So I was testing my setup in ipleak and everything works great… except the “geolocation based on browser” which gives a nice aerial of my house. I had always thought this was just derived from my ip, since it’s a box PC with no cell and on a hardline with wifi off.
Googling shows turning off asking in various browsers… but that’s a lot of trust. I’d much rather just have my PC not know where I am – but I have no idea where to begin since I don’t know where it gets the info.
Are you logged in to the same Google account on your PC and your phone, as your phone location may be giving you away? Do you have location services turned off on your PC? Does your PC have a default location set if it cannot find its location. Is WiFi enabled on your PC, which can locate you by seeing which APs are near you?
Hiding your location is not as simple as just running a VPN.
I went into the location settings and turned them off. Then I set a default location in philly. Then I cleared the location history. Then I checked the location and it was spot on like before. (both chrome and edge). I didn’t reboot between though… so maybe cause windows.
OK, for future generations my answer to myself (thanks everyone)…
On windows it’s the wifi (and not cached). If I turn off wifi and then check location on ipleak through browser I get a location that looks ip based. I click it on and then on a few refreshes the location becomes local. Then turn it back off and it moves back to my isp location.
FWIW, I turned off location in the windows settings… set the “default address” to a third location… did a reboot… does nothing. So as far as I can tell the win10 privacy related location settings do nothing at all. Browser settings and wifi on/off are the dials that do anything.
Thanks all… turning off wifi got the OS to tell the browser location based on ip – turning wifi back on changes location back to local. So leaving wifi off. (would be nice to have a wifi windows device that just spoofs a location.)
Nothing here has touched on what I believe to be the problem. If your browser is properly locked down this should not be possible. There’s not enough info in the OP. What browser? How do you handle cookies? Fingerprinting? JavaScript? Etc. Switch to a different profile or container (or different browser) and let me know if it still locates you.
Edit: What exactly is telling you your location? Is there a specific online test you’re running? If so, which one?
Nothing is leaking… all tests passed… except just asking the browser “where are you?”… then there is a prompt to share location. And I don’t know where the browser is getting that location…
According to that maybe it could be based on my wireless (no gps in my pc)… although why use wifi triangulation instead of ip? Or maybe it just grabs it on boot before the vpn kicks in?
“When an app or feature accesses the device’s location and if you are
signed in with your Microsoft account, your last known location
information is also saved to the cloud, where it is available across
your devices to other apps or services that use your Microsoft account
and for which you’ve granted permission.”
I’m sure I’ve accessed a MS account from my phone, but I do keep location off. But maybe some app forced me to turn it on sometime… would have been long ago. So crazy this isn’t within our control.
imgur temporarily down so no pic… but it’s the “Geolocation map based on browser” section of ipleak. All the ip, dns, webRTC, torrent, etc all pass fine… it’s just the browser that will report the exact address (when I click to give it permission when it asks). I’d rather the browser not actually know my address.
Since I’ve gone into firefox prefs and turned off location reporting it now automatically says “user location denied” but that’s just firefox clicking the deny box… it still knows if it wanted to and I can go into another browser and give permission and then it will have address. Which means it’s there to be taken with circumvented permissions.
If your device has Wifi connectivity it is probably getting your location from that. It does not have to be connected to a WiFi, it just has to be able to scan for them.
A VPN does not hide absolutely anything from the OS! It only hides your network activity from your network and your IP address from websites and other network services and now the VPN can see that information instead.
According to that maybe it could be based on my wireless (no gps in my pc)… although why use wifi triangulation instead of ip? Or maybe it just grabs it on boot before the vpn kicks in?
Because IP is often wrong or easily spoofed. Mobile devices tend to use aGPS data which is a combination of cell, WiFi, and GPS data. So if your system is using WiFi, then yeah, it will likely prioritize that over IP data.
No it can’t know if it wanted to. Firefox is you. You are blocking access to your location. Firefox “knowing” your location is just like you knowing it. It’s a client on your computer. It’s up to you if that info gets reported to something. That’s like saying your VPN company knows your true IP, so you’re not in control. But you are. You choose if you turn your VPN on or off.
If you’re wondering how Firefox can determine your location, it sort of can and sort of can’t. It can’t by itself, but it can report information which allows a good guess of your location - specifically, other devices within range (Wi-Fi and maybe Bluetooth). So of course your computer is going to be able to tell what devices it can detect u less you disable Wi-Fi and Bluetooth. If you turn off the ability of your browser to report that information, that’s about as good as you can do, unless you want to take more extreme measures.
I guess to rephrase, I’d like to spoof to my OS a false location. Maybe it could be done by a program working as a false wifi device, I’m not sure – but it seem like it should be possible in software. (I’d hoped maybe it was already built into the OS… cause privacy ;))