You should check out the privacy communities on Lemmy for censorship bypassing. A lot of this stuff around good op-sec is also applicable to ban evasion on Reddit.
Reddit uses 3 primary methods to detect and punish ban evasion.
Matching account information
Cookie and Browser storage
IP address
If you are using the Reddit app on a mobile device some hardware identifiers, and account information may be part of that telemetry as well. But you should know better to than to use official apps that contain hidden trackers like that.
The first one is easy, simply using the same email or a very similar username, or even including your old username in your bio is enough to trigger this kind of detection. This is blatantly stupid shit honestly if you’re looking to evade a ban, and just in general if you care about privacy at all.
Solution: Use a temporary or private email (an email you don’t use or associate yourself with in any meaningful way), use a different username, and don’t reference your old account ever.
The second one is a bit harder, but generally can be solved by setting cookies to deny or temporary only, as well as only allowing Reddit to run in a container. Running Reddit from incognito only is also an effective way to combat this type of tracking or telemetry. Of course the best and easiest way to do it is to simply use Tor Browser, more on that in the next one.
The third one, isn’t particularly hard to get past but it can be annoying, assuming that you’ve dealt with the others you can try using a VPN or a Proxy to change the IP address Reddit sees you using the site from, though this comes with the Risk of disconnections and accidentally exposing your original one. One of the best methods you can use is to use Tor Browser. Tor Browser is a custom Browser based on Firefox, which connects to a special network of servers. The goal is to protect the Privacy and Anonymity of internet users and both the Network and Browser is hardened against attacks to expose it. it’s not perfect but it is essentially perfect for a use-case like yours, it covers both IP address matching and browser cookies and history, as the browser is hardened against use of Cookies, browser history, and many other advanced fingerprinting techniques. The best thing of all is that Reddit actually seems to support the use of Tor officially, as they have their own officiall .onion version of their site (doesn’t work on Non-Tor browsers).
Something else to keep in mind is that due to dynamic IPs, shared IPs, and CGNAT, you may be able to just get a new IP address that isn’t linked to your old account, so if the other issues were dealt with you could continue using Reddit normally if you managed to do that.
Finally a good skill to have in this area if you want to pull it off is convincingly being able to lie. Even with all these you may get caught in Reddit’s ban evasion filter, likely as a false positive (many legitimate users get caught in it) so you have to be able to convincingly lie to moderators of subreddits to be able to help you. If you do it right they will usually help you, because false positives of the ban evasion detection filter do catch and hurt legitimate users, more often than not.
Reddit does also employ security theater as a way of deterring ban evasion, which is basically fancy speak for lies that they and their userbase tell people to scare or dissuade them out of trying it. I will debunk some of these because there are even Lemmy users who are spreading these lies here in this thread.
“Reddit uses hardware IDs in the browser” False. Reddit, Nor any other normal website on the World Wide Web has any access to anything besides a limited number of hardware features. This is because any modern and respectable web browser has sand-boxing to prevent unauthorized code from peeking at things that it shouldn’t such as personal files. This also has the side effect of restricting access to unique hardware information. Theoretically they could use monitor solution to uniquely fingerprint you, but there are easy ways to break or fudge that, the easiest one being don’t maximize your browser. Tor fudges it through other means though so if you’re using Tor this isn’t a major concern.
Web developers who say this, I’m disappointed in you, this is something you should know better and either you suck at what you do, or you’re dirty liars trying to trick or scare people.
Something to note is that this only applies to the web, not to Apps, apps have more privilege than Web pages do, and those absolutely can collect hardware information and circumvent VPNs.
“Reddit uses advanced methods to correlate speech patterns” False. Reddit does not seem to use any sort of advanced methods to correlate speech patterns to original banned users. Obviously this is hard to prove but as someone who dealt with ban evaders on Reddit it seems illogical to believe they actually do this. Otherwise they wouldn’t have such a hard time connecting accounts of many serial ban evaders who all but tell them what they are doing. What they will do is to manually ban people who admit to ban evading or being a ban evader. I think some of the people who make this claim have bad op-sec and unintentionally leaked Telemetry without knowing how or why, which is the source of their ban.
“Reddit just knows that you’re evading bans” This one is so stupid that no one who isn’t a Redditor, or who knows even a little bit about technology would even bother to make it, but I’ve seen it made on r/help. I don’t even want to explain why this one is stupid but the most telling thing about it is that it’s not a real answer. It’s just a blatant scare tactic without explanation because the person is too stupid to know how op-sec works, or how websites actually detect and punish abuse.
I know that some of these are done as an attempt to dissuade spammers and trolls, but guys, come on. These people already know all of these tricks and then some. You’re not fooling anyone by trying to convince us that Reddit is omnipotent or that ban evasion on Reddit is impossible to successfully pull off. It may seem noble to try and dissuade a new generation of spammers and trolls from taking on the world but the thing is, they won’t be because they are already on the evil side. So you’re doing nothing but making yourself look like a fool to those who know better, and preaching to the choir since most normies don’t have an interest in spamming or ban evading in the ways you’d like to avoid.
Something else I would like to say, I’ve said a lot on how to evade bans on Reddit. I’m also going to say I do not recommend doing it. Why? Well not for any reasons other people might not, such as bypassing website security or it being “morally wrong 👶”. Rather because, Reddit is a monstrous corporate platform. Reddit does not have our best interests at heart, they are a publicly traded company, their goal is to make money through whatever sleazy means they can. It is in everyone’s best interest that people leave Reddit for other platforms, you are at the moment on what is likely the most promising Reddit alternative which has come around, it’s recommended you stay here instead of using Reddit, don’t give them your advertising points as a clicker or a scroller.
Obviously alternative platforms aren’t perfect, but they are the way of the future, as Reddit will only get worse and worse as time goes on, and the need for money grows stronger. You should invest your time in an alternative like Lemmy, instead of slithering back to Reddit, which despite the technological hostility you may face doing so, is a move that benefits them, and is in their best interest, especially in the current time.
A lot of those skills and techniques are applicable on a majority of other websites as well.
Though yeah, it’s not really worth it unless you have a real need to get back on Reddit, it’s a terrible platform and the less real users use it, the better. Eventually it will be fully consumed by the bots, it’s already pretty far along in that regard already likely isn’t going to get much better, why help it not get any worse. Hence why I do not recommend people do it.
I also wanted to address the amount of misinformation and scare tactics spewed by people on Reddit, and sadly people on Lemmy too, because it seems more often than not this garbage goes unchallenged and undebunked.
You should check out the privacy communities on Lemmy for censorship bypassing. A lot of this stuff around good op-sec is also applicable to ban evasion on Reddit.
Reddit uses 3 primary methods to detect and punish ban evasion.
If you are using the Reddit app on a mobile device some hardware identifiers, and account information may be part of that telemetry as well. But you should know better to than to use official apps that contain hidden trackers like that.
The first one is easy, simply using the same email or a very similar username, or even including your old username in your bio is enough to trigger this kind of detection. This is blatantly stupid shit honestly if you’re looking to evade a ban, and just in general if you care about privacy at all. Solution: Use a temporary or private email (an email you don’t use or associate yourself with in any meaningful way), use a different username, and don’t reference your old account ever.
The second one is a bit harder, but generally can be solved by setting cookies to deny or temporary only, as well as only allowing Reddit to run in a container. Running Reddit from incognito only is also an effective way to combat this type of tracking or telemetry. Of course the best and easiest way to do it is to simply use Tor Browser, more on that in the next one.
The third one, isn’t particularly hard to get past but it can be annoying, assuming that you’ve dealt with the others you can try using a VPN or a Proxy to change the IP address Reddit sees you using the site from, though this comes with the Risk of disconnections and accidentally exposing your original one. One of the best methods you can use is to use Tor Browser. Tor Browser is a custom Browser based on Firefox, which connects to a special network of servers. The goal is to protect the Privacy and Anonymity of internet users and both the Network and Browser is hardened against attacks to expose it. it’s not perfect but it is essentially perfect for a use-case like yours, it covers both IP address matching and browser cookies and history, as the browser is hardened against use of Cookies, browser history, and many other advanced fingerprinting techniques. The best thing of all is that Reddit actually seems to support the use of Tor officially, as they have their own officiall .onion version of their site (doesn’t work on Non-Tor browsers). Something else to keep in mind is that due to dynamic IPs, shared IPs, and CGNAT, you may be able to just get a new IP address that isn’t linked to your old account, so if the other issues were dealt with you could continue using Reddit normally if you managed to do that.
Finally a good skill to have in this area if you want to pull it off is convincingly being able to lie. Even with all these you may get caught in Reddit’s ban evasion filter, likely as a false positive (many legitimate users get caught in it) so you have to be able to convincingly lie to moderators of subreddits to be able to help you. If you do it right they will usually help you, because false positives of the ban evasion detection filter do catch and hurt legitimate users, more often than not.
Reddit does also employ security theater as a way of deterring ban evasion, which is basically fancy speak for lies that they and their userbase tell people to scare or dissuade them out of trying it. I will debunk some of these because there are even Lemmy users who are spreading these lies here in this thread.
“Reddit uses hardware IDs in the browser” False. Reddit, Nor any other normal website on the World Wide Web has any access to anything besides a limited number of hardware features. This is because any modern and respectable web browser has sand-boxing to prevent unauthorized code from peeking at things that it shouldn’t such as personal files. This also has the side effect of restricting access to unique hardware information. Theoretically they could use monitor solution to uniquely fingerprint you, but there are easy ways to break or fudge that, the easiest one being don’t maximize your browser. Tor fudges it through other means though so if you’re using Tor this isn’t a major concern. Web developers who say this, I’m disappointed in you, this is something you should know better and either you suck at what you do, or you’re dirty liars trying to trick or scare people. Something to note is that this only applies to the web, not to Apps, apps have more privilege than Web pages do, and those absolutely can collect hardware information and circumvent VPNs.
“Reddit uses advanced methods to correlate speech patterns” False. Reddit does not seem to use any sort of advanced methods to correlate speech patterns to original banned users. Obviously this is hard to prove but as someone who dealt with ban evaders on Reddit it seems illogical to believe they actually do this. Otherwise they wouldn’t have such a hard time connecting accounts of many serial ban evaders who all but tell them what they are doing. What they will do is to manually ban people who admit to ban evading or being a ban evader. I think some of the people who make this claim have bad op-sec and unintentionally leaked Telemetry without knowing how or why, which is the source of their ban.
“Reddit just knows that you’re evading bans” This one is so stupid that no one who isn’t a Redditor, or who knows even a little bit about technology would even bother to make it, but I’ve seen it made on r/help. I don’t even want to explain why this one is stupid but the most telling thing about it is that it’s not a real answer. It’s just a blatant scare tactic without explanation because the person is too stupid to know how op-sec works, or how websites actually detect and punish abuse.
I know that some of these are done as an attempt to dissuade spammers and trolls, but guys, come on. These people already know all of these tricks and then some. You’re not fooling anyone by trying to convince us that Reddit is omnipotent or that ban evasion on Reddit is impossible to successfully pull off. It may seem noble to try and dissuade a new generation of spammers and trolls from taking on the world but the thing is, they won’t be because they are already on the evil side. So you’re doing nothing but making yourself look like a fool to those who know better, and preaching to the choir since most normies don’t have an interest in spamming or ban evading in the ways you’d like to avoid.
Something else I would like to say, I’ve said a lot on how to evade bans on Reddit. I’m also going to say I do not recommend doing it. Why? Well not for any reasons other people might not, such as bypassing website security or it being “morally wrong 👶”. Rather because, Reddit is a monstrous corporate platform. Reddit does not have our best interests at heart, they are a publicly traded company, their goal is to make money through whatever sleazy means they can. It is in everyone’s best interest that people leave Reddit for other platforms, you are at the moment on what is likely the most promising Reddit alternative which has come around, it’s recommended you stay here instead of using Reddit, don’t give them your advertising points as a clicker or a scroller. Obviously alternative platforms aren’t perfect, but they are the way of the future, as Reddit will only get worse and worse as time goes on, and the need for money grows stronger. You should invest your time in an alternative like Lemmy, instead of slithering back to Reddit, which despite the technological hostility you may face doing so, is a move that benefits them, and is in their best interest, especially in the current time.
That’s a whole lotta work to use a shitty platform. I’d rather just stay away.
But great post and great tips though! Just way too much bother for me personally to do anything like that just for Reddit.
A lot of those skills and techniques are applicable on a majority of other websites as well.
Though yeah, it’s not really worth it unless you have a real need to get back on Reddit, it’s a terrible platform and the less real users use it, the better. Eventually it will be fully consumed by the bots, it’s already pretty far along in that regard already likely isn’t going to get much better, why help it not get any worse. Hence why I do not recommend people do it.
I also wanted to address the amount of misinformation and scare tactics spewed by people on Reddit, and sadly people on Lemmy too, because it seems more often than not this garbage goes unchallenged and undebunked.