• General

  • YouTube able to receive information via wifi connection on Graphineos?

Hi folks,

I'm new to Graphoneos - I've had it installed on my Pixel 7 for about 2 weeks. The only app I have installed is signal and am not signed into any account on this phone.

what I found really strange is, I googled sim only plans on my desktop PC which is linked to my YouTube account (which is fine) and looked around for about 20 minutes at different plans on different websites.. First time I've ever looked at sim only plans.. I then went on my Graphineos phone and brought up YouTube on Vandaium browser, and the first video ad that showed up was an ad for sim only plans.. And I wasn't signed in and have never used YouTube on this phone..

Is this a coincidence??? Or is google able to now ID me on this phone because my phone is using the same wifi connection? What's the point of Graphineos if Google can identify me on a degoogled phone through wifi?

    Pociwo That makes sense actually. Any recommendations for ones to use on a Graphonenos? Cheers!

    Also, how is YouTube able to receive this information when Graphineos is locked down and degoogled/no google services installer to share this info with my device?

        • [deleted]

        • Post #4

        Hash1 browser tracking through scripts is very persistent and let's remind ourselves that google analytics is built in 70%+ of all websites. Knowing that and the fact that both your PC and phone are on the same wifi network it's easy to put 2 and 2 together. That's why I always browse with "no scripts" and only temporarily permit those that are essential for functionality. That is the easy bit, browser fingerprinting though which can uniquely identify you is much harder to avoid. Also GrapheneOS is here to look after your security, not privacy, that is your own job.

          Hash1 you use same IP on both of your devices.
          IVPN
          Mullvad
          ProtonVPN
          Are your best options.

            Hash1

            Vanadium is very secure. But doesn't allow 3rd party ad blockers and privacy addons. Firefox for Android does, so you can install uBlock Origin. You can also use DuckDuckGo browser and I've heard good things about Brave.
            For YouTube, use NewPipe.
            These things can help stop Google from advertising to you or building a persistent profile of your browsing habits. But keep in mind, they can still correlate your identity when you come from the same IP (being on the same Wi-Fi).

            Your privacy habits should extend to your desktop use too.

                If you're planning on using one of the recommended browsers above then use Brave.

                Hash1 I'd guess that google has a "database" of thousands of users, each of which is a "key" called, e.g.: /Hash1/youtube acct/IPAddress/browser fingerprint/(gmail acct)/. This key was constructed when you established your youtube acct. If you have a gmail account, then that is added to the key and they have a lot more information based upon scanning your mail (which I believe happens). This makes your identification - and interests - very valuable to advertisers

                When the connection from your new phone occurred, they constructed a new "key" acct /IPAddress/browser fingerprint/ about which they knew nothing other than your movie interest. They had to send some sort of ad (google, after all) and could either send out a random ad from a near infinitude of sponsors, or they could send out an ad related to the last connection from that IPA - which they did.

                They know that there could be multiple users at your IPA, and they had no history on the fingerprint, so they sent an ad that just might be relevant to you.

                As /IPAddress/browser fingerprint/ becomes more active, more information will be associated with it and more focused advertising will be directed toward it. Eventually you'll go somewhere where they'll be able to connect you to your desktop identity.

                Sigh.....You can confound this process by using TOR browser; but then the security of TOR browser is not as good as Vanadium.

                FWIW my top cellphone priority is security. If I want to "walk on the wild side", I'll use TOR via my Qubes laptop

                I'm guessing there is no easy solution to the privacy issue, and using a VPN to an exit node which blocks advertising, malware and tracking (e.g. Proton) is reasonable for my threat model. They likely know who I am, but I don't see much irritating, focused, possibly dangerous advertising.

                  It's very easy. Use VPN and don't use garbage such as Google and Facebook (Meta). You can use LibreTube app on Android which proxies YouTube videos so YouTube can't see your IP address and stuff.

                  Cheers for all the responses folks! You’ve provided me with some really good and useful info!

                  Another quick question, is it okay to use apps from Aurura store? I noticed many still have trackers, are these active trackers or no because of sandboxing?

                    Hash1

                    There is much discussion on the validity of the tracker types and numbers given by Aurora Store and Exodus Privacy.

                    Aurora Store just pulls on the same apps as the Google Play Store does, so think of Aurora Store as a more private front end for the Google Play Store.

                    I've always used trackers shows in Aurora as a general guide, and assume that most of the apps from Aurora / Google Play Store are closed source, have trackers (whether ID'd or not), request network access (sometimes requiring it to function), and as a result they will, or attempt to, send information about me, my phone or my activities when using the app to the developer or some third party.

                    I have several apps on my phone from Aurora / Google Play on my phone but revoke network access on them immediately or ASAP after setting them up (e.g. GBoard and enabling voice to text typing).