That appears to be the most likely scenario, but in that case, wouldn't people on the network where the VPN is get the wrong location (aka, my location)?
No because it's likely that when you're using Google on the VPC'ed machine you have some sort of session and/or browser fingerprint connected to your account.
> For example, when I do a Google search, my location is correct at the bottom of the page.
I saw the same behavior. Loading google in incognito mode solves this for me. I know I've granted google access to my browser's location services, perhaps you have too. Loading in incognito mode resets this.
If you are logged into your Google account on both the VPN-connected device and a phone with location settings turned on, Google will use the location feature of your phone to locate your usage on the VPN connected device as well.
That appears to be the most likely scenario, but in that case, wouldn't people on the network where the VPN is get the wrong location (aka, my location)?
Are you logged in with Chrome? Are you running other Google products on your computer or behind the same router (e.g. an Android phone) that are logged in and have you added a payment method in Google with an address anywhere? Got any Google home assistant products around?
Otherwise they are probably using browser fingerprinting and cross referencing.
has anyone confirmed google does these? i personally haven't used google in years, dont hold a gmail account or use their services other than youtube which i do on a private firefox tab.
while i do have a unique browser fingerprint according to https://coveryourtracks.eff.org
>Your browser fingerprint appears to be unique among the 327,358 tested in the past 45 days.
should i be concerned? now, if i use this same browser on any vpn, if youtube is doing fingerprinting then i am a unique user anyways so any ideas?
You should never use same profile for your VPN. You can create seperate profiles to use one for direct access and one only for your VPN connection. I would even recommend using different browser profiles for specific tasks. Like "shopping" for example.
Create Firefox Profile:
firefox -ProfileManager
Use Firefox Profile:
firefox --no-remote -private -P profile-name
Create & Use Chrome Profile:
chromium --incognito --user-data-dir=location/profile-name
On top of seperate browser profiles (at least in your VPN profiles), you need to do browser hardening and use something like uBlock/uMatrix to block everything by default. [1] I do not recommend using regular Google Chrome for VPN at all. Use something like Ungoogled-Chrome. [2] or similar security browser instead.
Also it is highly recommented if you use Linux/Unix OS, to properly firewall your VPN connection. So for example if your VPN connection suddenly stops working, it will not leak out any data. There is many tutorials on how to do this. I'm sure it is possible to do something similar on Windows too.
It would be easier to offer some better answers if you edit your post and state what device, OS and browser you’re using for the search.
Also, are you logged in to Google or Gmail or any other Google services (even if that window has been closed)? In other words, are the cookies cleared in your browser?
What’s your DNS setting on the device and/or browser?
I am currently logged in gmail, but usually not and I'm pretty sure that the issue is still the same (but either way, I tried a private tab and it still knows my location)
I had a similar problem with an Android phone and VPN, and tracked it down to my DHCP server only serving primary DNS IP and no secondary. In this circumstance it seems Google automatically adds its own DNS resolver as secondary, which was causing DNS leaks.
Try tunning tcpdump on your gateway looking at DNS and mDNS requests.
HTML5 geolocation if you ever click allow even one time can granularly identify location based on where you are. It sends nearby MAC and correlates this to wardriving-equivalent scans. You do not need to be connected to wifi.
I would also consider that the problem is the client you are using to connect with the VPN. Sometimes the VPN provider's client are just borky and Google is the first to figure out the issue. I just recently encountered this.
P.S. 95% of search attempts can be adequately satisfied with DGG. I'd suggest you isolate G products to a specific browser, this way you isolate what data you actually provide G with.
Possibly a dumb one but do you allow your browser to share your location? On mobile if you have location sharing enabled, most devices will allow the browser to get coarse GPS location
