This is the main reason I completely ditched Reddit, if you use the new Reddit interface instead of the old one (old.reddit.com), you’ll see a constant request being made to “https://www.reddit.com/svc/shreddit/events” (open your DevTools > Network tab, can’t see on Firefox idk why).
The problem is, if you add this to your Ublock Origin filters the website won’t load properly, that’s why uBO team didn’t block it already.
You’ll notice this request isn’t only being made from a interval but also when you do basically any action in the site, like pausing or resuming a video (send timestamps of when did you pause or resumed).
It sends other kind of data like what subjects you’re seeing when closed a tab or the related subjects of a post you click, this all can be used to trace a perfect profile of you and things you like.
You can avoid that by using the old.reddit but it still has the same kind of tracker, even tho you can block it here without major issues.
By my analysis, old Reddit interface does the same but to a random URL path that always starts with “reddit.com/api/something”. Ex.: reddit.com/api/friends So you can block anything that starts with “www.reddit.com/api” in your custom filters (after all you’re using old.reddit.com), then you’re mostly free from Reddit trackers (more or less). Side effect is, you won’t be able to use the chat in the old interface.
Inspect this request by yourself and you’ll see, they send info about everything, this is not normal. If this is normal all Ublock Origin team work is non-sense, why bother blocking trackers on client-side? If, according to you, they can tracker the same way via server-side.
Blocking this request is a layer of protection, not a silver bullet to not be tracked, other means should be used for that.
99% of that is stuff they already know. What api endpoint is this?
They can’t know at what minute you paused or resumed a video via server side (this is sick to me)… Actually, this doesn’t even make sense, if they are able to know all of that via server-side why send redundant data via client-side?
I took a look and besides the amount of info they send, what draw my attention is that they send an accurate flag if you’re using an adblocker or not, not sure why tho, but they know who use and who don’t, they just chose to do nothing.
There are way more if you inspect it closely.
It’s the endpoint of new reddit that I mentioned in the post, if you block it the feed won’t load anymore.
Their video player streams, not unlike YouTube. Sending the “the user paused” action can easily be explained by them wanting to tell the server to stop sending data when the client isn’t even attempting to view it.
Look, I get that you’re gung go about privacy, but you’re going to see damn near exactly these types of things with any API. Sometimes it’s nefarious, sure. But the vast majority of it is simply how web based software works.
I mean, just look at the majority of that data. What feed you’re in? You pulled the feed data from their server, they don’t need to gather that for tracing purposes. What media is open? Obviously they can track that when you pull the media info down from their servers. How long that media is? The sizing of the media? When that post was posted?
I’m seeing virtually nothing in there they don’t already have. This is just an API being fed information it needs to run. The fact that it’s all information they can already track is kinda proof of that. Why go to all this trouble tracking the information a second time?