119
My experiences with Pi-hole (scribe.disroot.org)
submitted 6 months ago* (last edited 6 months ago) by duikbrilletje@scribe.disroot.org to c/privacy@lemmy.ml

Pi-hole has helped improve my "relationship" with Firefox, or better phrased with Firefox forks like LibreWolf and Tor browser. Cool thing with Pi-hole is that you can watch the query log and see what happened in the background while you were surfing the Internet. I learned that :

  • After removing the sponsored shortcuts in Firefox and putting your own shortcuts there Firefox will make connections each time you start the browser. So, if you would have icons on your quick start page in Firefox for let's say EFF, Lemmy, Mastodon, HackerNews, with each Firefox start up, it would query these sites. which I didn't like so much. Since then I've gone back to a complete blank start page, removing search and all those quick start icons, using just toolbar folders with bookmarks.

  • Pi-hole defaults to blocking telemetry for Firefox and Thunderbird.

  • Signal uses Google servers I saw via Pi-hole. I thought that they were using Amazon servers, but looking at Wikipedia for the history of Signal hosting I learned that Signal went back to Google for hosting.

  • Firefox push notification services are hosted on Google servers. LibreWolf removes a lot of Google things that Firefox has by default, but not the push parts. With Pi-hole it is very easy to block that.

you are viewing a single comment's thread
view the rest of the comments
[-] ReversalHatchery@beehaw.org 1 points 6 months ago

the most obvious way is if you the user use favicons to determine what underlying software is actually providing a service

Sorry, I don't understand this point.
The way I understand it is that the user looks for icons of services it knows, but not the exact icon but just something similar. The thing I don't understand is why is this a problem, but probably I misunderstood something.

The other way it’s a problem is for users, applies to cached favicons [...]

I see. I think caching could be solved in a way that does not reintroduce that tracking possibility, though.
One approach would be to only have that cache be used by the new tab page. Page visits always update it, but not read it.
Another would be to always use the cache, but never tell the server that we have that icon cached. The former is probably better though.

If my response came across as seeing the issue as silly

In hindsight probably I have misread something. Sorry for the tension.

[-] bloodfart@lemmy.ml 1 points 6 months ago

The first example I gave is a Classico way that a person would examine favicons to determine the software serving the website. If I wanted to do this to your website I’d resolve a bunch of your sites pages and look for a favicon that’s the default of like nginx or something then when I find it I know what I’m up against.

There’s not really a way to do caching that defeats the second example. The whole point of caching is to avoid sending a bunch of data back and forth, so even if you don’t let a website touch and grab all over the objects in the cache and instead only treat the page’s content as a manifest then the website will still be able to figure out what favicons corresponding to dates and times you’ve got in there by seeing weather or not the browser asks for them to be sent.

I guess you could just not say anything to the web server, let it send whatever it wants and ignore it, but at that point you’d be better off to do the default behavior of just not caching favicons instead and skip a step.

[-] ReversalHatchery@beehaw.org 2 points 6 months ago

then the website will still be able to figure out what favicons corresponding to dates and times you’ve got in there by seeing weather or not the browser asks for them to be sent.

But the idea is that the website can't tell that, because websites would use a different cache store than the new tab page.
Even if facebook's icon is saved in the new tab page's cache, when a website wants to load that icon it will only try to find it in the normal cache. If it's not there or it is expired, it is requested again, passed to the normal cache store, and the normal cache store can also give that to the cache store if the new tab page.

this post was submitted on 18 Apr 2024
119 points (100.0% liked)

Privacy

31939 readers
705 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS