How could anyone find out which sites are you following using an RSS feed? And I mean in a broad way: can the site track you? Can ISP? Network managers?

Let’s say you want to follow a bunch of political sites that you don’t want to be easily attached to, is RSS a good way to do it? Are there extra precautions to take?

My first thought would be that it’s the same as using any other browser, so not a great way to be private. Am I wrong?

  • drkt@lemmy.dbzer0.comEnglish
    18·
    3 months ago

    An RSS feed is literally the same as going to the website. A request is being made to the domain and anyone who can see the data between you and the website can see it. If you think you’re secure going to the website normally, then an RSS feed would be secure, too.

        • Mensh123@lemmy.world
          2·
          3 months ago

          What I meant were CDNs such as Google’s providing common resources like fonts or JS libraries.

          • FriendBesto@lemmy.ml
            1·
            3 months ago

            Also, by using RSS you skip all visual garbage and more tracking that you might have to exposed.

            PS: I dislike Google Fonts. It is the most insidious way that Google can track people as they are used everywhere and in almost all sites and even by some FOSS applications.

              • FriendBesto@lemmy.ml
                1·
                3 months ago

                On, I have and have used it. Thank you.

                But as far as the host server that you hit is comcerned, whether you block the fonts via uBlock or do not fulfill the server request via Local CDN, they will still use it to profile you, because you tag yourself in the minority of users in the world that do not hit the Google font servers. And Google knows this.
                Since even most adblock users still do not block fonts or other assets like this. Albeit I do as I use uBlock on Medium mode, including fonts. And I dropped using Local CND as to minimise my extensions footprint.

                The main gain would be for the site’s aesthetics as you host some assets locally, but from a privacy perspective, you are damned if you do, and damned if you don’t. Albeit you are damned a little bit less if you do. LOL

  • MonkderVierte@lemmy.ml
    6·
    3 months ago

    Your client downloads a XML file and parses it and then maybe downloads some images. There.

    If the client itself doesn’t track you, it’s as private as online gets.

  • MTK@lemmy.world
    1·
    3 months ago

    Gonna give you a tip.

    assume that 99% of anything you access online is visible to your ISP (and therefore your government and police) and the hoster of ther service.

    • marauding_gibberish142@lemmy.dbzer0.comEnglish
      1·
      3 months ago

      The downside is that it probably is a great fingerprint if you go through vpn or tor. But it also could limit your tor/vpn connection time to the shortest time possible.

      What do you mean? How is it any less private than on the clearnet?

        • marauding_gibberish142@lemmy.dbzer0.comEnglish
          2·
          3 months ago

          You raise a good point. I think that if an RSS reader could pull from different websites at separate times and either programmatically use the TOR browser /at elast have support for stream isolation along with randomly scheduling when to pull from what website, it should be able to evade most automated measures of surveillance. Timing and correlation attacks are the only ones I can think of other than NSA paying for over 50% if TOR nodes.