this post was submitted on 15 Oct 2025
308 points (98.4% liked)

Privacy

42610 readers
399 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 6 years ago
MODERATORS
k_o_t@lemmy.ml
Yayannick@lemmy.ml
ranok@sopuli.xyz
tmpod@lemmy.pt
308
YSK: Reddit webpage has unblockable trackers, even with Ublock Origin installed (lemmy.world)
submitted 3 days ago* (last edited 2 days ago) by CodenameDarlen@lemmy.world to c/privacy@lemmy.ml
51 comments fedilink hide all child comments
 

cross-posted from: https://lemmy.world/post/37402366

This is the main reason I completely ditched Reddit, if you use the new Reddit interface instead of the old one (old.reddit.com), you'll see a constant request being made to "https://www.reddit.com/svc/shreddit/events" (open your DevTools > Network tab, can't see on Firefox idk why).

The problem is, if you add this to your Ublock Origin filters the website won't load properly, that's why uBO team didn't block it already.

You'll notice this request isn't only being made from a interval but also when you do basically any action in the site, like pausing or resuming a video (send timestamps of when did you pause or resumed).

It sends other kind of data like what subjects you're seeing when closed a tab or the related subjects of a post you click, this all can be used to trace a perfect profile of you and things you like.

You can avoid that using the old.reddit but it still has the same kind of tracker, even tho you can block it here without major issues.

By my analysis, old Reddit interface does the same but to a random URL path that always starts with "reddit.com/api/something". Ex.: reddit.com/api/friends So you can block anything that starts with "www.reddit.com/api" in your custom filters (after all you're using old.reddit.com), then you're mostly free from Reddit trackers (more or less). Side effect is, you won't be able to use the chat in the old interface.

you are viewing a single comment's thread
view the rest of the comments
[–] knomie@feddit.org 4 points 2 days ago (2 children)

That looks great.

But aren't more addons bad for fingerprinting? I often read the recommendation to use as few addons as possible.

[–] PiraHxCx@lemmy.ml 6 points 2 days ago* (last edited 2 days ago)

I asked them exactly that hehe
So, technically the sites you are redirecting from will never know you tried to access them and the addon is not interacting with any page, but the dev didn't address/think of probing. I don't have enough tech knowledge to confirm the addon won't react to anything, thus making itself known. I don't know which probing techniques there are and how all those resist-fingerprint and sandboxing settings from privacy-conscious browsers work against it... it does, however, sound like a sophisticated and resource-consuming method that I don't think they would be using on regular internet unless they have specific targets, so if they have such probing techniques they are probably using it on IPs going through the TOR network (and you shouldn't use any addon on Tor anyway).
It's all about your threat model, if you just want to avoid regular tracking and profiling the addon should be fine, now if you are afraid of some sophisticated and resourceful threat actors targeting you, don't take your chances with any addon.

[–] Wigglesworth@retrolemmy.com 1 points 2 days ago

Beats me, I only browse reddit over TOR.

...and lemmy.