this post was submitted on 28 Apr 2025
308 points (88.5% liked)

Technology

69486 readers
4131 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
308
Your Phone Isn’t Eavesdropping on You to Show You Ads (It’s Worse Than That) (lifehacker.com)
submitted 2 days ago by jsomae@lemmy.ml to c/technology@lemmy.world
69 comments fedilink hide all child comments
 

I changed the title from "Spying" to "Eavesdropping" because the article actually directly supports that it is "spying" on you, just not listening.

you are viewing a single comment's thread
view the rest of the comments
[–] joshcodes@programming.dev -1 points 2 days ago* (last edited 10 hours ago) (3 children)

There are definitely some VPN providers to worry about.

VPNs are a security tool but they don't protect people as much as they think. They hide DNS traffic your ISP would have received, so that your ISP can't tell everyone which cuckold or affair site you access (except you probably forgot to turn the VPN on one time or another so...)

~~Your ISP can still see IP addresses you connect to, they forward all your traffic~~ [I need to proof read before I press post - this is just misinformation]. Good opsec is a nightmare. Ad blocking does more for less cost than getting a VPN will ever do (except for certain human rights circumstances but I'd wager they're actually going to be careful).

My personal tip is use DNS over HTTPS/TLS where possible, and don't use Cloudflare or Google. Add an ad blocker and it's far easier to setup and way more cost effective than VPN.

[–] Excrubulent@slrpnk.net 0 points 16 hours ago (1 children)

You said "far more likely" and it turns out you don't have the numbers and you were just making that up? Wow, I never could've predicted that.

[–] joshcodes@programming.dev 1 points 10 hours ago

I am not OP, I just decided to reply.

[–] futatorius@lemm.ee 3 points 1 day ago* (last edited 1 day ago) (1 children)

Your ISP can still see IP addresses you connect to, they forward all your traffic.

No they can't. The ISP cannot see any traffic that goes to or from you while you are connected to the VPN, only that you are sending encrypted packets to/from the IP of the VPN itself. It's the VPN that then sends your requests on to the site you want to see, and routes the reply from the site back to you.

DNS requests are a separate attack vector, but VPNs almost all offer a means of protecting those from scrutiny as well, and as you say, DNS over https/TLS is also resistant to snooping.

There are some more esoteric ways of spying on your traffic, but the likelihood of any of it being used against you is remote unless you are on the shitlist of a major corporation or government.

Ad blocking does more for less cost than getting a VPN will ever do

Ad blocking mitigates a different risk, which is that trackers on pages you visit will report your behavior to aggregators who sell that data. By all means, use an adblocker. Maybe two. But also be aware that some adblockers sell your data to advertisers (e.g., Adblock Plus: Ublock Origin appears to be less problematic). Or, if you're a bit more technical, you can set up your network so that known data-collection output isn't sent. There are even lists of known snoopware endpoints you can subscribe to so you can more easily block them. But the ingenuity of the data collectors is extreme, and it's a continuing struggle.

Another potential source of leakage is your browser fingerprint (there are sites that'll tell you how unique your profile is-- the answer is generally "enough to identify you." There are extensions that can conceal that too.

[–] joshcodes@programming.dev 1 points 10 hours ago

Yep sorry, I said a dumb thing.

My point is probably more to do with the marketing around VPNs than anything else. As you very nicely put, there are a thousand ways to track someone without having their IP address. VPNs don't cover all bases but the marketing teams talk about them like they do.

Amazon can still sell your info to data brokers without having your home ip address: they have your email, name, delivery address and search history as a start.

[–] sinceasdf@lemmy.world 8 points 2 days ago

Using a VPN will prevent your ISP from selling your IP logs to data brokers. It also obfuscates your IP to websites you visit to make their fingerprinting less precise. All your ISP can see is that you're connecting to/from a VPN server through an encrypted tunnel and maybe some metadata like amount of data transferred.

Hard to compare value to free stuff like encrypted DNS and an ad blocker but a VPN definitely has protections you wouldn't get otherwise.