I really hate the statement "built-in privacy: this site does not use any javascript", because privacy is not specifically violated by JS, and you can track (or 3rd-party track) without JS just fine. Their site clearly does not need JS, but this misinforms their audience about privacy and safe browsing.
Also, according to their Privacy Policy, they collect your IP (for Geolocation) and browser type... two pieces of data that are, in a great percentage of cases, enough to identify someone.
Having used uMatrix over the past several years, I grow weary seeing almost every site bring in cascading JavaScript dependencies across 3-4 additional domains, sometimes as many as a dozen. I agree that technically, JS doesn't have to violate privacy, but in practice, the internet is packed to the brim with JS-powered 3rd party tracking.
I agree - and I'm sick of it too. I don't think "no JS means no tracking", but it means "more likely less tracking" and "definitely a lot less bullshit 3rd party shenanigans".
I absolutely love JavaScript, have been a fan of it since before it was cool, stayed a fan after it was not cool again, and am still a fan now! But now the benefits it brings me on the web is snowed under by the shit it delivers. It's not worth it.
JavaScript is off by default everywhere for me now, and there has to be a really compelling reason to get me to whitelist a site. Most often (I'd say about 80-90% of unknown/non-regular links I click) I just close the tab and go somewhere else.
Luckily there's a lot of sites out there, and there's starting to be more services like the OP's - which I will be able to visit!
Philosopher kings communicate in ways the average individual has issue grokking, doesn’t invalidate the potential for abuse to complain that it’s free of “tracking”
While i agree, i do think there is an aspect to it that's true.
Eg, when you visit a site you, imo - agree to some degree of privacy violation with that site. Ie, it's reasonable to expect them to know your IP. It's reasonable to expect them to know your rough location. It's reasonable to expect them to know your username if you log in, and etc.
What's unreasonable is the 50 sites that cascade off of an initial visit. I may have been fine giving my IP to bobsblog.com but not Google/etc.
An interesting extension of this idea would be a hosting service or web framework that didn't just say something like "no javascript", but rather "no external connections with your information". All images, CSS, JS, etc would be loaded locally and nothing would make any remote connections from your IP.
Come to think of it, this would be a neat "contract" that sites could agree to. Like No JS, such that browser clients could enforce it and get the expected UX on those sites. /shrug, just thinking out loud i suppose.
The browser hands that information over, even if you didn't want it to. a lot of info is just included with every HTTP request per the protocol.
You can to some degree massage what your browser sends, to varying degrees of success, but there is not an easy 'send only non-unique things please' button. Obviously the IP has to be sent regardless, the only way to get around that is VPN and similar tech.
Who do you think that statement is targeting in their marketing? Clearly not full techies that would probably pick up that it's BS. Your everyday non-tech person wouldn't care about this service anyway since who cares what a javascript is, linkedin works fine. I guess there's a band of somewhat tech-aware folks who've heard a out wizards of privacy that go a step beyond adblockers to block javascript, and so think that no javascript==good?
Well the fact that you feel more aware of tech, but are talking about wizardry.... says a lot. Dimensionality is obviously complex, but critical consideration is just that.
so there is no potential for unknown dimensional qualities associated with language? i mean if that were the case, i doubt that sex would sell as well as it does....
I really hate the people talk about 'collecting' IP addresses or getting their "IP address exposed". There is no risk in anyone knowing this, not to privacy, not to security. This is how the internet is meant to work. A bunch of equal nodes.
Just because mega-corps and wireless telcos have gimped the wildly popular mobile computers and taken away their ability to interact (no ipv4, no ports, not much beyond web) doesn't mean interacting directly is bad or unsafe or giving away some 'secret' information.
No, we need more people directly interacting with other people via the internet protocol. We desparately need widespread ipv6 adoption so that everyone can have their own IPs and expose them all to each other in the emergent network we call the 'net.
This 'IP as privacy risk' is scaremongering and very unhealthy.
Absolutely not. You are entirely wrong on this one to a level of causing dangers to others. An IP address, to a court, to officers, is you. That's not an opinion, that's a fact. Proven by the countless number of times people have doxxed YouTubers by simply calling in fake terrorist threats to their police. ISP's know where that IP is routed to, and they will cooperate with authorities. Police can track even cellphones in real-time 10 years back.
Plenty of civil cases use just IP's to prove copyright infringement. That's how BitTorrent cases catch infringers, regardless of who actually did it.
Watch Leonard french on YouTube, copyright attorney, it doesn't matter to judges in Pennsylvania wether an IP is a person or not. They say it is, and thats good enough.
That's why discord was created. So everything is proxied and safe for streamers and anyone online. Maybe you don't involve yourself so you don't know any better, but I've seen it happen, personally, friends get stalkers from the online world simply because the game they played was P2P, or the server admin for vent/teamspeak was a total creep with their friends.
> I really hate the people talk about 'collecting' IP addresses or getting their "IP address exposed". There is no risk in anyone knowing this, not to privacy, not to security.
That's like saying there's no privacy or security risk to everyone knowing your home address or your phone number. I can understand if you're not concerned by it, but it's non-zero.
Privacy-wise, knowing your router's IP address is enough to score/segment you and (over time) to build a profile on you.
Security-wise, an IP address enables bad actors to scan and potentially attack your router and possibly your internal network.
>This is how the internet is meant to work. A bunch of equal nodes.
Things evolve, things change, we learn, we adapt.
Many world governments will happily track down a dissident by their ip, kidnap them in broad daylight and then torture them. Just because you're not one of them doesn't mean those people don't exist and don't have real concerns.
Correct. And people that are living in a war zone should wear bullet proof vests and take all sorts of really burdensom security measures that detract from their quality of life and ability to communicate with their peers.
But I am not going to wear a bullet proof vest while sitting around at home in my safe country. It'd be absurd to suggest so. The same applies to 'hiding' your IP during normal activities on the internet.
Bullets don't follow you around for the rest of your life like data aggregation does. And unlike being in a war zone, your IP can be collected and used against you without you knowing.
If we went full IPv6 and everyone had their own unique IP, then tracking people across sites would not require JavaScript, requests to trackers, or even cookies. There are things that are nice about a world like that, but it's definitely a step back in privacy from today where tracking protection tools work pretty well.
Also, according to their Privacy Policy, they collect your IP (for Geolocation) and browser type... two pieces of data that are, in a great percentage of cases, enough to identify someone.