How they identify and track you (metadata outside of the VPN tunnel)

Tacosarabes a posé une question...
To whomever reads this message:

I am writing an article about how people are successfully identified and tracked on the Web, even when connecting through a VPN like RiseUp, due to people being careless and disregarding unique "metadata" that's provided by their computer to a router or to a web server. The ultimate goal of my article will be to:

1. Show people how a VPN is NOT the "be all, end all" of Internet privacy
2. Teach people how to implement the proper countermeasures to not divulge (or spoof) metadata and thus avoid being identified and tracked
3. Even so, encourage people to sign up for a VPN (ideally one with multiple hops and extra-jurisdictional separations of concerns)


Although the actual content of the article is much more in-depth, I would like to share the following items with the RiseUp crowd, since among the people that read this message I consider there to be some digital privacy experts. As the basis for my article, I am citing the following as the current methods by which you can be identified and thus possibly tracked OUTSIDE of a VPN tunnel.

1. MAC address

2. IP address and IP-based Geocoding (supposedly masked by the VPN)

3. HTML5 Geolocation API

4. User Agent and other Browser information

5. Date and Time (e.g. computer's date format and time zone, as well as the calculated difference between the web server's time and the computer's time)

6. JavaScript special properties (e.g. Battery Status API):

7. HTTP Headers and System Languages

8. Screen Resolution and other properties (e.g. PixelDepth and ColorDepth)

9. Canvas Fingerprinting

10. WebRTC (Web Real-Time Communication) API

11. Operating System detection (via JavaScript or TCP/IP stack OS Fingerprinting)

12. Behavioral tracking

13. Network topology traffic analysis


In addition to the above types of metadata, do you know of any other types of data OR just WAYS that a person/computer can be uniquely identified and/or tracked by browsing the Internet, even while connected through a VPN?

Thanks in advance for your time and expertise.
Vote | 0
Marquer pour Relecture
Gnulux a répondu...
I’m no expert, a simple experimental user but if you use a VPN, make your Firefox secure. No cookies, No Javascript, no Frames. Use uMatrix, disable WebRTC, use CanvasBlocker. Use a firewall too, yet I’m not sure how to configure it. So I left ufw unchanged.

If you use Riseup as a VPN provider for Bitmask VPN, your IP is always the same for a given server (for ex. Riseup.net server in the US), So a lot of people share the same IP.
Bitmask is still beta, Riseup.net authentification is deprecated, and we often get TLS unsync. So, Bitmask is unsafe but I use it because I’ve got nothing to hide, just want to learn how to use a VPN.

Ultimately, you need to trust Riseup.net as a provider and Bitmask/Leap servers which provide their own DNS, so Bitmask is like your ISP, they can see all your connections. Maybe that’s something people may forget. We have no information as to whether the Bitmask servers are properly configured and the Bitmask people have a no-log policy.
Vote | 0
Marquer pour Relecture
62b1ce96f9241943
Wxl a répondu...
Can't wait to see this article once it's complete! Certainly sounds like something that could be added to the help pages.
Vote | 0
Marquer pour Relecture
7820054f a242 48ce bf34 1dbe77c4929a
An0n1 a répondu...
@Gnulux,

Realising the year old date of your post, I would still appreciate posing a simple response. While this reply is to your post, it is also to all those who at some point in their lives may state the same belief in any sort of context, that is “I’ve got nothing to hide...”. To those people I say this: Let me watch & listen to you whatever you’re doing whenever I feel like it. Moreover, let my friends help out by watching the rest of everything you do whenever they want by watching unlimited, around the clock recordings of every single thing you do and say during your entire lifetime.

Peace brothers and sisters!
Vote | 0
Marquer pour Relecture
Large b
Bill Martinn a répondu...
Thanks to share such information with us. I am really happy with the same and got what i was looking.

--
Web Owner At http://xplormedia.com/web-development-services-company/
Vote | 0
Marquer pour Relecture
Large b
Bill Martinn a répondu...
Source - http://manchesterwebdesigncompany.co.uk/
Vote | 0
Marquer pour Relecture