Hi there,
So just watched latest video of Jim Browning and in the video he had a sponsor I had not heard about before, Guard.io. So I went to check it out, and it seems like a fairly decent service (by that I mean, a service I would put on family members devices) for helping against possible phishing attempt and general safeguarding online activity etc… I currently have installed Ublock Origin in their browsers and pointed their DNS to base.dns.mullvad.net
, but that’s about it.
So:
- Anyone had any experience with this service?
- What’s the general consensus around this service?
- Is it necessary, compared to the measures I mentioned above?
- Are there any other general measure I could implement on their devices? (they are on both apple and Android ecosystems)
Thanks for any suggestions 🌻
Nope.
Not remotely private.
According to the PDF on their Privacy Policy page:They collect a whole bunch of data on you. Including every site you visit. As well as every email and SMS you receive.
Specifically, during Your access and/or use of the Services, we will collect or receive the following information (including Personal Information) about You:
- Anonymized browsing behavior needed inter alia for the operation of the Solution including sites and URLs visited during the Solution’s operation.
- Country, IP address, Installation time, E-mail, name, last name (as provided by the user), 4 digits of credit card, credit card type for paying customers, and other information provided by you during and as part of creating and maintaining an account with us.
- To the extent you have chosen to subscribe to and use our email scanning feature and/or SMS messages scanning feature as part of the Services, we will also receive information as follows: (a) when you use our email scanning feature – the information (including email content) contained in your email inbox as of your subscription to the service and information contained in any email you receive thereafter during your use of the Services; and (b) when you use our SMS messages scanning feature, information contained in the SMS messages (including messages content) you receive as of the subscription to such feature and thereafter during your use thereof, all as described in your subscription and as made available by us.
They then use and provide that “anonymized” data to any 3rd party they work with.
The collected information as stated above is stored in Guardio’s database and shall be used and processed by us only for the following purposes:
- Providing the Services or any part thereof and enabling convenient and efficient use of thereof including, as applicable, third-party services made available via our Services;
- Improve and enrich the Services;
- Modify and/or remove existing Services and content;
- Perform research and provide statistical information to third parties (in such case, the provided information will not identify You);
- Enforce the Guardio’s Terms;
- Collecting of payable fees;
- Providing additional services and/or products;
- Any other purpose detailed in the Terms and this Privacy Policy.
They target you with 3rd party ads (personalized content).
Your Personal Information is collected and used because Guardio has a legitimate business interest for Your Personal Information to be used for the above purposes. This enables Guardio to send You relevant and personalized content designed to improve Your use of the Services. You have the right to object to this by contacting us via email: [email protected]. Please note that if you object, this may affect Guardio’s ability to provide you with the Services and send personalized content to You.
Well yikes. I’ll stay far and wide away from this service. Thanks for taking the time to gather that information.
What a fantastic comment. Thanks so much for the effort.
I wouldn’t use it.
Seems to me like free plan is what browsers natively support anyway. (Scam site blacklist. I highly suspect they use the same. They can’t compete with the one Google hosts and all major browsers integrate.)
And instead of paying 15 usd per month, Windows defender is a well funded, well established, well trusted solution.
There’s no practical gain in blockage before download. Windows defender scans upon and after download, before execution.
Fair enough, thanks 😊
Just use NextDNS and PiHole/AdGuardHome and redirect all port 53 requests to your local DNS instance.
DoT and DoH will mitigate some phishing risks.
Social engineering is the biggest threat, especially through vishing.
I personally use nextDNS, and love it. However my setup is too strict for their use cases and blocks newspapers and stuff they read. I also don’t feel comfortable logging their devices. I guess I could spin up a few more nextDNS accounts for them on the free plan instead though, that’s probably what I should do.
You can put them in another bucket with custom rules.
Hold on, is that possible in nextDNS? Never seen that option before.
I pay for NextDNS. It’s under new profiles on the top left.
I alos pay, but have completely missed this feature hehe. Thanks for pointing this out, completely solves this issue for me 🙌
Until its known by people that actually know stuff, avoid it
Is it necessary, compared to the measures I mentioned above?
That product is trash but how is what you’re doing helping with phishing?
As another comment said, through DoT and DoH. Also newly registered links (30days) are blocked by default (at least with my nextDNS settings). I was however mixing up, thinking Mullvad would do the same… I should probably make a nextDNS profile for each member in family.
Ye mullvad uses their blocklists but does not provide the features mostly listed in the security tab. I still don’t get how dot and doh are relevant with phishing.