Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

How separate (and private) are different user profiles on the same Mac?

H

Hoff

macrumors regular
Original poster
Jan 24, 2018
181
29
I have a MacBook Pro with High Sierra.

I have 2 user profiles which have a bunch of cookies or tracking whatever's from browsing sites like FB, etc.

If I create a new user profile, would it be completely separate and private?
So anything I do there wouldn't be seen by the tracking cookies or whatever in the other profiles?

I have no idea what gets shared between the different users on the same Mac

Thanks
 
  • Like
Reactions: brookter1
Cookies are stored in the user's library, they aren't shared.
There aren't many shared preferences, maybe some apps licenses that are stored in the global Library folder so you don't have to reinsert the license for every user, but that's it.
 
  • Like
Reactions: Hoff
Ritsuka said:
Cookies are stored in the user's library, they aren't shared.
There aren't many shared preferences, maybe some apps licenses that are stored in the global Library folder so you don't have to reinsert the license for every user, but that's it.
Click to expand...
So why, for example, when I search for some things in YouTube in one user profile, they also show up as "Recommended" in my other user profile, when I never searched for them with that profile???
 
It's most likely because you're being tracked. Or more accurately, the computer or IP address is being tracked.

Both accounts are using a computer at a single IP address. They're tracking that (or possibly other things that might be gleaned from the computer), and then correlating it to the history of past actions from that IP address.

If you use a VPN, try that vs. a non-VPNed IP addr.

If you don't use a VPN, maybe give one a trial run and see if there's a difference.
 
  • Like
  • Wow
Reactions: Hoff and Apple_Robert
Or: you are signed into a Google product in both profiles, and Google is tracking on their side what sites the Google account has visited, searched for, etc. So that stuff you search for on, say, your work computer "helpfully" shows up on your personal device(s).
 
  • Like
Reactions: Hoff and Apple_Robert
NoBoMac said:
Or: you are signed into a Google product in both profiles, and Google is tracking on their side what sites the Google account has visited, searched for, etc. So that stuff you search for on, say, your work computer "helpfully" shows up on your personal device(s).
Click to expand...
Yeah, I thought about that.
But no, one was a work user profile, one was a personal user profile. Never logged into the same email accounts on both profiles. So how do we explain that?? Must be IP address or something in the WIFI.

Although actually you do not need to even log into Google products for this to happen...

For example, when I worked in an office I just logged into a non-google website but using my personal gmail account. Forever after that, youtube in my office was showing videos I had searched for at home. And I couldn't turn it off.

It was totally inappropriate.
 
chown33 said:
It's most likely because you're being tracked. Or more accurately, the computer or IP address is being tracked.

Both accounts are using a computer at a single IP address. They're tracking that (or possibly other things that might be gleaned from the computer), and then correlating it to the history of past actions from that IP address.

If you use a VPN, try that vs. a non-VPNed IP addr.

If you don't use a VPN, maybe give one a trial run and see if there's a difference.
Click to expand...

I could try VPN but I don't trust VPN with my sensitive data.

Instead I will create a Virtual Machine (VM) on the MacBook Pro and only visit my banking websites inside that VM.
Do you think that will stop my activity inside the VM from being tracked by my normal computer outside the VM?
 
Hoff said:
I could try VPN but I don't trust VPN with my sensitive data.

Instead I will create a Virtual Machine (VM) on the MacBook Pro and only visit my banking websites inside that VM.
Do you think that will stop my activity inside the VM from being tracked by my normal computer outside the VM?
Click to expand...
A VM probably won't change the IP address. If you're being tracked by IP address, then a VM can't stop the tracking.

For most people in most situations, their visible IP address is actually the router, cable modem, fiber modem, or other device used to connect to the internet. In many situations, that IP address changes infrequently, often remaining the same for weeks or months at a time.

Any computer on the local side of the router will appear to have the same IP address as every other device on the local side. It's that "sharing" of a public IP address that causes multiple devices, accounts, etc. to be tracked as the same person.

This is a simplified explanation, but the central point is that if your public IP address is being tracked, then you need to do something that alters the public IP address in order to avoid that tracking. Or taken as the inverse, if you do nothing to alter the public IP address, then you'll still be tracked.
 
Ritsuka said:
No, a VM will change nothing at all.
Click to expand...
Damn it.
I thought I finally found a solution.

Thank you for sharing the real information though.


chown33 said:
A VM probably won't change the IP address. If you're being tracked by IP address, then a VM can't stop the tracking.

For most people in most situations, their visible IP address is actually the router, cable modem, fiber modem, or other device used to connect to the internet. In many situations, that IP address changes infrequently, often remaining the same for weeks or months at a time.

Any computer on the local side of the router will appear to have the same IP address as every other device on the local side. It's that "sharing" of a public IP address that causes multiple devices, accounts, etc. to be tracked as the same person.

This is a simplified explanation, but the central point is that if your public IP address is being tracked, then you need to do something that alters the public IP address in order to avoid that tracking. Or taken as the inverse, if you do nothing to alter the public IP address, then you'll still be tracked.
Click to expand...

Sounds like I would need to use a totally separate computer on a totally separate wifi network.
Is that right?

If that's true, could I just use a different (brand new) computer with a different wifi router connected to my same modem?
I would use that wifi router only with that computer and only for my banking for example.
 
Hoff said:
Sounds like I would need to use a totally separate computer on a totally separate wifi network.
Is that right?

If that's true, could I just use a different (brand new) computer with a different wifi router connected to my same modem?
I would use that wifi router only with that computer and only for my banking for example.
Click to expand...
It depends on exactly how the connection to your ISP is being done.

That means knowing exactly what make and model of router, modem, etc. is being used for your ISP connection, and probably also the name of your ISP. I'm not suggesting that you post all those details, only that all the details are significant.
 
chown33 said:
It depends on exactly how the connection to your ISP is being done.

That means knowing exactly what make and model of router, modem, etc. is being used for your ISP connection, and probably also the name of your ISP. I'm not suggesting that you post all those details, only that all the details are significant.
Click to expand...

This is so complicated.

So if I just do my private stuff like banking etc. inside a VPN:

1) will it be safe (like VPN won't be tracking that info or stealing my logins) and
2) will it prevent sites like Facebook (which I would log into outside of the VPN) from knowing what I do inside the VPN?
 
VPN, in general, can be a good thing, but is overkill for this situation, imo. All browsers have a private mode, where the cookies and other tracking info gets wiped after the window is closed. Use privacy mode where you deem appropriate.

Unless you completely unplug, not going to escape tracking cookies, even if one is super careful, as things like "Like" buttons on Facebook, Twitter, Google products, etc. are trackers (even if you don't click on it). Single pixel images being served up in your email, sites visited work as trackers. "Sign In Using" services is more tracking. Throw in IP addresses, devices in use, browsers being used, GPS coordinates being sent back to the mothership from phones... leaving a lot breadcrumbs that places like Facebook, LinkedIn, Amazon, Google, et al can use to ID you.
 
NoBoMac said:
VPN, in general, can be a good thing, but is overkill for this situation, imo. All browsers have a private mode, where the cookies and other tracking info gets wiped after the window is closed. Use privacy mode where you deem appropriate.
Click to expand...

I don't think it's overkill.
Can I please get a second opinion?

The reason this started was because I found out my BANK was sending data to my FACEBOOK profile.
Even though I've always logged out of one, and cleared all the cookies before logging into the other.
 
Last edited:
chown33 said:
A VM probably won't change the IP address. If you're being tracked by IP address, then a VM can't stop the tracking.

For most people in most situations, their visible IP address is actually the router, cable modem, fiber modem, or other device used to connect to the internet. In many situations, that IP address changes infrequently, often remaining the same for weeks or months at a time.

Any computer on the local side of the router will appear to have the same IP address as every other device on the local side. It's that "sharing" of a public IP address that causes multiple devices, accounts, etc. to be tracked as the same person.

This is a simplified explanation, but the central point is that if your public IP address is being tracked, then you need to do something that alters the public IP address in order to avoid that tracking. Or taken as the inverse, if you do nothing to alter the public IP address, then you'll still be tracked.
Click to expand...
NoBoMac said:
VPN, in general, can be a good thing, but is overkill for this situation, imo. All browsers have a private mode, where the cookies and other tracking info gets wiped after the window is closed. Use privacy mode where you deem appropriate.

Unless you completely unplug, not going to escape tracking cookies, even if one is super careful, as things like "Like" buttons on Facebook, Twitter, Google products, etc. are trackers (even if you don't click on it). Single pixel images being served up in your email, sites visited work as trackers. "Sign In Using" services is more tracking. Throw in IP addresses, devices in use, browsers being used, GPS coordinates being sent back to the mothership from phones... leaving a lot breadcrumbs that places like Facebook, LinkedIn, Amazon, Google, et al can use to ID you.
Click to expand...

Thanks you two.

So... if I logged into Facebook on my laptop on my wifi, it now is tracking what I do there forever?

If I re-format my laptop - wipe the hard drive and re-install the OS - but don't visit Facebook, will Facebook track my site visits just because I have the same IP address as before? And Facebook knows it is me?

Or would I have to actually visit Facebook again before they would start tracking the sites I visit again?
 
Hoff said:
If I re-format my laptop - wipe the hard drive and re-install the OS - but don't visit Facebook, will Facebook track my site visits just because I have the same IP address as before? And Facebook knows it is me?
Click to expand...
Maybe.

As mentioned earlier, things like "Like" buttons or "sign in with" on other websites phone home to Facebook. The website(s) you visit might share information with Facebook. Third-party tracking cookies from Facebook on others' websites.

Add in digital finger printing (what devices, what IP address, what browser, what interests, etc), they can make a good guess on who is who. Especially once one creates a Facebook account: have given Facebook plenty info to start building their database on you. And the more you put out there, the more they can fine-tune their finger printing.

And Facebook is not the only one. Google. LinkedIn (have not had an account on their site for years, yet on one page view, suggested profiles that I knew, but never were part of my LinkedIn contacts, have only contacted them via an email account not my primary or primary phone). Basically any site out there that wants to mine your info for advertising.
 
Both a VM and VPN are actually good ideas for privacy, a VM gives you a new "fingerprint" (different resolution, maybe a different browser, different hardware) while a VPN gives you a fresh IP address far from your actual location (both network's and physical).

But it's true that they're both overkill if what you're trying to do is to get rid of Facebook and Google (and others') trackers -- because many browsers, including Safari, will try to do that for you. There are even browsers focused on privacy (e.g. Brave) that are pretty aggressive and give you lots of control over what kind of client-side code (JavaScript) gets to run.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back