DieMachin4

What Privacy Actually Means on the Web

  • privacy
  • web technology
  • ad blockers
  • identity protection

Eliminating ads from your everyday browsing experience is eye opening. You do not realize how cluttered the average site is until you block ads. Some sites are unusable, ads are crammed into every bit of white space and even break scroll functionality in some cases. Every tool we use is now selling your data, bombarding you with ads around every corner, or a mix of both. Good thing there are great options for you to escape ads in the matter of seconds.

The first time I blocked ads, I did so at the network level with adguard when I purchased a new router. My wife started noticing that recipe sites were suddenly tolerable… This was the beginning of my voyage down the rabbit hole. This fix was not impenetrable, I would still see ads on my iPhone every so often, or on my work laptop. This is because adguard uses DNS filtering to block known tracking and advertising URLs, but advertisers are always updating domains and scripts to get around this.

There are a variety of lists you can choose based on what you want blocked, some are stricter than others, and you can get detailed with the type of content you want blocked. I just chose a generic block list that would cover most advertisors and that seemed to do the trick. But this was the beginning of a very annoying issue created by our reliance on cookies.

It turns out cookies are not evil by design. They can be used to profile you and enable tracking capabilities by third parties, but they also help create web functionality that makes your browsing experience better. In fact, going cookie-less for working environments proved extremely difficult. Staying signed in becomes a nightmare since your authenticated tokens disappear, and then your already annoying Office365 experience becomes untolerable.

This would be the “duh” moment for those who are familiar with cookies and authentication, but for someone who is sold the idea of privacy on the web for the first time, the goal was simply to stop the overlords from seeing my searches for “is desexualize a word” at 3pm in the afternoon.

By switching my work and presonal browsing to Brave and Firefox I discovered another big issue when it comes to locked down browsing; WebRTC. When you take a teams call in the browser, your browser needs to create a connection to the browser of the person you are talking to, and this is done by giving out your public IP to signal the mounting point for the data connection. WebRTC completely bypasses your VPN and exposes your public IP…

I discovered WebRTC was designed this way on purpose, it uses a network protocol called UDP that sends off packets in every direction to try and find that quickest path between two points (simplification). The public IPs are required to make communication quick and clear, meaning introducing proxies to protect identity will result in dropped calls, freeze frames, and you get the point.

There are solutions to this which I will be investigating further with this blog, but the main point is that I am discovering the tradeoffs of privacy which is increased friction. Navigating the web is more difficult because most services are built to first and foremost extract your identity to be able to feed you effective ads. You have probably heard it before, but it stands true that “free” on the web means you are the product.

When you stop being the product and go back to being the customer, you naturally find yourself decoupling your identity from the digital space.