How did the Ad Networks find my search? (lemmy.ml)

submitted 6 days ago* (last edited 6 days ago) by Tenderizer78@lemmy.ml to c/privacy@lemmy.ml

66 comments fedilink hide all child comments

So a bit ago I got an add for "canned rambutan". I had looked up Rambutan a few days prior after hearing it mentioned 10 hours into the video game Baby Steps. I wasn't using a VPN at the time and I didn't have fingerprinting protections active but I only mentioned it to a few sources (according to my browser history) all of which generally are implied to be private.

Which of these do you think is the reason the ad networks know?

Wikipedia
Startpage Search
Duckduckgo Search
My ISP
Firefox
My Firefox Extensions
Kubuntu
CachyOS
The omnipotent algorithm connecting my mentions of Baby Steps with my progress through the game.
Does this only make sense if my browser history is incomplete?
Maybe I was using DNS over HTTPS via Cloudflare at the time of my search.

Any guesses as to where the weak link is?

you are viewing a single comment's thread
view the rest of the comments

[-] PiraHxCx@lemmy.ml 1 points 6 days ago* (last edited 6 days ago)

Aren't they seeing all the urls you access?

[-] ivn@jlai.lu 17 points 6 days ago* (last edited 6 days ago)

No, unless you browse http website. They'll only see the domain name in the request SNI or during the DNS request.

[-] far_university1990@reddthat.com 1 points 6 days ago

But see ip you connect to. Reverse dns using own dns could show set of url possible on ip.

[-] ivn@jlai.lu 4 points 6 days ago

Reverse DNS would only show domain name, not URL. And even then a lot of websites are sharing IPs. No point in doing that when you've got SNI.

[-] far_university1990@reddthat.com 2 points 5 days ago

True only domain. TIL about sni. But vpn still protect against sni analysis no?

[-] ivn@jlai.lu 4 points 5 days ago

With a VPN it's the VPN that has access to the list of domain you visit instead of your ISP. Whether you should put your trust in your ISP or a VPN is another question.

[-] pHr34kY@lemmy.world 0 points 6 days ago

...and if you use DoH, they won't even see DNS.

I would argue that you don't need a VPN. It's just another entity that can see your traffic, and there's no reason to trust them over your ISP. They're all for-profit companies.

[-] Skankhunt420@sh.itjust.works 3 points 5 days ago

https://www.pcmag.com/news/mullvad-vpn-hit-with-search-warrant-in-attempted-police-raid

Yeah you're right man the VPN that got raided and proven to keep no logs is the exact same as ATT that helped the NSA spy on everyone in the USA and has your credit card and address on file.

https://www.pbs.org/wgbh/frontline/article/how-att-helped-the-nsa-spy-on-millions/

Sure something like NordVPN wouldn't be trustworthy but come on, saying all VPNs are just as trustworthy as ISPs is absolutely insane

[-] ivn@jlai.lu 1 points 6 days ago

But they'll still see the SNI.

[-] pHr34kY@lemmy.world 1 points 5 days ago

Not for long. That's about to get fixed with encrypted client hello.

this post was submitted on 02 Dec 2025

45 points (100.0% liked)

Privacy

43392 readers

210 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 6 years ago

MODERATORS