44
ISP junk generator (lemmy.world)
submitted 8 months ago by Dust0741@lemmy.world to c/privacy@lemmy.ml

Is there something that can generate random Internet usage to make the real sites I go to a bit obfuscated?

I'm thinking something that runs on my server, and simply visits a random website. It probably shouldn't actually be random, and some sort of tweaking would be great. Like the ability to have it visit every news site there is. That way the ISP will have a harder time telling my political bias.

The threat model for this is below using a VPN for normal usage, although getting a dedicated VPN IP address is a project for one day.

top 36 comments
sorted by: hot top controversial new old
[-] Imprint9816@lemmy.dbzer0.com 34 points 8 months ago* (last edited 8 months ago)

It would be a lot easier to just use a vpn and hide your traffic from your ISP that way.

[-] wildbus8979@sh.itjust.works 8 points 8 months ago

Actually this technique would be a lot more useful using a VPN due to correlation attacks.

[-] Imprint9816@lemmy.dbzer0.com 23 points 8 months ago

If targeted correlation attacks are part of OPs threat model what OP is asking for isnt going to work anyway

[-] delirious_owl@discuss.online 5 points 8 months ago

You dont run your own VPN server. You use a company with thousands of customers. That's the point.

[-] wildbus8979@sh.itjust.works 2 points 8 months ago

Doesn't change much for a correlation attack though if you already suspect a small subset of endpoints.

[-] sugar_in_your_tea@sh.itjust.works 1 points 8 months ago

It helps a lot. Someone would need to go through the effort of tracking your VPN service and correlating that to you.

OP seems to worry about their ISP, and their ISP can't see anything at the VPN, so they'd need to go out of their way to gather that info. So as long as OP trusts the VPN, they're probably fine from everyone but state actors and well funded private investigators.

If you want to go beyond that, Tor is your next option. That should be effective against all but the most determined state actors.

[-] Dust0741@lemmy.world 3 points 8 months ago

As I mentioned I have a server, and I use a VPN to connect always to it. This makes using a paid VPN a bit harder. The dedicated VPN IP should fix this issue but I haven't looked into how difficult that'd be.

[-] Imprint9816@lemmy.dbzer0.com 5 points 8 months ago* (last edited 8 months ago)

Ahh i see.

Yeah it really slims down your VPN choices as having an IP address associated with your account makes it much more identifiable. So some providers wont offer them (such as mullvad).

It also usually costs more. The one I know offers a static IP is express VPN and ive heard Proton has plans on offering it. It looks like PIA offers it too.

[-] Dust0741@lemmy.world 2 points 8 months ago

Yup. Tailscale+Mullvad isn't a bad option, but I'd rather not depend on tailscale and a true local connection will always be better. But then you have to pay through tailscale and then more identifiable.

[-] sugar_in_your_tea@sh.itjust.works 1 points 8 months ago

So are you worried about your server's ISP? If so, you could run your own VPN on your server so your traffic to your server would be protected.

That wouldn't protect outgoing traffic, which may be what you're concerned about (i.e. if you're using your server as a SOCKS proxy or something).

[-] WhatAmLemmy@lemmy.world 10 points 8 months ago

Sounds like you want both https://adnauseam.io/ and https://trackmenot.io/

I know with tailscale you can set Mullvad as the exit point for all clients within a subset. I imagine you can do something similar with a private VPN, with a ton more effort.

[-] Dust0741@lemmy.world 3 points 8 months ago

Very similar yes. Trackmenot but for any site not just search engines. Although it may be a good option too

[-] WhatAmLemmy@lemmy.world 1 points 8 months ago

If you're on a VPN then the thousand other people using that server provide that type of obfuscation.

What you seem to want is a web crawler that is perceived to be a real human and navigates alternate sites in real time. That's a near-impossible cat and mouse game. Ultimately not worth the effort. All you have to do is be harder to track than the majority. The value for ad tech is in efficiently profiling the 99% — not the 1% of paranoid folk.

[-] foreverunsure@pawb.social 10 points 8 months ago

you can run an ArchiveTeam Warrior on your server and choose the URLs project. if i understand correctly, the Warrior will continuously visit randomly discovered websites to download their contents and upload them to a server that later feeds the data into the Internet Archive. best of both worlds - your ISP has a harder time distinguishing your real traffic from the ArchiveTeam-generated one, and your server is actively contributing to IA.

[-] ryannathans@aussie.zone 9 points 8 months ago

I'd suggest a tor exit node but that might make some governments come knocking

[-] drkt@lemmy.dbzer0.com 11 points 8 months ago

It will also get you banned from a lot of websites, and I hope you enjoy captchas

I'm experienced...

[-] Wes_Dev@lemmy.ml 2 points 8 months ago

God, I only use Ublock Origin on Firefox. No TOR, VPNs, or anything like that.

Despite that, there are a handful of Google-related websites like Virustotal that now permanently trap me in repeating captchas. Youtube will occasionally decide to block my IP entirely for a week.

Let me tell you, this shit doesn't make me more inclined to disable ad blocking. Instead, I've starting finding alternatives and using a sandboxed vanilla Chromium for problem pages.

[-] drkt@lemmy.dbzer0.com 3 points 8 months ago

Completely with you, there. If a website makes my life hard, I just find the info elsewhere or live without it.

[-] ChallengeApathy@infosec.pub 8 points 8 months ago

First off, if you're concerned about ISPs selling your data (couldn't exactly tell if that's a part of your concern), switching to private DNS provider and enabling DNS over HTTPS/TLS can significantly cut down on that, since most of what ISPs sell comes from DNS requests. That being said, they can still tell what sites you visit if you don't use a VPN/Tor, but they're less likely to care unless you're doing something illegal.

In terms of your obfuscation plan, I'm not sure that'd do much; if anything, it'd make you stand out more. A bunch of random traffic, even tweaked to fit your browsing habits, probably would look suspicious on their end and it wouldn't actually hide or disguise anything.

So ideally, you're just going to want to figure something out to set up some sort of VPN at some point. Switching DNS providers might be a bit of help in reducing sale of your traffic data, however. My recommendation is Quad9 but any privacy-friendly provider is fine.

[-] GluWu@lemm.ee 8 points 8 months ago

It'd be pretty quick to write a script that loads a randomly selected url from a prepopulated list at random intervals. Could probably do it in grease monkey directly in Firefox so you could use other tools in addition like adnausium and a client spoofer.

[-] Dust0741@lemmy.world 2 points 8 months ago

Yea. My issue now is finding a list of these sites

[-] HumanPerson@sh.itjust.works 6 points 8 months ago

Turn on your browser history for a while then use that.

[-] LWD@lemm.ee 2 points 8 months ago

chrome:site-engagement for a slightly more accessible list

[-] GluWu@lemm.ee 2 points 8 months ago* (last edited 8 months ago)

Just start listing the most popular and generic sites. Then Google a topic like technology and copy whatever those sites are. I imagine you could have a pretty decent list populated in 15 minutes. You could also just ask chatgpt to create lists of the top 100 sites for "x".

What would write in? I might be willing to help because this interests me as well.

[-] Dust0741@lemmy.world 3 points 8 months ago

That's a good idea.

Probably just a shell script. Someone mentioned using curl so that'd be pretty easy

[-] GluWu@lemm.ee 2 points 8 months ago

Let me know if you start working on anything. I want to try to use greasemonkey, I haven't in years.

[-] Dust0741@lemmy.world 1 points 7 months ago* (last edited 7 months ago)

Little curl shell script that works:

#!/bin/bash

# Random_Curl_Request.sh

# CSV file containing websites
CSV_FILE="/home/user/Documents/randomSiteVisitor/websites.csv"

# Get a random line from the CSV file
RANDOM_LINE=$(shuf -n 1 "$CSV_FILE")

# Extract the website URL from the random line
WEBSITE=$(echo $RANDOM_LINE | cut -d ',' -f 1)

# Make a curl request to the random website every minute
while true; do
    curl $WEBSITE
    sleep 60

    # Get a new random line from the CSV file
    RANDOM_LINE=$(shuf -n 1 "$CSV_FILE")

    # Extract the website URL from the new random line
    NEW_WEBSITE=$(echo $RANDOM_LINE | cut -d ',' -f 1)

    # Update the website URL for the next iteration
    WEBSITE=$NEW_WEBSITE
done

[-] GluWu@lemm.ee 1 points 7 months ago

Oh dang, nice. Simple and sweet. Thanks.

[-] ErwinLottemann@feddit.de 1 points 8 months ago

use an adblock list and just visit the urls one by one using curl

[-] catloaf@lemm.ee 7 points 8 months ago

Just curl a bunch of sites at random times? Under https, everything in the URL except the domain is encrypted, so it'll look roughly like a regular user requesting a page.

[-] Dust0741@lemmy.world 2 points 8 months ago* (last edited 8 months ago)

I like this. Is there some sort of list of safe sites that exists that I could use in a script?

Edit: something like this

[-] gibson@sopuli.xyz 6 points 8 months ago

It usually isn't super hard to tell apart randomized junk like this from real human patterns. That is why Tor Browser for example tries its best to make everyone look the same instead of randomizing everything.

That said, for the mere purpose of throwing off the ISPs profiling algorithms, you could make a relatively simple python program to solve this. A naive solution would just do an http GET to each site, but a better solution would mimic human web browsing:

If you have no programming capability this will be rough. If you have at least a little you can follow tutorials and use an LLM to help you.

The main issue with this goal is that it isn't possible to tell how advanced your ISP's profiling is, so you have no way to know if your solution is effective.

Feel free to DM me if you go this route.

[-] JoeKrogan@lemmy.world 3 points 8 months ago

You could set up a tor relay and use it too. They they will just see connections to tor.

Or vpn and seed torrents

[-] delirious_owl@discuss.online 2 points 8 months ago* (last edited 8 months ago)

Create a guest WiFi network called "free community internet" with no password that is rate-limited to ~5% of your total bandwidth

Run a tor exit node. But you should notify the police first.

[-] delirious_owl@discuss.online 1 points 8 months ago

Consiert running OONI Probe on a schedule

this post was submitted on 07 Mar 2024
44 points (92.3% liked)

Privacy

31919 readers
498 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS