file:///etc/machine-id in the indivdual qube, NOT dom0, right?
Since the fact is that this OS is heavily dependent on Firefox
If that was true, the OS would be unable to run without Firefox, which is not the case.
OR better yet, use OSes that arenāt community supported.
Community support per se is not a negative factor in regards to fingerprinting.
Example: Windows is not community supported. Is it better?
I might recommend the more popular linux or BSD distros to blend into the crowd.
The biggest crowd is Android, not desktop Linux or BSD, but it doesnāt really matter, as it is impossible to have all other factors equal.
Remember to use different net qubes for each of your identities so they all have separate IPs.
If a device (user) has been fingerprinted, the IP address (which is not the same as IP) doesnāt really matter, as identification is possible regardless of it.
and maybe try to have all of those net qubes go through a dependable VPN like ProtonVPN, iVPN or Mullvad, for example.
This goes against the philosophy of Qubes OS (distrusting the infrastructure).
Speaking of which:
We may also collect information about how the Service is accessed and used (āUsage Dataā). This Usage Data may include information such as your computerās Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
Consider that GDPRās paragraph (32), (43), Article 6 item 1a, and Article 7 mandate the opposite, i.e. that they actually may not do this without your explicit, informed and separate consent for each of the various purposes listed further in āUse of Dataā.
The point is: to reduce device fingerprinting, you should also consider how your most trusted parties process (and protect) your data.
file:///etc/machine-id in the indivdual qube, NOT dom0, right?
In all qubes based on the same template.
āKnow your enemyā.
Random hiding from anyone will mostly get you in the trouble with everyone at some point, when itās very or even most critical for you. Instead, establish your threat model carefully and youāll be more closely to realizing your odds to hide.
For example, you want to hide from Google? You think you can do that? Great. I canāt. So, Iām not using it. And so onā¦
1 Like
Iām much more of a practical application kind of guy and as such, I try not to get bogged down in correcting word usages that donāt align with precise terminology and instead was focusing on helping the OP with what they were trying to accomplish. Iām not saying there isnāt a very important place for such. Iām just saying this is how I do things and Iām pretty sure practical application is what the OP is looking for, not vocabulary.
āIPā is common parlance for IP address. Having two identities linked by IP (IP address) can very much be a first step in associating the two
The OP appears to be trying to prevent qubes being linked to one another by third parties, hence the advice I gave.
Iām very curious as to why youāre referencing website privacy policies to me in response to my post trying to answer another memberās question about preventing fingerprinting. Maybe you meant to post that in reply to the OP. Even then, the OPās goal seems to be to avoid having to worry about what people do with his/her data by preventing that data from being linked to him/her in the first place. Thatās generally one of the main goals in avoiding fingerprinting.
How?
Fingerprinting is a deep subject and deep subjects should not be approached superficially, i.e. they deserve the proper attention and accuracy, so that everything is clear to all parties. We are not (or at least I am not) closely familiar with the level of every person who may read this thread now or in future. In short - the clarifications are not aimed to bog you (or anyone else) down, so donāt worry because of a small non-personal side note.
The OP appears to be trying to prevent qubes being linked to one another by third parties, hence the advice I gave.
The OP does not mention parties at all.
Iām very curious as to why youāre referencing website privacy policies to me in response to my post trying to answer another memberās question about preventing fingerprinting.
I mostly use the forum through email. I reply to a certain message because there is no option āreply to the thread as a wholeā (although the post shows up in the thread history too). So, technically, it may appear as a reply to your post but it may contain other feedback too.
Maybe you meant to post that in reply to the OP. Even then, the OPās goal seems to be to avoid having to worry about what people do with his/her data by preventing that data from being linked to him/her in the first place. Thatās generally one of the main goals in avoiding fingerprinting.
The OP (and the topic) is about device fingerprinting with further mention about hardware footprints. The text of the policy explains that the website may collect unique device identifiers, so that is directly related to OPās explicitly written concern.
The OP says nothing about worries or linking identity to device, although I agree with you the two are often related. Sometimes they are not though.