593 private links
-
Telecommunications metadata
Your ISP learns every website you visit via a few different channels: DNS lookups, the IP address of sites, and TLS Server Name Indication (SNI). Most ISPs log and store this metadata for some time. Mitigation There's no need to use your ISP's DNS server. Run your own. You can't really getting around your ISP learning the IP addresses you visit. But with TLS encryption and the pervasive use of content distribution networks (CDN) by many website providers, the IP address itself does not really say much. The "leaking" of domain names via SNI is harder to get around, but newer versions of TLS improve on the situation. -
Web Site Data
Any Web site that you go to is very likely to keep extensive logs of everything you do on the site, including what pages you visit and what links you click. They may also record what outgoing links you click. For example, Google Search does this. Mitigation Try to use alternative services, that don't track you. Such as Nitter instead of Twitter, Invidious instead of Youtube, DuckDuckGo instead of Google Search, Bibliogram or PixelFed instead of Instagram, Jitsi instead of Zoom, Signal instead of WhatsApp, and so on. -
Browser Sync Data
Although the browsing history stored on your computer may not be directly accessible, many browsers offer a “sync” feature which lets you share history, bookmarks, passwords, etc. between browser instances (such as between your phone and your laptop). This information has to be stored on a server somewhere and so is potentially accessible. Mitigation Make sure that whoever hosts this server allows you to properly encrypt your data (in such a way that the server owner can never decrypt). Or even better, self-host the sync server yourself (Firefox sync can be self-hosted in this manner).