➡ Internet security experts have created a system where websites can leave a trace of data, known as a cookie, on your browser. This data can be used to track your online activities and interests, which can then be used to show you targeted ads. However, there are ways to protect your privacy, such as using different browsers for different activities and never logging into Google on certain browsers. This method, known as browser isolation, can help prevent your data from being collected and used without your knowledge.

➡ To protect your privacy online, avoid using Google search on any browser and switch to safer options like circsing or start page. It’s also crucial to use an open-source phone like Brax 3, a VPN, and practice browser isolation. Support this advice by using services from Braxme, a trusted source offering privacy solutions like anonymous phone numbers, unlimited email aliases, and IP protection. Join the Braxman community of 120,000 active users to learn more about online privacy.

What I will do today is explain to you exactly how Google tracks everything you do. But there are procedures you can do that will tie Google’s hand so that they see only what you want them to see. And believe it or not, I will use Chrome to accomplish this. This will be surprising, but Chrome is an essential element to my privacy approaches. Even though most of you likely understand that Chrome is tightly integrated into the surveillance technology of Google. This topic is not something you will need to worry about if you do not have a single Google account.

Or if you do not use Google Search, Gmail, YouTube, Google Docs, Google Drive, Google Photos, Google Androids, Android Auto, Chromebooks, Google Earth, Google Maps, Waze, or do any kind of programming that ends up in the Google Play Store. Do people like this exist? Maybe someone raised by apes in the jungle. But the reality is that we cannot escape using some, if not many, Google products. And being free, they do come at a significant cost, and the cost is your data. They track everything you do. What you will not realize is that this tracking is so extreme that Google can track every location you’ve been to 24-7 and track every click on practically every website and know every single search.

And they can pinpoint people in a map and group people by how you think and what you believe in. But there’s a way to overcome most of this, and I’ve been implementing this for years, and have been teaching this approach. It’s a very basic technique, but it is very effective, and I’ve given it a name. For a decade now, I have called this technique browser isolation. What will be clear later on is, what exactly are we isolating? I will teach you this technique, and you will learn the mechanics of why this works. So stay right there.

The Google Tracking Architecture Before we get into solutions, you really need to understand how it is possible for every click you do on the Internet to be known to Google. To be clear, it is not 100% of every click on the Internet, but it is close to that. It is a very big number, and there’s another layer of tracking that occurs if you have a smartphone, and that involves 24-7 location tracking. I won’t go into location tracking today, but just so you understand that I’m being serious, the location tracking data goes into a special repository at Google called the Google Sensor Vault.

This special database has been featured in several court cases already, because the government uses this to do geofencing. This is the process of identifying people who are found in particular locations at particular times. For example, those participating in riots, protests, or committing a crime. But beyond this tracking of your movement, at the very least your home location should be pretty much determined, and then your Internet actions recorded and stored. So there will be no secrets about each one of you if you don’t take precautions. The Google ID The first step to tracking you is the Universal Google ID.

Long ago, when Google bought YouTube, that was the first indication of a universal login. That was when the Google ID moved from just a login to Gmail, to becoming the universal login to all Google properties, including Google phones, if you have one. If you’re using an iPhone, the moment you use any Google app on it, like Gmail or YouTube, then that also begins to transmit the Google ID. So this is not unique to a particular kind of phone, although there are special phones that can beat this. The Google ID is key to the tracking infrastructure, because it makes sure that all your data compiled about your actions on the Internet can be attributed to a single identity.

To make this Google ID stick to you even more firmly, the average user is taught to follow Google rules so that you provide Google with a way to do two-factor authentication to FA, and you are often required to do that with your mobile phone number. This, of course, is also used to detect multiple Gmail accounts and multiple Google IDs, and thus encompasses all your Internet actions so you cannot evade them. Lately, Google has even set up limits to accessing their platforms without logging in, if you use a VPN. And this is because even if you access a Google platform without a login, they can do several things.

They can track the history of people using your particular IP address, if it’s not a VPN, and attach it to the Google IDs known to have used that IP address. And second, they can actually leave little trackers on your browsers called cookies and web workers that constantly transmit your Google ID even if you think you logged out. It’s pretty sneaky, to be honest, and some of these I’ve only discovered by accident, but I can assure you it’s being done. Just to give you an example, I was testing using a de-Google phone which has no Google login, and I tested installing Gmail on a browser on this phone.

And after accessing Gmail, I closed the browser and thought that was the end of that. Then I happened to go to the security screen of Google weeks later, and I discovered that the de-Google phone was pinging a constant IP address and location to Google even though it is a de-Google phone. And that’s when I realized that a web worker process, which is built into browsers now, was initiated by Gmail and it continued to run in the background even when I left the site. This is something I understood well because this is how notifications are sent to a browser and I’ve done that kind of programming.

So I cleared cookies which also stops web workers and then I saw that the transmission to Google stopped. You must understand this. Google has very sophisticated processes to track user identities on the internet. Google search is indirectly tied to this surveillance by Google ID because your searches are recorded and then are attributed to the Google ID known for that device. Again, the Google ID may be known directly because you are currently logged in or it can be discovered through traces of cookies on your device. And it can also be determined through a past record of your activities on that browser using a tracking method called browser fingerprinting.

So though you may not directly ever log into Google search, they know who you are. In fact, many of you don’t even realize this, but the moment you log into Google on a Google platform such as YouTube and you are using Chrome, you will see your login information integrated into Chrome itself. The other thing to understand is that Chrome, being a full-on executable on your computer, will actually have access to other identifiers to ensure that it knows who you are. Chrome, for example, can discover your real identity via things it finds in the Windows registry like your Microsoft ID or an Apple devices, your Apple ID.

You can also see things like the Microsoft Windows license key. Chrome, in theory, could also scan your networks. I, of course, have no evidence it is doing this, but Facebook did this. It used ARP, A-R-P, to discover MAC addresses of devices on a local area network. I saw someone make some derogatory comment about me on Reddit, challenging me about Facebook’s use of ARP. But I didn’t guess this. This is clearly stated on Facebook’s data policy. They admitted to doing this. The point is, any browser on a computer that is not open source can do unknown things like what I said.

There could be additional tracking beyond what’s obvious. Google Analytics and Google Ads The problem with the Google ID is that it is known to Google anytime you access any Google service, like I said, about Google Search. But what is not understood by the average person is that Google services exist everywhere. It is likely embedded in 99% of websites. And the reason it is embedded is because website creators want to be listed on top of Google Search. They want to be discovered. And one of the ways they can study their website traffic is by installing Google Analytics on their websites.

And asking Google to scan their websites. In case you didn’t understand what I just said, I mean that website creators actually install Google services on their servers to enable Google Analytics. Then to further monetize, many sites want ads on their sites, so they install Google Ads. This means that website owners put actual Google code on their websites. And the Google code may be obvious and visible when you see ads, or it may be completely hidden. Basically, Google.com is running on every one of these websites. The technical term is that they run in a separate window on the site called an iframe.

These windows can be visible with ads or be invisible. If you’ve studied how websites work using HTML and JavaScript, you will know how iframes can actually intercept traffic from the main website window. This allows the iframe to understand the context of where it is at when it got clicked. For example, if you’re in a website like cars.com, it could actually know what car you are specifically looking at. Now, the supposedly smart people in security on the internet came up with the rule that any website can leave a little trace of data on a browser called a cookie.

And cookies can store anything. For example, you can assume that Google will keep a cookie with a Google ID. And in fact, it is not even necessary to always look at the cookie because platforms like ad companies identify your device. If you’ve seen an ad and recognize that they’ve seen you before using a short-term tracking method called browser fingerprinting. This procedure can be combined with pulling information from cookies so that you are identified multiple ways including the recording of your IP address. But let’s get back to the security model of cookies first. The rule for many years has been that only the originator of the cookie as identified by the domain can open their own cookies.

So Google.com can create cookies which can store Google IDs but in theory only Google.com can see what’s in the cookie. I say in theory because of course Chrome can see what’s in every cookie so Google has special powers when you are using Chrome. But the flaw in this rule is that because Google has inserted code in most websites it means that Google.com is actually running in websites like cars.com. So when you’re browsing for cars it can actually see who you are because the Google code is also running on cars.com in a separate iframe.

Thus it can detect who you are immediately and Google will then have discovered that your Google ID is looking at cars and specifically a Toyota model. And then everywhere you go on the internet Toyota ads will start showing up. Conversely the website cars.com can actually see who visits cars.com and although they’re not allowed to see the actual identities of people can actually see that you’re female and you’re also interested in learning about AI or you’re interested in photography. Google can probe deeper of course and Google can tell your political views.

Google can see that you tend to watch CNN or you have some leaning towards certain political issues. My point is that most people just see the effect of this on the ad side. Yes you accept that someone is watching your every click and it will be used to sell you something. But it is really invasive when you think about the fact that combined with search Google will know your every thought and with a mobile device your every movement. Disconnecting the Google architecture This is key to understanding the privacy solution. There is a way to disconnect ourselves from tracking when you least expect it.

The problem is that it is very difficult to do because Google properties are embedded into such big portions of our lives from Gmail on. Likely 99% of the population over the age of 12 has Gmail. I checked the Google Play app store and the Gmail app is installed on 10 billion devices. Isn’t that more than the total population of the earth? And this is just Google Play not the Apple app store. Many of us have multiple Gmail accounts even. Then we have Google search. Google search has 90% market penetration in search so most of the searches in the world are tied to Google.

By the way the second most popular search platform is YouTube and of course many of you are watching this video on YouTube which is Google. The first part of our disconnection strategy is to use Chrome. What does Chrome have to do with all this? If you’ve gotten this far I’m sure you already heard me this Chrome and it should be obvious that I don’t trust Chrome. But it should be obvious too that I don’t trust anything Google would respect to privacy. Clearly everything they do will be to surveil and profile everything I do.

And there lies the beginning of the strategy. Chrome will house the distrusted platforms. Everything I distrust, meaning all the Google properties, will be done on Chrome. Now why do I do this? Because the strategy I will teach you involves using many browsers and I don’t want to waste browsers. I will use Chrome for Google things because they will not learn anything more than what they’ve already learned from me using YouTube or Gmail while logged in. So to be more specific, Chrome will be the browser I will use for things that require a Google login.

You might think this is stupid but think this through. Chrome expects to spy on things but what it will not have is the ability to spy on what I do on other platforms. Because what will happen is that we isolate the Google ID to Chrome. This is really the magic bullet here. We will not let the Google ID escape from Chrome. Other browsers. Typically my favorite privacy browser is Brave. So anything I do outside of Google platforms will be done on Brave. Why Brave? Because Brave has more controls on preventing the spread of cross-site cookies.

It is not perfect by any means but it does a better job than others. But the true safety of Brave will come from how I use it. Brave by the way is based on Chromium which is also the same base as Chrome. So much of the browser features are the same as Chrome. However, what I will do on Brave is to never log into Google. Repeat after me. Never log into Google. If you’re watching this for the first time and you want to implement this strategy, start off by clearing cookies and history from Brave first.

The purpose of that is to ensure that no trace of your Google ID is found on Brave and it also clears web workers running in the background. So now if you’re on Brave and you go to cards.com to look at Toyotas, what will happen is that the Google.com iframe on cards.com will not have a Google ID. It will try to fingerprint you in the short term to pop a few ads but nothing will stick with you in the long term. Nothing will be attached to a Google ID because if you follow this procedure there will be no Google ID.

Google can run all the spy processes at once but the Google ID will never transfer from Chrome to Brave because Google info cannot cross browsers. There are ways Google will try to match the Chrome sessions with the Brave sessions. For example, via IP address and if you’re using a phone it will match location via process called cross device tracking. But if you use a VPN and you disable location permissions on Brave and Chrome you will prevent this from happening. So does Google continue to track what you do on Brave? Yes, you cannot stop it.

Google tracks on Brave, on Chrome, on Firefox, on Safari, on Chromium. It tracks on all. But the secret I’m revealing to you today is Google script tonight. They need the Google ID. Without a Google ID the collected information that you’re browsing cards on cars.com becomes irrelevant because they don’t know where to feed the ad to or where to attach the profile of your interest. In other words, there’s data but no identity and this is one of the secrets of privacy. The next trick is that sometimes you want to use Google properties like Google search or YouTube but without logging in.

What is the safe way to do that? The way I recommend is to have a third browser which you will use for accessing things that could be extra dangerous like going to Google sites. Remember you can always clear the cookies and history to restore the browser to a pristine state but it would be safe to use YouTube for example if you don’t ever log in. By the way, YouTube recently started banning accessing this platform via browsers with the VPN on and not logged in. So you may have to turn the VPN off to use YouTube.

You can give in to this but never ever log in on the third browser. Which third browser do I recommend? You can use Chromium, Firefox or Safari. Some of you are concerned about using Firefox because of recent changes in their privacy policy but they actually explained that nothing has really changed. If you want to be fancy, you can spread your activities by type into multiple extra browsers which will limit the data collected at each moment. For example, if you need to isolate political activities to a specific browser, you can do that.

It serves to disconnect the data more. That’s not a necessary procedure for most people. Two to three browsers is enough to implement this. Browser isolation. I specifically call this technique browser isolation and to be specific, it is really about browser isolation of the Google ID. That’s exactly what we’re trying to do. I would implement this procedure even on phones though you should realize that apps will often connect to browsers in the background so apps on standard production phones are more easily tracked. The only way to prevent that is to have an open source phone like a dGoogle phone that has no Google login on the phone.

Browser isolation is so important in the privacy protection procedures that I rank it in the top three of issues. And to make sure you do this right, you must ensure that none of these browsers, including Chrome, use Google search. Watch my recent video on search engines and change the default search engine to the ones I recommend. I recommended circsing and start page as the safest ones with the best search results. Or for convenience, you can use DuckDuckGo and Brave Search though these have poor search results. This is an important strategy to privacy protection and just to make it clear to you, the top three most important steps to privacy are one, get an open source phone like a Brax 3, two, use a VPN, and three, do browser isolation.

Folks, this channel does not have sponsors and hopefully that gives us more independence in giving you information. However, the channel gets its support directly from all of you. We offer products and services on our site Braxme that have been proven solutions to privacy and hopefully coming from a source you trust. We aim to maintain that trust after supplying these services for many, many years with thousands of users. Our newest project is the Brax 3 phone, which is a community project involving several companies and is a custom-built phone focused on open source solutions and privacy.

This phone is available on Braxtech.net. We also have other products like Brax Virtual Phone, which gives you anonymous phone numbers. We have Brax Mail, which allows you to have unlimited email aliases for managing your identity online. We have Bytes VPN to protect your IP address and is a key requirement to privacy protection. All these are on our site Braxme, which currently has 120,000 active users. This great community provides resources to others relating to the privacy journey. Join us there and be part of this community. Thank you for the support on Patreon, Locals and YouTube memberships.

See you next time. [tr:trw].

See more of Rob Braxman Tech on their Public Channel and the MPN Rob Braxman Tech channel.