facebook Ebay dudes.
Oh well, it didn't cost much, I paid in crypto too.
 

dirtdad

Wants to be special but is too shy
Even then, is it really when it still can act on voice commands from its "off" state? hmmm
Desolder all of the things!!

That is proper fucked.
It's all fucked, we are all fucked
Reminds me of a project I saw a while back too.
Plays white noise into your 'smart' speaker until it hears your special word. Then only plays your commands into it.


But can [insert tech overlord here] simply determine your white noise signature and then filter it out to hear everything anyway?!? Who knows...
 

Squidfayce

Eats Squid
But can [insert tech overlord here] simply determine your white noise signature and then filter it out to hear everything anyway?!? Who knows...
depends. If the white noise generated was a prerecorded loop/soundbite then absolutely. You'd do this by inverting the phase of the loop and playing it at the same time. The oppositely phased identical sounds cancel each other out to reveal all other sound. Kinda a neat audio trick.
 

johnny

I'll tells ya!
Staff member
Now I KNOW that's not what you're saying, and I fundamentally understand your point of view. I'm just arguing that its unrealistic and unreasonable. The majority of world users have proven already they don't understand what they are doing with technology on a daily basis or how it works and they for the most part implicitly trust it. Its perfect
I don't care about what the rest of the world is doing and I don't know why you keep on trying to convince me about that. I'm trying to understand the technological approach to protecting privacy. You mentioned the issue of of device ID and how that is used to identify us and our actions and I asked you to post some useful info on that so I can understand it. I don't know why you aren't doing that instead of trying to convince me of something I understand, accept and don't care about.
 

johnny

I'll tells ya!
Staff member
And for clarity, @Squidfayce I know what I share on here and elsewhere. The challenges is ring fencing what you are prepared to share and what you want to keep private. I can do that by choosing what I share and what I do not share. But I do not have the knowledge of what is being collected on me without my consent (the examples of ultrasonic cross-device tracking and browser fingerprinting were given), that is what this thread is about, not what the rest of the world is doing.
 

Squidfayce

Eats Squid
You mentioned the issue of of device ID and how that is used to identify us and our actions and I asked you to post some useful info on that so I can understand it. I don't know why you aren't doing that instead of trying to convince me of something I understand, accept and don't care about.

I posted a link to how your device id gets used in several ways. Did you want me to find every usefull piece of info for you?

Is a search engine something you've opted out of also?

Take a look at a software called threatmetrix and how it's implemented. Lots of technical articles online if you care. Here's a userfriendly explanation video (for some perhaps less technically minded)

I've configured this software for businesses and used it daily for years. I'm telling you now, it does a lot more than what it says on the box. To the point google is not happy about it.
 
Last edited:

johnny

I'll tells ya!
Staff member
I posted a link to how your device id gets used in several ways. Did you want me to find every usefull piece of info for you? Take a look at a software called threatmetrix and how it's implemented.

Is a search engine something you've opted out of also?
Dude, if you want to act like a dickhead, you can bow out of the thread, no one was rude to you. You came into this thread shooting your mouth off and to this point you've provided nothing of actual substance except for agreeing with others and stating what everyone already knows.

And for the record, you posted a link to a marketing company that didn't explain shit about the technology or how it works.
 

Squidfayce

Eats Squid
Dude, if you want to act like a dickhead, you can bow out of the thread, no one was rude to you. You came into this thread shooting your mouth off and to this point you've provided nothing of actual substance except for agreeing with others and stating what everyone already knows.

And for the record, you posted a link to a marketing company that didn't explain shit about the technology or how it works.
I'd argue that you were rude.

In anycase. I'm not here to convince you or do your research for you. BUT you might want to Reload the page and look at the last comment. I've left you some more stuff you could look into of you actually care. But I'm telling you now, your online privacy doesn't exist, whatever you decide to do to protect it. Software like threatmetrix has that sorted, don't worry ;)
 
Last edited:

Squidfayce

Eats Squid
The user chooses to use Apple Wallet, the User DLs the app..., etc.

All user driven from start to finish.
Untill that's the only way a company will interact with you. Woods through the trees man.

Gps used to be only in a hand full of military devices, then only cars owned by rich people now in almost everyone's pocket.

Do you think phones won't replace wallets, cards and cash anything you need to transact with or use on a daily basis? Not that that even needs to happen anymore mind you, but it will. It will make it simpler for everyone. Consumers AND data lords.
 
Last edited:

johnny

I'll tells ya!
Staff member
I'd argue that you weren't rude.

In anycase. I'm not here to convince you or do your research for you. BUT you might want to Reload the page and look at the last comment. I've left you some more stuff you could look into of you actually care. But I'm telling you now, your online privacy doesn't exist, whatever you decide to do to protect it. Software like threatmetrix has that sorted, don't worry ;)
Yeah, I know I wasn't rude and I don't understand why you decided to be.

Anyway, I watched the vid that you edited into your post, and I am actually aware of device ID technology, but I'm still trying to understand how it collects information without consent. Most of the reading I could find when I searched on it before was from marketing mags, etc. (and everything they discussed was based on opt in and consented sharing). I'm still reading through it trying to find the issues you've implied, but I'm yet to come across it. I'm not doubting you that it exists, but I'd like to actually understand it.
 
Top