someone

I have been testing Tor Browser and Mullvad Browser using fingerprint.com. I get unique persistent identifiers that are unique per machine and persist over rebooting sessions. Javascript was on during this test.

This could be very dangerous to people using Tor Browser and Mullvad Browser.

For example, if someone visits Rainbow Railroad, an organization for leaving repressive countries with hostile LGBT policies, and then watches a video about the organization on YouTube, and then also does something, like create a Discord Server, and use Tor Browser to get around geoblocking but link it to their personal phone number, then a hostile regime buying data from data brokers could possible determine that user is considering using rainbow railroad. Even if this exact example isn’t realistic or plausible (although governments do buy form data brokers), users should be aware that persistent identifiers in Tor Browser and Mullvad Browser allow for continuous tracking of a user using the same machine.

I posted this information on privacyguides forum and they deleted my account after, leading me to wonder if the forum is a giant honeypot that curates acceptable privacy discussions and unacceptable private discussions. I honestly wonder if they are infiltrated by the government. They repeatedly delete the posts of other people as well and the whole thing is starting to not sit well with me.

Github has made it impossible to create an account when using a VPN and a privacy browser with fully spoofed hardware identifiers. (Use Firefox or Firefox-based Privacy Browser, VPN, install Canvasblocker to test this.) I create an account with Google or Apple (both requiring hardware identifiers and numbers and birthdates) or I can use an email. When I use an email, it comes back with this horrible test, and even if I do it completely correctly, it tells me after I didn’t do the test right, gaslighting me with a picture of what I chose (which I didn’t choose) and showing me the correct picture (which I did choose and it claims I didn’t select). It’s fucking bullshit and it’s more corporate control of open source software. For people who have their discussion or issue tracker, I can’t even participate without hardware identifiers likely linked to me some other way and phone numbers. It’s fucking bullshit. If anyone from Microsoft is reading this, FUCK YOU!!! I am so tired of this bullshit. I just want to post an issue about a piece of software. You don’t need my fingerprint, hardware or personal, or biometric shit. This is a slippery slope. Fuck them. I really hope more developers just get the fuck off Github. Honestly, if you are developing privacy-oriented software and using github, there’s a mistmatch and it’s bullshit, and I know it’s time consuming and annoying to move, but please do. This is fucking bullshit and it’s not like it’s going to become LESS annoying over time. FUCK THIS.

(Don’t click that before reading more.) If you check out Upsolve.org because you are considering bankruptcy due to any sort of reason, there is a tool to help you evaluate whether bankruptcy is appropriate at my.upsolve.org/bankruptcy-screener. Bankruptcy is a difficult choice. Sometimes people pursue it as a result of medical debt or other extremely personal reasons. Upsolve.org bills itself as an organization that help the poor. Unlike a lawyer’s office, it can help people without charging a lot and unlike a lawyer’s office, there is no duty of confidentiality or privilege. However, someone taking a screening tool might be providing information just to see if bankruptcy is even possible. And Upsolve.org sells or gives this information to Facebook. Even if it’s not selling the screener results, just someone landing on this page, combined with IP gives Facebook valuable information. The user who goes there without their IP protected could later get ads for predatory financial companies to “help” debtors and importantly, this information can be sold to data brokers to determine that the people viewing the site are a credit risk. For example, if someone gets into a car accident and needs 90,000 worth of medical care over two weeks. They get the bill after the two weeks of medical care. They are going to be unable to work for a while and they are considering bankruptcy. The 90,000 has not gone to collections. This person is technically still employed but will need a lot of time off. They may not even be able to go back to work. Normally, if this person decided not to declare bankruptcy and to wait 4 months and hopefully go back to work, they might be able to get a loan from a bank. But if Facebook has sold their info (person with this IP identified is a person interested in bankruptcy information) to data brokers, and the bank has access to that information, that loan will be denied. Real consequences can happen from selling shit like this to Facebook. Worst of all, the Facebook analytics aren’t on the main page and instead are hidden in the screener. Although Upsolve.org probably just wants to target users online with ads about how great its service is, and it’s actually a service that can help many save a ton of money, it may be overlooking the privacy risk. I hate seeing scripts like this in pages for things that should be confidential, things like abortion clinics, addiction treatment clinics, financial help pages, and pages related to mental health. All of that fucking info gets monetized the second someone hits the page if there are analytics in the page. It would be one thing if that info only resulted in helpful services being sold, but it also is given to companies building profiles on people which can wind up in the hands of surveillance state government officials, financial industry decision makers, and others that classify people based on browsing habits. I may be wrong about this and facebook doesn’t sell that specific “looking at possible bankruptcy” data to data brokers. I can’t be sure. But I wish I didn’t have to wonder. And they probably do. And it probably does go to financial institutions somehow, ultimately hurting some people who were merely considering bankruptcy but don’t ultimately do it.