View on Redlib, an alternative private front-end to Reddit.
The purpose of this post is not to endorse the use of Reddit (), but rather to inform users of a privacy-friendly approach in case they need to utilize the platform.
Redlib is a private front-end like Invidious but for Reddit.
๐ Fast: written in Rust for blazing-fast speeds and memory safety
โ๏ธ Light: no JavaScript, no ads, no tracking, no bloat
๐ต Private: all requests are proxied through the server, including media
Logging: According to Reddit's privacy policy, they "may [automatically] log information" including:
IP address
User-agent string
Browser type
Operating system
Referral URLs
Device information (e.g., device IDs)
Device settings
Pages visited
Links clicked
The requested URL
Search terms
Location: The same privacy policy goes on to describe that location data may be collected through the use of:
GPS (consensual)
Bluetooth (consensual)
Content associated with a location (consensual)
Your IP Address
Cookies: Reddit's cookie notice documents the array of cookies used by Reddit including/regarding:
Authentication
Functionality
Analytics and Performance
Advertising
Third-Party Cookies
Third-Party Site
Redlib
Server
Logging: In production (when running the binary, hosting with docker, or using the official instances), Redlib logs nothing. When debugging (running from source without --release), Redlib logs post IDs fetched to aid with troubleshooting.
Cookies: Redlib uses optional cookies to store any configured settings in the settings menu. These are not cross-site cookies and the cookies hold no personal data.
Settings and subscriptions are saved in browser cookies. Clearing your cookies will reset them. You can restore your current settings and subscriptions after clearing your cookies using the link given in the settings menu.
Note: The above text presents an abridged and modified version of information found in the developer's documentation. Some context has been removed or altered for brevity. For the full and unmodified documentation, please see the original source.
Sometimes services will try to force you to sign up for an account by blocking access to content with annoying popups. They might also break without JavaScript enabled. Frontends can allow you to get around these restrictions.
If you choose to self-host these frontends, it is important that you have other people using your instance as well in order for you to blend in. You should be careful with where and how you are hosting, as other peoples' usage will be linked to your hosting.
When you are using an instance run by someone else, make sure to read the privacy policy of that specific instance. They can be modified by their owners and therefore may not reflect the default policy. Some instances have Tor .onion addresses which may grant some privacy as long as your search queries don't contain PII.
Since reddit closed off their API does this just scrape the sote instead? That's pretty resource intensive. If it's not self hosted what's the incentive for this?
EDIT: Ah ok nevermind you can self host. I misread the post.
It mentions limited functionality if you don't pass it an account so likely as not it's passing your user token along with a web browser header, scraping reddit, then yanking out whatever it's filtering and then serving what's left (likely just the text and vote metadata) in a locally hosted or remote hosted (not on reddit servers) site.
So it wears a mask that has your usernames face on it, knocks on reddit's door, asks reddit your question, then comes back to you with only the relevant info that you have told it to bring back.
That's only if my cursory reading is correct. I'd defer to a dev or someone else more interested in the project.
how to instances perform compared to libreddit when it comes to rate limiting, can I just pick an instance an have confidence that It won't be rate-limited most of the time ?