I already use several Firefox forks for different purposes, and all of them are reasonably resistant to fingerprinting. I also have a special container for all the corpo trash I have to deal with. When I click a random news articles on Lemmy, those sites are opened in a different container and their creepy cookies get deleted as soon as I close the tab.
I’m doing all of this out of of philosophical reasons. It’s also pretty easy to set up, and there are hardly any downsides. Disabling java script is something I have tried too, but it did come with all sorts of severe downsides, so that’s where I had to draw the line.
Regardless, I still find the idea of a privacy respecting email appealing. Philosophical reasons again… Recently, I also made a quick and dirty risk assessment about the potential risks, and I still didn’t see an urgent need to mitigate them. The practical side of it still requires a bit more reading before I can justify an ongoing expense like this. Naturally, the email provider would have to be EU based.
Disabling java script is something I have tried too, but it did come with all sorts of severe downsides, so that’s where I had to draw the line.
I get that, 100%. That is exactly where most people land, on the topic.
I feel obligated to mention that, to the best of my knowledge, JavaScript being globally enabled means a person is 100% not anonymous at any time.
Trackers can, and do, ask JavaScript hundreds of questions about the browser, it’s region, it’s underlying OS, and plugins.
Studies show they typically arrive at a 100% certainly unique fingerprint that they can attach to a real name and home address, before cookies even get involved.
Your choices of browsers should greatly help, but there’s evidence that most of them don’t do enough to prevent a unique fingerprint, while JavaScript is enabled.
The GrapheneOS Vanadium project team blog about this privacy battle regularly. The current privacy outlook with JavaScript enabled seems to still be pretty poor, to me.
Sorry, I don’t have a good solution. But I figure as long as we’re discussing this publicly, we can raise some awareness.
The right answer is to throw corporate criminals in jail to deter their arms race, but I don’t see much evidence that will happen soon.
One option is to use a a dumpster browser for all the corpo trash that requires JavaScript. Just disable JS on all the good browsers and carry on as usual. If a site doesn’t work there, throw it into the dumpster.
It also depends on how do you use that mailbox for. In my case, Gmail doesn’t get to see anything related to my professional life. I have another email provider for more serious conversations like that. For the most part, Gmail gets to see a bunch of mailing list junk I never subscribed to. I also use Gmail to logging into various services I don’t really care that much about. Nothing important, nothing serious. If it involves money in any way, Gmail doesn’t get to read those communications.
However, I am tempted to move all my serious email communications to a more serious paid service. There might be immediate practical benefits too. I could set up a dedicated email address for each creepy company and that way I would find out which one sold my data to spammers.
I already use several Firefox forks for different purposes, and all of them are reasonably resistant to fingerprinting. I also have a special container for all the corpo trash I have to deal with. When I click a random news articles on Lemmy, those sites are opened in a different container and their creepy cookies get deleted as soon as I close the tab.
I’m doing all of this out of of philosophical reasons. It’s also pretty easy to set up, and there are hardly any downsides. Disabling java script is something I have tried too, but it did come with all sorts of severe downsides, so that’s where I had to draw the line.
Regardless, I still find the idea of a privacy respecting email appealing. Philosophical reasons again… Recently, I also made a quick and dirty risk assessment about the potential risks, and I still didn’t see an urgent need to mitigate them. The practical side of it still requires a bit more reading before I can justify an ongoing expense like this. Naturally, the email provider would have to be EU based.
I get that, 100%. That is exactly where most people land, on the topic.
I feel obligated to mention that, to the best of my knowledge, JavaScript being globally enabled means a person is 100% not anonymous at any time.
Trackers can, and do, ask JavaScript hundreds of questions about the browser, it’s region, it’s underlying OS, and plugins.
Studies show they typically arrive at a 100% certainly unique fingerprint that they can attach to a real name and home address, before cookies even get involved.
Your choices of browsers should greatly help, but there’s evidence that most of them don’t do enough to prevent a unique fingerprint, while JavaScript is enabled.
The GrapheneOS Vanadium project team blog about this privacy battle regularly. The current privacy outlook with JavaScript enabled seems to still be pretty poor, to me.
Sorry, I don’t have a good solution. But I figure as long as we’re discussing this publicly, we can raise some awareness.
The right answer is to throw corporate criminals in jail to deter their arms race, but I don’t see much evidence that will happen soon.
One option is to use a a dumpster browser for all the corpo trash that requires JavaScript. Just disable JS on all the good browsers and carry on as usual. If a site doesn’t work there, throw it into the dumpster.
I agree 100%. I moved in an orderly fashion, myself!
Your overall logic and position matches mine from maybe six months ago quite well.
The thing I couldn’t let go of was what Google might be doing with my income and employment prospects, selling what they know about me from my inbox.
I see plenty of evidence for the character of Google’s leadership, and I realized it made me angry that someone like that could be accessing my inbox.
It also depends on how do you use that mailbox for. In my case, Gmail doesn’t get to see anything related to my professional life. I have another email provider for more serious conversations like that. For the most part, Gmail gets to see a bunch of mailing list junk I never subscribed to. I also use Gmail to logging into various services I don’t really care that much about. Nothing important, nothing serious. If it involves money in any way, Gmail doesn’t get to read those communications.
However, I am tempted to move all my serious email communications to a more serious paid service. There might be immediate practical benefits too. I could set up a dedicated email address for each creepy company and that way I would find out which one sold my data to spammers.