How Does Reddit Detect Previously Banned Users?

bernard

bernard

BuSo Pro
Joined
Dec 31, 2016
Messages
2,587
Likes
2,298
Degree
6
Anyone knows how Reddit bans people permanently across the entire site?

Is it IP only or Mac address?
 
@bernard
We may log information when you access and use the Services. This may include your IP address, user-agent string, browser type, operating system, referral URLs, device information (e.g., device IDs), device settings, pages visited, links clicked, the requested URL, and search terms. Except for the IP address used to create your account, Reddit will delete any IP addresses collected after 100 days.
Click to expand...
Banning on ip level isn’t really useful. They get rotated/re-assigned or you run the risk of banning whole swaths of users in an effort to stop one from entering.

My best bet would be device ID and settings. This would basically mean that when you ef up really bad you may have to get a new phone or change some hardware in your PC and change some Tcp/IP stuff. But the question still remains how strict Reddit is.
 
DanSkippy said:
My best bet would be device ID and settings. This would basically mean that when you ef up really bad you may have to get a new phone or change some hardware in your PC and change some Tcp/IP stuff. But the question still remains how strict Reddit is.
Click to expand...

I was thinking to get a new sim card and use an older phone as hotspot.

Obviously clear all cookies and stuff like that.
 
Are we talking about a single (shadow) banned account or multiple accounts? (i.e. upvoting your own posts in the initial stage.)

If it involves a single account I would try one or two VM's each running a different OS with slighty different settings. I.e. add a couple of different browser extensions to each of the individual browsers. Just make sure that your VM's don't share the same IP as your host and perhaps change one or two DNS[1] settings (i.e. 8.8.8.8) For this purpose you can either use a VPN or get your hands on some residentials and configure these inside the VM. (Don't forget to check how you are NAT'ed on your local network.)

Then test everything before trying Reddit again. Think Panopticlick, the tool mentioned earlier, some tcp analyses with the help of Wireshark[2], and so on. For me this would be the most consumer-friendly method that doesn't involve to much effort.

But like many things in life, don't go in blind on the advice of others, but stop and think if this all sound logical.

On a side note: There may be others here who are willing to chime in. And as always, I'm looking forward to learning some new stuff and know where I may be way off.

1 https://tools.ietf.org/html/rfc4035#section-3.2.3
2 https://resources.infosecinstitute....is-for-wireshark/tcp-protocol-with-wireshark/
 
Cool, that's great, I will test it. Always fascinating to learn new stuff, in this case Opsec, that's something quite more than Tor browser.

I had multiple Reddit accounts and they all got permanently banned for "ban evasion" on one account, for something lame, that wouldn't even be banned on that subreddit now.
 
Strange. A while ago I was stupid enough to run a bunch of bots off my main system and home I.P address which is static. All of the bots involved got banned. My main accounts are still fine though. There's special anti-detect browsers that protect against Hardware and I.P tracking. Use that and see if you don't get banned. Most popular one is Sphere. https://sphere.tenebris.cc/#about. In theory if you set it up with Tor + Socks proxy it should make you completely untraceable.
http://f.vision/ is a site that returns pretty much all the information websites can use to track you (Hardware Identifiers, DNS server, I.P address, whether your I.P address is on a blacklist, default browser settings etc.) You can use that as a benchmark.
 
It seems like a new SIM on signup was all that was needed. I use the old IP and laptop now to log in, but I'm sure I should stay away from the banned subreddit.
 
... And I'm banned again, after beginning to use my usual IP.

Or maybe there's some other algo at play.

I'm going to have to be more methodical.
 
As someone that runs a SAAS, the easiest thing to do is ban by IP Address for a certain period of time.

First ban all datacenters like AWS, Digital Ocean, and known cloud computing datacenters. They publish their IP range to help with bot abuse. There is absolutely no reason someone using an AWS, cloudflare, or cloud computing ip address should be logging into the software. People using VPNs get blocked by this, realistically why would they need a VPN to login to a rank tracker??!

Then next step is to ban by IP Address the user by time periods. Example first offense can be 24 hours, 2nd offense can be 3 days. Then 7 days, 30 days, 90 days, 180 days, a year and permanent.

IP addresses do get circulated but it depends on where you are. Comcast for example gives out long term IPv4 IP addresses to a lot of residents. I’ve had one ip address for 4 years at one location. People in remote areas have had some for 5+ years. The reason I know is because we white list developers to staging sites and some have NEVER had their home ip address change.

A lot of basic firewall software like ufw for linux have these basic time based bans. So if they have it than Reddit which is a multi-million dollar corporation is going to have it at the basic level.

The trouble is when you get users that share ip addresses like AT&T mobile users, Orange in France, lots of European countries like Spain. They have limited IP address allocations so their users share IP. In scenarios like that you can detect by browser configuration to see if multiple different browsers are using a single ip address and prevent permanent banning that IP address.

But if there is a pattern of maybe 5 or less browser configs using a single ip address than it is a single person/household. There is a difference in 5 or 10 different hardware/browser config versus 1000s of users’ config. It’s very very easy to detect a user.

@bernard what you saw was Reddit giving you some leeway until you connected to a bad ip address, now that also taints other ip addresses you used. You don’t even need fancy machine learning, this is simple “if then” statements to detect all your ip addresses by cross referencing backwards.

If you really want to not be banned ALWAYS use your cellular connection and a clean sim. But the second you slip and use your main IP address you will be banned again and it will keep raising the ban score.

To date I have never seen a mobile carrier give out permanent ip addresses to mobile users, so the likelihood of an ip address level ban is low. I just tried turning on and off my cellular signal and immediately got a different IP Address.

This is my experience from a running a SAAS, assume Reddit is a lot more sophisticated in their attempt to block bad guys like @bernard.
 
CCarter said:
People using VPNs get blocked by this, realistically why would they need a VPN to login to a rank tracker??!
Click to expand...
I can easily tell you why.

First, sometimes you get a shitty connection, for a whole range of reasons, from some public internet in cafe or wherever and to magistral cable or major datacenter breakage - which we had here a couple months ago when our entire country stayed on a hair connection for a good few hours, no jokes (mind that we are connected to the outer world with only three undersea cables). In such cases i often open most sites and services on my win VPS (which obviously has a datacenter IP) and then get a picture from there.

Another scenario, is when you travel a lot, and you don't trust public networks. This is a basic of cybersecurity - dont trust public networks even in normal countries, and always get yourself a VPN when you travel to some 3rd world shitholes.
 
CCarter said:
bad guys like @bernard.
Click to expand...

Thanks for the technical explanation.

I'm not actually that bad, I'm just better at being bad, than most bad guys, so the always good guys at Reddit go to greater lengths to shut me down apparently. It probably doesn't help when you use various temp mails and such, probably sets off some bot filters.

What's actually the issue though is that so called "ban evasion", means that you can get banned from Reddit in general, by being banned for something in a subreddit.

This would be like being banned from Facebook by being banned from a Group or blocked from a page.
 
Golan said:
In such cases i often open most sites and services on my win VPS (which obviously has a datacenter IP) and then get a picture from there.
Click to expand...

No system is perfect, there are outlier scenarios. However when 95% of fraud attempts come from a VPN or cloud computing datacenter we have to do what we have to do to survive.

If bad actors use VPNs to do bad stuff, good actors are going to get caught in the trap too.

bernard said:
various temp mails
Click to expand...

oh wow,THAT is a mega RED flag. You can’t even use a temp or 10 minute email to create an account at SERPWoo! There are multiple checks, one of them being kickbox.io - they have a free api to check a domain against temporary emails: Kickbox.io Disposable Email Detection

So if an operation like mine uses these filter and fraud detection methods you better believe Reddit does too.
 
@iTwistedTempo, we had a lot of conversation above about this. I moved your post here so it would bump the thread and I want to say more.

I suspect they drop cookies in your browser. Browser fingerprinting, probably all the stuff you mentioned, probably reading device configurations, checking the cross-over of activity between the banned account and your new one (reading the same sub-reddits, maybe even giving your new one a reddit gold from the old account, times of day active, or whatever, etc.).

They go out of their way to brag about how they don't store the IP address you signed up with for more than 100 days (I think that's what they say). That's usually a misdirection. They're waving that factoid in their left hand while they store unbelievably invasive amounts of data about you and your devices in the right hand. I'd guarantee that they store IP addresses, too. Even if not the registration one, then the rest of them.

And with enough data, it's not hard to build up enough statistical confidence that you're a ban evader. That has to be how they pull it off, by collecting mad amounts of data from your user patterns and devices. Everything is a fingerprint.
 
Ryuzaki said:
@iTwistedTempo, we had a lot of conversation above about this. I moved your post here so it would bump the thread and I want to say more.

I suspect they drop cookies in your browser. Browser fingerprinting, probably all the stuff you mentioned, probably reading device configurations, checking the cross-over of activity between the banned account and your new one (reading the same sub-reddits, maybe even giving your new one a reddit gold from the old account, times of day active, or whatever, etc.).

They go out of their way to brag about how they don't store the IP address you signed up with for more than 100 days (I think that's what they say). That's usually a misdirection. They're waving that factoid in their left hand while they store unbelievably invasive amounts of data about you and your devices in the right hand. I'd guarantee that they store IP addresses, too. Even if not the registration one, then the rest of them.

And with enough data, it's not hard to build up enough statistical confidence that you're a ban evader. That has to be how they pull it off, by collecting mad amounts of data from your user patterns and devices. Everything is a fingerprint.
Click to expand...
Thanks for the help - do you think using a new device with a VPN and blocking cookies would prevent them from detecting you?
 
I agree that Reddit seems to be storing a shitload of information on you.

The app is the worst. If you sign into the app after being banned, then you're gone asap.

Also keep in mind that Reddit doesn't really perm ban, they seem to have soft and hard bans on a subreddit level and on a site level.

I was perm banned from Reddit entirely, but came back with a fresh account some time later, did nothing to change it up, however, I get an instant warning if I go back to the sub that made me perm banned.

I would say the best bet is to buy an account with history.
 
My suggestion........... Use a privacy browser for reddit and/or at least go Incognito

If you're trying to do some illegitimate shit on reddit.... to me, it's a waste of time unless you're living in a country that's 2nd or 3rd world and get more bang for a dollar/pound
 
My reddit account has been recently suspended for no apparent reason. Before I create a new one, can you tell me the steps I should take? I'll obviously not be using the Reddit app anymore, I'll be using a third party app, but can I use the same browser on my PC? I've also cleared all cookies and data, but I'm not sure the kind of information/fingerprint they store about me.
I've also changed my IP address, but anything else I should worry about?
 
Privacy69 said:
My reddit account has been recently suspended for no apparent reason.
Click to expand...

The first step is to understand why you got suspended :smile: Which is never for no apparant reason.

I've made many accounts since I made this post and it begins with not using the app and just waiting a week.

Then spend some time karma farming in the default subs, /r/aww and the like and stay away from the forum that banned you, at least for a while.

I still get insta-suspended when posting in those subs, despite being allowed on the rest of Reddit.
 
bernard said:
The first step is to understand why you got suspended :smile: Which is never for no apparant reason.

I've made many accounts since I made this post and it begins with not using the app and just waiting a week.

Then spend some time karma farming in the default subs, /r/aww and the like and stay away from the forum that banned you, at least for a while.

I still get insta-suspended when posting in those subs, despite being allowed on the rest of Reddit.
Click to expand...
The fact is, I didnt get suspended from a single sub, I just got "Your account has been suspended for violation of multiple reddit content policies". I rarely comment or interact with people and I only comment on r/technology or in tech related discussions, and there was no controversial stuff. Its possibly due to the fact that my ISP used to have a static IP for a lot of areas so I might have been banned erroneously due to someone else abusing. No clue as they havent responded to my appeals.
 
@bernard Which Bot did you use on reddit? I had good experience with puppetter and their stealth module for mass PMs. Furthermore, I am rotating the browser and my IP.
 
GUYS
I found the answer, use GHOSTERY extension on chrome and you'll be fine.
Instead of blocking the cookies and trackers they receive it modifies/changes them.
Been working a treat for me.

I bought a cookie and tracker blocker app to block trackers on my iphone for the reddit app, but for some reason, accounts get shaddow banned instead of banned. Only one i need to figure out
 
You must log in or register to reply here.
Back