Before migrating to Lemmy, I decided to request a copy of the data Reddit has on me.
To my surprise, the export includes a file ip_logs.csv
with a list of all IP addresses that I used to connect to Reddit for the last 3-4 months!!
That seems quite unnecessary.
They also track your hardware, if possible. I had to replace a few laptops over the year.
Does my browser supply details about my hardware? Is there anything on Android that can prevent sending hardware information?
When using a browser they can get your user agent (https://www.whatsmyua.info) They can also get some information about your device, like pixel resolution, screen size (https://www.whatismyscreenresolution.org), gpu (https://hardwaretester.com/gpu) etc…
All of those data combined make a fingerprint for your browser, that can be more or less unique.
I recommend having a look here for more information about how fingerprinting works and how to protect from it, and to see how “unique” your browser is (https://coveryourtracks.eff.org).
When using an app, it’s a whole lot more complicated to escape from it, but one step I can recommend, is to delete your phone advertisement id (https://www.eff.org/deeplinks/2022/05/how-disable-ad-id-tracking-ios-and-android-and-why-you-should-do-it-now).
That been said, from my own reddit gdpr export, it doesn’t look like reddit is doing any fingerprinting of that sort. I haven’t looked so close at it yet, however.
For the love of god use Tor with tails, or at least just Tor on its own. Even that’s probably overkill, but with telemetry monsters like Reddit it doesn’t hurt to go above and beyond.
Generally the tracking Reddit does is this:
Cookies
Cross site tracking (just like Facebook does)
Canvas Data and User agent (including browser window size)
IP address (generally the last thing they target to prevent cross-bans on public WiFi and universities)
Replacing a laptop isn’t necessary to get around it, this is a lie spread by moderators (and also admins in some cases) trying to mystify the ban evasion detection system in an effort to curb ban evasion. Using a private browser that limits information is usually sufficient, using Tor is very effective, and using Tor with tails is insanely effective if maybe a tiny bit overkill.