Your unique device ID. They obtain it as soon as their server connects to your device and no vpn or blocker can erase it. Until a genius developer writes code to encrypt or block it every website you access can identify you and share that information anywhere they want to.
As soon as you signed in to anything Google it knows the device and browser footprint is associated with your google id. It help a bit to use firefox mulit-container to isolate from rest of browser session. Google also has tracking pixels on some sites and Google Analytics is used by many apps and sites. But it is odd on a new machine if you didn’t sign into google from that machine. Maybe association with same network as google has seen you on before? Maybe proximity to your phone Google knows of?
Have you tried running through TOR and a VPN?
Did you buy the machine with a credit card
None whatsoever. I ditched gmail, google search, and virtually all google services years ago. Youtube is the exception cause we’re all stuck with it. The closest way I interact with anything google-related on the new machine (which isn’t the one I’m writing from right now) is visiting websites that use google APIs. And even then, I use private browsers with private settings (e.g. Mullvad, Brave with telemetry disabled and the like) that block trackers and the like.
The thing which takes me aback the most is that, again, that’s a brand new PC, so theoratically google shouldn’t be able to correlate a system that just popped into existence with another one they have in their databases. That’s why I suspect I’m doing something wrong or just misunderstanding how this works.
Thanks for replying. I knew about the risks of logging in across different devices, so I avoided that completely on the new PC.
The trending page on Freetube does show random (well, not “random”, but rather what’s hot right now) videos. It’s when I view any video that I see the super specific and unrelated recommendations.
EDIT: By recommendations, I mean the ones on the side while you’re viewing a video, not the ones showing up on the main page.
I checked for DNS leaks. All servers show as the VPN provider’s. So unless Proton themselves are leaking the data, there is no DNS leak.
“The trending tab on freetube just shows the current trending videos on youtube regardless of what video you are watching.”
Yeah, I meant the recommendations on the side of a video you are currently watching. Sorry about the confusion.
“Unless you are talking about something incredibly niche and specific”
They do seem specific, to varying degrees. I’ll be watching a video from the trending page, and the recommendations will vary from “new video from a huge tech channel on a topic completely unrelated to the current video” down to “years-old video with less than 1m views from a relatively small youtuber (e.g. less than 50k subs) I follow on a niche video game series”. Such recommendations don’t show up on every video I watch, but the fact it happens at all is odd.
This could be it, in part at the very least. I noticed on my old PC that Proton connects me to servers in a few specific countries. My guess is that this is due to them providing the fastest connections (based on distance) compared to others. If that’s the case, it wouldn’t be a stretch that Proton chooses between a relatively small number of addresses each time.
“Google doesn’t need you to be logged in to see the same IP and app fingerprint picking the same videos to make a shadow profile of you”
Does that also apply to using a proxy to fetch the videos? My understanding of this docs page is that invidious acts as a proxy which theoretically should make YT unable to identify the Proton IP address. Do applications besides web browsers have elements which allow fingerprinting to a similar degree?
“Especially if that same IP is also on a bunch of sites with Google ads trackers to corroborate the data.”
Am I correct to believe that adblocking and fingerprinting-resisting features of a web browser limit but don’t completely prevent analytics trackers? After all, even Firefox (hardened), Librewolf, Brave and other browsers still have unique fingerprints as shown by sites like “AmIUnique” due to the numerous attributes a given browser can have. This is why TOR is the only browser recommended for true anonymity, which overlaps with privacy but isn’t quite the same. That’s also why you should never log into an account via TOR unless that account was made and is used exclusively through TOR. At least that’s my understanding.
I think this is it (IP) as well, and an overlap of those who use Proton having similar interests (well, enough to be Trending, who hasn’t watched MrBeast at least once?)
Conversely, had family over and their YT ads immediately started showing for my very specific hobbies, yet this being first time visiting.
I was thinking that. However how would that work in a multi occupancy residence? There could be fifteen people living there or six. All using the same IP address.
I doubt that the VPN is the source of the leak. OP says he is connected to a Proton VPN - and only his new PC is connected right now: those nodes have tens of thousands of clients attached at any given time. It would be virtually impossible for YouTube to discern (JUST from the VPN connection) what traffic belonged to which client. If OP had set up their own VPN server and routinely connected that way, and was the only user of that tunnel, then it would be easy. But being one of thousands connecting from the same VPN server wouldn’t reveal OPs identity. Either OP is being a little paranoid (after all, his clue that Google was tracking him was the recommended videos, not something specific to OP), or he accidentally leaked something that told YouTube who he was. I would bet a month’s salary that it had nothing to do with his “VPN Endpoint”.
It’s not quite a “browser”, though. It’s Freetube, a privacy focused front-end player. I believe it already runs in “private browsing” mode.
None whatsoever. Not even as a new user.
First I need to make a correction: Freetube uses Invidious, not Piped. At least I don’t recall the latter being mentioned on their site or in the settings. Do tell me if that makes a difference. Though I did use Piped and invidious through web browsers and the results were similar.
As for invidious via Freetube, I did use different instances, and the recommendations would still have a few specific, unrelated ones among them every few videos (it doesn’t happen on every video).
The recommendations range from expected to varying degrees of unrelated. Most of them are on the same topic(s) as the current video and possibly from a popular channel. On the other hand, a few of them will be unrelated to varying degrees. For example, a trending video on camping/survival and whatnot will have a recommendation for a huge tech channel I’m subscribed to on the old PC. Another recommendation could be for a (relatively) niche youtuber on a niche video game series.
With that said, a few users here brought up a good theory. It could be that YT’s systems/algorithms make guesses and predictions based on the Vee PN (auto-moderator gave me a warning not to mention those…) server IP and the topics typically watched by people conscious enough about privacy to use a Vee PN. Basically collaborative filtering. So there’s a good chance YT doesn’t actually know who is using Freetube/Invidious, but it’s rather the pool of users being relatively small, thus having overlapping interests.
So yeah, it could very well be coincidence.
How does it do that?
what do people track through now?
Don’t run Tor and a vpn at the same time
No. But I did use the TOR browser on the old PC without one and didn’t get any targeted recommendations. So at least TOR can achieve high degrees of anonymity even on google services.
Yeah, I bought the parts that way. Could the fingerprinting be so intrusive it can identify the serial numbers of things like the motherboard and CPU then link them to the method used to buy those parts?