@ Bruce, ALL,
For a jaded old soul such as mine, you have to be somewhat cynical about various aspects of life.
Like Banks and other Financial institutions are always going to be a long way behind on the security of there users (which is why Sim-Swap attacks still work).
What this “advertising ecosystem” tells us is that there is a distinct lack of ability for people to make money on the Internet in ways most would consider “honestly”.
As the old saying has it,
“This is why we can’t have nice things!”
Like Privacy and the Anonymity and Security that underpins it.
Worse, as people find out, those that push to have Privacy “In Real Life”(IRL) and Online / Virtual life those that make the legislation and regulation are “bought off” by Big-XXX lobbyists.
Obviously there is an issue there because you can not be in a “democracy” where “lobbying” and those with “unlawfull interests” can,
“Buy what they want, when they want.”
Effectively with impunity (as the legislation to turn unlawful into illegal / criminal does not happen, or atleast not often).
Thus shocking as this “out of sight” behaviour of those in the “advertising ecosystem” is, in all honesty I can not say I’m even remotely surprised.
Two things people need to understand at a very in-depth level these days,
1, Your Mobile phone number or Email address are now near “universal identifiers” once known.
2, That E2EE and Storage Encryption, now nolonger realy work due to the various forms of “On Device in UI” or “Device Side Scanning” and “fingerprinting”.
Worse the oft faux-legal excuse of “Know Your Customer”(KYC) is used to force you to divulge those “universal identifiers”. Or another wheeze is 2FA using those identifiers for the “side channel”, thus requiring they be divulged.
With just about every advert that happens in your internet or email client is acting either directly or indirectly to do “Device Side Scanning” or “Fingerprinting”.
The “universal identifier” and “fingerprint” are very very quickly irrevocably linked.
Worse the data that then gets recorded is easily available to those involved in “SIM Swap” and similar “social engineering” attacks.
Are there ways to stop this?
Yes use “throw away identifiers” and “change your system fingerprints frequently”.
But the sheer level of “Operation Security”(OpSec) to do this is way beyond most peoples capabilities, due to the way humans generally work.
In the past I’ve indicated,
1, Turn off JavaScript and more recently those HTML5 extensions etc.
2, Don’t have a Personal Email account, and never use the Work one for Personal.
3, Have at least two computers, one that is “Private” and one that is “Public”.
4, Where possible remove all mutable memory from the Public computer and never ever use it for Private activities.
5, Don’t have an Internet or other Communications or Connections that connect to your private systems.
For which in the past it’s been suggested I’m “Paranoid”. Yet here we are at the start of 2025 with an example of why the above points are not in any way paranoia, and were just the minimum of sensible precautions.
But they are now actually insufficient, because there are those that really “are out to get you” in their DataBase or as Nixon used to say “On my list”[1]. With Google, Microsoft, Meta and Apple being just the more obvious actively pursuing ways to make Fingerprinting and Device Side Scanning “built in” and “unavoidable”.
[1] Yes Nixon really did have an “Enemies List” and for a while it became public knowledge and shocked people. Now it’s mostly not known by those less than a half century old, who mostly have only heard at best a “Cliff Notes” version on “Watergate”. It teaches a lesson of “Abuse of Power” that everyone living in a Democracy or Republic should be quite cognizant of,
https://en.m.wikipedia.org/wiki/Nixon%27s_Enemies_List
