I think I finally reached my breaking point with reddit (about time). Earlier this month the humorless admins of /r/teslamotors banned me for posting a video of my custom charge port cover. A day or so later I mistakenly posted on the sub using my secondary account. That’s on me. The /r/teslamotors admins gave me a permaban and reddit gave me 7 day site ban. I can take my lumps so whatever.
However, apparently I commented today on /r/teslamotors using the account that received the permaban. Dumbass reddit gave me another 7 day site ban for ban evasion. WTF? Either a software bug allowed me to comment or /r/teslamotors lifted my ban for some reason.
Neither of those constitute ban evasion IMHO. I’m also tired of using old.reddit.com in phone browser since they killed apis.
How do they know you were using a secondary account?
When you logout and login again, the tracking cookies are still present. Also, if you use the mobile app to login with multiple accounts, Reddit will mark those accounts as belonging to the same person. IP address is a factor but probably not as important because a large number of people share the same IP addresses these days thanks to cgnat and VPN.
They track all that
IP, MAC address, and several permacookies. Even clearing your cache doesn’t help but formatting your entire computer, spoofing your MAC address, and getting a new IP address from your ISP does.
The MAC address is only visible in the local network, so it’s not visible to reddit if you’re not directly locally connected to their server.
Oh I wish I was still so naive. The world was a lot simpler then.
That’s not naivety it’s a basic understanding of how networking works
There is no reason that the reddit client can’t get the MAC address and include that in a payload somewhere.
Here’s one reason: access to MAC addresses is restricted to system apps since Android 6, since Android 11 it’s not available to third party apps at all
Fine. Why would it? The device has a unique hardware ID that’s even easier/better for identifying the device. MAC addresses are randomized, and there’s at least 3 of them in any modern phone. Seems overly complicated and ineffective.
I’m just pointing out that anything the client can read can be shared with the server.
Sure, and all of that goes out the window on a mobile app that doesn’t play by browser rules.
And 96% of reddit is on mobile.
Have you ever once thought that this may have been a reason for them cutting off all the 3rd parties behind ridiculous fee schemes?
This has nothing to do with browser rules. It’s how tcp/ip works.
And 100% of phones have a unique hardware ID visable to any app with the “read phone state” permission. Why the hell would anyone use a MAC address to identify you? And which MAC address would they use? The wifi nic? The mobile nic? The Bluetooth MAC?
Idk about iPhones but MAC addresses on android are randomized by default. Maybe learn even the tiniest bit about what you’re talking about before you go calling people naive.
He’s saying that the reddit client can report the MAC address, not that its able to be determined by the other end of a socket connection.
Look, it doesn’t matter if its a MAC or a fingerprint or an invisible evercookie, if you DON’T format your PC and get a different IP address, you WILL be banned for ban evasion.
I know this, I’ve had over 20 accounts banned from reddit in the last six years and several of them have been lifebans. Trust me when I say I’ve tried 20 different iterations of data security and the only one that works involves a hard drive wipe.
I’m not saying they can’t track you. I’m saying the person who told you that they’re not doing it by MAC was right, and your reply was not only wrong but painfully self righteous for a guy who doesn’t know what he’s talking about about.
Also, changing your IP, clearing cookies, and installing a plugin that obfusticates your browser fingerprint ought to be enough. The second two are essentially what you did by blowing out your OS.
Removed by mod
most probably ip or MAC address.
Apparently they are using browser/device fingerprinting as well. So any account I log in on from my browser will be linked together. Only way to potentially work around this is use a browser that has never been used to connect to reddit before. No using mobile app (which I don’t use anyways)