So a bit ago I got an add for “canned rambutan”. I had looked up Rambutan a few days prior after hearing it mentioned 10 hours into the video game Baby Steps. I wasn’t using a VPN at the time and I didn’t have fingerprinting protections active but I only mentioned it to a few sources (according to my browser history) all of which generally are implied to be private.
Which of these do you think is the reason the ad networks know?
- Wikipedia
- Startpage Search
- Duckduckgo Search
- My ISP
- Firefox
- My Firefox Extensions
- Kubuntu
- CachyOS
- The omnipotent algorithm connecting my mentions of Baby Steps with my progress through the game.
- Does this only make sense if my browser history is incomplete?
- Maybe I was using DNS over HTTPS via Cloudflare at the time of my search.
Any guesses as to where the weak link is?
Well, without a VPN your ISP sees every site you enter. I wasn’t aware they might be selling that data for targeted ads, but it makes sense, why wouldn’t them?
That’s not true, your ISP might see your DNS and unencrypted web traffic sure but web searches use HTTPS so ISPs aren’t reading the query or results
Aren’t they seeing all the urls you access?
Looking it up my ISP isn’t exactly trustworthy, but there have been no clear allegations. I’d say it’s the most likely cause if not my Firefox extensions.
EDIT: I just got another theory, Cloudflare, I’ll add it to the list.
Microsoft serves ads through duckduckgo that could connect the search to your IP perhaps if you clicked one
I’m pretty sure I never clicked on one. And I’ve turned off Firefox link previews too IIRC.
The ISP shouldn’t even see the search term given basically everything on the internet uses https.
The ISP will see the domain names of the pages you visit if you use their DNS or some other unencrypted DNS but those are unlikely to contain the search term.