Google Chrome's New 'IP Protection' Will Hide Users' IP Addresses (bleepingcomputer.com) 131
Google is getting ready to test a new "IP Protection" feature for the Chrome browser that enhances users' privacy by masking their IP addresses using proxy servers. From a report: Recognizing the potential misuse of IP addresses for covert tracking, Google seeks to strike a balance between ensuring users' privacy and the essential functionalities of the web. IP addresses allow websites and online services to track activities across websites, thereby facilitating the creation of persistent user profiles. This poses significant privacy concerns as, unlike third-party cookies, users currently lack a direct way to evade such covert tracking.
While IP addresses are potential vectors for tracking, they are also indispensable for critical web functionalities like routing traffic, fraud prevention, and other vital network tasks. The "IP Protection" solution addresses this dual role by routing third-party traffic from specific domains through proxies, making users' IP addresses invisible to those domains. As the ecosystem evolves, so will IP Protection, adapting to continue safeguarding users from cross-site tracking and adding additional domains to the proxied traffic. "Chrome is reintroducing a proposal to protect users against cross-site tracking via IP addresses. This proposal is a privacy proxy that anonymizes IP addresses for qualifying traffic as described above," reads a description of the IP Protection feature. Initially, IP Protection will be an opt-in feature, ensuring users have control over their privacy and letting Google monitor behavior trends.
While IP addresses are potential vectors for tracking, they are also indispensable for critical web functionalities like routing traffic, fraud prevention, and other vital network tasks. The "IP Protection" solution addresses this dual role by routing third-party traffic from specific domains through proxies, making users' IP addresses invisible to those domains. As the ecosystem evolves, so will IP Protection, adapting to continue safeguarding users from cross-site tracking and adding additional domains to the proxied traffic. "Chrome is reintroducing a proposal to protect users against cross-site tracking via IP addresses. This proposal is a privacy proxy that anonymizes IP addresses for qualifying traffic as described above," reads a description of the IP Protection feature. Initially, IP Protection will be an opt-in feature, ensuring users have control over their privacy and letting Google monitor behavior trends.
Oh yes! (Score:5, Insightful)
Hey buddy! Enhance your privacy by running all of your Web browsing traffic through Google-owned proxy servers. Yeah... yeah, that's the ticket!
Re: (Score:3)
Hey buddy! Enhance your privacy by running all of your Web browsing traffic through Google-owned proxy servers. Yeah... yeah, that's the ticket!
You should read the article.
The scheme is modeled on a similar one that Apple deployed a couple of years ago. It uses two proxies, operated by different companies (though I think Apple operates both in their scheme). The idea is pretty simple. It uses two proxies in sequence. The first sees your origin IP, but doesn't see your destination, the second one sees your destination but not your origin. And of course the destination site also doesn't see your origin, and neither of the proxies see any of the tra
Re: Oh yes! (Score:2)
Whose CDN?
While the TLS part is good, as long as they retain the ability to associate URLs and other stuff in the original request headers, they are still positioned as a central source of info on browsing habits.
I am quite sure that they won't introduce so much privacy as to break existing features in Google Analytics or keyword buying.
Color me skeptical that this will not increase their control over data on browsing habits, no matter what the technical implementation is.
Re: (Score:2)
Whose CDN?
The article doesn't say.
While the TLS part is good, as long as they retain the ability to associate URLs and other stuff in the original request headers
URLs and other stuff in the original request headers are all encrypted by TLS, so none of that will be available to the proxies.
I am quite sure that they won't introduce so much privacy as to break existing features in Google Analytics or keyword buying.
Google Analytics runs on the server end (the server of the site you're visiting). The proxy scheme will prevent Google Analytics from using your source IP to do analysis, but nothing else would change. And I can't see how this could have any impact on keyword buying for Google's search engine at all.
Color me skeptical that this will not increase their control over data on browsing habits, no matter what the technical implementation is.
I understand the skepticism, but I think it's misplaced, pa
Re: (Score:2)
Re: (Score:2)
Google doesn't need your IP (or headers for that matter) for browsing habits. All their tracking is on server side, tracked via cookies. You can turn them off, and Googles fine with that. A bazillion people don't. They don't need fallbacks.
Anybody who is using IP for tracking is shifty by definition. Not Google/ReputableBusiness shifty, but shifty shifty. These are endpoints that say, "okay, so you're denying cookies? too bad, we've got your IP, we're still going to track you, very much against your wishes
Re: (Score:2)
(Obviously the cookies are client side, I just mean the destinations, both publisher sites and google search, are doing all the tracking /w google .. with the cookie identifying the end user)
Re: (Score:2)
Assuming the two proxies don't collude.
Somehow this strikes me as a rather bold assumption.
Re: (Score:2)
Assuming the two proxies don't collude.
Somehow this strikes me as a rather bold assumption.
It's one that's easy to prevent, and it's easy to audit the prevention.
Re: (Score:2)
Bottom line, no one can track you by looking at your traffic. Assuming the two proxies don't collude.
Given that this is Google we're talking about, I don't think you can assume the lack of collusion.
Google would have lots of plausibly-deniable ways to monetize that information without revealing where they got it.
Apple, not so much, which is why I would trust their proxying system over one from Google.
Re: (Score:2)
Bottom line, no one can track you by looking at your traffic. Assuming the two proxies don't collude.
Given that this is Google we're talking about, I don't think you can assume the lack of collusion.
I don't think this is true, but your perception is certainly a common one. I expect Google to employ third-party auditing to prove that no collusion is possible.
Re:Oh yes! (Score:5, Insightful)
Why isn't Google operating the second proxy instead? Because by operating the first one, they are already in control of the browser, and they can track all of the connections coming in to the proxy. They have to know the destination by definition, (so they can tell the second proxy where to terminate the connection). So *they* will know which sites *you* are visiting... and you can safely assume that they are going to mine the fuck out of that data.
So Facebook can't correlate IP addresses to users any more because they're anonymized, but Google still knows that *you* are visiting Facebook, and they will slurp that up and store it forever.
Given that this is Google we're talking about, you can absolutely guarantee that this new change is designed 100% for Google's benefit, minimally for the end-user's benefit, and 100% for the detriment of their competition. They don't have to collude with anyone because they have set it up so they see everything anyways. Collusion only benefits the destination website, so Google has no interest in colluding because doing so dilutes Google's monopoly over your browsing data.
*Every* feature that Google introduces or change that Google has proposed to any standard, has all been driven by Google's desire to own the entire internet, just so they can shove ads down your throat. A Google-less internet would be infinitely better for everyone.
Re: (Score:2)
This is how Google will get around the restrictions on third party cookies that browsers are adding. We all knew that Google had a way round it planned when they announced it for Chrome and at the same time said it wouldnt have an effect on their advertising model.
Re: (Score:2)
The first proxy doesn't need to know the URL at all. It just has to pass an encrypted request to the second proxy. Only the second proxy can decrypt the URL in order to fetch it, but can only see the first proxy's IP address.
Re: (Score:2)
Re: (Score:2)
The point is that Google is making this out to be a great privacy feature for end-users, when Google still can track you just fine - it's a smokescreen.
The reason Google is doing this is because it hurts their competitors, makes it harder for their competitors to track and profile users, and therefore makes Google's profiles much more attractive, so they can make their ads more expensive.
In isolation, Google is not necessarily any better off for doing this, but their competitors are now worse off, which is
Re: (Score:2)
How would the browser hide its IP address from the CDN?
Re: (Score:2)
If Google actually knew anything, they would know that I do not buy things because an advertisement was shoved in my face. Almost everything that is advertised is about things I do not need.
It seems clear that advertising drives consumer spending; however, you would think that it would be recognized that I am not a consumer. I don't need any of the lifestyles they offer.
So why constantly harass me?
Re: (Score:2)
neither of the proxies see any of the traffic content
Therein lies the problem. Google controls Chrome. What's to stop it from inserting a root certificate in Chrome that lets its proxy MITM all your web browsing traffic?
Basically, the security of this scheme, whether from Google or from Apple, comes from "Trust us."
If Google were serious about privacy, they'd add (optional) support for TOR directly in Chrome. TOR already exists and is not controlled by Google or Apple.
Re: (Score:2)
Because someone would find out, like they did with Bluecoat in 2006, only more quickly, and with less effort because all certificates are now publicly indexed upon signing.
This is why, when you have LetsEncrypt sign a certificate, you instantly get probed from around the globe. Hint: always harden your systems and test them using privately signed certificates internally (or with restrictive access lists) before exposing them to the entire internet.
Re: (Score:2)
How would they find out? Based on what the Chrome UI reports as the certificate in use?
No way Google could manipulate that...
You're right in that eventually someone would find out. And the ensuing outrage would reduce the usage of Chrome by about 0%.
Re: (Score:2)
You should read the article.
The scheme is modeled on a similar one that Apple deployed a couple of years ago. It uses two proxies, operated by different companies (though I think Apple operates both in their scheme). The idea is pretty simple. It uses two proxies in sequence. The first sees your origin IP, but doesn't see your destination, the second one sees your destination but not your origin. And of course the destination site also doesn't see your origin, and neither of the proxies see any of the traffic content, since it's TLS-encrypted.
"We are *CONSIDERING using 2 hops for improved privacy. A second proxy would be run by an external CDN, while Google runs the first hop."
https://github.com/GoogleChrom... [github.com]
* Emphasis added. Firefox said they would ask first before they went ahead with their DoH scheme. Turns out the asking first was a dark pattern dialogue followed by removing the notification entirely on new installs once media attention died down.
Here we don't even have a commitment it's a we'll THINK ABOUT IT and get back to you.
Re: (Score:2)
Thankfully, TFA notes it's Opt-In.
Re: (Score:2)
Re: Oh yes! (Score:2)
I'd go so far as to say that this is anticompetitive activity and deserves complaints to the FTC. Here is the link to make a complaint about unfair business practices:
https://reportfraud.ftc.gov/#/... [ftc.gov]
As developers, I think we have an important voice on this subject and encourage all to submit their thoughts to the FTC.
Re: Oh yes! (Score:2)
What do you mean by Google Self-signed certificates? They have a bloody CA under their umbrella, wide accepted by every browser and client out there. Why fake it when they can just make it?!
Sounds like... (Score:4, Insightful)
Re: (Score:2)
I opened an issue on Github. Please read, upvote and comment on it. [github.com]
Re: (Score:2)
It's sad that people hate Google so much that they will dismiss a useful privacy enhancement as some kind of illegal conspiracy.
They even made it an open source, you can do your own build to compare to their binary.
Re: (Score:2)
That's not based on hate, its' based on lack of trust. And why should people trust Google?
Making it open source is a good answer, but not a complete answer. That means that you can verify that it does what they claim it does, but it doesn't mean that what they claim it does enhances security. I don't trust my expertise enough in either area to say that it enhances security, but most of the criticism is along the lines of "I assume that it does what they say, but I also assume that their approach lets the
Re: (Score:2)
It's sad that people hate Google so much that they will dismiss a useful privacy enhancement as some kind of illegal conspiracy.
Hard to take seriously the notion centralizing information improves privacy for anyone. This is just more of the same like Firefox's harebrained DoH scheme in which everyones browsing history is routed thru one large company without asking and trying to pass it off as a a privacy feature.
They even made it an open source, you can do your own build to compare to their binary.
Is the Chrome browser now open source? If so this would be news to me.
Re: (Score:2)
So you didn't even bother to find it what it is, you just assumed it centralises information.
Chrome is open source. That's why there are so many chrome based browsers.
Re: (Score:2)
So you didn't even bother to find it what it is, you just assumed it centralises information.
I read the following URL:
https://github.com/GoogleChrom... [github.com]
Is there additional information I'm missing? Is there a more authoritative source of information? To me reads like an open ended document describing things they MAY choose to do. I've read nothing that gives me confidence this isn't just yet another data collection scheme.
Chrome is open source. That's why there are so many chrome based browsers.
Chrome is NOT open source. Chrome based browsers are based on Chromium not Chrome. The source code for Chrome is unavailable.
Re: (Score:2)
So did you simply not understand the meaning of
We are considering using 2 hops for improved privacy. A second proxy would be run by an external CDN, while Google runs the first hop. This ensures that neither proxy can see both the client IP address and the destination. CONNECT & CONNECT-UDP support chaining of proxies.
Because that directly contradicts your claim about it being centralized. It's designed from the ground up to prevent the proxies becoming centralized points that can collect your data.
The
Re: (Score:2)
Because that directly contradicts your claim about it being centralized.
You are not normally this stupid. Did you hit another blind spot for yourself? How does adding a second proxy decentralize anything? EVERYTHING is still going through the first proxy.
Re: (Score:2)
If you bothered to actually read the proposal you would see that it's not "a proxy", it's a variety of proxies operated by many different organizations. In other words, decentralized. You can run your own if you like.
And since each proxy in the chain can't see the encrypted data for the other proxy, what little information they can gather is worthless.
Re: (Score:2)
If you bothered to actually read the proposal you would see that it's not "a proxy", it's a variety of proxies operated by many different organizations. In other words, decentralized. You can run your own if you like.
You are misinformed.
In all cases this is a proxy where traffic is routed thru Google. *SHOULD* Google decide to chain their proxy server with servers in other administrative domains it will still be true that all traffic is still centrally routed thru Google. What changes is instead of the traffic exiting to the Internet from Google it exits from a different administrative domain.
In no scenario is traffic not centralized thru Google.
And since each proxy in the chain can't see the encrypted data for the other proxy, what little information they can gather is worthless.
When browsing public sites the ability to determine exact URLs visited ca
Re: (Score:2)
Incorrect. The first proxy in the chain can be provided by anyone. Google will initially provide them for the first test of the feature, but the plan is for it to be more like public DNS, where you have a choice of multiple providers and there is network discoverability.
Who actually provides the first proxy doesn't really matter though, because all it can do is pass encrypted traffic on to a CDN. It can't be used to gather any useful information about the user, by design.
If your paranoid delusions were corr
Re: (Score:2)
Incorrect. The first proxy in the chain can be provided by anyone. Google will initially provide them for the first test of the feature, but the plan is for it to be more like public DNS, where you have a choice of multiple providers and there is network discoverability.
What plan? Where is this coming from? Cite your source. None of this is stated in any of the references or IP-Protection document. Is this being worked within the framework of a standards organization to build industry consensus or is this just Google going it alone?
If the ability to choose or disable centralized control and collection works anything like Firefox's Cloudflare DoH scheme then the real world implication will be traffic silently routed through "Google" "for your own good" and the technical
Re: (Score:2)
So did you simply not understand the meaning of
Because that directly contradicts your claim about it being centralized.
Enough of your gaslighting I can fucking read. If you have a substantive objection state specifically what that is you are asserting with supporting evidence. Don't repeat the same text and claim I don't understand what the paragraph means.
"while Google runs the first hop" fits the definition of centralization. Traffic of billions? routed through one ASN **IS** centralization and there is no way around it. You can argue the sky is green with orange Polka dots all day long, it doesn't make it so.
"We are
Re: (Score:2)
This privacy-enhancement already exists. It's called Tor [wikipedia.org]. If Google really cared about privacy, it'd make Chrome natively support Tor and give you the option to enable use of Tor.
But Google didn't do that. They want you to go through a proxy Google controls.
Re: (Score:2)
Tor doesn't scale well, that's the problem. Adding hundreds of millions of new users overnight would break it. Plus, there is purposefully no way to vet the endpoint operators. If you take your tinfoil hat off for a moment, you will realize that carefully choosing proxy operators is quite important.
Re: (Score:2)
My tinfoil hat stays snugly on my head where Google is concerned.
Google could take the budget it plans to spend on its proxy servers, donate 75% of it to Tor to improve its infrastructure, and everyone would be better off.
hmm (Score:5, Insightful)
now let's think.
What is the #1 company I want to not be tracking me?
hmm.
Yeah, let's route my traffic through it . . .
hawk
Proxies and MITM, for good and for ill. (Score:5, Interesting)
Initially, IP Protection will be an opt-in feature
The word "initially" there scares me.
Proxies and relays used voluntarily are wonderful and can do many amazing things. They can also be used to hide and obscure many terrible things. Relaying information through a third party comes with quite a long list of benefits and drawbacks, and for some situations they can be amazing.
Proxies and relays used involuntarily are unacceptable. The potential for abuse and misuse is too great. They create a MITM vulnerability, and anything other than a specific, intentional, revocable opt in is not okay. Creating a MITM vulnerability should not be opt out.
Re: (Score:2)
will mess up sites with ip based security lockout (Score:2)
and will mess up sites with ip based security lockout
Re: (Score:2)
Re: (Score:2)
They create a MITM vulnerability
This is incorrect.
Proxies cannot create a MITM vulnerability. Proxies could exploit a MITM vulnerability if one existed, but in the case under discussion all of the traffic would be TLS-encrypted, end to end. There is no vulnerability to exploit, so the proxies can't exploit it.
Note that this is often not the case in the corporate world. In that world, IT often sets things up so that the TLS connection from the browser terminates at the proxy server. To make that work, the proxy server needs to be able
Re: (Score:2)
Re: (Score:2)
Proxies cannot create a MITM vulnerability. Proxies could exploit a MITM vulnerability if one existed, but in the case under discussion all of the traffic would be TLS-encrypted, end to end. There is no vulnerability to exploit, so the proxies can't exploit it.
Yes, but they wouldn't need a vulnerability. They'd just abuse a root cert they ship with their browser.
Which would be instantly detected by people all over the world. That sort of thing is super obvious.
Re: (Score:2)
Proxies cannot create a MITM vulnerability.
In this case, Google owns both the browser and the proxy. They don't need MITM anything, they already have all the unencrypted data from the browser.
Google also owns a certification authority. Nothing prevent the proxy to decrypt the https packets and re-encrypt it with their own cert chain, valid to the browser.
When you own the browser, you can do literally anything.
Re: (Score:2)
Proxies cannot create a MITM vulnerability.
In this case, Google owns both the browser and the proxy. They don't need MITM anything, they already have all the unencrypted data from the browser.
Google also owns a certification authority. Nothing prevent the proxy to decrypt the https packets and re-encrypt it with their own cert chain, valid to the browser.
That would be trivially-detectable, and would be immediately noticed by lots of people.
When you own the browser, you can do literally anything.
Yes, absolutely, if Google is willing to modify the browser and have it send all the user's data directly to them, they can do that without any of this proxy business. Of course, it would also be detected that the browser was sending a bunch of additional, unexplained, data to Google, but it would be hard to tell exactly what.
Re: (Score:2)
But in Google's scheme (as in the similar one deployed by Apple a couple years ago), the TLS connection is end to end, between browser and destination server, and the proxies just pass encrypted messages that, by definition, they can't read.
Yeah, until Google inserts a root certificate in its browser that its proxy server can use to decrypt the data and do a handshake with the destination on your behalf, just like Bluecat in the corporate world. Hell, the root cert it inserts doesn't even have to show up in the list of certificates. It can be hard-coded right into the code.
Re: (Score:2)
But in Google's scheme (as in the similar one deployed by Apple a couple years ago), the TLS connection is end to end, between browser and destination server, and the proxies just pass encrypted messages that, by definition, they can't read.
Yeah, until Google inserts a root certificate in its browser that its proxy server can use to decrypt the data and do a handshake with the destination on your behalf, just like Bluecat in the corporate world. Hell, the root cert it inserts doesn't even have to show up in the list of certificates. It can be hard-coded right into the code.
That would be trivially detectable, and many people around the world would notice and raise a stink.
Re:Proxies and MITM, for good and for ill. (Score:4, Insightful)
Re: (Score:2)
Mozilla will probably have to release something similar once Google does. People who understand what this feature does are going to want it. Firefox does a lot to prevent tracking, but has no defence against IP based attacks.
Re: (Score:2)
Re: (Score:2)
Mozilla will probably have to release something similar once Google does. People who understand what this feature does are going to want it.
What year is this? Anyone who cares about concealing their IP already has a VPN or uses an overlay network. This harebrained scheme would not even prevent sites from obtaining IP data by other means (e.g. WebRTC)
Firefox does a lot to prevent tracking, but has no defence against IP based attacks.
Firefox does more than Chrome. Third party tracking stopped being a thing by default with Firefox years ago while Chrome stumbles about in a drunken stupor mumbling incoherently about sandboxes.
Re: (Score:2)
A VPN hides your IP address from your ISP. The website sees a shared IP address, but that is already common thanks to CGNAT. The website can still use that IP address to track you, along with other metrics.
Google's system of using two proxies means that the IP address you use to access a website will be constantly changing.
No. (Score:4, Insightful)
If this is on by default, Monopoly Abuse teams at the government should be getting out the boom stick.
Re: (Score:2)
Why do I want a third party seeing all my traffic that has no fucking business seeing it at all?
The whole point of this scheme is that no one will see your traffic (because TLS), and with the dual-layer proxies no one can connect your source IP and your destination.
Right now, the way it works is something like:
* Your ISP sees your IP and your destination IP, but not the content of request and response (because TLS).
* Other hops along the way see the same things as your ISP.
* The dest
Re: (Score:2)
However, even without decrypting the traffic, having all of your traffic allows them to know exac
Re: (Score:2)
Slashdot, a place for people who don't understand how the internet works
Re: (Score:2)
Oh, how I wish I had mod points for parent.
Who cares about seeing your traffic? Google /owns the browser/. They see all of your history and activity. All this scheme does is prevent parties /other than Google/ from seeing your traffic.
Re: (Score:2)
Modded +1 Didn't Read TFA But It's A Rant About Google.
Curious... (Score:5, Insightful)
I'm increasingly of the opinion that the entirety of Google's push for "privacy" is actually to safeguard its own market position and ensure no other players are able to threaten it...
Re: (Score:2)
That's a rather charitable opinion of their behavior.
Personally I feel as though they're under contract with at least one government to provide web data on citizens.
Re: (Score:2)
That's a rather charitable opinion of their behavior.
Personally I feel as though they're under contract with at least one government to provide web data on citizens.
I enjoy the conspiracy theories out there about Google's early days. There's some really thorough run-throughs of how the US essentially funded the start-up, with the explicit instruction to gather as much data as possible, and keeping that data in easily read formats. While I usually ascribe this type of nonsense to cray-cray fringers, over the years the Google start-up stories are starting to sound kinda plausible. Not to say they're true, but it wouldn't be some "OMG" moment if you were to find out there
Re: (Score:2)
On what basis do yo limit that to "citizens"? Numerous governments have "persons of interest" that are not citizens of those governments.
Re: (Score:2)
You just figured that out?
Re: (Score:2)
I'm increasingly of the opinion that the entirety of Google's push for "privacy" is actually to safeguard its own market position and ensure no other players are able to threaten it...
How do you think this proxy scheme does that? The dual proxy setup prevents Google from getting any additional information about web traffic.
Re: (Score:2)
That's a very good question. I can't answer it, but I also suspect that it's an enabler...possibly by making Google the exclusive source for the information. This is purely based on distrust of Google based on their actions over the last couple of decades, and has nothing to do with this particular action.
Re: (Score:2)
It's the same thing Apple does with all their 'privacy'. It's the lock the data and safeguard their own market position.
Re: (Score:2)
I'm increasingly of the opinion that the entirety of Google's push for "privacy" is actually to safeguard its own market position and ensure no other players are able to threaten it...
This became semi-obvious back in 2008. It is a guarantee now.
Funny! Chrome is the proverbial Wolf! (Score:4, Insightful)
Google Employees Anti Kidnapping Measure (Score:2)
"New hires at Google starting 2025 will be microchipped by our experienced experts* to ensure their safety from co-ercion and kidnapping whilst working from home. As the minds behind previous similar security initiatives senior management are highly confident the most enthusiastic and career minded Googlers will be eager to be that bit closer to the company. Google would like to thank the hard working staff for their continued efforts in reducing adblock usage, and we recognise a 0.15 drop across immediate
What happens to HTTPS? (Score:2)
This reads like a law enforcement wet dream... send a subpoena (or not!) and get everyone's traffic.
Re: (Score:2)
No.
Enterprise policies won't like it (Score:2)
I doubt they will allow Chrome if this is activated and they cannot deactivate it using group policies or registry keys.
Chromium lets you customize what you want anyway. (Score:2)
I'm positive it will be something you can disable in the enterprise.
Re: (Score:2)
Re: (Score:2)
IT can force Edge on if you'd like.
Re: (Score:2)
My company forbids me from running Brave because "Brave have internal VPN that can be activated and bypass enterprise policies."
I doubt they will allow Chrome if this is activated and they cannot deactivate it using group policies or registry keys.
They give enterprises the key to the data their scraping so they can scold employees for internet misuse on the company dime. It's a control freak's wet dream come true!
Re: (Score:2)
There is still Firefox. Although it can have Mozilla VPN, it's not just a switch, but an extension, and depending on the country you live, it's not even available.
Leveling up Google's monopolistic data harvesting (Score:2)
I think it's so great all the other ad trackers out there will have difficulty competing with google now.
All hail our google overlords!
protection (Score:2)
I fully trust the wolf to protect me from the sheep.
Firefox FFS (Score:4, Insightful)
This Isn't About... (Score:2)
Not only (Score:3)
sounds promising...however (Score:2)
Great. (Score:3)
I certainly don't want the government to get involved in regulating big tech -- that just makes it harder for little guys to innovate and the big tech companies will find workaround anyhow. The better solution is for people to stop using big tech as much as possible. The Internet is looking more and more like the 1970s phone network. And that's exactly where we don't want to be!
Re: (Score:2)
Why do you disable privacy and security enhancements like DoH and HTTP/2? Do you like being tracked more easily?
HTTP/2 in particular makes it much harder for your ISP and any other man-in-the-middle to see which websites you are connecting to. Without it, the initial request to the server doesn't encrypt the domain name.
Re: (Score:2)
Why do you disable privacy and security enhancements like DoH and HTTP/2? Do you like being tracked more easily?
Or asked in a slightly different way.. Why don't you want a single large corporation to know all of your browsing history? What's wrong with you?
HTTP/2 in particular makes it much harder for your ISP and any other man-in-the-middle to see which websites you are connecting to. Without it, the initial request to the server doesn't encrypt the domain name.
You are either misinformed or have inadvertently confused HTTP/2 with HTTP/3.
Re: (Score:2)
Or asked in a slightly different way.. Why don't you want a single large corporation to know all of your browsing history?
What does that have to do with this story? Nothing. In fact the whole point of it is to prevent any single corporation knowing your browsing history.
Re: (Score:2)
What does that have to do with this story? Nothing. In fact the whole point of it is to prevent any single corporation knowing your browsing history.
I was merely responding to YOUR statement "Why do you disable privacy and security enhancements like DoH and HTTP/2? Do you like being tracked more easily?".
I simply rephrased YOUR question to be more accurate and less misleading clarifying your assertions regarding HTTP/2 are factually incorrect. If you now believe that your own question is now irrelevant then I'm not going to argue that point.
For me the relevance of DoH is establishing a history of corporations inventing new excuses for centralized data
What's the point? (Score:3)
For those who fear something like a court order (there are legitimate cases for this) then use Tor and do whatever you are doing from some public place that offers WiFi and choose random MAC addresses periodically. Otherwise this means nothing. Oh and be sure to run the browser from a container or VM and wipe that periodically.
But Google's offer of privacy is completely useless.
For varying definitions of "hiding" (Score:3)
Rejoice! No webpages can track you anymore!
We now do that centralized from our proxies. Instead of every webpage knowing that you visit them, we now know all the webpages you visit. That's way better!
Huh? No, not for you, but for us.
Why does anyone use Chrome? (Score:3)
It doesn't come preinstalled on any OS (except Chrome OS, and the crippled mobile version on Android).
And aren't the people who know how to install a browser the same people who know what's wrong with Chrome?
So how are there so many millions of Chrome users?
Pssst... have you heard about Brave? (Score:2)