My threat model is much like a lot of others here, I want to minimize the amount of data big tech companies collect on me. Where I’m running into trouble is deciding what method should be used to do so. Is it better to blend in with the crowd or do some extra things that may block them a bit more but makes you stick out a bit? I’ve flip flopped from one to the other over the years and right now I’m using the blend in method.
My current set up is GrapheneOS and Vanadium is my main browser. It has basic ad blocking and I use ProtonVPN with Netshield enabled. It works ok, some ads get through but not many. My theory is Vanadium blends in as Chrome and I mix in with all the other Netshield users, is this a good method? Or would it be better to use ProtonVPN but block more stuff using NextDNS even though it may make me stand out? One benefit I noticed when using NextDNS is it blocked a lot more from the invasive apps in my second profile, Netshield doesn’t block much from them.
I have Brave as a back up browser but don’t use it much anymore, would it be a better choice for browsing with its built in ad blocking and Protons Netshield and just have it clear everything on exit? I should note when browsing with Vanadium it’s always in incognito mode. Any advice or input would be much appreciated, thank you!
One idea to let go if is the idea that their is a crowd of mainstream users that you can blend in with. This is a concept from the non-digital world that doesn’t translate well to the digital world. Tools that effectively use strategies based on “blending in with the crowd” must first create crowds and satisfy the pre-conditions necessary for users to blend in with one another.
While ‘normal users’ look normal, they don’t really form ‘a crowd’ that you can blend in with, They are more or less a crowd of uniquely identifiable, easily trackable, individuals, so not really possible or worthwhile to blend in with as far as I understand it.
My theory is Vanadium blends in as Chrome
It most likely does not, but hopefully you’ll blend in somewhat with other Vanadium users.
and I mix in with all the other Netshield users
True I think. Its somewhat of a personal choice whether you think the pros of better device wide adblocking outweigh potentially being more identifiable by choosing to use a 3rd party dns like NextDNS.
is this a good method? Or would it be better to use ProtonVPN but block more stuff using NextDNS even though it may make me stand out?
Its a tough question, I wrestle with this also. Broadly speaking, blending in with the crowd / strong-ish anti-fingerprinting requires considerable tradeoffs and limits the extent to which you can achieve other objectives, including other privacy objectives. My current approach preferences anti-tracking, and good adlocking over strong anti-fingerprinting (in situations where I can’t have both to the degree I want).
One idea to let go if is the idea that their is a crowd of mainstream users that you can blend in with. This is a concept from the non-digital world that doesn’t translate well to the digital world. Tools that effectively use strategies based on “blending in with the crowd” must first create crowds and satisfy the pre-conditions necessary for users to blend in with one another. While ‘normal users’ look normal, they don’t really form ‘a crowd’ that you can blend in with, They are more or less a crowd of uniquely identifiable, easily trackable, individuals, so not really possible or worthwhile to blend in with as far as I understand it.
Some valid points. So perhaps it is better to stand out a bit in order to do some extra ad/tracking blocking. So Brave might be a better choice since it has some fingerprint blocking.
It most likely does not, but hopefully you’ll blend in somewhat with other Vanadium users.
It’s a small group to blend in with honestly. I might switch back to Brave for browsing and stick to Vanadium for logins. While Vanadium is nice and streamline, there’s a few sites that work better with Brave, i.e. sites that limit the number of articles you can read in a single visit.
True I think. Its somewhat of a personal choice whether you think the pros of better device wide adblocking outweigh potentially being more identifiable by choosing to use a 3rd party dns like NextDNS.
This is what I flip flop with the most. I have yet to make a solid conclusion if it’s better to stick with the VPNs DNS or 3rd party. Most advice, including Graphene and Proton, say to stick with the VPNs DNS to blend in and avoid any additional technical problems. However I do love having NextDNS’s granular controls to add blocklists, block per domain, whitelist, etc… and it’s systemwide adblocking is far better than Protons but I’m sure Proton uses a rather limited list to avoid too many false positives for all its users.
I’ve struggled with that idea as well, but ultimately decided the small trade off in privacy by running a third party DNS with a VPN is worth it. It allows me to run aggressive blocklist and white list as I go. I can also run more security oriented filters like Hagezis Threat Intelligence Feeds.
If your threat model is low/average I see no harm in using a third party DNS with a VPN. Just make sure it’s a reputable DNS provider.
My threat model is pretty low, just a dude trying to block as much GAFAM as I can. I’m thinking I’m gonna go back to NextDNS for the granular control. A lot of news sites I visit have embedded videos in them from tiktok, Instagram, etc… and I wanna cut down on those connecting to my devices and Protons Netshield doesn’t do it.