Re: Can Gemini protect against Tracking?

Message headers

From: Jaakko Keränen <jaakko.keranen@iki.fi>

Subject: Re: Can Gemini protect against Tracking?

Date: Wed, 23 Feb 2022 11:31:31 +0200

Message-ID: <sv4utk$dqh$1@dont-email.me>

Message content

On 23.2.22 8.59, Martin wrote:

I was thinking about the following situation: I become delivered a

Gemini page with links in it. These links are dynamically created by the

server and on this server coupled to my ip address. If I call the link,

the server knows, that I'm interested in this stuff in some way.

>

Restriction: This just works as long the links point to this (or another

associated) analyzing server, as it is with the web's technology.

The Gemini protocol does not prevent this type of tracking. The server

knows what requests you make, and sees an IP address and perhaps some

identifiable characteristics of your SSL connection. The rest is up to

the user/client:

• Do not activate a client certificate unless required.
• Use a VPN service (that you can trust) to obfuscate your IP address

and approximate location. Never a bad idea if you ask me...

• Check the actual link URIs before clicking on them.
• Observe what redirects occur when navigating on pages.

Having a client option to make redirects require user acknowledgement

could be an effective way to uncover server-side tracking, although it's

at the cost of user experience.

--jaakko

Related

Parent: