66
submitted 3 weeks ago* (last edited 3 weeks ago) by [email protected] to c/[email protected]

I am currently using Proton VPN (free tier) which is set to Always-ON and Block Connections on disable.

Today while I am going through my Gmail security option, on the devices/sessions I found my real location mentioned over there. Even when I use desktop I always connect to VPN.

On this issue I got couple of doubts:

  • Is this because I am using a free tier VPN? so it's not functioning properly etc...
  • Else google fixed my location based on my previous location history? I used my google applications without VPN for many years, I am just learning & following privacy tips recently.
all 33 comments
sorted by: hot top controversial new old
[-] [email protected] 2 points 3 weeks ago

Others have said all the important things, but I wanted to add that there are things that Android always tunnels through a VPN, like internet connectivity checks.

So even with Always-ON and Block Connections, this will still ignore a VPN

[-] [email protected] 7 points 3 weeks ago

there are things that Android always tunnels through a VPN

Things that are NOT tunneled through the VPN, you mean.
A VPN is colloquially called a tunnel, so saying something "tunnels through" would mean that it does go through the VPN connection.

[-] [email protected] 3 points 3 weeks ago

One of those times where it sounded perfectly correct in my head, whoops

[-] [email protected] 1 points 3 weeks ago

Impossible to say without knowing everything about you and your situation but the most likely scenario is that at one point you were signed into a device with the VPN disabled or disconnected.

Google has ways of knowing your location but some of the more sinister ones, like determining your location based on WiFi, they're probably not going to broadcast back to you.

[-] [email protected] 2 points 3 weeks ago

VPNs really don't do much to protect your privacy

[-] [email protected] 4 points 3 weeks ago

A VPN doesn't do anything about the GPS location on your phone.

You'd have to find out why Google thinks you have a certain location, then determine if it's worth blocking that somehow. If it's not possible, you'd have to stop using the service entirely if you don't want that data observed.

[-] [email protected] 3 points 3 weeks ago

Is this because I am using a free tier VPN? so it's not functioning properly etc...

Nope ! I use the free tier on all my devices and nothing is leaked based on all tests I did.

If you are on linux you need to check your /etc/resolv.conf and see if your home's router/ISP DNS is in there.

Check also if networkManager hasn't your ISP's dns configured.

There are other locations where your home router's DNS could be hidden on linux after a DHCP configuration.

If it's on windows :/ sorry can't help there.

[-] [email protected] 4 points 3 weeks ago* (last edited 3 weeks ago)

Don't edit the /etc/resolv.conf directly. You should edit the systemd resolved config.

[-] [email protected] 2 points 3 weeks ago

That's right !!! That was just a starting point for OP if he was on Linux and lacking that info I gave him just some pointer where to look at.

Anyway, most of the time it gets overwritten from other configuration files, nothing harmful. He could even have resolvconf installed on his system, who knows.

[-] [email protected] 3 points 3 weeks ago

I am using windows but thank you for the information. Maybe it's because of my gps, metadata, phone ping, cellular network and other thing associated with play services like few mentioned in the comment section.

[-] [email protected] 1 points 3 weeks ago

Long time I haven't booted into windows, so can't help there.

But rest assured that the free tier hides your real IP the same way as the paied tier.

[-] [email protected] 19 points 3 weeks ago

Previous location + WiFi (google and others map it), + also logging in on your phone, + anyone else who is associated with you at that location, + exif data on photos that are uploaded, querying your browser for system time, lots more.

You can look at something like https://www.deviceinfo.me/ to see what just a browser can identify. When you connect to an account obviously the service has many more details.

[-] [email protected] 6 points 3 weeks ago

You can look at something like https://www.deviceinfo.me/ to see what just a browser can identify.

At the Keys Pressed (Live) it can see my arrow up and arrow down key presses 😱

[-] [email protected] 9 points 3 weeks ago* (last edited 3 weeks ago)

This site does a really great job of illustrating how fingerprinting works and the plethora of information that your browser is telegraphing to every website you visit.

[-] [email protected] 2 points 3 weeks ago

I never understood why a browser couldn't just...not give out that info.

Like screen resolution for example. Just give the browser the content and let the browser render it to screen, no?

[-] [email protected] 2 points 3 weeks ago

A good browser will not send most of that info, or it will spoof it.

[-] [email protected] 29 points 3 weeks ago

Web Location tracking has not been fully based on IP registration data for quite some time.

[-] [email protected] 3 points 3 weeks ago

I see comments like this a lot, but they seldom say how it actually does work. How does it work?

[-] [email protected] 3 points 2 weeks ago

It's all dependent on what you're doing and how. Like if you use Facebook you're fingerprinted to the tits.

The granularity depends on examples like that.

But something a bit more benign and not as granular would be finger printing you based on the timezone your browser offers up. It's not as basic as like "-7 GMT" since the iso list can go down to the state and or country. So if in your OS you picked "America/Houston" a lot of browsers will pony that up without hesitation.

How many more bits of data until you know what city I'm in, Street I'm on. Etc. And there's tons of ways to derive that data over time.

https://browserleaks.com/ is an interesting example that can show all the bits of data your browser can give up.

And of course you can lock lots down given the right tools.

[-] [email protected] 4 points 3 weeks ago

Is this because I am using a free tier VPN? so it’s not functioning properly etc…

  • Does Proton not have a page to check your IP address and check for DNS leaks (Mullvad does : https://mullvad.net/en -> Check for leaks) ?

  • Did you look up your IP address by other means ?

  • On the desktop with Linux you can check the content of /etc/resolv.conf and ip a (Your local IP) and ip r (Gateway address).

Else google fixed my location based on my previous location history? I used my google applications without VPN for many years, I am just learning & following privacy tips recently.

Are the sessions from your last login ? With some applications (Dunno about Google) you can delete older sessions from the overview.

[-] [email protected] 3 points 3 weeks ago

Thank you for the tips. I have checked the leaks turns out it's not the problem with vpn, it's with my gps, metadata thing I think. I guess de-googling my phone solves this.

[-] [email protected] 2 points 3 weeks ago

I had certain APIs circumvent my VPN in the past. Turns out my router was allowing IPv6 traffic and my VPN doesn't support that. Solved it by disabling ipv6.

[-] [email protected] 1 points 3 weeks ago* (last edited 3 weeks ago)

Is this because I am using a free tier VPN? so it’s not functioning properly etc…

Free tier VPN services often come at the cost of some privacy and security features, but ProtonVPN will still protect you against IP address leakage regardless.

Else google fixed my location based on my previous location history?

Google stores location information indefinitely, so even if you are using a VPN right now it will still have a history of your real location.

Some other ways your location can get leaked to Google:

  • Location access for websites
  • Using stock Android or ChromeOS logged into that Google account
  • Installing Google apps on your computer
  • DNS leaks (e.g. through TunnelVision or a custom DNS over your VPN)
  • WebRTC leakage (this is a technicality and your VPN should protect against this. The uBlock Origin extension also helps)

Hope this helps!

[-] [email protected] 2 points 3 weeks ago
[-] [email protected] 2 points 3 weeks ago* (last edited 3 weeks ago)

Check your location by Searching ”whats my IP address?" Search engines should show it at the top of the results along with your ISP location. If using a VPN, that should show the different location you set it to.

If ONLY Google is showing your true location and your search is showing a different one, then yeah, Google is possibly using a previously known location.

[-] [email protected] 2 points 3 weeks ago

On your phone? Or desktop?

[-] [email protected] 1 points 3 weeks ago
[-] [email protected] 2 points 3 weeks ago

Then check out the reply by Zak in this thread

There are many many ways your being tracked by the apps and service you use

Unfortunately, a vpn is just the tip of the iceberg. It's a great first step but if you wanted to prevent your exact situation, I think only a phone running graphene OS would protect you in this instance since it isolates play services, among other privacy protecting features

[-] [email protected] 17 points 3 weeks ago* (last edited 3 weeks ago)

If you're signed in to a Google account on an Android device with Google Play Services installed, a VPN will not hide your location from Google because the device has several ways to determine your location other than your IP address. You might be able to disable Google's location services permissions on the device, and if you're just going for a casual privacy upgrade, that should give you one.

If you really don't want Google knowing where you are, you probably can't use a phone with Google Play Services on it, as it integrates itself fairly deeply into the OS and can't necessarily be trusted to follow the permissions model in the future, even if it can be shown to do so today. Avoiding that means installing a third-party Android build on your phone. Note that a lot of third-party apps rely on Google services, and while an open source substitute exists, it's not always a smooth experience.

[-] [email protected] 2 points 3 weeks ago
[-] [email protected] 14 points 3 weeks ago* (last edited 3 weeks ago)

There are many ways Google (and many others) know what you're up to and where you are besides your internet browsing history.

It's called metadata, and John Hancock can be proven to have been "in the hood" when the Declaration was signed....

GPS, wifi, cell pings, your neighbours, friends, their histories, their meta.

If you're concerned about hiding your browsing history from a peer, a vpn is fine.

If you want to swat someone, then maybe not.

[-] [email protected] 4 points 3 weeks ago

Thank you for enlightening me.

this post was submitted on 26 May 2024
66 points (100.0% liked)

Privacy

29561 readers
1399 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago
MODERATORS