Fantastic extension. I self-host Invidious, Teddit, Nitter, and Bibliogram and configured LibRedirect to use only my private instances. Unfortunately, the community instances are often either overloaded or down entirely. It's hard to imagine going back to the "real" sites...they are all so user-hostile.
Since Android doesn't support browser extensions, I accomplish the same thing using the Bromite browser along with a handful of UserScripts to redirect youtube/twitter/etc to my private instances.
Edit: Yes, I know Firefox for Android supports extensions, but the work required [0] to actually install any extension other than the handful "blessed" by Mozilla borders on hilarity. Firefox for Android seemed pretty good a few years ago, but at some point since then Mozilla has done a full redesign of the GUI and the whole thing now feels janky to me. I tried using it for a couple days and just couldn't bear it. My impression is that Mozilla is letting it languish.
For simplicity, I use the exact same setup for all my family's Android phones (GrapheneOS with a persistent wireguard connection back to the house) and Firefox was just too strange for the non-technical people to use.
In addition, GrapheneOS makes some pretty compelling arguments [1] against FF-based browsers.
Lest anyone accuse me of being a Firefox hater, I do use it on the desktop.
"Edit: Yes, I know Firefox for Android supports extensions, but the work required [0] to actually install any extension other than the handful "blessed" by Mozilla borders on hilarity."
Yeah, the number of extensions ("add-ons") available for Fennec is a joke. Someone on HN suggested that Firefox Nightly for Android has no such limitation.
Unlike uBlock, uMatrix, an add-on not available for Fennec, is purportedly for "advanced users" but I see in this thread people suggesting that to use extensions in Nightly, one needs to "log in". IMO, that conflicts with the purpose of using extensions to block unwanted egress traffic. IMO, if I was the type of user who "signs in", I would not be interested in "privacy" extensions.
IMO, all this hoop-jumping is due to unregulated online advertising. Without Google's online ad services profits propping it up, Mozilla would not be a feature-for-feature Chrome "competitor". Mozilla is on the same advertising treadmill with Google. Unless they assist online advertising, the organisation cannot survive. The less we rely on these ad-supported organisations, the better.
IMO, trying to control popular web browsers and "smartphones" is a waste of time. The amount of work to attempt to control them is insane and they are moving targets so the work never ends. I "block" advertising, telemetry and other unwanted traffic by proxying smartphone connection to the internet through a computer I can more easily control.
IIRC, someone on HN once compared smartphones to "kiosks". Even if one disagrees now, I think that is where these pocket-sized "personal computers" are headed. People may be forced to use them, but they will remain under the control of some other party.
I've considered hosting my own Nitter and Bibliogram instances but I have to wonder if that reduces their privacy veil a bit. Wouldn't the requests from those instances be coming from a single IP, thereby potentially allowing their respective services to still track you? (Sure, you're avoiding the analytics from those service's web front-ends or apps but that can probably mostly be achieved by disabling JS.) I've considered adding a VPN or TOR gateway between the nitter and bibliogram instances I host to make them harder to track.
For twitter to me, it's not even about privacy - the regular frontend without being logged in is unusable. My instances are hosted publicly but I don't advertise them. I guess if people fancy it they are free to check it out, but would prefer it not to end up on any lists: https://midas.rocks/
I agree. If you're the only user of your instance, they can easily track you server-side by your IP address. You could mitigate this by routing your egress traffic (either from the individual device or network-wide, from your router) through a VPN.
It’s really not that much extra work to automatically rotate VPS IPs or VPN relays on an hourly or daily interval. Since most Invidious/Nitter guides don’t recommend doing this I guess it’s not very common.
Just remember that you’re still technically trackable via behavioral, configuration, or latency fingerprinting. Anonymity is a full-time academic endeavor, not a shell script one-liner.
I host everything from a server in my basement. Each local application gets a dedicated Rocky Linux VM on a proxmox hypervisor, with the VM/DNS/app configuration managed though a custom ansible framework that I've developed for my "homelab" over the years. Don't currently mess with containers.
My mobile devices have an always-on wireguard VPN back to my house so I can access everything while out and about.
Could you re-post your comment to show how it is easy? I searched for "unatrix" and "amo" and "list" and got 0 hits that would make it easy, or indeed make it hard as none (on the front page which is all I looked at) refer to firefox and/or android. To me, with no other information, this implies that it not actually easy for normal users and indeed it might therefore be hilariously hard. For example, should I search for these on github?
I am using an alternative which doesn't require any additional browser extensions, but it does require that each client installs a custom root certificate.
I have a split-DNS setup where I override the DNS entries for certain sites like reddit, twitter, and youtube so that they point to a local server. The local server returns privacy-friendly versions of those sites (e.g. spikecodes/libreddit).
I use the root certificate to sign SSL certificates for those domains which will be trusted by each client on the network as long as they've installed the custom root certificate.
That way, when I visit a reddit link from a google search, it automatically returns the privacy friendly version of the site, as long as the root certificate is installed.
This is especially nice using when using iDevices, because those don't support native browser extensions.
> I have a split-DNS setup where I override the DNS entries for certain sites like reddit, twitter, and youtube so that they point to a local server.
Neat setup but exercise caution with the root-cert (I guess cert pinning isn't a thing on Browsers, yet?).
> I am using an alternative which doesn't require any additional browser extensions... This is especially nice using when using iDevices, because those don't support native browser extensions.
I use ghostarchive.org to view YouTube videos (that fit its limits), nitter.net for twitter threads, and archive.is for reddit threads.
> I guess cert pinning isn't a thing on Browsers, yet?
Locally installed root certificates override HSTS. Some regulated industries like banking are legally obligated to unwrap all TLS traffic, so locally installed roots allow for that.
This is a very interesting approach. I've been wanting a way to filter YouTube videos on my Apple TV so that only certain channels are whitelisted (my kids like to yell "butt" and "poop" at Siri which is... problematic). Seems like a custom root certificate would make this possible.
This is invaluable whenever someone links to a Twitter thread here and I don't want to spend the effort dodging sign-up modals and piecing together 30 fragments of what would just be a normal paragraph on any other site.
If you have an Android device, Fritter is a pretty good Twitter client. You can read threads and follow accounts without having an account. It's a little buggy sometimes, but overall it's pretty good.
Users of Privacy Redirect and LibRedirect may find it worthwhile to check out farside [0]. The long lists of mirrors can be replaced with singular farside links (e.g. https://farside.link/libreddit) which will always redirect to working instances.
Not just that, the suggested advice to replace all instance URLs with farside.link defeats the extension’s secondary privacy feature by sending all YT/Twitter/IG URL requests to Farside’s servers.
I've been using this for a while, and it works well but it also often redirects me to broken instances, which is not inherently that horrible (most of the time these are just hosted by people in their spare time with spare funds), but in that case I'd like to see automatic redirection and some memory that this host wasn't accessible, so the plugin should try to avoid it in the near future.
This is the aim of the farside [0] project. For example instead of juggling a list of up/down invidious mirrors, just plug in https://farside.link/invidious and it will automatically redirect to a working instance.
Right now it seems the only solution for broken instances is to open settings and remove the instance manually. Interestingly, there's a speed test for instances in the settings, but it just tests them one after another, flashes a number, then moves to the next in a fairly useless fashion. I'm assuming this half-implemented feature is actually just a first step towards automating the thing a bit.
Didn't the devs behind bibliogram say they were done because of how aggressively Instagram tries to block these alternatives? Maybe I'm misremembering that
You are not misrembering. They announced it at the beginning of this month [0][1] and have officially shut down all of their hosted instances as of about a week ago [2]
I don't think it matters if there are instances up if they don't work. If the devs quit because they spent of their time trying to circumvent Instagram's blocks then if they quit, it's only a matter of time before it stops working due to Instagram's interference.
I tried this, but it only works for HTTP but not for HTTPS. I would need to install some sort of root certificate on my client, and privoxy would need to unwrap and rewrap the TLS with the new certificate, right?
Do you consider the potential security risks from such a setup? Like if you access your bank or email over privoxy do you think about the risks of adding such a layer?
I've been using this for some time. I noticed that it works with Troddit, my favorite Reddit web client https://www.troddit.com/, you just need to go to custom and add it there.
I use it mainly on Android with kiwi browser so I don't need to download apps
For Reddit I've just been relying on uBlock Origin to block trackers, with some custom rules to get rid of all the superfluous sidebars, header bars, banners, avatars, achievement icons etc. The cleaned up interface actually looks very similar to Troddit's "Classic Rows" style.
I remember reading a while back about how some intelligence agency uses the browsing history of individual users to correlate their interests and build a profile on them. Either way, it's best to not centralise this data (or make yourself hard to fingerprint).
I'm sorry if I'm missing something. If its just a simple redirect, we can do this using a HTTPS Everywhere rule, which is available in Firefox in android as well. I use this to redirect reddit to old.reddit
There's also Redirector, a general purpose web extension that lets you redirect any URL with wildcards or regex, and ignore patterns as well. You can use it to do this, or anything else you want. Works on mobile too with Kiwi (a chromium fork with extensions support) and Iceraven (Firefox on mobile limits extensions you can install).
so please make sure you understand the tradeoff, the risks involved.
by not having to trust youtube/twitter/instagram to not store what you do on their website, you instead have to trust a random browser extension to not store everything you do in your browser on every website.
(also, please do not use the it-is-open-source-you-can-read-the-source-code argument. no normal user is going to read and understand the whole source code, and repeat it for every update. at the end, you have to decide to trust it, or not)
I have also been using this extension (redirector) for a long while, for the same purpose. One thing I like about OPs extension is that it can randomise which instance of teddit/nitter/etc you get redirected to. And it's also surfaced a lot of alternative front-ends I didn't even know existed! I'll definitely be trying it out.
Although the extension by default requires full access to all the websites you visit, in Chromium you can limit its permissions to a list of websites (for example twitter.com, reddit.com, etc.).
Does anybody know if such a thing is also possible in e.g. Firefox?
It can be done, but it must be set by the extension author rather than the users (e.g. bypass paywalls clean requests permissions only for the websites it handles).
Since Android doesn't support browser extensions, I accomplish the same thing using the Bromite browser along with a handful of UserScripts to redirect youtube/twitter/etc to my private instances.
Edit: Yes, I know Firefox for Android supports extensions, but the work required [0] to actually install any extension other than the handful "blessed" by Mozilla borders on hilarity. Firefox for Android seemed pretty good a few years ago, but at some point since then Mozilla has done a full redesign of the GUI and the whole thing now feels janky to me. I tried using it for a couple days and just couldn't bear it. My impression is that Mozilla is letting it languish.
For simplicity, I use the exact same setup for all my family's Android phones (GrapheneOS with a persistent wireguard connection back to the house) and Firefox was just too strange for the non-technical people to use.
In addition, GrapheneOS makes some pretty compelling arguments [1] against FF-based browsers.
Lest anyone accuse me of being a Firefox hater, I do use it on the desktop.
[0] https://www.ghacks.net/2020/10/01/you-can-now-install-any-ad...
[1] https://grapheneos.org/usage#web-browsing