Well that's terrifying
Edit - this is in DuckDuckGo, which has an option to enable App Tracking Protection (Android only feature). In the past hour it's blocked hundreds of attempts from Google to track my data from non-Google apps. I won't tell you what the data is because it's genuinely horrifying, but you can find it in the thread below.
Install the duckduckgo app and enable app tracking protection.
Then watch in horror as it tells you exactly what apps are trying to collect your info, what info and how often.
For example, looking at it right now, 1842 tracking attempts from just 3 apps in the last 7 days.
453 attempts just from my banking app in the last 24hrs... sending info to google and adobe. When you look at what kind of info... here's a list sent to google that was requested 240 times in the last 24hrs.
Device boot time
Gender
Device orientation
Postal Code
Device Model
Unique identifier
App name
Network connection type
Last Name
First Name
Address
Device Name
OS build number
State
Local IP address
Device memory
app version
City
Device brand
Advertising ID
Available storage
GPS co-ords
Headphone status
App install date
System volume
Screen resolution
Timezone
Country
Charging status
Battery level
Cookies
Network Carrier
That's 32 pieces of information sent to google constantly.
Adobe only want about 20 pieces of that information, but asked for it 213 times in the last 24hrs. Most of it the same as above but also requesting your email address, language settings and not so interested in device charging or battery level.
That's 1 app... in 24hrs.
It's worth noting that, this is the number of attempts that were blocked... not the actual times that info was sent. The DDG app blocks it, and my VPN app also has app tracking blocking.
Jesus fuck
@AnomnomnomalyI've worked in IT for 25yrs, from starting out doing customer support, to gaming development, and with various software companies... I got to see behind the curtain briefly and was horrified what I saw.
It's why I am so anti social media and refuse to use it... and a huge advocate for blocking all tracking where possible.
I can't stop it all, but I can make what's collected next to worthless... poisoning the well so to speak.
@Anomnomnomaly @CatsWhoCode @TheBreadmonkey
Don't forget to enable blocking of some apps that won't be blocked by default. (And check if they still function)
All browsers don't seems to be a problem. It even blocks trackers that apparently come through websites.
@gavin57 @JonChevreau @Anomnomnomaly @CatsWhoCode
I'm tracking you all. I'm triangulating all of your signals.
I don't use my real name anywhere on social media... there's only a handful of people who are even aware of my real name and even then it's just my first name.
I use different email address across different sites, I also have @duck.com and @proton email address that forward emails and strip out trackers... very handy for online sign ups.
I literally have email address that are thisisaspamtrapaddress@ and gonnagetspaminmyspamtrap@ address that I use.
I have 2 gmail address... I use neither of them aside from netflix when I signed up to that 12yrs ago before I started seriously trying to poison the well.
Ben's not even my real name. I'm called........... Nick. And my real account is @Nickiquote, although I'll never admit to it on that account and will probably say something like 'no Ben's being stupid I'm not Ben I'm Nick', but know that I'll be lying to protect my identity. Feel free to hurl facts about Evita the musical at me, because that is my very favourite thing in the world. 👍
@TheBreadmonkey @CatsWhoCode @Nickiquote
There's me thinking you were really the #FediverseChick
@artnacrea @Anomnomnomaly @CatsWhoCode @Nickiquote
I thought it was about the TOWIE/Made in Chelsea crossover with James Argent and Tina Stinnes
i am not too bothered.
i assume they are trying to sell me shit.
it won't work.
i am to tight.
however when we go full fash i will be the first up against the wall.
but don't want to live in that world anyway.
A pi-hole is only protecting you when you're at home and I've not looked into a pi-hole setup (keep meaning to, along with running home assistant on it) so don;t know how good it as blocking all of those things.
It's mostly suggestions to sign up to the ddg vpn and anti theft measures that come with the DDG Privacy Pro version.
But at £9.99 a month or £99.99 a year... No thanks.
@Anomnomnomaly @davep @TheBreadmonkey one additional point is that a pi-hole doesn’t prevent apps from using other means to resolve IP addresses (eg. using their own DNS servers). I don’t think DDG is any different there other than being able to inspect what’s in the payload of what it detects.
Pi-hole is good (I run one) but it is another thing to keep updated, vs something like DDG which presumably has updates pushed to it more regularly.
What does the app do that a Pi-hole doesn't?
Run on the client device, that is what it can do that Pi-hole (generally) doesn't.
DDG's ATP just runs on the same device that you wanna filter on; generally Pi-hole is setup on home networks. It can also more easily break it down per-app as it (ab)uses android's VPN APIs to get access to (and filter) network traffic, and as such it can easily track which application(s) a given request came from
@alexia @TheBreadmonkey @davep
I really need to read up on setting up a pi-hole. I think I've become a little lazy about learning new tech stuff as I get older.
I want to use a Pi for home assistant too, mainly to trigger charging cycles for my solar batteries to take advantage of cheaper rates on their agile tariff... I can charge when it's under 10p and export for 15p per kwh.
But it requires me to get of my arse and do it... plus the expense of buying the hardware.
@alexia A similar app I have been using for a long while on Android is Rethink. Its an independent project who also runs their DoH/DoT relays too.
I haven't used DDG ATP to know its features but I find Rethink to be more flexible because I can put my Wireguard configs in it, or use a proxy like Orbot, get traffic overview, completely isolate apps and use custom DNS blocklists when I want to. Pretty great really.
@alexia
As an alternative, you can run #Blokada on your phone. The advantage is that it can use multiple blocklists simultaneously, not just #DuckDuckGo's. The disadvantage is that it doesn't tell you which app tried to track you, and so it's harder to identify and remove apps that don't respect your privacy.
@Anomnomnomaly @TheBreadmonkey There's about 10 apps that are transferring data in the background. I highly recommend disabling this unless you really need notifications.
This is a great health check tool, thanks.
@Anomnomnomaly @TheBreadmonkey I've just enabled it for Firefox (which is an exception by default). The ones in the screenshot got past ublock origin and privacy badger.
I also enabled it for the Play Store, WhatsApp and Signal and haven't seen any issues so far.
@MennoWolff @StOnSoftware @davep @TheBreadmonkey
I guess the only question that then prompts me to ask is.... Does it matter how often they ask for it?
The only reason it's asked for is to build a larger/better/more accurate profile of you for advertising... and as some one who actively seeks out and blocks ALL ads and will actually be put off products that are forced in front of my eyeballs... Their attempts are utterly worthless to them because they have zero effect on me.
@MennoWolff @Anomnomnomaly @StOnSoftware @TheBreadmonkey Yup.
I posted this yesterday by the way, which may be of some use https://infosec.exchange/@davep/114456034554470939
@davep @MennoWolff @StOnSoftware @TheBreadmonkey
UK here, if I go to that setting, I can turn of everything under ads privacy (which I did years ago) and I can 'get a new advertising ID'
But there's no option to delete... maybe I no longer have one because everything is turned off... or it's just not an option outside of the EU because xenophobic fuckwits here listened to billionaire fuckwits who wanted to protect their hidden tax haven assets.
@davep @MennoWolff @StOnSoftware @TheBreadmonkey
I just tried it, got a new ad id and then immediately deleted it... so it's not just the EU... I must have deleted mine the same time I turned of all add privacy options... along with all location options and as much as I could for everything else.
I used anonine (Swedish based) for 10yrs without any issues. But they started to go downhill a bit in the last couple of years.
I switched to Proton a couple of months ago. So far, no problems... A little bit more expensive, but a 2yr sign up deal for around £68 was too good to pass up.
I also check with the torrentfreak news website as they do in depth interviews with VPN providers every year.
Ben
Thomas Schmidt 
Anomnomnomaly BSC SSC
Cats Who Code (cursed)
Paul Schoonhoven 🍉 🍋
JonChevreau
Gavin
Nick
inpc
Andy Linton 
✅
paul
Ari Gardens as a Verb
David Penfold 
Ivan Moscoso
woe2you
Alexia ΘΔ
Loshana Aloka
C++ Wage Slave
Menno
Stephan Eggermont
aaron
Marcos Dione
SueDiOh
Blink With A Kink
Virginicus
John🥛