do you know what your whole operating system and other apps do when you don’t do deep package analysis?
you blame Anytype for blowing your data into the wild but you trust everything else without applying basic security / privacy practices for the rest of your infrastructure while having such a high level of paranoia (justified or not - this is not the topic)?
this has gone too far here already and it feels like a unjustified which hunt
Here, let me give you an example from a imaginary story. Have you heard of Black Mirror? In the first episode, the villain uploads a video to YouTube to taunt the police. The police are able to track down the villain’s IP address and location by analyzing the network traffic that matches the size of the video.
Do you think real-life governments have such technology? We have to assume they do, for the sake of argument, from the worst possible perspective. But as I mentioned earlier, privacy cannot be solved by software alone. After all, as long as you are connected to the internet, the local network operator can know of your existence. To ensure this level of privacy for a note application is too demanding.
If you truly desire perfect privacy, you should not be connected to the internet. Many highly secretive organizations do just that.
Why do you say it’s only the IP address in this case?
Because this remote server will receive the URL you are asking for and your IP address. The IP address in this case will not be considered personal data because there is no way for this remote server to relate this IP address to a specific Anytype user. It will be the same URL for everyone who opens this object in the space.
The link may even contain appendages that can identify me (at least to that website) or identify the person who sent me the link.
As I said previously, it’s not possible for the link to distinct you from other people who hover this link in the space.
As an example, this is the way most of the analytics worked 15-25 years ago: just a picture (HTML img tag) on the webpage. It used cookie to attach some kind of user_id and this cookie is also sent to the URL that servers this image. The browser automatically loads it when rendering the webpage. The difference is that it was a passive loading, meaning the user doesn’t need to do specific actions for the browser to load that URL. In our case, it’s not possible to use this technique for tracking users inside spaces because:
For inline link previews, the user needs to hover the mouse over the link to request the preview.
For bookmark objects, the first user (who creates the bookmark) does this explicitly (by pasting the URL to the page) and downloads metadata and images into the space. So all the next users who open the space will load the image from the Any-Sync network.
It’s not possible to distinct anytype user who opens this link and attach it to the URL request (in a form of param or cookie)
When we were planning this feature, we discussed the idea of introducing some kind of anonymization relay (proxy). In this case, we (Anytype) can host some servers to process your web-preview requests. However, in this scenario, Anytype servers, even in the case of SSL requests, will see that a user with IP address X wants to see a hostname Y. This contradicts our fundamental value of not having access to any user-generated data on our infrastructure.
By the way, it feels like we could introduce a simple option that disables link preview on hover.
And if you are concerned about government that can see that you made a requests to some IP or resolved some hostname, you should definitely use VPN.
Because anyone on the web, can host a page which in some way will do a request to some restricted in your country hostname/ip. And you will not even notice this.
I think I know a lot, not everything, but a lot.
I read heise security on a daily base since years. But I can’t compare myself with a real security guru (otherwise I wouldn’t have begged someone to have a look with wireshark; I’m not fit enough with it).
If I configure a PC I have at least three full days to do with nothing else then stuffing lots and lots security gaps in windows, in my browsers and so on.
They are everywhere!
It’s already a risk if a web browser loads fonts out of the internet if the PC doesn’t have installed it.
But even the local installed fonts have some risk because websites with certain scripts can see what fonts we have installed and use this information like a kind of fingerprint.
Win 10 is nothing else then a giant spyware in my eyes. A disaster!
That’s why I was using an air-gap for years and a second PC that’s never connected to the internet.
As the security guru Bruce Schneier once said:
“A PC that was connected to the internet only once is from now on the see as compromised!”
I also know about the hardware backdoors on the mainboard, the Intel management engine for example, independent from all our software (pseudo) “security” measurements.
And I know about Bad USB and so on (a threat even with an air-gap).
But as said some posts before:
I wouldn’t go so far as Bruce Schneier or Rob Braxman Tech.
I have more to do all day long as to be concerned over security issues alone.
I want to have a very good level of security but at some point it must be good enough or I couldn’t use a PC at all.
The thing with the links we discuss here however, is in my eyes not “good enough”.
This would be avoidable and it should be avoided.
In our days today it’s impossible to be absolutely secure.
We have to live our life and this is a risk.
Therefor I use a PC, even one that is connected to the internet. Even a Win 10 PC.
But I have disabled nearly everything what one can disable in the dephts of the registry and even more hidden places.
I’ve gave up to use a HOSTS file three years ago and I don’t use a PiHole although I should.
I’m not a Schneier, not a Braxman.
Nothing would have been a problem for me if it simply has been clear from the beginning on what Anytype does if we hover over a link.
I can live with potential dangers if I know about them and be able to adjust my behavior.
What I not like at all was that there happen some things I didn’t know about.
And I discovered it just while I was surfing with Tor, in a moment of a higher risk then usual … :-/
This thread can be summarized as:
I’ll clean it up and delete all irrelevant information when I have time.
You can help me and clean up your messages yourself. If you like you can create a separate topic and discuss your philosophy there.
Definitely they have!
They can also crack Tor if they have enough endpoints under their control (you can assume they have and that for many years now).
But I’m also sure they use such advanced techniques only in seldom cases, not for every simple one.
The rest of you post is true: for complete security one can’t use a PC at all, nor a smartphone, nor this nor that.
But even then - there are cameras out there everywhere.
And I know about a technique where the radiation from a WLAN router act’s like a radar and can detect persons in a room, even through walls.
I have somewhere saved the link, they demonstrate it on YouTube.
But this is not avoidable, therefor theoretical.
No normal man has such an advanced technique on his fingertips to spy on us and the “man in black” would only use it against you if you’re Bin Laden’s right hand.
That’s not my concern, such sings are for particular single cases, not for mass surveillance.
My given example with the law Ursula von der Leyen has made 2009 where a mere ping could bring you in trouble with the law enforcement on the other hand, was a real thing,
To prove it you can read about it here for a first start:
– For a good reason I deeplink to the text paragraph above the important one, that’s the one below.
She has masked this these days as a measurement against abuse and so on, but I could tell you a lot more about this topic.
I was at a demonstration against that law - not because of what you would expect but for other good reasons.
About two years ago, in her new position at the Europaparlament, she has made a bit of her old attempt true (but as far as I know without logging and informing the police): she has forced the ISPs to block certain websites from Russia, for example RT (the German version of it), because of “propaganda” as she has stated.
That’s her understanding of “free press”.
That woman is deeply dangerous for our freedom, but we become off topic, let’s avoid that.
Please don’t do it!
Why should I write most of it again in a new thread?
You have already asked me in a personal message to edit one of my posts what I did.
We discuss the topic here and it’s normal in a long discussion that there are sometimes wrong assumptions, but this is what a forum and a discussion for (I run an own forum since many years btw.) - isn’t it?
The forum is for feedback and here you get feedback.
In this case not such a one that you like unfortunately, but I think a legit one.
I feel further need to discuss the topic, even when you think it is solved. For me it isn’t solved at this moment, I need more time and more discussion.
If you want to avoid harm (what I also want, I was totally loyal all the time to Anytype!) then take it please seriously if someone engaged as me formulates his concerns and wants to clear all the questions he has.
It’s to early to summarize everything as long as the discussion runs…
This btw., was one the the arguments we protesters have had 2009 as the so called “Zensursula” (von der Leyen) has made the concept for her law public for the first time.
But websites with invisible elements that do request to other resources in the internet are another kind of threat then a link where the mere hovering does cause a connection.
I think in your example one would finally win in court.
But not in the case I’m concerned here.
I have still need for more discussion, because I think that’s only one threat. I still believe that it’s possible to use that connection to make the parallel usage of Tor useless.
I need to read more, there is a long post from one of the devs what I haven’t read yet.
Fuc7… why did I had the bad luck to be involved in this topic?
Left yesterday (already annoying day), woke up today with double the messages and now even Bin Laden is involved.
I will delete my account today at midnight UTC (don’t know if it also deletes all my messages).
This is not what I joined in for, and its affecting my day (and last week here has been toxic enough).
I will submit bug reports if there is a separate “bugzilla”, not in “the community”. Till then (or if ever), please continue to do the beautifull, great, best there is in its class software!
Very sad, I enjoy reading your comments. You can create issues on Github though.
Sounds good. Will do!
Yes, this is what I’ve meant and why I asked Anton why he still speaks only about the IP address.
It’s not only the IP address, it’s also the URL.
I may be wrong, but I believe to remember that there was once a court judgement in Germany where the IP address was considered as personal data.
Because it is possible (not in all cases, but often enough) to identify the real person behind it, or at least the owner of the internet access.
I vague remember it was a topic in times of the open discussion about the “Vorratsdatenspeicherung” that the gov have intended to introduce.
Yes of course.
But that’s not the point. I think on links that doesn’t have everyone but maybe only me, or me and a “friend” who has send it to me.
Such a link could contain his account number appended to the pure webaddress.
Or the information about a specific product he has visited - a product that is seldom and has very few visitors.
I give you an example what I mean:
https://www.ebay.de/itm/285405141252?_trkparms=arclksrc%3DIMM%26aid%3D777008%26algo%3DPERSONAL.TOPIC%26ao%3D1%26asc%3D202308A3115209%26meid%3Da2d19128b2d34dec827d7f1e4a6fb786%26pid%3D101800%26rk%311%26rkt%3D1%26itm%3D285405141252%26pmt%3D1%26noa%3D1%26pg%3D4375194%26algv%3DRecentlyViewedItemsV2SignedOut&_trksid=p4375194.c101800.m5481&_trkparms=parentrq%3A226dp99d1910ab4a044b3a1bffff159a%7Cpageci%3Af695f1b2-5322-11ef-a81c-1a530f49541b%7Ciid%3A1%7Cvlpname%3Avlp_homepageThis is the same as this:
https://www.ebay.de/itm/285405141252The second one is the cleaned URL that leads to the product.
While the first one has a lot added appendages.
Appendages that can lead to my identification - or the identification of that guy that has send me that link.
If I now surf to this specific product with Tor, and I have pasted the long link from Anytype into the browsers address field (what causes a hovering), then would eBay in this case “see” that there are in nearly the same moment are two different IP addresses that connect to exactly that product with the same URL plus appendage.
If eBay isn’t stupid (it isn’t!) it can add 1 + 1 together and conclude that there may be the same person behind it - or two different persons that are somehow connected to each other.
I know… and I don’t want to add to the stress or drama, especially for the team, which have all my respect, but as someone who has been on your shoes, and kinda imagines that the Anytype team are “Human beings”, this is very frustrating and is not letting me concentrate fully on things I have to do.
Best thing, at least for me, is always go “cold turkey” and into “participation rehab”. (as honestly, this does not seem to have any signs of being in the end and like @shampra said and I paraphrase, it itches to participate).
Also… I think I will need @Angelo to do delete the account.
This post has gone off-topic. Anytype’s claimed security and privacy are based on data storage and transmission, not on ensuring users’ complete anonymity, the conclusion is that this request will not compromise the security of your data, the leakage of personal information was kept to an absolute minimum. Your question exceeds the functionality boundary of Anytype as a note-taking app.
Network security is a worthy topic of discussion, but it shouldn’t be done in here.
It would be a shame, the post remains interesting even if, yes, it’s also a bit drowned out by skids and sometimes aggressive responses from both sides.
I’m not (I do it at work, but I’m not afraid of the difference).
But I can understand your case.
I’m even more surprised! Why not take the minimum safety measures with the right tools?
My proposal below takes just a few minutes to apply and solves the problem of Anytype (and even of all the PC’s web accesses!), it was serious :
Hey @sturdily
Why so you don’t simply take a “time out”?
Some bickering happens even in the best families.
And I see us all here as “family”. Also you.
Also it isn’t really a bickering, only a bit stress maybe at the moment, but that’s only temporarily.
It’s normal that one is sometime a bit overwhelmed. No reason for going so far to delete the account!
Simply take a pause. And don’t look in this thread again if the topic is not yours.
Here, for you:
I also have posts that I’ve abandoned because I totally disagree with them. It happens and either the tone rises or we respond as best we can and move on.
The point is to push Anytype towards the product of our dreams, right?
We might as well hang in there, at the cost of a few compromises?
It’s a shame to leave… 
Because using Tor as a permanent proxy has at least two big dowsides:
PiHole would be the better solution, in combination with some other measurements.
But the thing is: I already do so much for my security (or have it done for many years) I can’t bear to do more.
For years I used an air-gap and so on.
At one point I was forced to use a Win 10 PC what I wanted to avoid strictly, but it was forced by the tax office, for using their software.
As the Win 10 PC was there I wanted to use it only for that, but over time came more and more things that I did with it instead of my other on.
I have capitulated for example to YouTube.
I know it’s a data octopus with google behind it. but I need YT so much and so often per day, I can no longer endure to fake my browser fingerprint, or use some different browsers, renew the IP address frequently per day, clean all the cookies (hiden included) and all thes other stuff.
I simply have capitulated to YouTube, I even pay for it, they know my name.
That makes it risky do do some other things under the same IP address.
I can’t see a practicable solution any longer to avoid some risks, I can’t no longer work the way I did for years, it’s too cumbersome.
I have given up the max level of security I once did hold on.
If I have a somehow critical thing to do from time to time I use Tor. But only then and for nothing else.
The thing with the hovering has doxed me while I was in Tor. That’s not nice!
I didn’t do a direct criminal thing, but it felt not good at all.
I simply wish that such things doesn’t happen, that’s all.
One would think that’s a clear intention, no reason to spent so many words to convince the devs that there is is problem.
My way to deal with it for now is, to convert my links to text.
But it would have been good if I’ve have had a clue before I doxed myself.