At this point, I’m not even going to bother trying to go on there anymore.
Reddit taught me to never trust a silicon valley, centralized, proprietary service on the internet with my data and/or content
Well you shouldn’t trust a public, decentralized, open source personally hosted service either.
I don’t really know who’s hosting the Lemmy or other fediverse services I use and what access they have to the data that we post on there.
Basically, you shouldn’t trust any online service with your data and your posts.
Off the grid it is, then
Or just use e2e encrypted services. They can be trustless and still useful.
Depends on how they’re implemented. Signal and WhatsApp are e2e encrypted, but they track your phone number, your contacts and IP address. Maybe even metadata
I went the other route. I am very noisy online. I post and comment all over the place but I treat all of that as what it is, content I have given away freely and publicly. Now, when I need to do something privately, you are going to need serious mojo to be able to dig it out. Plus, who would assume that I do certain things privately when almost everything I do is out in the open.
SELECT 'ipaddress', 'username' FROM tables WHERE (username.normalize() == "jomiran" OR post.links CONTAIN "jomiran") FILTER content IN _blacklist_keywords;
Or some such. Data is easy to mine if you have a target. It’s finding unknown targets that is hard.
Exactly. Do a search for my username and get flooded with shitposts. IP? MAC? Same, plus some porn watching and way too much YouTube. Everything I want to keep private is done with as many degrees of separation as possible.
IP? MAC? Same
Unique fingerprint? Most likely the same with your “private” stuff.
I use disposable hardware (one time use) and unique, pre-configured remote access points from third party locations for my work. In other words, many little headless Raspberry Pis everywhere.
I have 10 Facebook accounts, a few with my real name and about 20 google accounts.
The real accounts that I use are created and destroyed frequently.
You can trust that the service will persist. The fediverse is practically speaking unkillable since no one group holds all the strings. The trade off is that any data you post is shared freely with all. At least it’s clear from the start and no one is profiting off of it. Unlike Reddit, you know exactly what’s going on as soon as you sign up.
True, I am safest alone in my dank basement
…and this is how “rational” people act more irrational than irrational people. Arguments that are reductionist tautological absurdities.
Open source culture is far more transparent and trustworthy than the 100 headed monster Hydra that is Western Big Tech companies, fully armed with neuro scientists and western capitalist media machinery. There are a few bad apples in FOSS culture, but they can be easy to spot for a few people, and that works as long as people actually listen to those few people.
Take a chill pill.
All I’m saying is whatever the service, be careful what you post online. We assume the people hosting fediverse services have a code of ethics or that they have our best interests or privacy at heart. Or even that they have the time and know how to protect our data.
But we should still consider the opposite and take the necessary precautions.
I am good, it just sounded very absurd. There is no “both sides” in credibility of open source vs closed source ecosystems.
I think we can judge Lemmy instances dependingly, for example I trust the dev instance and Lemmygrad instance quite a lot and stick to them. I distrust instances like Lemmyworld, lemmy.one and some others. All instances that connect to the ones I use will be able to scrape my comment data, which is public and which is fine (well not but AHs gonna AH) because I teach and advise on OPSEC, stylometry and other stuff.
A much better way to spread the message is telling people how they can be mindful of firstly judging how “public” a space is, and then how and what you type/record and share.
You…you realize you just posted right?
Just because you shouldn’t trust them doesn’t mean you’re not allowed to interact with them. It just means you need to be careful.
What about a whiteboard?
Of course you shouldn’t but there is a categorical difference between the risk of a corporation exploiting you because of a power imbalance (you want to use Reddit, there aren’t alternatives in this hypothetical scenario) and the rando running your fediverse instance abandoning the project or being weird about your data.
The second category can definitely be problematic, but it just isn’t the same level of awfulness and systematic exploitation that corporations wield every day to extract a profit.
It sounds like a weird statement because we have been trained to think the average “other” we will encounter in society as dangerous, but if you actually think about the statistics then yes absolutely it makes way more sense to trust a random person or handful of people to run your instance than a corporation. Publicly traded corporations are legally required to be assholes in the pursuit of profit, on the other hand most of the time randos usually aren’t assholes, though to be safe you should always be cautious as you say.
What’s to stop a data broker from running an instance?
Sure it could happen, but I don’t understand what relevance that has when you compare it to the fact that you KNOW without a shadow of a doubt corporations are going to sell your data to the maximal amount they can, even if it is illegal.
Besides this isn’t about our data being sold or not being sold really (our data will be mined and sold by somebody so long as it is publicly available on social networks), it is about who has the power and who doesn’t. Does a single corporation run by a billionaire fascist-baby have the power or an imperfect constellation of developers, instance maintainers and moderators?
You could message the instance admin on matrix and get to know them…
deleted by creator
Internet 101 if you want control, self host.
If it was easy, I would have done it by now
Hmmm, from a tech perspective there’s lots of VPS hosts that provide dashboards to deploy a CMS in one click (Ghost, WordPress, etc.), in that way it’s never been easier to get started. The hard part though is gaining visibility and publishing enough content to give people a reason to visit.
In my opinion, one of the main benefits of selfhosting ( aside from controlling your data,) is that you don’t have to pay for the VPS/CMS service, of course you pay for the infrastructure… As someone who HATES monthly subscriptions it’s one of the main reasons I don’t have an online presence yet
I tried to run Ubuntu server and slapped something on top of it ( CasaOS ), which i didn’t like, then I tried Ghost ( and failed miserably )…
It’s not easy and YouTubers are full of shit ( they skip so many details )
To each their own, that can be a benefit but youll still need to buy hardware, maintain the server software and maybe rent rack space (if you need bandwidth).
My tiny slice of the web hosts a private image gallery for my family to upload and share photos. Going into it I wasn’t really interested in administering yet another server. Instead I threw $6 at a VPS and had a publicly accessible, user friendly site with backups up and running in about 15 minutes… and I haven’t had to think about it again since. And Google/Meta isn’t training their AI on my niece’s birthday pictures. That monthly sub is worth it for reclaiming my time.
That monthly sub is worth it for reclaiming my time
Yeah definitely, it’s a small price for the benefit, but also to add to how I feel about subscriptions, I think their major flaw is they don’t consider poor parts of the world like Africa were I live, while 6 $ is reasonable or even cheap for some people, here it’s a lot of money ( x200 which means 1$ = 200 ), so it’s not accessible…
Only few, very few websites change their pricing based on my IP address, or send me to a different domain, but for the most part it’s not affordable
You might ask, does you ISPs have VPS plans ? Yes they do,
Tap for spoiler
waaaay more expensive than European VPSs combined … LoL…
There’s also politics and agenda involved but won’t get into it, it’s just bad news, and we have enough of that already
The currency situation makes sense and I apologize-- I realize now I had a very western-centric perspective while writing my thoughts. I can absolutely understand hosting on your own hardware, as the opportunity cost in that situation is hugely different. I think the next best option is a good server OS and the ghost docker container but you are right it is not as straight forward or easy. Best of luck friend, trust documentation not youtubers :)
Could have learned that a long time ago. Everybody learns it somehow from some greedy company. Luckily you’ve learned it now.
Same.
I’m switching everthing over to federated, self-hosted, decentralized, open source…
It’s a brave new old school world!
whoa there pardner
People who write “funny” error messages should be tied to a tree and have old circut boards thrown at their feet
everything about that error page is Toxic AF
Oopsie woopsie!
Why do only the first half of the paragraphs start with a capital too?
If there’s one thing I learned working in IT it’s that devs actively half-ass their error messages, routinely misspell critical words you’re gonna grep for in logs, and never even consider having someone in Product read over customer-facing error messages like this. All they see is a Jira ticket that says “include the following verbiage in the VPN rejection message” that was typed up by a mostly plastered PM one afternoon after they downed 3 margaritas at “lunch” at the taqueria next to their office. And then they just copy and paste that shit into whatever bullshit HTML template took the least effort to find.
Error pages are a point where something bad happened, so the user is already in a bad mood. A shitty joke just makes the situation worse.
The only time I can remember enjoying novelty error messages is for 404 not found pages. It’s usually stuff like the Google T-Rex thing, or I’ve seen an astronaut floating in space, stuff like that.
Yes fucking please
Slow down there, Satan
Started? Been having that issue for months now. It only works on VPN if you’re logged on.
Certain VPN servers can go through it they haven’t implemented a block for it yet. AirVPN launched some new servers that worked for a bit, but Reddit blocked them a few weeks later.
They started also blocking OLD.reddit.com this week. I made a comment a couple months ago alluding to old.reddit.com still working even though they were blocking tor and known VPNs on www.reddit.com. I’m sure about 10,000 other people figured it out at the same time as me, since it was such a simple bypass, and I’m surprised it took this long to fix.
There are still at least 2 other unpatched ways.
old.reddit.com is the only Reddit website I use. I have every reddit link automatically redirect to that website as well. I haven’t been able to access old.reddit.com for months on most servers of 3 different VPNs I’ve used.
I have the same experience, but mostly from VPN servers located in Singapore. They’re all blocked, or protected by some Cloudflare CAPTCHAS that seem to be much harder to pass than those of the early 2010s.
It’s definitely been a thing for more than just a week. I saw a post complaining about this on old Reddit months ago.
Can someone tell me how they would know if someone uses a VPN to access their site? I believe OpenVPN has a way to make traffic look like normal HTTPS traffic
It’s not about anti-censorship (making your VPN traffic look like regular traffic) it’s about the IP address at the end of the VPN connection. They have a list of known VPN provider IP ranges and block those. If you run a proxy server or VPN on a your own private VPS for example, then it won’t be detected.
Ah, that’s great to know. Thanks
deleted by creator
I think its a move to keep banned people out, as old reddit was the loophole people used to make new accounts. can’t create an account via VPN on old reddit if you can’t access without being logged in
These assholes forget that people need to use VPNs in many situations. All the bitch ass corporate folks that never have to use their computers in a coffee shop, etc. Fuck spez.
It goes much deeper than just coffee shops and other public wifi. There are people in oppressive countries that have to use VPNs to get around their country-wide bans of certain sites, such as anything that provides access to information. Reddit used to be a sanction for tons of information sharing. But now, with Reddit going public, they have to appeal to their shareholders, who probably have business or other deals in those oppressive countries. So, even if Reddit is simply trying to force users to be trackable, it still behooves the shareholders to make information and knowledge more difficult to access to certain people.
You can still use the site via VPN if you’re logged in. Which is really the entire point. They don’t actually care if you’re using a VPN; It’s just another method to force people to make an account, so the “active accounts” number looks good to shareholders.
Then Reddit’s notice should say that instead of scolding sbout VPNs. This problem is not simply with Reddit and a login, it is pervasive. Hell, even lemmy.world blocks vpn connections from making new comments, often.
Lemmy.world handles that particularly poorly, probably because they’re a nonprofit with a shoestring budget.
The most obvious improvement would be to accept comments when the account meets a certain age and activity threshold.
Reminds me to donate.
Then Reddit’s notice should say that instead of scolding sbout VPNs.
It-… Uhh… It does say that. It’s literally the second sentence in the body of the notice, and even has a link to create an account. Did you even read past the title?
Yes, it briefly mentions it but the entirety of that is about shaming VPN use. Is it not?
It doesn’t actually mention VPNs at all. It simply says you were blocked due to a network policy, and offers potential solutions ranging from “try logging in” to “if you’re doing fucky things with your user agent, maybe try not doing fucky things with your user agent.”
Wtf do you think “network policy” is about when it comes up when using fucking VPNs? It is entirely about VPN use.
Your point was that it’s scolding users for using a VPN. It’s explicitly not doing that. Yes, they’re actively working against VPN usage, but your original statement was still incorrect.
They likely didn’t. They just don’t care.
And I just discovered this some weeks ago. The “woah there, pardner!” is so cringeworthy.
The whole website is cringe. It has some of the best little communities are on there, but they are the exceptions. Most of it is power-tripping mods and disingenuous arguments from far-right lunatics on a foundation of “narwhal bacon lol.”
To me it sounds like a racist, homophobic Southern US citizen that likes to tote their guns and “defend” their property through the Castle doctrine because freedom (fuck yeah!).
Actually the perfect encapsulation of the brainrot on reddit.
Nobody in the south says shit like this unironically lmao.
You’ve never been to the South
You mean about the “Woah there , pardner?” or the overwhelming about of racism, bigotry, and homophobia?
I mean I’ve been to the South and I can confirm one of these two things.
Try again. Take your bullshit hot takes the fuck out of here. It’s tired and old. Nobody is buying it anymore.
Right, I forgot that Fox News declared that racism in America is no longer a thing.
Thanks for making me aware that the situation with the racism like the Ahmaud Arbery case is in the distant, distant past and southern racism is not a thing anymore.
Appreciate you putting me into the white view of the situation.
stop watching so much CNN geez
what an absolute garbage site it has turned into
Evil bastards will continue to wring every bit of tracked engagement they can, now that they’re publicly traded. It’s the only way to satisfy capitalist markets. Woooooo!
I’m glad I’m over here now.
Workaround if you are using uBlock Origin:
reddit.com##+js(set-cookie-reload, reddit_session, 0) old.reddit.com##+js(set-cookie-reload, reddit_session, 0)
Add this to your filters.
Gasp
Tempting but the block page is helping remind me to stay mad at Reddit
I love you brother…
Hehe, as expected of the Internet. I block most cookies and JS anyway but this will work for most people. But won’t it affect logins?
They really want to track you
VPNs don’t prevent tracking, especially when you’re logging into services.
They can help obfuscate your identity to varying degrees, but honestly this is a pretty odd decision. I’m guessing it has more to do with malicious activity, or some other type of activities that Reddit is trying to curtail, and they feel blocking VPN IP ranges will help them.
Maybe blocking Russian spam bots. Because they interfere with their own spam bots.
If the Russians want their propaganda on Reddit, they will have to pay to use the Reddit bots like everybody else.
Also blocking web crawlers in the post API era.
That… actually sounds pretty plausible.
Sometimes I read reddit post while not logged in on old.reddit with vpn on. Just the other day I got this message. After changing servers the message went away
Many users don’t log in. After the fall of the 3rd party apps, I only use the rdx webapp if I want to view reddit. I don’t log in with an account at all anymore. So all of my data looks like some anon browsing from the same VPN server as hundreds of other anons. Yes they can analyze all of that traffic and individualize it, but that takes work. I’m glad to make them expend more effort, even if they get the same data in the end. Every step that makes it less cost effective for them is better, even if not perfect.
Jokes on them I block them on the DNS level.
I’m making a list, and I’ll be checking it thrice lol.
Gonna ban all major sites and IPs. The Internet used to be about the small guy not the downtown.
Your meter could use some work but it sings well enough
I’m making a list
and checking it thrice
Gonna ban IPs
and all major sites
The In-ter-net isn’t what it used to be.
I don’t even need to do that because my country do that “for me” lmao. VPN was the only way I ever accessed reddit at all.
I think the only four I have set to block are reddit, twitter, facebook’s products and fandom. A shame those are always the top 10 results from any search.
Wait, why fandom?
Every annoying thing ever invented is embedded in every single fandom page. Ads, twitch streams, ads, personality polls, ads, content gating behind login, ads, sidebars, ads, popups, ads, “share with facebook”, ads, “Tweets from thisguy”, ads, “Check us out on tiktok”, ads, ads, ads and some more ads…
UBlock Origin?
I use fandom for my favourite artists
I’ve tried. Check how large the list got before I completely blocked the domain a couple years ago. And it STILL let stuff through, as they constantly add more crud that infests the pages. The focus isn’t on the content, it’s on the revenue… and they push hard on the revenue. I bet every single module has an extensive list of trackers attached.
! https://*.fandom.com fandom.com###WikiaBar fandom.com##.mcf-wrapper fandom.com##.wds-global-footer__main fandom.com##.message fandom.com##.global-navigation__top fandom.com##.is-visible.fandom-sticky-header fandom.com##.wds-global-footer fandom.com##.page-side-tools__wrapper fandom.com##.featured-video__wrapper fandom.com##.discord-module.rail-module fandom.com###mixed-content-footer fandom.com###SurveyModule fandom.com##.global-navigation fandom.com##.wikia-bar-anon.wikia-bar fandom.com##.mw-parser-output > div:nth-of-type(2) fandom.com###highlight__main-container
In my case, I’ve blocked 3rd party JS, the rest of the rules are actually to get the page working rather than blocking stuff
To clarify, you can still use old reddit logged in with a VPN, but they no longer allow you to browse logged out with a VPN. Still bad of course. But if you’re willing to log in you don’t have to turn off your VPN. You can sign up with a throwaway/obfuscated email if needs be
I just, don’t visit reddit anymore.
Problem solved…
Sadly, when researching problems or interests, often Redditposts have useful info.
Try Rdx, it’s great for read access to Reddit.
More info in the GitHub repo.
Not a solution, it gives error:
Can’t load content! There can be multiple reasons for this, your browser’s aggresive privacy settings may be blocking the one call to reddit.com RDX makes. This happens usually when you use a VPM/Proxy and/or a privacy focused browser like Firefox. Play around with privacy/tracking options or change your browser. If it still doesn’t work click the feedback link and send me some info.
Anything that says their website is broken because Firefox is automatically discredited in my book, especially when they recommend switching away from it.
Hey I am the developer of RDX. I don’t care what browser you use but reddit does. It’s reddit that is blocking VPN users. RDX only makes a call to Reddit’s read-only feed to display content without their ads and popups and login restrictions. It does not claim to be a proxy for Reddit.
This doesn’t address the issue I pointed out with recommending people switch away from Firefox.
What’s a VPM?
This site works as an app it forces the browser to download content directly from reddit and doesn’t proxy it
firefox blocks reddit thinking that these are trackers (technically, I think these are trackers, but which transmit content) the site works fine if you disable tracking protection in firefox
Oh ya for sure. I deleted my account, and moved here never intending to look back. I have clicked on a couple reddit links since I left but I really try not too. Like I’d say 5 times maybe. In the end if I need info and that’s the only place…
This is an oversimplification of the problem. Many times a search engine returns useful results inside reddit. You’re not going there because you love reddit as a platform, but because you need something that someone posted in there.
PSA: you still don’t need an email to register. Simply register via old.reddit.
Not necessarily.
My primary account was banned from Reddit. (I suggested arson as a way of solving the early stages of a Nazi infestation in a neighborhood, and Reddit claimed this was “instigating violence”, as though Nazis were humans.) They also banned all of my alternate accounts. Any account that i tried to open–regardless of which computer I used, browser, VPN, e-mail address, etc.–also ended up getting banned. I think that they must have been doing some kind of hardware fingerprinting that I wasn’t able to get around, even with canvas blocker etc., and any computer that I’d used to log into Reddit on my primary account was linked to that account, and hence banned from creating an account.
It took a while, but I did manage to overwrite every single post and comment I’d made in the last 10+ years for that account.
regardless of which computer I used
That’s really bizarre. I wonder how they did that. So a different computer on a different network with a different email address and everything would still get you banned for ban evasion?
Really creepy too, obviously they’re keeping a lot of data on you to be able to be that thorough.
Notably, computers that I’d previously used to log in to my banned account. I strongly suspect that if I’d used my wife’s laptop to log in to my banned account, then she would have seen her account banned as well for ‘ban evasion’.
Have you tried registering an account through the Tor browser? If they banned you on that as well, then that’s either creepy as hell, or something is wrong with your setup.
I don’t know if you can; Tor breaks a lot of websites, esp. if you have Javascript turned off (and you should if you’re using Tor).
had the same issue. built a new pc and was able to access it fine, just gotta be careful not to use reddit on any device my old account was present on.
the funny thing is, I’m not even using a VPN or doing anything to mask my identity. it seems to be purely hardware recognition
I thought reddit require an email to create an account
Not if you go through old.reddit.
Oh wow I botched that I meant to say didnt*
Just leave it blank.
Just tried it without login and for me it works with vpn (proton)
The Redlib frontend still works. In my opinion it also provides a much nicer UI than the official Reddit website or even old.reddit.com. This is the list of public instances: https://github.com/redlib-org/redlib-instances/blob/main/instances.md
Ok, you do that, but people who don’t want to get cut off from 400 million people, how do we fuck up and breakthrough reddit’s anti anonimity defenses ?
Killing reddit is on the table, but is there a more practical approach ?
i dont have an account anymore but for anytime i need to view a reddit post i use RedReader. its an open-source thirdparty app thats still allowed to use reddits API for accesibility reasons.
Not to sound like I’m claiming to be up on a moral high ground or anything, but it leaves a bad taste in my mouth using accessibility tools for non accessibility reasons when it comes to Reddit. Ordinarily, I wouldn’t care, but Reddit has shown me that they don’t give a shot about people who need accessibility tools at all. Allowing some of them to stay around was just a desperate attempt at preventing some bad PR. If they thought an accessibility tool was mainly used by people trying to bypass their stupid and greedy decisions, they would 100% kill it off in an instant
deleted by creator
If you’re anonymously browsing the site without being logged in while on a vpn are you really being “cut off” from the people there?
I mean… if you have a relationship with those 400 million people that’s cultivated through your unrecorded, invisible, surreptitious reading of their comments that’s a deeply diseased thing.
That’s bad, Reddit is blocked in my country. VPN is my key to the open world
You can still use reddit with a vpn if you login. The error message even tells you that.
What country are you in?
Indonesia
RedLib, the continuation of LibReddit,
still works:
https://github.com/redlib-org/redlibI use it in combination with this GreaseMonkey script,
to redirect me to a random RedLib instance:
https://greasyfork.org/en/scripts/469587-reddit-to-libreddit-redirectDue to instances often going down and/or stop working.
On Android you can use Stealth . That’s what I use for searches that pull up Reddit posts.
It also lets you subscribe to subs without having an account if you want. You actually do not have the option to sign in on Stealth.
ETA: this works with VPNs and Orbot
stealth doesn’t work at all, it just says something went wrong.
I only get the ‘something went wrong’ error when a post has been scraped, then deleted. So you go to load it but it no longer exists.
I just tried it again before replying and it worked fine for me.
Not the original person replying but I tried it as well and opening the app gives me the same error message.
There’s a message at the bottom that says
Stealth might stop working soon
that when clicked says
Considering it talks about old.reddit.com I imagine the VPN issue is effecting it as well.
It is odd, it still works fine for me.
That notice has been there since the third party change. Under ‘Data’ - ‘Reddit Source’ I had to change it from ‘Teddit’ to ‘Reddit’. Teddit stopped working quite soon after the API change.
It seems to not be effecting all VPN connections, I’m wondering if yours just hasn’t been blocked yet?
I am using Orbot, which always shows up as a TOR exit node. Strange that they would allow that. I always pick somewhere in western Europe so my time zone stays the same.
it won’t load anything. not the front page, no search results, nothing. i recall trying like half a year ago too, and with similar results.
Regarding: “On Android you can use [Stealth] . That’s what I use for searches that pull up Reddit posts.”
The stealth protocol does not have anything to do with accessing individual sites or services. The purpose of stealth is when trying to estata VPN connection to a provider that does not allow VPNs. For example, a public wifi that blocks VPN connections or some countries that require ISPs to block VPN connections.
I never said it did. If you had bothered to actually read my comment or look at the link you would have seen that I was referencing the app Stealth.