Q&A: The Email Tracking Protection Episode
Added 2024-08-21 17:00:07 +0000 UTCQ&A191: How do we protect against e-mail tracking in non-private providers and how do we handle tracking links embedded in emails?
Video Version: https://youtu.be/F1pSngpzVPc
00:00 Introduction
00:27 Protecting Against Email Tracking
03:32 Unmasking Tracking Links in Emails
---
π Go ahead and leave some questions below for us to look at for SR192 this weekend! (Note: We record on Friday nights in the US, so it's highly recommended to leave all questions by noon on Friday in the US)
It can be about a specific story, a general question about privacy/security, a question about the world, a question you tried last week, or anything else. Due to time restraints we can't promise that we'll get to yours, but we appreciate all of them!
To receive these posts via RSS, get your own custom link using these instructions.
Comments
After a long time doing Threat Modelling and deciding what I want to use, what phone OS, apps or other devices, Windows/Linux on my PC, Dual boot or not, etc, I felt that it was time to start. I have now been using a De-googled phone with CalyxOS for a month now. It works as I thought it would, quite good. Sadly I also have to use a normal mobile because some apps do not work as intended on CalyxOS. These apps are essential apps, I need to use them. But that is ok for now to have to carry two phones. So to my first question: I need to be able to use these apps in a better way than to use two phones. I recently read that I can dual boot the CalyxOS phone. I can create a new user which has it's own environment and installed apps. But it's not enough to have two users running the same CalyxOS environment, I need for the new user to run the normal Google environment like on my old Samsung. I read somewhere that in GrapheneOS it is possible to do that. Of course I can install GrapheneOS, but for now I do not want to do that. So do you know if it is possible to do that in CalyxOS or do you have another recommendation. The next question. I also plan to migrate from Windows to Linux on my PC. For now I know that I need to have a Windows environment for some simple programs, there are no similar Linux programs. I can not dual boot, I need to run both Linux and Windows programs at the same time, so I was thinking about using Windows in a virtual machine on my Linux host. When I have my new Linux computer I can do more testing, perhaps run them in Bottles/Wine. I have really no need to even have Internet access to that VM. But now to the question. I have been doing some investingations about VM:s and some people says that Windows in a VM can see everything in the Linux host machine. Personally I find that little hard to believe. So my question is, are they right that a VM can see everything on the host or what kind of leaks are there if there are any leaks? Are there other things to think about or any other suggestions?
Gunnar
2024-08-23 14:41:45 +0000 UTCWhat do you know about Global Privacy Control (https://globalprivacycontrol.org/), WebChoices (https://optout.aboutads.info/), and other similar services? Are they effective? Do they make your browser easier to fingerprint? Any other privacy concerns?
Tom
2024-08-23 13:28:28 +0000 UTCI have a very small (only a couple of pages) website that I use professionally. It is currently on google sites linked to a custom domain. Although I have removed google from the rest of my life, my reasoning was that google will be able to see the webpage anyway, so there is no difference in just keeping my website there. But this thinking doesn't sit so well with me. What are your thoughts? Is there another simple alternative where I can construct a simple html site but is more privacy respecting? Is there actually a good reason to switch other than my google allergy due to steeping myself in the privacy world? Thanks!
Mark Pinter
2024-08-23 02:59:27 +0000 UTCHow do you guys approach phone location privacy? First, there is the explicit "location" in phone settings that you can turn on/off and grant/restrict app permissions to, the GPS location, but it is actually only one of "locations". Second, there is also, at a very basic level, the carrier's need to know a user's location within its network to know to which cell tower to direct traditional voice calls and increasingly IP traffic addressed to the user. But even beyond that, in order to optimize connection quality and speed, the cell network measures a phone's signal strength relative to its various base stations, which gives more detailed location information. This seems to be the type of location data that all the major US cell carriers were selling without user consent in the recent scandal. And beyond that, there's "side-channel" highjacking of auxilliary technologies to collect location, such as Apple's and Google's WiFi-based location tracking that relied on the lack of "herd immunity" in location usage, and this category of tracking is limited only by the imaginativeness and lack of scruples of surveillance capitalism. Granted, in theory, not all places on the planet have dense cellular and WiFi coverage, but in practice, the majority of the world's phone users is concentrated in dense urban population centers rather than evenly scattered across sparsely populated countryside; so, that's not much of an defense. Also, techically, there are variations in precision and API availability for these different location types, but for the purposes of personal privacy this seems to be one of those "distinctions without a difference". All in all, it seems that the subject of user phone location control is full of red-herring hair splitting over mostly inconsequential technological minutiae at the cost of providing meaningful control over the ultimate outcome of location confidentiality. What is your opinion of the state of affairs in this field and how do you approach your location privacy?
David Johnson
2024-08-22 05:37:38 +0000 UTC
![J.A.X [Ai art]](https://xaiju.com/istorage/100248.jpg)
