Reddit has a notorious shadowban antiprivacy system. Basically if you’ve been banned one time 5 years ago but permanently (in my case they did ban me permanently after circumventing one day-long local ban after I replied to one troll in the same subreddit or something) they WILL know for sure that it IS you and the system will ban you again and again and again and that is essentially what their shadowban is until you buy another PC. There are actually many people who suffered from this and this is a popular issue, they even let you to check if this is the case for your acc https://www.reddit.com/r/ShadowBan/.
The thing is, can Brave as a browser that was built for fighting against anti-human anti-privacy practices counter it? I had mixed results. Firstly creating an account with Brave did let me write at least one post which is a lot if you are shadowbanned, but then one day later the account was still banned. Can we openly discuss the issue here and does Brave devs have any thoughts about it?
“User evading a sitewide ban: after a user is permanently suspended for violating the Content Policy, if they then create alternate accounts, their alternate accounts are usually suspended too.”
Yeah so I don’t think there’s much we can do about this considering this happens on the website’s side of things – it is specific to the account and it’s related data which is stored by Reddit. It’s not like there is a “shadowban cookie” or something that is stored in the browser that can be blocked or deleted.
It would be like getting kicked out and banned from a bar (not an perfect analogy but works for our purposes here I think). The bouncer(s) knows who you are and what you look like so any time you try to go in, they stop you. There’s no way to “stop” the bouncer(s) from knowing or to make them forget who you are.
So from our (or any browsers) perspective, there’s not much to be done here.
The shadowbanned account is indeed banned permanently. The problem is that you will wait 5 years, reg another account on a different and completely clean browser, and it still will be banned because the info will be enough to identify that the person who created an account 5 years ago and a person who created a new account from a different browser 5 years later is still the exact same person until the PC is physically replaced. Is there really nothing that Brave can’t do? If it is so then this is completely catastrophic for privacy.
Like what is the point of blocking digital footprint or cookies or tracking or anything if in the end it is completely meaningless and the weak shall bend to the soulless crushing all-seeing machine? This is suicidal level of hopelessness.
@Chara-Freedom they use a variety of tools, but primarily tend to look at your IP address. Thing is, why do you think it’s in anyone’s rights to try to trespass somewhere when they’ve been banned? Just give up on the site and take action elsewhere.
Privacy tools aren’t being made to try to enable bad behavior and help bots, trolls, or other “bad actors” from trying to circumvent safety controls. Trying to do that would just completely destroy websites and the internet in general.
Also, you keep mentioning about a physical replacement for a PC, but that has nothing to do with it. I’m not even sure where that idea is coming to your mind.
-NOTE-
Brave’s privacy controls aren’t made to prevent websites from recognizing us when we return. It is there to prevent cross-site tracking. Even that is limited though, as you consider server side tracking and all the ways that can work.
My IP address is dynamic and has been like this all my life. If you ban dynamic IP addresses from being used completely then you will also ban many innocent people. All vpn services use limited pull of ips but there are many more people who use them and this also requires filtering. Reddit bans some vpns but some not. I’ve seen that some ips are prohibited from sending an image on Discord but the use of a particular IP doesn’t ban your account. Probably it is used in a combination but no more than this. And that’s also why I believe that the other machine will not be punished if the only thing that is similar is IP-address because you can’t differentiate two people in the same room vs one person with two pcs. I didn’t try it but for me it is logically obvious, so if I need to use Reddit I need to buy another PC specifically for this.
Reddit uses a machine moderation 100% of the time and I don’t consider it fair that some AI detected that I replied to a troll and then this same AI gave me a permaban for a reply to a troll. I am not a criminal for replying to a troll one time but Reddit wants to see that it is right and it worked for you. There are literally thousands of people that suffer from this some rightfully some not. There are famous things in the privacy field that multiply criminals, especially the Tor network. With zero privacy there will be zero crime. But for me the thing that Reddit does is already equal to zero privacy. I don’t see the difference between Brave and Chrome in terms of privacy if any site from the Internet can know who I am years later and there is nothing I can do. By the way I am also a VPN developer so for me this whole IP thing is not entirely applicable. Maybe I was a bit careless just because I thought in the beginning that IP is not so important compared to machine components and fingerprint omitting.
@Chara-Freedom My concern is I see posts like this and I think back to all the accounts that had to be banned even on this website, such as the people who were trying to pretend they worked for Brave and scammed people of all their cryptocurrency. I have also been a moderator of huge groups and websites where we constantly had to deal with nuisances.
When it comes back to then answering about how to bypass these things, it’s like asking to tell those banned scammers how they can come back to try to scam even more people. And in terms of introducing more details tech to try to counter it for other websites, it would not do good for the reputation of the browser. You’d likely see a big step up in websites trying to block traffic from Brave.
IP address indeed has long been a key part of recognizing accounts and still is quite important to current trends. It’s not just the idea of blocking just one specific IP address but it’s using it along with other details to determine if it’s the same person.
Essentially it gets combined with a lot of things on the server side tracking as I mentioned earlier. If you’re not familiar with that, you may want to read through some things like https://www.cookieyes.com/blog/server-side-tracking/ though I’m sure you can find much better information.
The idea that Reddit ties bans directly and irrevocably to a specific PC through something like a MAC address or hardware serial number would not be correct. But there are some particular identifiers that can be available based on device. For example, for a long while you had ID tracking that was revealed through Android and iOS which was one of the many tools used to recognize banned accounts as well.
What I can guarantee is a new device is not needed at all. It just requires someone to recognize what persistent details are shared, especially via your hardware, and then use tools to block or modify those. Some of these things could be blocked or modified by Brave, but it would cause a lot of performance and compatibility issues.
To be clear, I’m not saying everything as if it’s some huge secret. People who want to figure it out will be able to look and find articles or online discussions. I just don’t want to be the one who made it easier for people to be annoyances and cause harm to others.
Server-side tracking (SST) has been growing in popularity since its introduction by Google in 2020 but has yet to be studied by the scientific community.
Instead of the client directly reporting its tracking data to different companies around the world, it is the role of the SST server to do it.
This approach is currently hampering online privacy as it transforms what used to be very clear tracking requests performed by the browser on the client side into masked and hidden ones on the server side.
For users, it becomes complicated to protect themselves as their favorite blocking tools are not adapted to this hidden form of tracking.
They do browser fingerprinting. Basically, by looking at the characteristics of your computer(IP address, speed, memory, window width, operating system, languages used, a list of what fonts are installed, et cetera) and by using javascript to load things on your page and to make requests, they may not be able to know every extension you have installed, but they CAN figure out enough unique characteristics about the computer to identify that two accounts are logging in from the exact same physical location and seem to have identical configurations. It can give them a high degree of likelihood that two accounts are on the same computer.
Brave has some anti-fingerprinting tech built in to it, but you’d still need the six “Fingerprint Defender“ extensions, which randomize aspects of your browser presentation in order to make it harder to fingerprint.
