But I'm not certain that this is the case. https://disconnect.me/trackerprotection claims to link to lists that show which trackers are only identified and which are identified and blocked, but those links just go to https://github.com/disconnectme/disconnect-tracking-protecti..., where I do not see such a distinction being made.
Yeah I mention r/science at 7:00 in the linked video.
> If the moderators agree with the study there is zero dissent tolerated. This subreddit has something like 1000+ moderators and they remove any comments that doesn't fit into Reddit's very narrowly defined overton window. Not just people being off-topic or taboo... but often anyone who questions the studies being posted.
I'm sure that's true. I haven't looked at the exact biases in that group too much. For awhile I was collecting examples of biased removals in certain groups, but that was just so I could come up with relatable stories to tell. I disagree with pretty much every secretive removal. Even in cases where someone is threatening violence I wonder whether we should keep such a removal secret from the author: an extremist in a given group, whose views went unchallenged, may perceive silence as agreement and therefore believe they're part of a team when in fact they're not.
> My only critique is that it doesn't work with Firefox. I have to pull up Chrome which I only use for work. Do you have a social media profile to follow/provide feedback to?
It does work on Firefox but you have to disable tracking protection [1]. The reason is because Reddit, to which Reveddit obviously must connect, appears on an arbitrary list of domains that Firefox's partner Disconnect.me considers to be "trackers" [2]. That list breaks tons of websites that are tracked and seemingly ignored in this 8 year old bug [https://bugzilla.mozilla.org/show_bug.cgi?id=1101005]. The bug is updated with new sites almost every day. I'm not up to date on how browsers or standards are changing, but I'm guessing the Disconnect.me list is a hack until a better solution can be found.
I don't know of a better solution. I'm all ears if you have one provided it doesn't cost me more or hurt the site's operation by putting its logic on a server [3].
[1] https://www.reveddit.com/about/faq/#firefox
[2] https://github.com/disconnectme/disconnect-tracking-protecti...
[3] https://groups.google.com/forum/#!topic/mozilla.dev.privacy/...
google-analytics.com is on https://disconnect.me/trackerprotection/blocked and also https://github.com/disconnectme/disconnect-tracking-protecti...
Its certainly low, but I also think FF usage is under reported due to built-in tracker blocking. For reference, FF uses the level 1 disconnect.me block list, which blocks StatCounter scrips from loading on 3rd party sites [1].
[1] https://github.com/disconnectme/disconnect-tracking-protecti...
(Safari, as far as I can tell, tries to avoid having site-specific policies, so maybe the question is "What is Repixel doing that is exploiting a security bug in Safari, and how can Safari fix it?")
A few things,
(1) Why does it matter in this case? Under what scenario can you imagine reddit abusing the knowledge that certain users are reading metadata about reddit accounts off-site?
(2) It seems to me Firefox could selectively choose not to send cookies and the referrer header in this case, rather than rendering entire sites broken. In that manner, sites accessing social media APIs can function, no data leaks, and everyone is happy.
(3) Hundreds of sites are broken like this. An issue tracking them has been open for 5 years [1]. The list used to identify "tracking" websites is huge and not maintained by Firefox [2].
(4) Due to this list, it is virtually impossible to build a web service that queries any social media site and runs on Firefox under default settings, significantly handicapping apps that can be built. Devs' recommendation was for me to move the code to a server, which would be expensive to maintain and would limit usefulness to users by obscuring code and introducing per-IP rate limits from the external API, in this case reddit's.
[1] https://bugzilla.mozilla.org/show_bug.cgi?id=1101005
[2] https://github.com/disconnectme/disconnect-tracking-protecti...
You can get an idea of which sites are blocked by reviewing the list of blocked domains [1] (this includes many APIs, such as reddit.com) and a 5 year old issue where people post websites broken by tracking protection [2].
[1] https://github.com/disconnectme/disconnect-tracking-protecti...
The list [1], which includes many APIs, also breaks hundreds of websites [2] that access those APIs
[1] https://github.com/disconnectme/disconnect-tracking-protecti...
This breaks a site I built called reVddit [2], and after discussing with Mozilla devs [3], I'm unable to come up with a solution that doesn't significantly alter user experience and maintenance costs.
I find it ironic because the intent of reVddit is to increase transparency, one of Firefox's key principles. I'd love to hear ideas if anyone has any insight into any of this.
[1] https://github.com/disconnectme/disconnect-tracking-protecti...
[3] https://groups.google.com/d/msg/mozilla.dev.privacy/XO84Ezrw...
Basically, you can't load reVddit pages on Firefox because reVddit accesses reddit's API, and reddit is listed on Firefox's list of websites that are considered trackers [1].
In my uneducated opinion, this list is weird. I had some discussion about this with Mozilla devs [2]. In that message chain, devs acknowledged reVddit is not doing anything wrong, rather it is reddit who could infringe users' privacy. Yet it is the non-infringing site that breaks.
Further, the devs' suggestions for remedy are not workable. They propose moving requests to the server so that reVddit.com makes the requests to reddit.com. There are multiple problems with this,
* It would hide more code from users
* Reddit rate-limits requests coming from a single source
* Infrastructure becomes expensive on what is supposed to be a low cost website
My conversation with devs was good but needs more. Is there any solution here, or do we just go our separate ways?
[1] https://github.com/disconnectme/disconnect-tracking-protecti...
[2] https://groups.google.com/d/msg/mozilla.dev.privacy/XO84Ezrw...
In some cases it is because Firefox's tracking protection is based off of a curated list of websites [1]. This breaks a site I built called reVddit [2].
In my uneducated opinion, this list is weird. I had some discussion about this with Mozilla devs [3]. In that message chain, devs acknowledged reVddit is not doing anything wrong, rather it is reddit who could infringe users' privacy. Yet it is the non-infringing site that is rendered broken.
Further, the devs' suggestions for remedy are not workable. They propose moving requests to the server so that reVddit.com makes the requests to reddit.com. There are multiple problems with this,
* It would hide more code from users
* Reddit rate-limits requests coming from a single source
* Infrastructure becomes expensive on what is supposed to be a low cost website
My conversation with devs was good but needs more. I don't understand their point and they do not seem to understand mine.
[1] https://github.com/disconnectme/disconnect-tracking-protecti...
[3] https://groups.google.com/d/msg/mozilla.dev.privacy/XO84Ezrw...
The full list of trackers that will be blocked by default is substantial. [2]
1 https://blog.mozilla.org/futurereleases/2019/02/20/enhanced-...
2 https://github.com/disconnectme/disconnect-tracking-protecti...