a.x61.sh

Everyone knows your location: tracking myself down through in-app ads (timsh.org)
from the_abecedarian@piefed.social to privacy@lemmy.ca on 21 Nov 05:28
https://piefed.social/c/privacy/p/1496906/everyone-knows-your-location-tracking-myself-down-through-in-app-ads

How I tracked myself down using leaked location data in the in-app ads, and what I found along the way.

#ads #apps #databrokers #phone #privacy

threaded - newest

adespoton@lemmy.ca on 21 Nov 06:02 next collapse

Am I the only person who doesn’t use apps with in-app ads?

Chais@sh.itjust.works on 21 Nov 10:34 next collapse

I avoid them if possible and block the ads if not.

Onomatopoeia@lemmy.cafe on 21 Nov 15:19 collapse

Part of why I root is to block them using Ad-away.

Auli@lemmy.ca on 22 Nov 15:01 collapse

I just block with custom DNS.

Sunshine@lemmy.ca on 21 Nov 06:33 next collapse

Bad Android apps with ads: you’re the product mate.

Tundra@sh.itjust.works on 21 Nov 07:13 next collapse

You can check an app for embedded trackers & get a list of permissions here:

reports.exodus-privacy.eu.org/en/

not_me@piefed.social on 21 Nov 07:22 next collapse

Switch to grapheneos NOW

PatrickYaa@feddit.org on 21 Nov 07:32 next collapse

Not everyone has a pixel.

FauxLiving@lemmy.world on 21 Nov 12:05 collapse

Everyone will have a next phone though.

DoctorPress@lemmy.zip on 21 Nov 11:11 collapse

No OS gonna protect you from apps spying you. The solution is to not use the said apps.

girsaysdoom@sh.itjust.works on 21 Nov 15:34 next collapse

Google Play services likely does this too, so to actually protect yourself from this spyware you will need to use either microG or containerized Google Play services like how GrapheneOS has implemented.

not_me@piefed.social on 22 Nov 10:14 collapse

If you start with a xiaomi, then a motorola and finally end with a custom rom grapheneos smartphone, your number of trackers and bloatware will have dropped by more than 97%

Auli@lemmy.ca on 22 Nov 15:02 collapse

GrapheneOS is not magic.

NanoooK@sh.itjust.works on 21 Nov 08:36 next collapse

Very interesting, but also scary.

FauxLiving@lemmy.world on 21 Nov 12:12 collapse

Great article. It should be noted that your web browser allows websites to do this with javascript.

Also, since this tracking isn’t really trying to hide, people have compiled lists of the dns names of the destinations of these requests.

If you host a DNS server and you take that list and return NULL for everyone on the list. Then clients on your network who have ad tracking software will try to look up the destination to send your data and your DNS will tell them that there is nowhere to send the data and so the data isn’t delivered. So, all of the smart TVs, game consoles, refrigerators, toasters and doorknobs which automatically send data but you cannot configure will fail because they use DNS also.

This sounds complicated to do, but I’m just describing Pi-hole (pi-hole.net). It only takes a few minutes to setup the container and change your router’s DHCP configuration in order to give out the address of the Pi-hole DNS server.

Assuming you’re on Linux, which you are because you’re a reader of a c/Privacy… right?