38 votes

New user here, I love this about tildes!

Tags: feedback

13 comments

  1. SleepyGary
    Link
    Friendly reminder, if you haven't already, to consider donating to Tildes to help keep development and hosting going.
    • Exemplary

    Friendly reminder, if you haven't already, to consider donating to Tildes to help keep development and hosting going.

    30 votes
  2. UntouchedWagons
    Link
    Preach it brother. It's annoying having to play whack-a-library trying to find out what obscure/non-sensical domains need to be whitelisted for basic functionality.

    Preach it brother. It's annoying having to play whack-a-library trying to find out what obscure/non-sensical domains need to be whitelisted for basic functionality.

    14 votes
  3. [4]
    losvedir
    Link
    I use the uMatrix to browse the web and I generally have the setting of only allowing Javascript to execute from the domain of the site that I'm visiting. 3rd party Javascript is usually some sort...

    I use the uMatrix to browse the web and I generally have the setting of only allowing Javascript to execute from the domain of the site that I'm visiting. 3rd party Javascript is usually some sort of tracking code and is a huge surface area for a malware attack!

    But almost always these days I can't browse normal sites without enabling some third party assets, and I'm always picking and choosing through dozens of requests to dozens of different domains.

    I love that tildes.net works out of the box and is only serving assets of its own!

    13 votes
    1. [3]
      pleure
      Link Parent
      Even better, tildes.js is unobfuscated and annotated!

      Even better, tildes.js is unobfuscated and annotated!

      9 votes
      1. Wes
        Link Parent
        JS isn't normally minified to obfuscate it. It's done to make the payload smaller and reduce network data. The best option is to minify and include a source map.

        JS isn't normally minified to obfuscate it. It's done to make the payload smaller and reduce network data.

        The best option is to minify and include a source map.

        10 votes
      2. apoctr
        Link Parent
        That's a good start ;)

        // This is pretty ugly

        That's a good start ;)

        8 votes
  4. [3]
    Comment deleted by author
    Link
    1. UntouchedWagons
      Link Parent
      No external javascript libraries needed to be whitelisted for Tildes.net to work.

      No external javascript libraries needed to be whitelisted for Tildes.net to work.

      16 votes
    2. Octofox
      Link Parent
      Its an extension called uMatrix. It gives you full control over what content is loaded from what domain. It super useful for killing all 3rd party trackers that are littered over the web.

      Its an extension called uMatrix. It gives you full control over what content is loaded from what domain. It super useful for killing all 3rd party trackers that are littered over the web.

      7 votes
  5. [2]
    Comment deleted by author
    Link
    1. swiftestcat
      Link Parent
      Wow. Are all the advertising ones removed if you have Reddit Premium (which removes ads) or do they continue to track you without showing you the ads?

      Wow. Are all the advertising ones removed if you have Reddit Premium (which removes ads) or do they continue to track you without showing you the ads?

      2 votes
  6. [2]
    Dot
    Link
    I'm a CS student and I don't know what's going on, or rather I read comments about what was going on and I still don't know what's going on. ELI2?

    I'm a CS student and I don't know what's going on, or rather I read comments about what was going on and I still don't know what's going on. ELI2?

    10 votes
    1. Deimos
      Link Parent
      Almost all sites include scripts and other assets that come from other sites/companies, which do have legitimate uses in a lot of cases but also have negative privacy and security implications,...
      • Exemplary

      Almost all sites include scripts and other assets that come from other sites/companies, which do have legitimate uses in a lot of cases but also have negative privacy and security implications, including effectively allowing those other companies to track users on the site. As an example, the screenshot of reddit in uMatrix that @spit-evil-olive-tips posted shows all the domains that are involved when you're using reddit.com.

      The domains at the top (reddit.com, redditmedia.com, redditstatic.com) are all "first-party", they're owned by reddit and the scripts/css/etc. coming from those domains should all be directly associated with reddit itself. In the screenshot, they're all shown in green because @spit-evil-olive-tips has "whitelisted" them, which tells uMatrix that it's okay to load and run that content.

      All the domains at the bottom (aaxads, amazon-adsystem, google-analytics, googletagservices, moatads) are all "third-party" ones—separate advertising/tracking services that reddit is using. You can see that there's a "1" in the "script" column for each of them, indicating that there's one script included from each of those domains. Those are in red because they're being blocked and not allowed to run. However, users not using uMatrix or other blocking extensions would have all of those scripts being run in their browser to display ads, track their site usage, and so on.

      The screenshot that @losvedir posted shows uMatrix on Tildes. There are no other domains involved, only tildes.net. That means that when people are using Tildes (whether they have any sort of blocking or not), their browser is only communicating with Tildes and not any third parties. This is one of the explicit technical goals of the site, and it should always stay this way.

      19 votes
  7. vaddi
    Link
    This is how every website should be written.

    This is how every website should be written.

    9 votes
  8. MacDolanFarms
    Link
    Direct link to the image, because Imgur albums will not work unless you let them both run JavaScript and store cookies: https://i.imgur.com/8fgRcy6.png

    Direct link to the image, because Imgur albums will not work unless you let them both run JavaScript and store cookies: https://i.imgur.com/8fgRcy6.png

    5 votes