There's more do it than that. If you visit a website, there are all manner of surveillance utilities that can follow you around during your browsing session and record your activities in order to learn your behaviors, customize your advertising demographic information, and so on. So beyond the matter of making sure that your connection is secure and that you aren't leaking DNS queries, you now also need to be aware that your actual browsing habits may be monitored as you navigate around various websites. Even your choice of browser and browsing habits can be fingerprinted and used to de-anonymize you by someone with enough data, resources, and time.CharlesV wrote: Sat Jan 06, 2024 3:05 pm So... no startpage anonymous view does NOT filter out DNS. (in fact, there is NO mention of DNS on the startpage anonymous view page at all! NOR is is a VPN...
What many people dont realize is that there are three pieces here that all come into play:
A) search
B) DNS call
C) URL call/connection
A VPN typically, but not always, interjects its own DNS, so IT sees / knows where you go, but then it has sole discretion on what it does with that knowledge!
You can get very paranoid about this sort of thing very quickly. So again I suggest that the real question to be answered here is "What is your threat model?" If you use something like a VPN and tunnel all of your traffic through a different endpoint, you're pretty much safe from coffee shop snooping, but someone, somewhere, is still going to know what sites you're visiting purely because you're visiting them.
Once, many years ago at my local coffee shop, I walked in and ordered a coffee. I usually took a few minutes to chat with the staff and we were all friendly with each other. Suddenly, a guy sitting near the register interrupted us. "Hey, who's DukeComposed?" he asked.
He was sitting alone with his laptop. He'd set his network card to promiscuous mode and was just sniffing all the local wifi traffic. By simply being in the area, my phone had authenticated with the local access point and, as iPhones do, had negotiated its presence online as "DukeComposed's iPhone". We chatted for a few minutes and he blabbered quite a bit about how he believed all information should be free. I smiled and asked if that extended to his credit card information.
He stammered on a little bit about yeah, no, not really all information should be free... and when my coffee was ready I removed myself to sit in a different part of the coffee shop. I summarily changed the name of my iPhone to something like "localhost" and went on with my life.
Some random guy in a coffee shop learning my name might seem like an egregious violation of privacy but it was easily information that the staff all knew and they would call me by name, out loud, all the time. I wasn't a journalist researching a controversial topic that could land me in jail. I was just someone with an iPhone in its default config, but it was still surprising. If he hadn't cringefully said something about it, I would never have known.
Figure out your threat model. And then adapt to it accordingly.
