ouTube, Reddit, and Other Nasty Sites Sabotage LibRedirect.
YouTube, Reddit, and other sites that have an unofficial privacy respecting/Small Web front-end are starting to get wise to this and “rate limit” their API or are making changes to it and sending scary letters from their lawyers.
They’re terrified, paranoid, that they’re missing “ad impressions” and opportunities to track the users.
Reddit sets 15 year tracking cookies on your computer so even if you never make an account, they can keep a list of things you look at, even if you change networks.
Google YouTube is putting ads all over “content” that they didn’t even produce, and sometimes “demonetizes the channel”, but still puts ads in someone else’s videos anyway and pockets their money. It’s like being beaten up and having your money stolen by the playground bully, and then the school staff (or the government regulators in the case of Google) sides with them.
If that’s not bad enough, sometimes the whole damn video is just some “Influencer” trying to sell you some dumb product. Sometimes it’s not even obvious who pays them to say what. So YouTube is of extremely limited use.
The RIAA is terrified of YouTube rippers (and so is Google), but music has basically been free since (the original) Napster anyway. They try to “monetize” songs my parents listened to (and obfuscate how to get at them) because nobody has put any serious effort into music since the mid-2000s on the major labels.
They’re obviously getting wise to the fact that people hate them.
Right now, I just deal with it the best ways I can. The Gecko (Firefox-type browsers, such as LibreWolf and SeaMonkey) have always had far more powerful APIs for Web Garbage blockers, like NoScript and ublock-origin. So that can often handle the mountain of bullshit on YouTube even when I’m on the main site.
Sometimes I go to DuckDuckGo just to search for videos. Playing YouTube videos there works better than on the YouTube site. Even though DuckDuckGo tracks people and I typically use Searx.be as my search engine, DuckDuckGo hasn’t ruined their Web site code to be so awful it barely runs at all. Like Google has.
So I’ve unfortunately been having to use Old Reddit Redirect and use redirects in LibRedirect less often. Google in particular is trying to figure out where all the holes are and plug them so that nobody can escape the aggravation.
Since far fewer users even know what Gopher and Gemini are, the News sites haven’t bothered to even look into blocking it. Sometimes Bypass Paywalls works in LibreWolf. Sometimes it doesn’t. Normally, the experience of reading news and weather in text is better anyway.
Likewise, gopher://gopherddit.com in Lagrange lets me read text on Reddit without being tracked. If I click through to a Reddit link it goes either straight to a image file itself in LibreWolf or at least to an old.reddit.com (via the extension) site, and I haven’t set up an exemption for them to be allowed to set cookies, and I’ve only whitelisted four specific domains that could possibly load JavaScript when I end up there.
Matthew Garrett was dismissing Small Web stuff before his behavior got to be so unacceptable that he became the only user in nearly 20 years of Techrights that had to be muted. He told me it was basically worthless because Gemini and Reddit don’t have things like forms you can post with, like browsers do.
But I actually found this cool site called Gemlog.blue that lets you post to a Gemini Pod from a Web form, which doesn’t even need active content.
With minimal code changes we could have simple Web forums that allow people to read and lurk over Gemini where nobody will track them and they can read the content with plaintext and nothing else, and if they want to post something, they can use any browser (even SeaMonkey) with JavaScript turned off. Those have forms.
Many people don’t really care whether it’s the Web or not, what bothers people like me about the Web is it’s very bloated and annoying, and the corporations and their pet governments have gone “full shithole” mode lately, putting all kinds of nasty stuff in it.
With Gemini sites, you don’t have to use CA certificates and put someone you don’t trust, can’t trust, and got trusted FOR you in your “root of trust”.
One of Mr. Garrett’s friends misunderstood why Techrights on the Web has a self-signed certificate.
Many browsers see this and basically alarm the user with scary language. But what is a self-signed certificate?
It’s basically just what it says. There’s no “Certificate Authority” involved, like “Let’s Encrypt” which is a plot to make it easier for Web browsers to demand encryption, which is not something that all users or even every site actually needs.
Techrights isn’t a bank. It isn’t an online shopping site. You don’t actually need to know that like, “Okay, this is really Discover Bank, or this is really Walmart.”
You can read over HTTP or HTTPS with a self-signed certificate. Really all you need to do is either accept the warning or mute it by adding the certificate so it won’t prompt you again. There’s nothing really “broken” about this setup. Most sites weren’t encrypted 10-15 years ago and we were fine.
Basically the only reason I ever forced HTTPS in a Web browser was because of Comcast, which at one point started hijacking Web pages in transit to (I’m sure spy, but also..) inject their own messages into the page.
This broke pages and was very annoying, and with HTTPS Everywhere in EASE Mode, they couldn’t do it!
As to that behavior, there ought to be a law against it. But HTTPS forced on was the only way I could make them knock it off. I also changed my DNS servers because they were NXDOMAIN hijacking invalid Web addresses to their own search page full of ads instead of saying the site didn’t exist. Super shitty company.
Fundamentally though, everyone should be using a VPN. The things your ISP can do are amazingly even creepier. There’s some like Mullvad that seem to be decent.
I think that a lot of people in his circle, starting at the top, don’t really “do” security, or even understand what it is. Again, not every site needs HTTPS and if there were laws against crummy monopolist ISPs hijacking your Web pages to insert poop and spy on you, rather than ones requiring it then I think we could get rid of most of this HTTPS nonsense and just be happy again.
There’s only a few Web sites that Netscape Navigator on my computer (I keep it around to LOL and look at Gopher mostly, sometimes, although Lagrange is better.) can look at anymore. It can view Roy’s site because he doesn’t demand HTTPS, and that’s part of what keeps it so broadly compatible, and it has simple layout that doesn’t force tens of megabytes of garbage styling and scripts just to read text.
It’s not Modern. Who cares? It’s not encrypted (or you can accept the self-signed cert). Who cares? There’s no security “angle” here.
Communities do not need to be “managed”.
Our latest discussion turned to “Community Managers” and it reminded me that Jono Bacon used to do this for Canonical, and he used to come to Techrights like many Corporate types did, to “keep an eye on us”. Managers like to know if articles are coming and what they’re likely to say.
The “Community Manager” is now working for clients like Deutche Bank, AirBNB, Microsoft, Intel, and Trend Micro.
Somehow I doubt they want to hear performances of the Metal Free Software Song.
Anyway, Chris Pirillo came up too. Seems Intel (intHELL) hired him to do damage control in 2019, I mean “Community Management”, possibly due to the failed products and chip bugs. They lay off thousands while people try to make their old PC run forever due to the dead economy with hyperinflation, I mean Biden’s Economic Miracle.
(Try Linux! You’ll like it better!) ⬆