Isn’t there simply a way to tell your Librem 5 to not give out any valid information to anyone ever? Can’t you just run something that gives out continuously changing false information, to everyone who queries it? Why give real information out voluntarily to anyone ever? As a client device and not a server, there shouldn’t be any consequences to the Librem 5 owner if the Librem 5 lies about everything to everyone who has no business querying it. Corrupt the information pool and thus, poison the whole public information pool when big tech can’t tell what is real vs what is fictitious.
I do not believe in magic. It is different to wish for something than do it. Machines do not have their own mind. They follow specific logical instructions. What are the specific instructions which would do what you ask?
If that was possible, it could be done with iPhone and Android too.
Turning off Javascript in your web browser for general browsing certainly helps Browsers are pretty much operating systems unto themselves, and are unruly privacy nightmares.
I use one browser for general browsing without Javascript (LibreWolf), or Lynx (if I want to stay at the Terminal) and I use other browsers for other activities (such as banking, or this forum).
I am using the hosts file to block Facebook, though I appreciate the detailed solution presented in the OP!
In very general terms, there are two problems here:
- the act of using the web is giving out valid information i.e. the fact of your visit
- most web pages are mixed origin content i.e. the starting point - HTML page - comes from one site but all the content that it references (images, CSS, JavaScript, frames, …) can come from other sites (NB: the distinction here is being made between something that is referenced and something that is linked to)
That is over and above any information explicitly leaked by the web browser (such as User-Agent and language information etc.).
Put simply, the web was not designed for privacy - and hence people look for practical ways to improve the situation.
Maybe there is something in your suggestion of “continuously changing false information” and “lying about everything to everyone” but you have to turn that into a practical implementation within a web browser.
PS Some web pages, intentionally or otherwise, malfunction if the user gets too aggressive with privacy measures. So that basically gives you the choice between not using the web page or playing their game.
I am pretty sure that most of us that are using a Librem 5 (mine should arrive soon), will need to create our own web communities and web site standards as a means of getting real privacy and respect. At first, this will be very inconvenient. But eventually, there can be an abundance of websites and valuable resources that play by new rules. The new rules to the website owners are “you play by my rules or I never visit your website”. No tracking is allowed. I don’t accept any cookies, I don’t care about an “improved browsing experience” - as they say. All I care about is that I maintain my anonymity and freedom from ads. At first, no websites will work that way. But eventually, competition will force them to comply if they want their business to have any reach to us.
See also: A different way to internet? Project Gemini (That topic title would be better as: A Different Way to Web.)
I’ll believe that when I see it.
Another answer is: But eventually the government will force them to comply
but, again, I’ll believe that when I see it.
The governments of the world are the biggest violators. The big tech companies like Google and Facebook do much of the snooping work for them.
There is a bit of a quandary. I want the government to spy on organized crime. But honest individuals are entitled to privacy. So who sorts this out and how is that done?
Right now the answer is: the user takes responsibility to protect his or her own privacy as far as is possible … and that’s actually what this topic is about. It isn’t a perfect solution to the specific problem of Facebook’s spying but it is better than waiting for “the market” or “the government” to do something.
The users doing something is a part of “the market” doing something.
That’s trying to “have your cake and eat it too”. You can’t know someone is involved with organized crime without spying on them and so you can’t know someone isn’t without spying on them as well. So either you make a best effort attempt to limit the amount of excess spying (which is excess spending) or you make the cost of mass spying so low as to use that baseline to better focus the efforts. This is an oversimplification of some of the current state of affairs, but that is how the compromise of less privacy for all can and has happened in some regards. The alternative is to accept that more privacy for all includes more privacy and protections for organized crime, which has a very real likelihood of increased criminal activity.
Privacy, anonymity, and security have some overlapping goals, but also have many opposing goals. Thus the struggle to find a balance.
That assumes that “us” is a large enough, and profitable enough, portion of the market to be worth going after. No advertising means reduced sales, which means higher costs for the same goods/services. What has actually played out time and again is some site will come along with no ads, tout its no ads status, then eventually fins the lack of customers and lack of financial stability uncomfortable (or lack of ability to scale with demand) and then eventually cave to diversifying the revenue stream to allow ads. There are exceptions sure, but exceptions by definition are the outlier not the trend.
Instead of having the mentality of “if they want us they’ll come to us” the better mentality would be “let us show them a better way so they have a reason to come to us”.
I try to think of things, the way they must have been up until roughly a hundred years ago, or so. Without telephones or any other means of electronic communications, the only illegal use of communications would have been found in in-person verbal communications. Although written communications were also available, few people if anyone would plot their crimes out in documented form by writing them down.
So are electronic communications an improvement when it comes to privacy? How can we re-create now, what we had 100 years ago? Back then, you could look around to see who was watching, and choose to whisper, if necessary. Now although you have a much bigger reach, you either brodcast blindly, or keep your mouth shut. There is little in-between these two extremes.
If Musk succeeds in his Neurolink venture, even your private thoughts might become public, like it or not.
DeCloudUs is a good option as well. It allows one to select google or facebook etc to block their sites at the dns level en masse. I use it and am happy with it.
I do not know… I have second thoughts about all this after I read that Matrix, Thunderbird and I am sure other foss attempts can not produce enough money to keep their operations alive, and they ask for money. What if a poor person argues like this: I do not have the money to financialy support, say, Matrix. So I use Messenger and I pay them by allowing them to track my actions.
How do we answer this?
My reply might be - “You can still use Matrix/etc even if you cannot support it financially. Just sharing that you use Matrix on forums/social media, you are spreading the word. That is free advertising for them, which can sometimes be more valuable than a small donation.”
Something like that
Indeed…, this is a good answer.
FYI, TikTok is AS138699.
EDIT: TikTok’s analytics/trackers are showing up on many websites these days. (Visible in NoScript and uBlockOrigin extensions when visiting such websites.) Probably in IoT and/or content streaming devices, too.
Ha ha ha, Great! The venture continues!!
Are you sure this is correct? I blocked it and still the browser shows tiktok.com
I also get other numbers. nslookup www.tiktok.com gives IPs such as
2.23.154.??? Eg 2.23.154.129
Running whois -h whois.radb.net 2.23.154.129 | grep origin
gives AS20940 and AS34164.
Now this comes here through a2047.api10.akamai.net
Is it proper to block AS20940 and AS34164? I wonder…
No you are correct. My bad. It works. But how did you find the AS number?
When I first used the terminal to find it, the result was some mobile IP (10.xxx.xxx.xxx)…? I knew that couldn’t be right. (Turns out, it’s because of the DNS filtering/blocking I have set up in my VPN service account.) When I switched that off and tried again, the return was an IP for Akamai. Also not helpful.
So I just went to the search engine and tried “ASN for Tiktok” and I got relevant results, e.g. AS138699 - ByteDance AS138699 - PeeringDB , https://www.netify.ai/resources/applications/tiktok , and AS396986 Bytedance Inc. details - IPinfo.io . That last one shows a different ASN for Bytedance, TikTok’s parent company; Tiktok’s is further down the page.
10.x.x.x IP addresses are non-routable private network addresses like the 192.168.x.x addresses commonly used in home networks.