WingNews logo WingNews
top | item 44946037

(no title)

antonyl | 6 months ago

Actually — while I'm here: does anybody have recommendations for per-app or per-site VPNs, especially on iOS? That's basically what I would want here: a different IP address when I open an incognito window, or for each app on my phone (e.g. Brave should have a different IP address than Gmail). I ask because while system-wide VPNs help somewhat... if I ever open anything identifying, I can effectively be fingerprinted anyways.

For example, if I start a Mullvad VPN, and open up an incognito window, but am still signed into Google (on my non-incognito window), Google now knows who I am (in both windows). Then if I browse a website that has GA (within incognito), theoretically Google could figure out who I am. This would be avoided if I shared nothing (not IP address, not browser fingerprinting) between my two windows. Is there any way to do that at scale besides just... closing everything before I go into incognito?

discuss

order

mapt|6 months ago

It has been obvious that we were supposed to be sandboxing these browser sessions in the OS and sandboxing these Google Accounts in basic internet opsec. Being able to create and discard these identities at will is the only sensible, resilient way to function.

Google has actively fought against this, and many people haven't noticed. Things like requiring 2FA for new Google account activation are ridiculously destructive to the ability to maintain any privacy or security. My workplace started demanding 2FA phone/email activation and their response to "So give us a workplace email account then, I'm not using my personal phone" was literally "Just go create a free GMail", which isn't a thing any more without a personal phone.

And it goes beyond new accounts.

I have a 2006-vintage, realname, first.last@gmail.com forwarding account for formal uses that I can't access any more DESPITE HAVING THE PASSWORD AND CONTROL OF THE RECOVERY EMAIL because I refused to hook up 2FA, and moved from the old PC to the new PC which Google doesn't recognize session cookies on. Give Google the keys to the castle or fuck you, we're walling up the doors.

These are dark patterns that, if Google is going to fight us on, demand regulation. Consistent access to specific email & phone numbers were never supposed to be this important to a functioning life, and not supposed to provide a shady for-profit private entity with a permanent panopticon dossier on your activities either. We would flip the table and replace governments if they tried to do this to us. We have, in some cases.

Burn it all down and create some kind of nonprofit NGO to run email or to run the Google Empire, which needs to be simultaneously secure and feasibly pseudonymous in order for people to continue having the basic human rights they enjoyed in the 2010's and 2000's when Google was still in the "Be Less Evil" phase.

delta_p_delta_x|6 months ago

> a different IP address when I open an incognito window, or for each app on my phone (e.g. Brave should have a different IP address than Gmail)

Isn't this essentially Tor? Per-connection almost-random IP addresses.

radicaldreamer|6 months ago

iCloud Private Relay does this for private windows in the latest iOS versions (18 and up)

https://support.apple.com/en-us/102602

rogerkirkness|6 months ago

Highly recommend iCloud Private Relay plus Safari. Sites often think I'm in New England, or Montreal, or a bunch of places I'm not, seemingly at random.