Give permission. Don't give permission. They know where you are anyway
-
But when Firebase gets that network/IP change report, what information does it get? Because if it only gets the public IP address, the reported IP will still be the VPN one, not the real one, right? So, if that were the only information reported to Firebase, wouldn't you still be protected? Does Firebase block requests when you're using a VPN (this could be detected, for example, if certain aspects of the network have changed but the IP hasn't)? Is that what you mean with not getting push notifications when simulating a local IP with filters?
PS: From my research, the WiFi's SSID can also be used to track someone's whereabouts, but depending on where you are and how many networks have used the same SSID, it may work work well or badly. You can see that by going to https://wigle.net/ (which is a database on WiFi networks with some publicly-available information), go to the map, type in the SSID field, and click "Filter".
-
Using a VPN means that all your traffic is routed through a possibly malicious actor.
-
Like Kevin Spacey?
-
Google hardcodes DNS into their hardware appliances...
So you'd need to block outgoing DNS requests except for your DNS server and god forbid you change location with a smartphone. -
I think this is about apps and not the operating system. But yeah, the stock ROMs also phone home to Google. You'd need to patch that. For example like custom ROMs like GrapheneOS do. I don't see another viable alternative. But that still leaves you with the issues with the apps mentioned in the article.
-
It gets your unique tracking ID, so it knows you're the same person now with different IP. If you use apps that store location data in firebase (eg. find my device, fitness trackers, emergency alert apps) it will upload your GPS location and maybe nearby wifi names, if you set it to be extra precise.
-
Surprising that this data never heard gets leaked. It's always my social security number
-
That's gold, Jerry!
-
Author noted:
As a quick note - location shared was not very precise (but still in the same postal index), I guess due to the fact that iPhone was connected to WiFi and had no SIM installed.
If it was LTE, I bet the lat/lon would be much more precise. -
No one thinks VPNs are “magic bullets”. I don’t know why this gets repeated ad nauseum.
Ooh, I know why! It's because YouTubers hawk their preferred (sponsored) VPN as if it was silver bullet and that it's dangerous to use your mobile device out in public or worse – public WiFi – without it. You can't blame John or Jane Doe from parroting what their favourite YouTuber claimed.
-
You know the towers log data too, right? And that websites themselves can track you regardless of what OS you use, right?
Privacy is good, but stop with this "Linux is a magic weapon" BS.
-
That’s crazy. As it’s (almost) impossible to prevent those data to be sent from the phone, would it be possible to make the data useless ? For instance by sending loads of fake json payloads for some ids ? Then enjoy my data which says at the same time that I’m in Vancouver, Lisbon, Paris, on my low cost and super expensive phone, with volume at max and zero,…
Not possible I guess ? -
Multiple middlemen are better than just one. Also, you can test its effectiveness.
-
It's in a perpetual state of leakage in a sence that it's a trade item that gets sold between different companies. You can't leak that, really.
-
Separate dongle for internet using a hotspot can help. No system is perfect but Linux phone is an excellent first step
-
You miss my meaning. All the servers that your info passes through, all the cell towers, etc, can and in many cases do track you(even as just routine loggings). Thinking that running anything makes you more secure while connecting to a giant public network is naive.
-
@hendrik @muntedcrocodile then don't use that app. Done.
-
Just comes with the downside that I can't take part in every day life, talk to my friends, stay connected with old friends, borrow an electric bicycle, transfer money easily... I have to drive to a shop only to see it's closed and they posted that on Instagram...
-
I wouldnt be surprised if Google hardcoded DNS servers even if you override it with a "private dns"
-
I think it's unlikely that they mess with people's DNS settings. That would just break lots of use-cases. But there are things like certificate pinning and probably similar things for DNS. We nowadays often cirtumvent DNS servers and use DOH on an application level. Plus there are things like connectivity checks (made for public wifi portals etc), AGPS... that all connect to Google servers... Well, unless you have that changed, as I said. But that's not something the user can change. You need the whole operating system re-build with different servers in place.
