Google's widespread tracking across the web

Original Article ↗ Hacker News Discussion ↗

Overall framing and DuckDuckGo’s role

  • Several commenters say the title is misleading, reading it as implying DuckDuckGo (DDG) itself leaks searches to Google or that DDG is “owned” by Google, which they reject.
  • Others argue the intended point is narrower: switching search engines doesn’t stop Google’s web-wide trackers, and DDG is just one part of a privacy setup.
  • Some feel the post unfairly suggests DDG should protect users from tracking on third‑party sites it links to, which is beyond a search engine’s role.
  • There is some confusion/clarification that DDG is: a search engine, a browser on mobile, and a tracker-blocking extension on desktop.

Tracking mechanisms and realism

  • One long comment lists many fingerprinting vectors (IP, UA, fonts, WebGL, behavior, etc.) to argue that being tracked online is nearly inevitable without extreme measures (Tails, Tor, Qubes, Whonix).
  • Others call that list partly FUD: technically mostly correct, but mixing normal interaction data with exotic techniques and overstating how coordinated and pervasive such tracking is.
  • There’s debate over whether MAC addresses can be captured: some push back technically (browsers can’t expose it; remote servers can’t see it), with nuance added for Android/OS‑level access and randomization.

Mitigations and practical setups

  • Commonly recommended stack: Firefox + uBlock Origin, Pi-hole, strict privacy settings, and possibly a reputable VPN.
  • Tor Browser, Tails, Qubes, and Whonix are cited for stronger anonymity, but seen as overkill for “surveillance capitalism” threat models.
  • Some VPNs and DNS services block trackers at the DNS layer; intercepting HTTPS for deeper blocking is viewed as dangerous and over‑trusting the VPN.

Regulation and banning tracking

  • One view: user tracking should simply be banned; targeted ads largely exist for profit.
  • Others question feasibility and enforcement, emphasizing that making something illegal isn’t enough without strong enforcement capacity.
  • GDPR is described by some as “stupid/unenforceable”; others say it’s slowly working: more genuine consent flows, less GA, and more privacy‑respecting analytics.
  • Discussion touches on extraterritorial enforcement and companies adding cookie banners to serve EU users.

Critique of Simple Analytics and irony

  • Many see the article as a thinly veiled marketing piece and “fear mongering” to sell privacy analytics.
  • Open-source alternatives like Counterscale are promoted as more transparent/self‑hosted options.
  • A commenter inspects the article’s page and finds it loading a script from a personal domain that collects IP, UA, path, referrer, and a session ID—prompting accusations of hypocrisy (“tracking you while warning about tracking”) and possible GDPR issues if that domain isn’t formally covered by the company’s privacy policy.

Miscellaneous points

  • Some note browsers and VPNs increasingly offer built‑in tracker blocking.
  • There’s a side discussion about DDG’s reliance on Bing, and a wish for deeper OS‑level search engine choice (e.g., Kagi on Apple devices).