Before migrating to Lemmy, I decided to request a copy of the data Reddit has on me.
To my surprise, the export includes a file ip_logs.csv
with a list of all IP addresses that I used to connect to Reddit for the last 3-4 months!!
That seems quite unnecessary.
deleted by creator
I’d like to know, as well. Been 10-ish days since I requested it, still nothing
edit: finally got mine, could’ve been better, could’ve been worse
I imagine they use it to keep track of alts and ban evasion, not surprising to me and you should probably assume that any site you visit will store your IP forever.
deleted by creator
For the love of god use Tor with tails, or at least just Tor on its own. Even that’s probably overkill, but with telemetry monsters like Reddit it doesn’t hurt to go above and beyond.
Generally the tracking Reddit does is this:
-
Cookies
-
Cross site tracking (just like Facebook does)
-
Canvas Data and User agent (including browser window size)
-
IP address (generally the last thing they target to prevent cross-bans on public WiFi and universities)
Replacing a laptop isn’t necessary to get around it, this is a lie spread by moderators (and also admins in some cases) trying to mystify the ban evasion detection system in an effort to curb ban evasion. Using a private browser that limits information is usually sufficient, using Tor is very effective, and using Tor with tails is insanely effective if maybe a tiny bit overkill.
-
Does my browser supply details about my hardware? Is there anything on Android that can prevent sending hardware information?
When using a browser they can get your user agent (https://www.whatsmyua.info) They can also get some information about your device, like pixel resolution, screen size (https://www.whatismyscreenresolution.org), gpu (https://hardwaretester.com/gpu) etc…
All of those data combined make a fingerprint for your browser, that can be more or less unique.
I recommend having a look here for more information about how fingerprinting works and how to protect from it, and to see how “unique” your browser is (https://coveryourtracks.eff.org).
When using an app, it’s a whole lot more complicated to escape from it, but one step I can recommend, is to delete your phone advertisement id (https://www.eff.org/deeplinks/2022/05/how-disable-ad-id-tracking-ios-and-android-and-why-you-should-do-it-now).
That been said, from my own reddit gdpr export, it doesn’t look like reddit is doing any fingerprinting of that sort. I haven’t looked so close at it yet, however.