I am using an alternative which doesn't require any additional browser extensions, but it does require that each client installs a custom root certificate.
I have a split-DNS setup where I override the DNS entries for certain sites like reddit, twitter, and youtube so that they point to a local server. The local server returns privacy-friendly versions of those sites (e.g. spikecodes/libreddit).
I use the root certificate to sign SSL certificates for those domains which will be trusted by each client on the network as long as they've installed the custom root certificate.
That way, when I visit a reddit link from a google search, it automatically returns the privacy friendly version of the site, as long as the root certificate is installed.
This is especially nice using when using iDevices, because those don't support native browser extensions.
> I have a split-DNS setup where I override the DNS entries for certain sites like reddit, twitter, and youtube so that they point to a local server.
Neat setup but exercise caution with the root-cert (I guess cert pinning isn't a thing on Browsers, yet?).
> I am using an alternative which doesn't require any additional browser extensions... This is especially nice using when using iDevices, because those don't support native browser extensions.
I use ghostarchive.org to view YouTube videos (that fit its limits), nitter.net for twitter threads, and archive.is for reddit threads.
> I guess cert pinning isn't a thing on Browsers, yet?
Locally installed root certificates override HSTS. Some regulated industries like banking are legally obligated to unwrap all TLS traffic, so locally installed roots allow for that.
This is a very interesting approach. I've been wanting a way to filter YouTube videos on my Apple TV so that only certain channels are whitelisted (my kids like to yell "butt" and "poop" at Siri which is... problematic). Seems like a custom root certificate would make this possible.
I have a split-DNS setup where I override the DNS entries for certain sites like reddit, twitter, and youtube so that they point to a local server. The local server returns privacy-friendly versions of those sites (e.g. spikecodes/libreddit).
I use the root certificate to sign SSL certificates for those domains which will be trusted by each client on the network as long as they've installed the custom root certificate.
That way, when I visit a reddit link from a google search, it automatically returns the privacy friendly version of the site, as long as the root certificate is installed.
This is especially nice using when using iDevices, because those don't support native browser extensions.