this post was submitted on 13 Mar 2024
158 points (95.9% liked)

Reddit

17365 readers
468 users here now

News and Discussions about Reddit

Welcome to !reddit. This is a community for all news and discussions about Reddit.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules

Rule 1- No brigading.

**You may not encourage brigading any communities or subreddits in any way. **

YSKs are about self-improvement on how to do things.

Rule 2- No illegal or NSFW or gore content.

**No illegal or NSFW or gore content. **

Rule 3- Do not seek mental, medical and professional help here.

Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.

Rule 4- No self promotion or upvote-farming of any kind.

That's it.

Rule 5- No baiting or sealioning or promoting an agenda.

Posts and comments which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.

Rule 6- Regarding META posts.

Provided it is about the community itself, you may post non-Reddit posts using the [META] tag on your post title.

Rule 7- You can't harass or disturb other members.

If you vocally harass or discriminate against any individual member, you will be removed.

Likewise, if you are a member, sympathiser or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people, and you were provably vocal about your hate, then you will be banned on sight.

Rule 8- All comments should try to stay relevant to their parent content.

Rule 9- Reposts from other platforms are not allowed.

Let everyone have their own content.

:::spoiler Rule 10- Majority of bots aren't allowed to participate here.

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
158
Reddit Email Grab (sh.itjust.works)
submitted 5 months ago by v4bttcza to c/[email protected]
32 comments fedilink hide all child comments
 

Reddit account for 13+ years. Constantly prompted to provide email. Have no desire to have any personal information in it whatsoever, so never provided any. However, it is the only account I've ever used for extensive long term discussion and community involvement. Thousands of comments in discussions with other folks on topics I'm interested in. Logged in from many different locations and platforms over the years. Opted to never enter an email. Have never forgotten password, never needed to reset password. Didn't care about recovery. If the account is lost, so be it. Logged in recently to a banner saying my account has been "suspended for suspicious activity security reasons" and the above message. The only way to recover the account is to "reset the password by entering an email". Created a random anonymous email online, entered it as a fresh new email never provided before, reset link shows up in email, reset password, back in the account.

If I had to make a cynical skeptical guess - looks like an obvious stunt in advance of the IPO to grab a bunch of emails for accounts that didn't have emails in order to drive up account metrics used for valuation. Side note, I did receive the IPO invitation.

I spend more time on Lemmy now because the phone apps are awesome. I only hang on to Reddit because there are some communities that exist there that don't have Lemmy equivalents. But I have been thinking about running one of those account comment / post scramblers and then deleting. This is bringing me closer to that decision.

all 33 comments
sorted by: hot top controversial new old
[–] [email protected] 60 points 5 months ago* (last edited 5 months ago) (2 children)

How would this provide any measure of security if your account had been hacked? So the hackers just need to provide literally any email address? That doesn’t pose much of a barrier.

[–] [email protected] 6 points 5 months ago (3 children)

I think newer accounts can only be created, when providing an email address. There may be some old accounts that don't have an email address associated. So, in most cases, you'd just be able to restore the account if you have access to both the account password and the email address. This breaks apart, if there's no email address associated so I think they provided this way of recovery although it doesn't improve security since it only applies to very few accounts?

[–] [email protected] 2 points 5 months ago (1 children)

So you think it’s just a mistake overlooking a small number of accounts? Seems possible. I am curious how many such accounts there are.

[–] [email protected] 3 points 5 months ago (1 children)

Not quite. If they had overlooked a few accounts, they'd probably not even implemented that function. They'd just said "well, if you forget your password - or need to change it - you need to use the forgot password workflow that sends an email. Everyone without an email Adresse associated with their account would be SOL.

Since they implemented it, they are aware of such accounts. But since "providing freely any email address for a password reset" makes absolutely no sense, this should only work for this special case - accounts without an associated email address.

Whether it's only done for unlocking accounts, whether this would have also worked when clicking on "Forgot Password" or whether this account lock and unlocking workflow might even be intentional to associate an email address to such accounts, is unknown (to me)

[–] [email protected] 1 points 5 months ago

like temporary email works

[–] [email protected] 2 points 5 months ago

Last time I checked, you can still make one without an email, but you have to click on a very small ambiguous hyperlink during creation. It's possible this is no longer the case.

Being able to make throwaway accounts has been the back bone of Reddit for a long time. People want a right to privacy.

[–] [email protected] 1 points 5 months ago

I can say by using multiple portable chrome instances that reddit now requires an email, but you seem to have an option not to verify it. But it has a nag to verify. example [email protected] would be good enough for an account, but they would send a verify email to that account. I got tired of their petty crap after I'd be in for 10K karma and some person would be angry with my reasoning and since I deleted my comments by script, I didn't have an appeal option. I'm trying this place out

[–] [email protected] 1 points 5 months ago

"Hmmm. Yesss. Counterpoint: Shut up and give us more data to sell."

[–] [email protected] 37 points 5 months ago

OP highlights some damage caused by data harvesting, that is not widely spoken: users reacting against providing data to sites or software, even when doing so might potentially increase the security of their data.

Including myself. Frankly? If I got the same message as the OP, my knee-jerk reaction would be: "oh great they're trying to associate my Reddit account with my e-mail, and my e-mail with everything else, for the sake of data profiling. The claim that it's for my security is probably bull fucking shit."

The worst part? As a wise man once said, "just because you're paranoid doesn't mean that they aren't after you". ...okay, I'm joking about Kurt Cobain being a wise man, but not about the rest - the risk that the "it's for your protection, your user, chrust us" discourse is bullshit and that they want to sell your data is very real.

[–] [email protected] 10 points 5 months ago (1 children)

I avoided all this by creating a unique Gmail address ages ago and set the Reddit account just to that email. Then set up two factor authentication on everything.

It's a pain but whenever I jump into a new social media account I create separate emails and separate authentications to everything.

If the account ever gets compromised, I don't really care because it was setup as a standalone account. If the service gets weird like what happened to Reddit, I was able to just delete the account content, delete the account and none of it was directly identified or connected to any of my actual services I use.

I've done the same with Lemmy and every other service I want to try out but am unsure of.

I had Reddit for ten years and I felt safe and happy dumping my account.

Hopefully the same won't happen to Lemmy but no one ever knows how these things will pan out.

[–] [email protected] 8 points 5 months ago (1 children)

This happened to me several years ago on a similarly old account. I don’t think it was actually compromised, and I had no way to recover it as I had never set an email.

[–] [email protected] 1 points 5 months ago

Same exact situation. This is what I thought was meant by "Reddit Email Grab" they were deliberately culling non-emailed accounts.

[–] [email protected] 8 points 5 months ago

Leopardsatemyface

[–] [email protected] 7 points 5 months ago

(long string of numbers) @ mailinator.com?

[–] [email protected] 5 points 5 months ago (1 children)

I'm not surprised, I started receiving bans as soon as there were rumors of an IPO. Everything about the site experience has degraded since then. I still check it from a few teddit/libreddit instances, but otherwise never giving reddit a single monetizable gesture ever again.

[–] [email protected] 0 points 5 months ago

Based.

[–] [email protected] 3 points 5 months ago (2 children)

Bro u gotta go delete all ur old content give them nothing

[–] [email protected] 5 points 5 months ago (1 children)

doesn't work. They have that shit locked down.

[–] [email protected] 0 points 5 months ago (2 children)

Huh i deleted all my content i got some js code to do it somewhere if ya want it.

[–] [email protected] 4 points 5 months ago (1 children)

They have backups and the ability to see mass edits. Guaranteed they are selling the undamaged data.

[–] [email protected] 1 points 5 months ago (1 children)

Im sure they are but users cant see it and ive been noticing a lot of deleted content in reddit chains when googling for answers its nice to contribute to the destruction of human knowlege now and then.

[–] [email protected] 1 points 5 months ago

is your script on github

[–] [email protected] 1 points 5 months ago (1 children)

I would double check that. I deleted an old account only to find it still up. I then proceeded to deleted EVERY. SINGLE. POST. on that account.

Guess what. They're still up.

[–] [email protected] 1 points 5 months ago

Is that legal under gdpr?

[–] [email protected] 1 points 5 months ago (1 children)

be aware that if delete (and overwrite) your comments, that someone can accuse you of saying anything. I had a script that did it automatically. Someone didn't like what I said, by the time it came to them to look at it , the comment was deleted

just what someone would do with a "uncivil" comment. So, be aware of that. The script I was using edited with random overwrite and then deleted, from the newest comment backward in time until a certain date. I'm not a jscript ninja, but it was open source and within a day I think a reasonable person with any coding experience would be able to moderate the script to their liking. I wasn't aware of how nasty these people are. Very very sensitive.

[–] [email protected] 1 points 5 months ago

Huh whats the issue people saying u said something fucked and u couldnt prove otherwise cos it was deleted. Bro who cares what random fuckers on the internet say?

[–] [email protected] 2 points 5 months ago

Damn that sucks, sorry your not a legacy user anymore.

[–] [email protected] 1 points 5 months ago

"That's a nice account you got there. Be a shame if someone were to lock it unless you give us some personal data."

[–] [email protected] 1 points 5 months ago (1 children)

All the more reason to use something like SimpleLogin. Sure they can have my email, but it's unique to them and can't be linked to me for data harvesting that easily.

[–] [email protected] 0 points 5 months ago

single use email. might as well have your [email protected] as your email address

[–] [email protected] 0 points 5 months ago

Time to let go