this post was submitted on 25 Oct 2023
30 points (91.7% liked)

Privacy

31882 readers
588 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Hi there! I like to listen to the "Slightly something else" podcast. Although it is gaming-related, they have these ad-segments that have some kind of targetting, as it is always in the language from where I've downloaded the episone.

Yesterday I was really surprised that the ad seemed very well targeted, because it has been referencing a very specific topic concerning my flatmates and me that doesn't have anything to do with gaming.

My first theory was that my IP was correlated with search terms my partner googled in my home IP (I search with searxng). But then I realized that I've subscribed to another podcast related to the advertised topic. (also: the episode with the advertisements was downloaded via mobile network)

So... Apparently, spotify (where slightly something else is hosted via anchor.fm) analyzes the podcasts I subscribe to via rss feed. Is there any way how I can avoid being profiled? Is this the reason why I'd start using a commercial VPN?

Edit: I'd like to reply to your comments, but my lemmy instance won't display them correctly. So I'll try to answer here: I'm already using Antennapod with rss feeds for download. That's why I was so suprised and pissed that the ad was so obviously targeted.

all 17 comments
sorted by: hot top controversial new old
[–] jet@hackertalks.com 12 points 1 year ago (1 children)

Start using an open source program to get your podcasts, like antennaPod which is excellent.

If it continues to be a problem, then you can download your podcast over ToR for free.

Or you could use one of the privacy respecting VPNs like Mullvad. Well worth the $5 a month they charge

[–] RedWizard@lemmygrad.ml 6 points 1 year ago* (last edited 1 year ago)

Ok now that I've read your Edit:

Podcasts no longer have RSS feeds that simply link back to an mp3 file that you directly download. Any podcast that is running canned ads (not ad reads that the host reads) is using what's called Dynamic Ad Injection. This requires the podcaster to supply their distribution vendor with a key file that marks break points in the podcast that the system will use to slice the raw podcast file into parts, and then inject X number of ads into the break, and then reform the mp3 file for delivery. I imagine this can be done dynamically or as part of an automation that cranks out thousands of variations of the podcast file.

The reason this information is important is because it means that the PODCAST FEED itself is betraying you and your data. The feed is controlled by an ad delivery network, which works in partnership with the podcast, to inject dynamic ads based on demographic information the ad delivery network has, and they use metadata about your connection (such as IP address) to match you against a shadow portfolio of your data, or at least a pool of data that hits your demographic.

Now, one other thing here that is betraying you, is your flatmates. It doesn't matter how much you protect yourself, because you are likely connected to your wifi, along with the other flatmates, and they're likely not taking the same measures as you are to ensure anonymity online. So you could have received that ad not because of data collected about you, but because of data collected about everyone who uses your ISP-provided address to connect to the internet, even if they're not listening to this specific podcast.

A VPN can mitigate most of that, as well as using a FOSS Podcast reader like you are. But if you have to listen to the podcast through Spotify, it's still moot because the IP addresses you get via the VPN will become attached to your data profile from Spotify, which will then find its way back into the existing data on you which includes your apartment's IP address.

The reality is Podcasts are big businesses and all the feeds for all the popular podcasts are owned by ad networks that collect data on listeners and then pair that data up with other data they collect from data brokers.

[–] RedWizard@lemmygrad.ml 5 points 1 year ago (1 children)

If you use Spotify as your podcast app, a VPN isn't going to protect you. You should look for a FOSS Podcast app, especially if you subscribe to most of your podcasts via RSS.

Then the VPN layer would kick in, allowing you to download them anonymously.

[–] bbbhltz@beehaw.org 3 points 1 year ago

You can use yt-dlp to download entire channels. I've noticed that this can sometimes cut out the ad entirely. Other times I will get a targeted ad.

Anchor.fm is part of Spotify and most of the time you will receive some sort of targeted ad no matter if the app is open source or not.

What you are describing may be an instance of Cross-Device Ad Targeting.

[–] imkali@lemmy.dbzer0.com 2 points 1 year ago (1 children)

Listen to it through a different, open source app, like a Podcasting 2.0 app (for example podverse, heres a link to that podcast link)

[–] Prunebutt@feddit.de 2 points 1 year ago (1 children)
  1. Already using Antennapod
  2. Never heard of "Podcasting 2.0", but it seems sketchy, tbh.
  3. The link you supplied uses the same anchor.fm (spotify) feed as the official one
[–] d0ntpan1c@lemmy.blahaj.zone 2 points 1 year ago

The main reason people are distributing podcasts via youtube or spotify and not via RSS is because podcast RSS (podcasting 1.0) gives limited visibility into audience or whether anyone even cares.

Podcasting 2.0 is trying to build a standard that still uses RSS but provides the info podcast creators need to understand their audience. Basically, what can we do to keep people from relying on closed-source solutions and go back to RSS as the main driver of distribution. Its not intended to be used for targeting and mostly just provides download counts and such (which rss doesnt)

[–] snowcatridge10@beehaw.org 1 points 1 year ago
[–] chkno@lemmy.ml -2 points 1 year ago

Download over TOR / run your podcatcher from Tails.