I am currently using Proton VPN (free tier) which is set to Always-ON and Block Connections on disable.
Today while I am going through my Gmail security option, on the devices/sessions I found my real location mentioned over there. Even when I use desktop I always connect to VPN.
On this issue I got couple of doubts:
- Is this because I am using a free tier VPN? so it’s not functioning properly etc…
- Else google fixed my location based on my previous location history? I used my google applications without VPN for many years, I am just learning & following privacy tips recently.
Web Location tracking has not been fully based on IP registration data for quite some time.
I see comments like this a lot, but they seldom say how it actually does work. How does it work?
It’s all dependent on what you’re doing and how. Like if you use Facebook you’re fingerprinted to the tits.
The granularity depends on examples like that.
But something a bit more benign and not as granular would be finger printing you based on the timezone your browser offers up. It’s not as basic as like “-7 GMT” since the iso list can go down to the state and or country. So if in your OS you picked “America/Houston” a lot of browsers will pony that up without hesitation.
How many more bits of data until you know what city I’m in, Street I’m on. Etc. And there’s tons of ways to derive that data over time.
https://browserleaks.com/ is an interesting example that can show all the bits of data your browser can give up.
And of course you can lock lots down given the right tools.
Previous location + WiFi (google and others map it), + also logging in on your phone, + anyone else who is associated with you at that location, + exif data on photos that are uploaded, querying your browser for system time, lots more.
You can look at something like https://www.deviceinfo.me/ to see what just a browser can identify. When you connect to an account obviously the service has many more details.
You can look at something like https://www.deviceinfo.me/ to see what just a browser can identify.
At the Keys Pressed (Live) it can see my arrow up and arrow down key presses 😱
This site does a really great job of illustrating how fingerprinting works and the plethora of information that your browser is telegraphing to every website you visit.
I never understood why a browser couldn’t just…not give out that info.
Like screen resolution for example. Just give the browser the content and let the browser render it to screen, no?
A good browser will not send most of that info, or it will spoof it.
