Im actually glad that the author pointed out that once you log in somewhere that will track you, that connection is associated with you.
A vpn is not a cure-all. It is only as private as you're willing to make it. If you want to pirate movies and chat on facebook at the same time, you're probably gonna have a bad time. What you do is absolutely a part of your advertising/tracking profile.
Payment information - some prefer to use cryptocurrency, which in their minds, is private. Again, once metadata connects you, there's no denying that that's you.
A third party consultant takes your payment? Maybe. Especially if you've got some anonymizing layer to your credit card info that has earned a similar trust. This will of course add to the cost of the transaction.
Even the way you type can connect you. Sufficient amounts of text - such as this reply - are usually enough.
>If you want to pirate movies and chat on facebook at the same time, you're probably gonna have a bad time. What you do is absolutely a part of your advertising/tracking profile.
This is probably not going to work with public vpn services because many users share one server, and the server you use changes every connection. Thus facebook can’t really correlate your torrent traffic with your session because it could be anyone else on that server.
> If you want to pirate movies and chat on facebook at the same time, you're probably gonna have a bad time.
Not really. There's not a single documented case of a major VPN user ever receiving a copyright infringement notice. Despite the fact that millions use this exact same use case.
In security it's always important to understand the threat model. If I know I'm being personally targeted by Mossad, that's a very different story than if I'm trying to avoid getting identified in a mass copyright notice from the MPAA.
Facebook would never ever ever in a million years voluntarily give the MPAA unrestricted root access to their IP level user tracking data. If they tried to subpoena it, Facebook can afford much much better lawyers than Warner Brothers.
And I guarantee that at least in the American judicial system, any judge is going to be extremely skeptical against such a sweeping request.
I know my ISP logs my metadata (by law), whereas I trust that my VPN provider does not.
Essentially VLAN2 all traffic is routed direct to my ISP, and VLAN3 all traffic is routed to VPN. My machine normally sits in VLAN3. I make sure not to log into anything social media related or tied to my real identity.
If I need to do banking, Facebook or something like that I'll use a device in VLAN2 (a separate computer).
All phones and devices like that are broadcasting information anyway so those are in VLAN2 as well, unless they are devices with LineageOS and no Google Apps.
> A vpn is not a cure-all. It is only as private as you're willing to make it. If you want to pirate movies and chat on facebook at the same time, you're probably gonna have a bad time. What you do is absolutely a part of your advertising/tracking profile.
See in this scenario I would have a system in VLAN3 that I use for my downloading, and another computer in VLAN2 that is used for the facebooking. I use a hardened browser with https://github.com/ghacksuserjs/ghacks-user.js that hardens the browser and helps against fingerprinting.
I also use a number of addons, for various purposes
I use CookieAutodelete on my mobile because unfortunately the container API isn't available on the Android version of Firefox.
The reason I don't use it on my desktop is because there are certain types of things that cannot be cleared.
> APIs do not exist to allow clearing IndexedDB, Service Workers cache, appCache, or cache by host. Clearing cookies & localStorage on their own, and leaving orphaned persistent data is a false sense of privacy.
A vpn is not a cure-all. It is only as private as you're willing to make it. If you want to pirate movies and chat on facebook at the same time, you're probably gonna have a bad time. What you do is absolutely a part of your advertising/tracking profile.
Payment information - some prefer to use cryptocurrency, which in their minds, is private. Again, once metadata connects you, there's no denying that that's you.
A third party consultant takes your payment? Maybe. Especially if you've got some anonymizing layer to your credit card info that has earned a similar trust. This will of course add to the cost of the transaction.
Even the way you type can connect you. Sufficient amounts of text - such as this reply - are usually enough.