60
submitted 6 months ago* (last edited 6 months ago) by Jean_le_Flambeur@discuss.tchncs.de to c/privacy@lemmy.ml

Hey guys n gurls, I was wondering if it is smart to disable my VPN connection for casual browsing.

Reasons: when having VPN constantly running it may be possible to track me via browser fingerprinting.

Szenario: the connection coming from the VPN which hypothetically downloaded a torrent, tries to watch capitalist propaganda while living in China, etc.pp has this screen ratio, this locale, this addons etc. And (more important) the YouTube login cookie we know belongs to this physical person/telephone number etc.

So I am wondering if I should only use the VPN when "needing" it (read articles not available in country, Netflix, read information government doesn't like, things like that.) Or if I'm missing something here and I could obscure my causal day to day browsing as well without decreasing the security of the VPN.

For reference, the VPN doesn't log anything (for more than a day) to my knowledge

EDIT: From what I understand from the comments: switching the VPN has little to no impact on widely used tracking and if at all makes it easier to corelate data. People emphasize the general lack of full privacy if you are wanted by entities willing to spend enough resources. But for the general need of privacy in normal usecases it makes more sense to just leave the VPN running.

all 26 comments
sorted by: hot top controversial new old
[-] telep@lemmy.ml 31 points 6 months ago* (last edited 6 months ago)

tldr; no, if you trust your vpn more than your ISP always use it, as any hit to fingerprinting is menial.

it really can't hurt much to always be using it. any fingerprinting metric it would give is outweighed by the hiding of your IP behind the proxy. this is the #1 unique identifier that is tied back to people/locations.

the other fingerprinting metrics also are still exposed anyway & could probably be linked back to "you" regardless of your IP changing if they wanted too.

if you are worried about fingerprinting look into some projects like mullvad, librewolf, or even tor. clearing cookies on quit &/or having a separate browser for permenant logins/tokens to live in is also a good mitigation technique.

[-] Jean_le_Flambeur@discuss.tchncs.de 7 points 6 months ago

Thanks for the detailed response. I'm sure my IP is most relevant in tracking me, but if I'm tracked while visiting Lemmy/YouTube it would do no harm, while correlating my YouTube activity with my e.g. me reading websites the government doesn't like would do harm.

I use mullvad, and previously read using tor through a VPN doesn't really make sense. I have Firefox set to not save cookies, but I have made an exception for YouTube as it is to troublesome to log in with 2fa all the time.

My thought was that it may be easier to match up the fingerprint of @somelemmyuser accessing lemmy with the fingerprint of @somelemmyuser downloading capitalist propaganda while living in China if they come from the same VPN in a similar timeframe, while it would be harder to match the fingerprint of @somelemmyuser acsessing Lemmy from an normal ISP to the fingerprint of @somelemmyuser accsessing capitalist propaganda from a VPN, as you would need both datasets to find matches.

And since me accessing Lemmy is not a problem but my lemmy account could be tracked back to me as a physical person, it could be smart to not do it with the same VPN.

[-] telep@lemmy.ml 6 points 6 months ago* (last edited 6 months ago)

ahhh I see what you mean.

your thoughts on spacing out your connections & isolating is smart. unfortunately if you connect from the same device & browser any government agency or dedicated company with a big enough dataset (google, meta, etc.) would still be able to link you regardless of you IP by browser fingerprint alone. this does make YouTube more specifically being linked to your exact browser fingerprint porblamatic in a high stakes situation. As it, as you said is linked to your identity.

for lower level tracking changing IP regularly is effective. however, instead of switching to your local IP it would be more privacy conscious to just switch to a different VPN server.

unfortunately if you are genuinely worried about government level surveillance or the likes u enter into territory where VPNs often no longer cut it (or at least can't truly be trusted too) as they are centralized & can be forced to make exceptions for law enforcement. traffic analysis is also easier, which makes time correlation deanonimization a more realistic risk when talking about government agencies specifically.

the tor + vpn debate is one that lots of people argue & is excedingly complicated. tor is generally more than enough, unless you are wanted by INTERPOL haha. if you are genuinely worried about suppressive government or world powers targeting you look further into tor, & do not connect directly to your ISP at all as that data is essentially up for grabs to local authorities (depending on locale).

for you specifically I would consider doing your more sensitive tasks in the tor browser without the VPN & then having your normal browser always on the VPN so they would be more difficult to correlate. anything torrent related is low enough stakes that I would imagine just about any proxy would suffice. hope this was helpful 🙏.

[-] Jean_le_Flambeur@discuss.tchncs.de 1 points 6 months ago

It was, that was the kind of information I needed, as it helps to differentiate what kind/level of privacy I have and what kind/level of privacy different actors can circumvent etc.

As I am mostly looking at not generating useful data for shitcompanies like amazon, google, Microsoft etc. The always onvpn and no cookies except YouTube should be more than sufficient. If my country decides that my political opinion is no longer permitted I should nevertheless be using Tor and check if I'm unique (fingerprint wise).

[-] delirious_owl@discuss.online 13 points 6 months ago

Never disable it. Actually, setup a firewall so no apps have internet access in-case the VPN is down.

[-] psmgx@lemmy.world 11 points 6 months ago* (last edited 6 months ago)

Timing attacks are a thing and behavior can be correlated by metadata and situational considerations, e.g. Bob only uses his VPN at night, and only for 21 minutes on average. Jane uses her VPN from roughly 830am to 515pm M-F. What do those patterns mean?

But so long as it works and the costs are low, use the VPN constantly. And always check for leaks.

[-] Jean_le_Flambeur@discuss.tchncs.de 2 points 6 months ago* (last edited 6 months ago)

Any suggestions about checking leaks etc? I have done this one check, but I'm not that deep in the matter to know if its enough.

So you say to keep it running - any (technical) reasoning or just that you think my YouTube connection exiting the vpn and the connection to the website the government doesn't like exiting the VPN can not be correlated that easy?

[-] adespoton@lemmy.ca 6 points 6 months ago

If you use it for everything, when you use it ceases to be useful information for data gatherers.

It’s why companies have data retention policies. That way they can’t be accused of intentionally destroying data to hide things, because they destroy ALL data like that.

[-] Scolding0513@sh.itjust.works 4 points 6 months ago

not sure if relevant, but you can use this for info

fingerprint.com

[-] bloodfart@lemmy.ml 4 points 6 months ago

that's not how it works.

your vpn doesn't do anything to mitigate broswer fingerprinting. websites use browser fingerprinting to identify a unique browser no matter the ip its connecting from. when i connect through mullvad's french server, it identifies my browser just like when i connect through any other server.

most of the time those sites even clock that i'm connecting through a vpn.

a computer that is connected to some vpn and downloads a torrent while also visiting a website that fingerprints their browser will not have the two conflated unless the attacker can match traffic coming out of the vpn and traffic going into the computer.

that information wouldn't be useful to an attacker unless they also had access to the website that fingerprinted the browser and were part of the torrent swarm so they could actually say yes, browser 12345 and user 34567 downloading The_Mummy_CrAcK_DeNuVo.mp4 are the same person and they were at this ip that corresponds to this router at this physical location and when we confiscate their computer we can verify their browser has the fingerprint, open and shut case, book em' dano.

if you disconnect from your vpn intermittently it actually makes those checks easier because then the attacker can say "look, browser 12345 is coming from both the french mullvad node and from this little coffee shop in taipei! get em!"

a single vpn proxy can't protect you from a hypothetical hostile whole ass internet.

[-] Jean_le_Flambeur@discuss.tchncs.de 1 points 6 months ago

Thanks, that makes sense.

[-] ShellMonkey@lemmy.socdojo.com 3 points 6 months ago

https://ipleak.net/

A favored test by the AirVPN people. Gives a decent picture of your print. Thing is, they can pick all the scree resolutions and browser types they like, but it only does good with a location

[-] Deckweiss@lemmy.world 3 points 6 months ago

Use safing SPN with their portmaster app, then you can set it on/off per app, or even per url.

this post was submitted on 05 May 2024
60 points (96.9% liked)

Privacy

31956 readers
633 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS