Here’s why :
you could always use nit.dembased.xyz wink
Honestly at this point I’ve stopped using privacy respecting instances they are always so much of a hassle. Is the server up? Does this instance work? Does it even work for this service? Why is the content not displaying correctly? The original site is usually better albeit with more advertisements and obviously tracking. But I think ublock origin can block those connections on the website and you almost never have to worry about youtube itself being down that would be catastrophic. If you want recommended, the ability to like comment and subscribe you’re gonna be using the original website regardless. I think just using the vanilla site through TOR would be more private anyways. Or through a privacy browser with a VPN.
I have used this before so I speak from experience it is really unreliable. In theory it would redirect you to working instances and it would be seamless. Piped.A is down try Piped.B and so on until you get a functioning instance but most of the time I find myself manually choosing the instances that work. So yeah and also since this doesn’t work its not worth the extra fingerprinting. Adding extensions will always make you stand out just a little but more. I use bitwarden flatpak, and have built in ad blocking with brave. The browser should have the same fingerprint as other users who use it vanilla.
i agree there is no ‘good’ solution at this time, but LibRedirect works 'well enough’™ for me for most sites where i want it to work, the exception being YouTube
as for it’s auto-routing feature, i’ve found it can enter an endless loop sometimes, so i tend to disable all instances for all services except one that works, and if that instance fails too often, i disable it and enable the next one - there are so many instances for some services that eventually i land on one that is reliable
If you want to go through that everyday more power to you I suppose.
Not to mention there’s more liability with the official service.
Much easier for random Joe Schmoe, operator of whatever instance to be nefarious than a large tech company that’s likely being kept in check legally.
Yes, the privacy might be a little worse using an official service, but there’s nothing that can be done without at least disclosing it in a ToS or Privacy Policy.
The gafam are making foss alts go down with their power bigger than countries
most of the alternative front-ends do not require JS which is the delivery route for probably the vast majority of malicious code used to attack a web browser - on the contrary, all, or nearly all, of the official services do require JS (and fonts and CDNS, and…) which is often delivered by 1st and 3rd parties and, contrary to what may be popular belief, not all of these libraries have been vetted by security experts
addressing the last part of your statement, “there’s nothing that can be done without at least disclosing it in a ToS or Privacy Policy”, that is simply and provably untrue (perhaps you’ve heard of Ed Snowden?) - first of all, companies are constantly being caught violating these agreements and secondly, they very often pass data on to 3rd parties which may have very different policies
as for the alternative front-ends that do require JS, you can either roll the dice (probably not a great idea), or look at the code yourself, or avoid them, or, as you suggested, use the official service
ps: another item i forgot to mention regarding the last part of your post is that, in the U.S., laws protecting privacy are essentially non-existent which is why surveillance capitalism exists