Well, of course. Just don't sign up for a Google account.
When you get an Android phone new, there's a moment when it asks you to sign up or sign in with a Google account. There's a "later" option". Click that, and then remove the Google one-time startup program. Install F-Droid, and get your apps from there.
The mail program on Android will talk to an IMAP server. Find one to use, and you don't need Gmail. No ads.
On desktop, use Firefox, LibraOffice, and Thunderbird. Install Privacy Badger from the EFF. Videos are uploaded to Vimeo. I have a cheap web site on HostGator if I need to upload anything for someone else to look at, and a Github account for code storage.
I've been doing this for years, and don't seem to be missing out on anything except ads.
If you are not signed in, for extra safety you can also disable google play framework and all google apps. You won't get things like fused location, but hey, that one requires connecting to google services too.
Or you can inspect AOSP itself and bring your device to AOSP-like state.
Sure, you won't know whether the vendor of your device didn't modify the firmware itself, but what motivation is there for Samsung, Sony or Huawei to help Google to get user data?
> what motivation is there for Samsung, Sony or Huawei to help Google to get user data?
I'm not sure about their motivation, but several vendors are famously known for bundling spyware with their phones. Usually within the keyboard app or some telemetry system.
> bring your device to AOSP-like state
That's a solution but is impossible without having a clean ROM at your disposal. Google's spyware is contained within Google Play Services, which you can't get rid of that easily.
Jumping to LineageOS is order of magnitude bigger change, than `adb pm disable` packages. LineageOS has to support your device in the first place, and then you have root your device (and lose some capabilities in the process, like camera processing on Xperias).
Yes, you will get better control over software that runs on your device. You will pay for it by going through more demanding process and the risk of having instabilities, that nobody except you cares about.
Google requires all apps that are on Google Play to use Firebase, which is baked into the OS, for notifications. Developers might make apps available on F-Droid or through individual download, but most of the time, those are just the same versions available on Google Play and configured to use Firebase.
The problem is that while Android is OS, most apps use functions and OS-level API's available that are only available through the Google Play Services application. This is a good thing for people who have phones from manufacturers who don't update the OS's, but it's a bad thing if you don't want Google Play Services to run.
You don't want Google Play Services (or Google Mobile Services) to run because if it's running, it's talking to Google (even if you never configured an account) in order to use their hosted API's like location detection based on nearby Wifi AP's, push notifications, malware scanning, etc. Whenever it connects to those hosted API's, it POST's a unique device ID.
This is harder than it sounds. The current versions of the stock keyboard, clock, calendar, contacts manager, and even phone dialer all have Google Play Services as a dependency.
> Google requires all apps that are on Google Play to use Firebase, which is baked into the OS, for notifications.
Only for apps on the Play Store. This is much less restrictive than iOS, which requires you to use APNS for notifications without any workarounds. Also, Firebase is not "built into the OS" and doesn't exist at all in AOSP.
> The current versions of the stock keyboard, clock, calendar, contacts manager, and even phone dialer all have Google Play Services as a dependency.
Those aren't "stock." Those are Google's apps. Many devices don't even use Google's by default. The AOSP implementations don't use Google Play Services at all. It is trivial to install replacements on even Google-flavored Android devices that don't use Google Play Services.
Compare to iOS. Apple knows every app you ever downloaded, and there is nothing you can do about it. Every time you click on an address link, it sends the address to Apple, and there is nothing you can do about it. Any time an app looks up your GPS location, that location is sent to Apple, and there is nothing you can do about it. If you want to write apps for your own device, you need to give card details to Apple, and there is nothing you can do about it. That is what data collection built pervasively into the OS actually looks like
What nonsense. Google's panoptic data collection is not excused by AOSP, side loading, or vendor shovelware, all of which are completely irrelevant. Google's detailed picture of the daily physical movements of everyone, cross referenced with their email, web searches, site visits, and who knows what else, is not somehow worse than Apple requiring a credit card to develop for the app store.
Apple Maps doesn't know who you are. Siri doesn't know who you are. iMessage is E2E encrypted. Locations are anonymous. If you actually cared about this stuff, you'd be applauding Apple.
You've fallen for a simple marketing campaign. What Google does with data has nothing to do with what data Android collects out of the box, which I have demonstrated (and you have not refuted) is less than what iOS collects. You can just as easily send your location, email, and search data to Google on iOS as you can on Android. The difference is that on Android, it is possible (even easy) to choose not to send data to Google or Apple.
> If you actually cared about this stuff, you'd be applauding Apple.
If you actually cared about privacy, you would be damning Apple for handing over the iCloud keys for Chinese users' data to the PRC allowing the PRC to implement dragnet surveillance on iCloud documents, iCloud email, iMessages, etc. to find and disappear dissidents. This is worse than anything Google or even Facebook has done by a stupendous margin.
> iMessage is E2E encrypted.
Since Apple controls the keyserver, Apple has the ability to wiretap any iMessage conversation (https://blog.quarkslab.com/imessage-privacy.html). Since China controls the keyserver inside the great firewall, China has the ability to wiretap any conversation that occurs with at least one user in China. Compare to Android, where you can set Signal as your default SMS handler. One pretends to support privacy, while the other actually does.
> Apple Maps doesn't know who you are.
But it does know where you are and every address link you click on. From there, you are very easy to deanonymize. Compare to Android, which lets you run fully offline mapping applications and set them as the default address handler. Apple's apps are systematically both less useful than alternatives and less private than other alternatives. The only thing that saves them is slick marketing.
That doesn't prevent Google from collecting information about you. Even though you don't actively use Google on your Android device, doesn't mean it doesn't phone home and reports information to Google.
For example, if you don't actively disable it, your phone sends the names of all Wifi-networks in your proximity to Google, so Google can tell you where you are faster and more accurate than with GPS. Even if you disable it, your phone will still fetch GPS positioning information from Google unless you change that to use another service. And so on and so on ...
That's just one example, but there are multiple occasions where your stock Android phone phones home to Google.
And this is the sort of thing GDPR is meant to prevent. Unless you explicitly allow it (and a popup checked by default doesn't count), Google cannot use that data for purposes other than providing you with positioning information.
> And this is the sort of thing GDPR is meant to prevent.
Sure. But Google being the immoral company it is has instead chosen to lawyer up, tell people it's compliant with the GDPR, and keep on collecting everything it can get its hands on anyway.
Even if Google didn't touch by a ten-foot pole the data that it logs and collects for services like faster location finding for Android devices, which I think is unreasonable to assume, it is still accessible to the government under the 'national security' excuse.
> For example, if you don't actively disable it, your phone sends the names of all Wifi-networks in your proximity to Google, so Google can tell you where you are faster and more accurate than with GPS. Even if you disable it, your phone will still fetch GPS positioning information from Google unless you change that to use another service.
Nope. Sending this data to Google requires an opt in on Android (Google Location Services checkbox in the device setup flow). iOS has the same location system, but it won't even let you opt out of it, and that might be the source of your confusion.
For any regular non-technical user locking down most Android phones (presumably some phones come with hardened settings and possibly with no Google services) and keeping the data away for Google is a huge challenge. The default settings are almost always very permissive, you have to dig down through settings to disable everything, and a lot of stuff isn't very obvious for anyone who doesn't expect such behavior. Oh even when the WiFi is off it will still scan for nearby SSIDs to get your position?
It is much less of a challenge than keeping your data away from Apple on iOS as my previous comment demonstrated.
> Oh even when the WiFi is off it will still scan for nearby SSIDs to get your position?
Again, this is opt in even on Google-flavored Android devices. There is no digging through settings required — the opt in checkbox appears in the setup flow. On iOS, there is nothing you can do to stop your device from doing this.
> You don't have to do anything to get decent privacy on iOS because it comes like that out of the box.
It's amazing that somebody who works in tech would fall for that marketing when it is so obviously a lie. Consider that iOS sends every GPS location ever requested by your phone to Apple, and there is nothing you can do about it. Likewise, you can't stop Apple from knowing about every app you install on your phone or every address link you click on. If you want to develop apps for your own device, you have to hand over card details. "Out of the box," iOS tells Apple every phone number you SMS and when. And worst of all, if you're Chinese, you have no privacy at all on an iOS device.
> Do you honestly believe that Google has less data on Android users, compared to Apple for iOS users?
For users who care about privacy, absolutely. For users who care about usability, Google has more data but provides a more useful experience. That's a trade-off that is possible to make on Android. On iOS, you are stuck with poor privacy and worse usability.
> No, it's opt-out.
You are correct. That is still much better than not being able to opt out of sending every GPS lookup to Apple at all.
It's not and it's not even suggested that it exists as a feature on any of the Android devices I ever owned or played with. The dialog for setting up location has no option that absolutely turns off every method that is directly used to determine/infer location. Ok, this is also a user education problem but Google certainly isn't doing anything to suggest the "precise location" won't just provide a precise location to the user.
And most people take the common sense approach and assume turning off WiFi will actually turn it off. Instead not only are they still tracked, they lose battery life too.
Right. I use Mozilla's location services, OpenStreetMap, and ZaNavi with locally stored maps.
Not from fanaticism. It's just less hassle. Google is always getting in your face, wanting something or pushing an "upgrade" or or advertising something. Don't need that.
Surely your phone is still repeatedly in touch with Google servers because you've got all that Google software on there. Just because you haven't signed in with a google account doesn't mean Google don't know who you are.
It doesn't mean they know who you are, either. That depends on what data is transmitted, what is stored, who has access to it, and what it means philosophically to know who someone is. There is not enough information to say.
If there is tracking data associated with a phone but it's not associated with your real name, in what sense can you say they know you?
There is a risk someone (who?) can connect it with other data somehow, and then all the pieces fall into place. But maybe it hasn't happened yet?
So, this is all preventative. Nobody knows what's going to happen, but better to avoid tracking, just in case.
Postal code (available via weak geocoding) of work + home locations is 90% effective in identifying a single individual.
Anynymised hash caad09aeb361e1d6052c81db1db0e8523e34fca0909b6b2f21bd2ae39f9045e2 with > 0.90 probability of nocturnal location X and diurnal location Y is not anonymous.
If the police come to arrest Mr Anonymous because my phone activity matches something of interest, they will learn who I am when they knock down my door.
My phone has a cellular account with my name attached to it.
Better: Download a fuckload of https://thispersondoesnotexist.com/ photos, create social media accounts under your name, and bloat the accounts with these photos while tagging yourself.
Facial recognition isn't fooled unless others participate in this, and even then it's going to be localized. Google Photos recognizes that the John Smiths in my contacts are unlikely to be the same John Smiths in thousands of other peoples contacts, and can easily differentiate between the 2 John Smiths in my contacts because I've tagged a few of each.
If your friends who have added you on social media also uploaded random crap and tagged you in it, it could fool the facial recognition for your group of friends, but if <distant relative> who has no mutual friends with you on social media tags you correctly in their photos, it probably won't fix it for your friends since it will probably assume they're 2 different yous.
In my experience, the difficulty is spending the time and energy to set these things up for family who might not be as willing to stray from the path of least resistance.
I did this a few years ago and the blog post (to my suprise) got covered on Ars Technica and others. It always amazes me how people respond with disbelief or with wonder and awe as if it's some difficult or hard to do thing. At the time there were good, if not better, alternatives for almost everything. The only thing I stuck with was Gmail and Google calendar, but since then I've discovered Fastmail which I think is far better at both (I highly recommend them, they're fairly inexpensive and that means you're not the product, you're the customer). Although for me it was less about privacy (at the time) and more about the fact that I had become dependent on the inter-connections between Google services so when they killed one (ie. Reader) it has a much bigger impact on my personal life than it should have. Now any time a product dies it's easy to move my data over to something else and I never get reliant on interoperability between branded services.
I've also got Google Analytics black holed in Firefox, and run an ad blocker of course which (I hope) catches most of their trackers; this just seems good for anyone to do though, even if they're not giving up Google's other services.
(disclaimer: I work at a big tech firm, but I've had this opinion before working here)
I'm confused by the lengths people have gone through to "protect" themselves from internet giants while freely giving away their info to credit card companies, traditional retailers, small businesses. Credit card transaction data have been sold for years without most of us knowing about it. Small startups, boutique stores rarely have the security or data governance resources to ensure your data is stored and used properly. Data breaches are common even at large brick-and-mortar retailers.
Given the state of data security outside of big tech, my best option is to trust only big tech.
> I'm confused by the lengths people have gone through to "protect" themselves from internet giants while freely giving away their info to credit card companies, traditional retailers, small businesses.
You are invalidly generalizing. I try to eliminate all contact I have with the tech giants, and I do not have a credit card, I am at a privacy respecting bank (GLS Gemeinschaftsbank), and I use cash.
Additionally, by sharing your data with a company, you give that company power over yourself and others by enabling them with the knowledge they have over you. Considering this, it is less problematic to give access to data to a small company compared to a tech giant.
> You are invalidly generalizing. I try to eliminate all contact I have with the tech giants, and I do not have a credit card, I am at a privacy respecting bank (GLS Gemeinschaftsbank), and I use cash.
You do you, but I'm happy to get free airline tickets and other perks from using my credit card at the expense of....... having someone else know I bought a mechanical keyboard last month?
I respect your choice but I honestly do not understand why people go to such great lengths to hide mundane data. I'll tell you the color of my underwear for free, I don't care.
Maybe at the expense of buying that mechanical keyboard you thought you really wanted but actually you ended up purchasing because of continued, subtle advertising?
Assuming you have the income to support your spending habits, I don't see this as much of a risk? Occasionally buying the wrong thing for whatever mistaken reason is a fact of life. Live and learn.
I would be more worried about scams, bad investments, bigger purchases, or a pattern of impulse buying.
> You do you, but I'm happy to get free airline tickets and other perks from using my credit card at the expense of....... having someone else know I bought a mechanical keyboard last month?
That's not why you're getting free airline tickets. You're getting them because you're a) subsidized by people who carry a balance and b) pay higher prices on goods to make up for the merchant fees, while being partially subsidized by those people who pay with cash and aren't getting free flights.
I'm not hiding, I'm just not exposing myself. It's a matter of perspective.
More significantly, you are understating and trivializing the kind of information that many services force us to expose. If you share your buying history, that may reveal locations, your movements, your schedule, etc. What a set of data reveals is not up to the one the data is from, but the one analyzing it. For you it is mundande, for them it is enough.
> Credit card transaction data have been sold for years without most of us knowing about it.
In practice, yes, most of us are clueless. In theory, if you've seen one of these[1] (and if you're an American, you most certainly have) then you "know about it." The Gramm-Leach-Bliley Act has a whole lot of room for improvement, but the single-page uniform privacy disclosure it brought to financial institutions is infinitely more consumer-friendly than 90 pages of 10pt grey legalese used by big tech.
I think you're thinking of a different threat model from these users. If you're concerned about breaches by malicious actors, then yes this defense makes sense.
However, if you're worried about data mined from tracking your personal behavior, which is what the users here are worried about, then it makes sense to spread your data out. Traditional stores are not going to send each other your transaction history to build a profile of interest and personality, and each store won't have a complete enough history or even the expertise to mine it.
>Traditional stores are not going to send each other your transaction history to build a profile of interest and personality, and each store won't have a complete enough history or even the expertise to mine it.
"Traditional" as in "before the age of Amazon"? They do, through store rewards cards. Harris Teeter knows what I have bought and has figured out what I only buy on sale, Target can identify pregnant women with stunning accuracy, and I'd be surprised if other retailers didn't do similar stuff. You're probably thinking of independent/mom and pop shops.
I would point out that many organizations collect data, but tech companies are the most effective at abusing it. Their competence makes them by far, the most dangerous.
It's the breadth and depth of data which Google, Facebook, and Amazon have access to (and their ability to leverage it) that changes the privacy threat model entirely.
A mom and pop store I give my credit card to in town can't track me across the Internet and correlate my browsing activity to my purchases, for whatever nefarious purpose, for instance. They can't read my email and correlate it with my location data. And so on. That's the difference.
Worse, Google in particular is financially incentivized to track me and perform all that correlation for the purposes of advertising. A family owned business I visit downtown, not so much.
I don't think I have knowingly met anyone who took significant steps to limit exposure to big tech firms who hasn't also taken significant steps in other areas of their life. And people I have met who do take this stuff seriously do things like cash-only, PO box only, no (nearly) online accounts etc. They are certainly making their lives less convenient on this principal.
Where are you meeting people who fit the description you give?
How does this argument come up every time? If I can't have absolute privacy, I should just give up? The same way I'd love to give up every last bit of dependence on Google, I'd love to get decentralized fintech. But the popular one is a bad word that starts with B and I fear has spoiled the well. (Though it's been interesting traveling through Europe and seeing Bitcoin signs all over Prague, the ticket machine offering bitcoin top up at the Bern train station, and a tradesman/construction worker wearing a Bitcoin advocacy shirt while walking to the beach in Bern today. And don't get me started on how much time I've spent triple-re-verifying my identity with Mastercard or waiting 5+ days for critical ACH transactions.)
No but there's a good argument there in terms of priorities.
What is more likely to impact you negatively: Google building an internal profile based on your information and targeting ads based on it or your card information being stolen from insecure smaller vendors?
Obviously those 2 choices are picked arbitrarily but they may explain why the OP chose to prefer the former over the latter. I would think every time we decide to share some of our information we do so because we stand to gain something (otherwise why do it) and it's up to us to decide if what we stand to lose is worth it. As technically minded people we tend to be more focused on technical problems and what we consider more dangerous may be more related to our familiarity with the subject matter rather than the objective potential negative impact it has.
I mean, "my card information being stolen" is literally only an issue because credit card companies won't force US retailers to accept proper chip and pin. It just is not an issue everywhere I've been in Europe because it is categorically impossible for them to steal my card information with contactless payments.
As for the magnitude of privacy invasion regarding financial transactions, I feel very safe in saying the data Google has about/from me is far more revealing than relatively opaque transaction logs.
Google is worse without question. Having your card number stolen is a minor inconvenience whose danger is inflated by services offering to protect you from it. Happened to me once, they charged $1500 before my credit union called me. I had to spend a total of an hour on the phone with a few different people, and the money was credited back to my account within 48 hours. This is with a debit card, which are constantly subject to FUD on this issue from the vendors of credit cards.
Note that you provided reasons as to why having debit/credit card information stolen isn't such a big deal, if you get protection from fraudulent transactions, but haven't provided any reasons as to why Google targeting ads based on some profile they built on you is worse than that.
Because one is a minor inconvencience, the other is psychological warfare used to modify behaviour.
It's baffling why you'd think the Google example is somehow less dangerous, especially considering its a given that they have profiled your political views as well as your spending habits, among every other aspect of your life.
> while freely giving away their info to credit card companies, traditional retailers, small businesses.
No, we don't. We are just not given a choice by this bullshit capitalist society. Just like many people "freely live on the streets" or "freely get murdered by the police".
" In the small South Carolina town of Newberry, Bob's Red Mill muesli cereal is hard to come by.
That presents a challenge for resident Gregory Kelly, who can't get enough of the stuff. He'd rather not truck the 40 miles or so to Columbia to stock up on it, but he's also loath to buy it from the company's website, which he says is riddled with tracking software from Google"
I feel the author was struggling to find a suitable anecdote to open the story. And this one seems a bit far-fetched, perhaps even exaggerated by Mr. Kelly as a means of illustrating the hassle of curtailing the surveillance apparatus of Google. But someone who has gone to the lengths described probably knows how to block requests to google-analytics.com.
To get his cereal delivered the shop needs his address, doesn’t it? So google could know that the person at that address likes those cereals. Unless the shop is not sharing the address with google ( which it should not, but can you count on that?)
I think it says a lot - either about tech culture or Firefox's marketing - that many people don't know about these types of tools that solve the problem.
1 gallon of gas in my state is currently between $3.50 and $4. 40 miles each way is 80 miles total. The guy from the article will save money by driving his truck instead of using a VPN, but only if he goes shopping once a month, and his truck gets over 80mpg (miles per gallon). This way, he spends exactly that one gallon over the whole trip, which will conveniently make the gas expenses equal to the monthly price of a VPN (not even counting the wear and tear on the car, but that’s another story).
To demonstrate how implausible this is:
* Toyota Prius (hybrid) - 50/53mpg
* Honda Accord (entry level sedan) - 30/38mpg
* Ford F150 (small pickup truck) - 20/26mpg
And that’s only for the latest year models. If his truck is 10+ years old or larger than F150, expect mpg to be way more disastrous.
wow, i had no idea someone in what i assume is rural South Carolina is willing to undertake a pretty substantial convenience/time cost - drive 40 miles (and back?) to purchase directly - in order to better guard their privacy.
wonder if he also prefers cash? although this article is google-focused, not more generally on privacy which would presumably involve defeating credit card companies with cash.
i'm wondering what order of magnitude of people would do the same across the country. tens of thousands?
Cash tolls cost more. You either need people stationed to collect the toll or send people every so often to collect the tolls from the machines. The machines would also need more maintenance than the camera or EasyPass system because they're mechanical. You also need the camera system regardless in case someone drives through without paying or simply doesn't have cash on hand. Plus, people will need exact change or have the machine (or employees) return the correct change if it's not a coinage machine. This also means cash tolls are slower and cause more congestion. Finally, fewer and fewer people have cash on hand.
sure, but all this relies on a fundamental assumption: that the entity running the toll booth already has the means to collect outside the point of transaction pretty reliably.
so, it's either a highly connected society, or more cynically, a high surveillance society.
in a sense it's a self fueling machine: you need to have that data linked to collect outside the tool booth, which requires data linked from DMV or whatever local equivalent is, then strong (enough) justice system/penalties/enforcement to get those who didn't pay at toll booth to pay, etc.
you can bet that the smarter investment, despite these drawbacks, in less "advanced" countries is to have manned tolls because there's a high probability that they won't be able to collect using the sort of infrastructure upon which this relies.
Maybe. But the lack of cash tolls also enables the Surveillance State. So once again, we're trading privacy and liberty for what amounts to pocket lint.
I think we have closure on the American experiment. Laziness/convenience trumps anything else.
They might not. But I'm guessing the ACLU would likely have something to say about it. Just because it feels normalized doesn't mean we should be so accepting.
Cash (largely, coinage, actually, for a tollbooth) has to be collected and transported. A lot of newer and lower-volume toll exits around me are pass-only. But since the tollway charges double for non-pass users anyways... everyone has the pass.
> "A lot of newer and lower-volume toll exits around me are pass-only. But since the tollway charges double for non-pass users anyways... everyone has the pass."
So making collection easier not only handed over our privacy, it made doing it (i.e., tools) more often and for less money.
And there's Liberty on the side of the road...death by one penny pricks?
In addition to the lower labor and maintenance costs, you can also do open-road tolling - no booths needed, no slowdowns to wait for the gates to go up, you just keep driving at 60+ MPH.
You certainly can do both open-road and accept cash, but the traffic for the cash booths can back up onto the highway and slow down open-road traffic as well.
>"I am giving up more than I am getting" from Google, said the 61-year tech consultant who started scaling back his Google usage a couple years ago when advertisements began appearing in his Gmail account.
Ads have been in Gmail for many years, they just became more obvious with their recent design changes.
>Joshua Greenbaum, of Berkeley, Calif., said he pays about $100 per year to use Microsoft Office 365 software that he says has better privacy protections than Google's.
At least he's willing to put his money where his mouth is, though he's probably still using Windows. If I had a dollar for everyone who complained about Google but refused to self-host or pay for someone else to host their email... (Also, people who use free VPNs to avoid tracking. It's free for a reason.)
>Such never-Googlers are pushing friends and family to give up the search and advertising titan, while others are taking to social media to get word out.
Not to get off topic but there are still plenty of ecomm/mail order companies that'll take a phone order. I understand this guy's concern. I don't understand why he's driving (and likely being tracked along the way).
This is not the only analytics company though. There are many others. Others that even buy your credit transaction history, how do you opt out of that? I bet those no annual fee cards would bring back fees if they were forced to keep your data private.
Only way out is to use cash. There are tons of shadowy firms that have linked your credit card transaction history to your address, online activity, etc...
Incognito mode is mostly useless as an actual privacy tool. You're still exposing a substantial amount of information. The most basic would be your IP. Most IPs are of course dynamic, but there are two factors here:
1) The IP only changes when your lease expires or you manually renew it. This is not a normal part of starting an incognito session. Google has a confirmed identity (such as by being logged into a Google service) of tantalor at IP x. A few seconds later IP x shows up at SteamyHotPornSite.com that's running Google analytics or otherwise providing tracking for Google - a recent study of 22,484 porn sites found Google trackers present on 74% [1]). That's 100% tantalor.
2) Even in cases where the IP does change, it's constrained to within a group. As most dynamic IPs are also geomapped, it's often a relatively small group. Now what information is exposed during incognito can be cross-referenced against a very small group of potentials. You can likely hit near 100% on this as well.
And that's just one datum, though granted it's quite a useful one! Incognito should be seen as a tool that does little more than disable any cookies you have and automatically [kind of - depends on your OS] deletes your local browsing history.
Re dynamic IPs: you may often get the same IP again on renewal. You might have more luck if you randomize MAC addresses, but it's certainly possible that they will keep giving the same IP to a given subscriber until they have their own reason to reallocate addresses (e.g. maybe so that a crashlooping router doesn't exhaust available leases for other subscribers).
E.g. from this ad tech company[0] specializing in IP tracking (take it with a grain of salt):
> In fact our research has discovered many homes that have theoretically dynamic IP’s, but have held the same IP for multiple years. Because of this recursive reassignment the typical location targeted by El Toro has held the same IP address for 7 months.
I wonder if the paid version of FireFox will feature per FireFox container IPs per their VPN service I've heard they intend of integrating into the paid FireFox. I would pay good money for that level of detail. I do mostly hope they eventually own and maintain their own VPN provider though (if not outright buy out whoever they partner with).
Web search has become a commoditized service over the last few years. I've used DuckDuckGo exclusively for over a year now and it's actually really good, and I've switched over to iCloud for email. Even Apple maps is pretty decent nowadays. There's really nothing I need from Google anymore. Their moat is shrinking rapidly.
The problem with such a policy is in thinking that cultural and legal boundaries are fixed and inviolate. The very process of repeatedly pressing up to a border may trigger the backlash which moves it, and can leave the fate-tempting party in deep water -- with its own culture, processes, amd institutions unable to adapt, or with goodwill so badly burnt it never recovers.
Google should have seen this coming long ago. It's a colossal failure of leadership that they've not.
Taking the ultimate step to guard your data would surely involve writing laws or dismantling data centers (I prefer the former). Ultimately what you opt into has little relation to what people actually know about you: you can't really opt out of credit, or out of things like Comcast requiring your social security number as identification and authorization, or out of the fact that it's become the cultural norm to accept ad-supported services as the sole access to communities.
One way that Google can track your web usage habits is through third-party websites using re-captchas and other Google services and resources, about which the end-user can do nothing except refuse to use web sites that require them.
Unfortunately, Google is far from the only company that tracks users and collects data on them, so even if you were to somehow completely avoid Google tracking and data collection, you'd still be subject to tracking and data collection from others.
At this point with the proliferation of cameras and listening devices, the only way to stay off Google's servers is to live in the backwoods, or in an undeveloped country, or live on a boat.
Kinda creepy, actually, when I say it like that. If Google is just a front for NSA then I'd say Big Brother is complete.
When you get an Android phone new, there's a moment when it asks you to sign up or sign in with a Google account. There's a "later" option". Click that, and then remove the Google one-time startup program. Install F-Droid, and get your apps from there.
The mail program on Android will talk to an IMAP server. Find one to use, and you don't need Gmail. No ads.
On desktop, use Firefox, LibraOffice, and Thunderbird. Install Privacy Badger from the EFF. Videos are uploaded to Vimeo. I have a cheap web site on HostGator if I need to upload anything for someone else to look at, and a Github account for code storage.
I've been doing this for years, and don't seem to be missing out on anything except ads.
If you are not signed in, for extra safety you can also disable google play framework and all google apps. You won't get things like fused location, but hey, that one requires connecting to google services too.
The only way to verify this is to install some system level firewall and carefully inspect all logs.
Until you do that, we simple don't know.
Sure, you won't know whether the vendor of your device didn't modify the firmware itself, but what motivation is there for Samsung, Sony or Huawei to help Google to get user data?
I'm not sure about their motivation, but several vendors are famously known for bundling spyware with their phones. Usually within the keyboard app or some telemetry system.
> bring your device to AOSP-like state
That's a solution but is impossible without having a clean ROM at your disposal. Google's spyware is contained within Google Play Services, which you can't get rid of that easily.
Yes, you will get better control over software that runs on your device. You will pay for it by going through more demanding process and the risk of having instabilities, that nobody except you cares about.
Citation needed.
The problem is that while Android is OS, most apps use functions and OS-level API's available that are only available through the Google Play Services application. This is a good thing for people who have phones from manufacturers who don't update the OS's, but it's a bad thing if you don't want Google Play Services to run.
You don't want Google Play Services (or Google Mobile Services) to run because if it's running, it's talking to Google (even if you never configured an account) in order to use their hosted API's like location detection based on nearby Wifi AP's, push notifications, malware scanning, etc. Whenever it connects to those hosted API's, it POST's a unique device ID.
This is harder than it sounds. The current versions of the stock keyboard, clock, calendar, contacts manager, and even phone dialer all have Google Play Services as a dependency.
Only for apps on the Play Store. This is much less restrictive than iOS, which requires you to use APNS for notifications without any workarounds. Also, Firebase is not "built into the OS" and doesn't exist at all in AOSP.
> The current versions of the stock keyboard, clock, calendar, contacts manager, and even phone dialer all have Google Play Services as a dependency.
Those aren't "stock." Those are Google's apps. Many devices don't even use Google's by default. The AOSP implementations don't use Google Play Services at all. It is trivial to install replacements on even Google-flavored Android devices that don't use Google Play Services.
Compare to iOS. Apple knows every app you ever downloaded, and there is nothing you can do about it. Every time you click on an address link, it sends the address to Apple, and there is nothing you can do about it. Any time an app looks up your GPS location, that location is sent to Apple, and there is nothing you can do about it. If you want to write apps for your own device, you need to give card details to Apple, and there is nothing you can do about it. That is what data collection built pervasively into the OS actually looks like
Apple Maps doesn't know who you are. Siri doesn't know who you are. iMessage is E2E encrypted. Locations are anonymous. If you actually cared about this stuff, you'd be applauding Apple.
> If you actually cared about this stuff, you'd be applauding Apple.
If you actually cared about privacy, you would be damning Apple for handing over the iCloud keys for Chinese users' data to the PRC allowing the PRC to implement dragnet surveillance on iCloud documents, iCloud email, iMessages, etc. to find and disappear dissidents. This is worse than anything Google or even Facebook has done by a stupendous margin.
> iMessage is E2E encrypted.
Since Apple controls the keyserver, Apple has the ability to wiretap any iMessage conversation (https://blog.quarkslab.com/imessage-privacy.html). Since China controls the keyserver inside the great firewall, China has the ability to wiretap any conversation that occurs with at least one user in China. Compare to Android, where you can set Signal as your default SMS handler. One pretends to support privacy, while the other actually does.
> Apple Maps doesn't know who you are.
But it does know where you are and every address link you click on. From there, you are very easy to deanonymize. Compare to Android, which lets you run fully offline mapping applications and set them as the default address handler. Apple's apps are systematically both less useful than alternatives and less private than other alternatives. The only thing that saves them is slick marketing.
For example, if you don't actively disable it, your phone sends the names of all Wifi-networks in your proximity to Google, so Google can tell you where you are faster and more accurate than with GPS. Even if you disable it, your phone will still fetch GPS positioning information from Google unless you change that to use another service. And so on and so on ...
That's just one example, but there are multiple occasions where your stock Android phone phones home to Google.
Sure. But Google being the immoral company it is has instead chosen to lawyer up, tell people it's compliant with the GDPR, and keep on collecting everything it can get its hands on anyway.
Nope. Sending this data to Google requires an opt in on Android (Google Location Services checkbox in the device setup flow). iOS has the same location system, but it won't even let you opt out of it, and that might be the source of your confusion.
https://digitalcontentnext.org/wp-content/uploads/2018/08/DC...
> Oh even when the WiFi is off it will still scan for nearby SSIDs to get your position?
Again, this is opt in even on Google-flavored Android devices. There is no digging through settings required — the opt in checkbox appears in the setup flow. On iOS, there is nothing you can do to stop your device from doing this.
Do you honestly believe that Google has less data on Android users, compared to Apple for iOS users?
> Again, this is opt in even on Google-flavored Android devices
No, it's opt-out. For example see http://www.youtube.com/watch?v=b2uSGGl0LWc&t=3m41s - setup on a Pixel and all the location stuff is on by default.
> On iOS, there is nothing you can do to stop your device from doing this
Oh, how do I turn this on for iOS?
When I turn off WiFi it says that "improved location accuracy require Wi-Fi".
It's amazing that somebody who works in tech would fall for that marketing when it is so obviously a lie. Consider that iOS sends every GPS location ever requested by your phone to Apple, and there is nothing you can do about it. Likewise, you can't stop Apple from knowing about every app you install on your phone or every address link you click on. If you want to develop apps for your own device, you have to hand over card details. "Out of the box," iOS tells Apple every phone number you SMS and when. And worst of all, if you're Chinese, you have no privacy at all on an iOS device.
> Do you honestly believe that Google has less data on Android users, compared to Apple for iOS users?
For users who care about privacy, absolutely. For users who care about usability, Google has more data but provides a more useful experience. That's a trade-off that is possible to make on Android. On iOS, you are stuck with poor privacy and worse usability.
> No, it's opt-out.
You are correct. That is still much better than not being able to opt out of sending every GPS lookup to Apple at all.
It's not and it's not even suggested that it exists as a feature on any of the Android devices I ever owned or played with. The dialog for setting up location has no option that absolutely turns off every method that is directly used to determine/infer location. Ok, this is also a user education problem but Google certainly isn't doing anything to suggest the "precise location" won't just provide a precise location to the user.
And most people take the common sense approach and assume turning off WiFi will actually turn it off. Instead not only are they still tracked, they lose battery life too.
Not from fanaticism. It's just less hassle. Google is always getting in your face, wanting something or pushing an "upgrade" or or advertising something. Don't need that.
If there is tracking data associated with a phone but it's not associated with your real name, in what sense can you say they know you?
There is a risk someone (who?) can connect it with other data somehow, and then all the pieces fall into place. But maybe it hasn't happened yet?
So, this is all preventative. Nobody knows what's going to happen, but better to avoid tracking, just in case.
Anynymised hash caad09aeb361e1d6052c81db1db0e8523e34fca0909b6b2f21bd2ae39f9045e2 with > 0.90 probability of nocturnal location X and diurnal location Y is not anonymous.
My phone has a cellular account with my name attached to it.
Make sure none of your friends upload a photo with you in it, which basically means they don't take your photo with an Android phone.
If somehow your picture does get onto an Android phone, somehow make sure you aren't labeled.
If your friends who have added you on social media also uploaded random crap and tagged you in it, it could fool the facial recognition for your group of friends, but if <distant relative> who has no mutual friends with you on social media tags you correctly in their photos, it probably won't fix it for your friends since it will probably assume they're 2 different yous.
[1] https://tools.ietf.org/html/rfc5550
I've also got Google Analytics black holed in Firefox, and run an ad blocker of course which (I hope) catches most of their trackers; this just seems good for anyone to do though, even if they're not giving up Google's other services.
I'm confused by the lengths people have gone through to "protect" themselves from internet giants while freely giving away their info to credit card companies, traditional retailers, small businesses. Credit card transaction data have been sold for years without most of us knowing about it. Small startups, boutique stores rarely have the security or data governance resources to ensure your data is stored and used properly. Data breaches are common even at large brick-and-mortar retailers.
Given the state of data security outside of big tech, my best option is to trust only big tech.
You are invalidly generalizing. I try to eliminate all contact I have with the tech giants, and I do not have a credit card, I am at a privacy respecting bank (GLS Gemeinschaftsbank), and I use cash.
Additionally, by sharing your data with a company, you give that company power over yourself and others by enabling them with the knowledge they have over you. Considering this, it is less problematic to give access to data to a small company compared to a tech giant.
You do you, but I'm happy to get free airline tickets and other perks from using my credit card at the expense of....... having someone else know I bought a mechanical keyboard last month?
I respect your choice but I honestly do not understand why people go to such great lengths to hide mundane data. I'll tell you the color of my underwear for free, I don't care.
I would be more worried about scams, bad investments, bigger purchases, or a pattern of impulse buying.
That's not why you're getting free airline tickets. You're getting them because you're a) subsidized by people who carry a balance and b) pay higher prices on goods to make up for the merchant fees, while being partially subsidized by those people who pay with cash and aren't getting free flights.
More significantly, you are understating and trivializing the kind of information that many services force us to expose. If you share your buying history, that may reveal locations, your movements, your schedule, etc. What a set of data reveals is not up to the one the data is from, but the one analyzing it. For you it is mundande, for them it is enough.
In practice, yes, most of us are clueless. In theory, if you've seen one of these[1] (and if you're an American, you most certainly have) then you "know about it." The Gramm-Leach-Bliley Act has a whole lot of room for improvement, but the single-page uniform privacy disclosure it brought to financial institutions is infinitely more consumer-friendly than 90 pages of 10pt grey legalese used by big tech.
[1] [PDF] https://www.ftc.gov/sites/default/files/attachments/press-re...
However, if you're worried about data mined from tracking your personal behavior, which is what the users here are worried about, then it makes sense to spread your data out. Traditional stores are not going to send each other your transaction history to build a profile of interest and personality, and each store won't have a complete enough history or even the expertise to mine it.
"Traditional" as in "before the age of Amazon"? They do, through store rewards cards. Harris Teeter knows what I have bought and has figured out what I only buy on sale, Target can identify pregnant women with stunning accuracy, and I'd be surprised if other retailers didn't do similar stuff. You're probably thinking of independent/mom and pop shops.
A mom and pop store I give my credit card to in town can't track me across the Internet and correlate my browsing activity to my purchases, for whatever nefarious purpose, for instance. They can't read my email and correlate it with my location data. And so on. That's the difference.
Worse, Google in particular is financially incentivized to track me and perform all that correlation for the purposes of advertising. A family owned business I visit downtown, not so much.
Where are you meeting people who fit the description you give?
What is more likely to impact you negatively: Google building an internal profile based on your information and targeting ads based on it or your card information being stolen from insecure smaller vendors?
Obviously those 2 choices are picked arbitrarily but they may explain why the OP chose to prefer the former over the latter. I would think every time we decide to share some of our information we do so because we stand to gain something (otherwise why do it) and it's up to us to decide if what we stand to lose is worth it. As technically minded people we tend to be more focused on technical problems and what we consider more dangerous may be more related to our familiarity with the subject matter rather than the objective potential negative impact it has.
As for the magnitude of privacy invasion regarding financial transactions, I feel very safe in saying the data Google has about/from me is far more revealing than relatively opaque transaction logs.
It's baffling why you'd think the Google example is somehow less dangerous, especially considering its a given that they have profiled your political views as well as your spending habits, among every other aspect of your life.
No, we don't. We are just not given a choice by this bullshit capitalist society. Just like many people "freely live on the streets" or "freely get murdered by the police".
That presents a challenge for resident Gregory Kelly, who can't get enough of the stuff. He'd rather not truck the 40 miles or so to Columbia to stock up on it, but he's also loath to buy it from the company's website, which he says is riddled with tracking software from Google"
Somebody get this man a Firefox Privacy Tab
I hope Mr. Kelly is a pseudonym for the article. If not, Big Geez now knows his breakfast cereal proclivities.
For what it's worth, I'm in full sympathy of his plight, and agree that advertiser surveillance is creepy, dangerous, and evil.
To get his cereal delivered the shop needs his address, doesn’t it? So google could know that the person at that address likes those cereals. Unless the shop is not sharing the address with google ( which it should not, but can you count on that?)
To demonstrate how implausible this is:
* Toyota Prius (hybrid) - 50/53mpg
* Honda Accord (entry level sedan) - 30/38mpg
* Ford F150 (small pickup truck) - 20/26mpg
And that’s only for the latest year models. If his truck is 10+ years old or larger than F150, expect mpg to be way more disastrous.
wonder if he also prefers cash? although this article is google-focused, not more generally on privacy which would presumably involve defeating credit card companies with cash.
i'm wondering what order of magnitude of people would do the same across the country. tens of thousands?
I presume the lack of cash tolls is semi intentional. I mean all cars are being photographed, as you can borrow and EasyPass.
so, it's either a highly connected society, or more cynically, a high surveillance society.
in a sense it's a self fueling machine: you need to have that data linked to collect outside the tool booth, which requires data linked from DMV or whatever local equivalent is, then strong (enough) justice system/penalties/enforcement to get those who didn't pay at toll booth to pay, etc.
you can bet that the smarter investment, despite these drawbacks, in less "advanced" countries is to have manned tolls because there's a high probability that they won't be able to collect using the sort of infrastructure upon which this relies.
I think we have closure on the American experiment. Laziness/convenience trumps anything else.
What prevents the surveillance state from just putting some cameras on the highway?
There are cameras there whether it is a cash toll or not.
So making collection easier not only handed over our privacy, it made doing it (i.e., tools) more often and for less money.
And there's Liberty on the side of the road...death by one penny pricks?
You certainly can do both open-road and accept cash, but the traffic for the cash booths can back up onto the highway and slow down open-road traffic as well.
Ads have been in Gmail for many years, they just became more obvious with their recent design changes.
>Joshua Greenbaum, of Berkeley, Calif., said he pays about $100 per year to use Microsoft Office 365 software that he says has better privacy protections than Google's.
At least he's willing to put his money where his mouth is, though he's probably still using Windows. If I had a dollar for everyone who complained about Google but refused to self-host or pay for someone else to host their email... (Also, people who use free VPNs to avoid tracking. It's free for a reason.)
That'll show em, post on facebook about it...
https://support.google.com/analytics/answer/181881?hl=en
1) The IP only changes when your lease expires or you manually renew it. This is not a normal part of starting an incognito session. Google has a confirmed identity (such as by being logged into a Google service) of tantalor at IP x. A few seconds later IP x shows up at SteamyHotPornSite.com that's running Google analytics or otherwise providing tracking for Google - a recent study of 22,484 porn sites found Google trackers present on 74% [1]). That's 100% tantalor.
2) Even in cases where the IP does change, it's constrained to within a group. As most dynamic IPs are also geomapped, it's often a relatively small group. Now what information is exposed during incognito can be cross-referenced against a very small group of potentials. You can likely hit near 100% on this as well.
And that's just one datum, though granted it's quite a useful one! Incognito should be seen as a tool that does little more than disable any cookies you have and automatically [kind of - depends on your OS] deletes your local browsing history.
[1] - https://www.businessinsider.com/facebook-google-quietly-trac...
E.g. from this ad tech company[0] specializing in IP tracking (take it with a grain of salt):
> In fact our research has discovered many homes that have theoretically dynamic IP’s, but have held the same IP for multiple years. Because of this recursive reassignment the typical location targeted by El Toro has held the same IP address for 7 months.
0: https://www.eltoro.com/how-long-does-an-ip-address-stay-atta...
https://www.businessinsider.com/eric-schmidt-googles-policy-...
The problem with such a policy is in thinking that cultural and legal boundaries are fixed and inviolate. The very process of repeatedly pressing up to a border may trigger the backlash which moves it, and can leave the fate-tempting party in deep water -- with its own culture, processes, amd institutions unable to adapt, or with goodwill so badly burnt it never recovers.
Google should have seen this coming long ago. It's a colossal failure of leadership that they've not.
Unfortunately, Google is far from the only company that tracks users and collects data on them, so even if you were to somehow completely avoid Google tracking and data collection, you'd still be subject to tracking and data collection from others.
Kinda creepy, actually, when I say it like that. If Google is just a front for NSA then I'd say Big Brother is complete.
dammit grandpa get to the point!