Maybe I'm also biased, but IMO, I wouldn't mind not seeing IP's ever again considering the amount of doxxing I got recently, userban is usually enough on server managment and troublemakers. I have no other valuable words to say tho, I'll leave that to the pros.
-
(sebaalfa)
DELETED
by Scawen : Posts in Spanish and too far off topic + replies to them
-
(sebaalfa)
DELETED
by Scawen : Posts in Spanish and too far off topic + replies to them
-
(sebaalfa)
DELETED
by Scawen : Posts in Spanish and too far off topic + replies to them
-
(sebaalfa)
DELETED
by Scawen : Posts in Spanish and too far off topic + replies to them
-
(sebaalfa)
DELETED
by Scawen : Posts in Spanish and too far off topic + replies to them
-
(johneysvk)
DELETED
by Scawen : Posts in Spanish and too far off topic + replies to them
-
(sebaalfa)
DELETED
by Scawen : Posts in Spanish and too far off topic + replies to them
-
(sebaalfa)
DELETED
by Scawen : Posts in Spanish and too far off topic + replies to them
-
(johneysvk)
DELETED
by Scawen : Posts in Spanish and too far off topic + replies to them
I am very strongly against this proposal as it currently stands.
We spend at least a few hours a month on finding active ban evasions, and have yet to find a month where there wasn't a case.
We have multiple individuals actively trying to circumvent the rules we have in our server, that use multiple accounts, as well as cases of players that would hop several countries in an unreasonable timespan.
If this system is removed, and there's no replacement for it that allows us to gather the same information we need now, we would have to rely on the LFS moderation team to take over that task for us.
Not only would that delay our execution in this even more, it would also put quite a lot more work on the moderation team, as i am sure we're not the only server keeping track of who is who's alt account.
It also wouldn't protect the targeted individuals, that's a task they need to put on themselves. If they are targeted, removing the IP from LFS would not suddenly stop them from being a target.
Imo this is the same as "don't click on links you don't trust", don't join servers where you don't trust the owners.
I think just removing the ips from view, would probably cause more problems than it solves.
In our case, no, the IP bans are not that useful, but the IPs are, as we use those to look up alts, and ban those users as well.
Why is this a problem all of a sudden? Its been like this for as long as i can remember.
As a Server Owner, responsibliity is a vital part of that role. Leaking/abusing personal information should have its consequences if anyone were to do so.
Perhaps it needs to be clearer what actions will be taken if personal information were to be leaked/pulished?
I'm thinking about things like:
IP Address
Identity revealing information (name, address, DOB, SSN)
Alternatively, servers that need additional information (like gathering IP info) needs to request access to do so. This could possibly be done via a form on the forum? This isn't a very viable solution though, as it requires some manual labour from the devs.
From what I've seen, Victor isn't active at all now so this is not an option?
Start living in fear is not really the way to go; (<= there is a hidden pixel here)
if I was the hoster of wikimedia and monitor your forumposting time behavior matching webserver logs then I would know your IP address. There are always ways.
As for the question of this topic, you have to research where this RFC was actually coming from
A host that may have links to a particularly bad LFS user has been reported to us. It's hard to prove the link but it could be someone that you don't really want to know your IP address.
Something changed - we do the hosting now and can possibly protect our users a bit, instead of freely handing out their IP address whenever they join a host, which I am feeling a little bad about given the situation.
Maybe I should pump a lot of iron in the gym and fly around the world beating up baddies? Not going to happen, is it? Sitting here at my desk I can make a cool game but I struggle a bit to make bad guys feel the consequences of their actions.
But I could make a change not to freely hand out personal information of our customers, which is why I've opened this topic.
In case anyone wonders, I don't like this part of my job at all. Internet security and hackers are just the worst thing to have to deal with. This is no fun at all, but sometimes I feel I have a responsibility to our users, so this is why I'm asking if there could be alternative methods to help with the things that IP addresses can slightly help with (or maybe even something better, given that IP address checking is so weak and often fruitless).
It would be really bad to think that this data could fall into the hands of malicious people. If you promise to replace the IP address with a different hardware ID, I would definitely support that. Otherwise, we will not be protected from the toxic gamers who are a pain in the neck for everyone.
Agreed. The internet landscape has changed a lot the last ten years. Fingerprinting -as this is being called on the web- has become a major thing. A salted hash of the GPU model and some other hardware static data would not be bad to provide. I still recommend to share GeoIP ISO code separately although it can be spoofed easily with VPN nowadays.
(by the way; the IP address can also be salt hashed.)
However, they are not off-topic; they clarify what is LEGAL AND ILLEGAL WITHIN THE RULES, GUIDELINES, OR LAWS. At least according to Argentine law. P.S. If my previous posts were removed because they were written in Spanish, I'd be happy to translate them. I don't think it would be a problem for anyone to do so. I'm just trying to help the community, and especially the LFS staff, solve problems that afflict many of us in the healthiest way possible. If you can't solve them that way, know that there are other ways to fix them. Perhaps I am a firm believer and advocate of what (for me) are principles and respect for humanity.
Saludos.
Sebaalfa.
Let's be 100% honest and answer....
WHAT IS AN IP ADDRESS FOR THOSE OF US WHO HAVE SERVERS AND TRY TO KEEP THOSE "USERS" FROM ENTERING OR PARTICIPATING IN OUR SERVERS?
(Needless to say, these servers cost money, work, time, dedication, etc., to name just a few of the things that running a server entails)
Even so, it's in vain when EXISTING REGULATIONS aren't enforced.
Violating the LFS rules, and those of the server itself, is a clear INVITATION TO CONTINUE DOING SO.
In my particular case, the malicious IP addresses executed on our servers are only evidence of maneuvers carried out by some users.
This evidence was, is, and will be presented to the appropriate court.
AS I SAID BEFORE.... LET'S NOT TAKE AWAY TOOLS FROM THOSE OF US WHO WANT THE COMMUNITY TO PROSPER, AND PROVIDE THEM TO THOSE WHO SEEK THE OPPOSITE.
Seamos 100% sinceros, y respondamos....
PARA QUE NOS PUEDE SERVIR UNA DIRECCION IP A LOS QUE TENEMOS SERVIDORES E INTENTAMOS ALEJAR A ESOS "USUARIOS" DE ENTRAR O PARTICIPAR DE NUESTROS
SERVIDORES?
(demas esta aclarar, que dichos servidores, cuestan dinero, trabajo, TIEMPO, dedicacion, etc. por citar solo algunas de las cosas que
implica tener un servidor)
Asi y todo, es en vano, cuando no se aplica un REGLAMENTO EXISTENTE.
El violar las reglas de LFS, y las del servidor en si, es una clara
INVITACION A SEGUIR HACIENDOLO.
En mi caso particular, las IP, maliciosas ejecutadas en nuestros servidores,
son solo pruebas de maniobras ejecutadas por algunos usuarios.
Dichas pruebas, fueron, son y seran expuestas ante el tribunal que
corresponda.
COMO DIJE ANTERIORMENTE.... NO LES QUITEMOS HERRAMIENTAS A LOS QUE
QUEREMOS QUE LA COMUNIDAD PROSPERE, Y SE LAS PROPORCIONEMOS A LOS QUE
BUSCAN LO CONTRARIO.
-
(sebaalfa)
DELETED
by Scawen : If you want to express agreement, just put a reaction on a post (thumbs up etc). Don't quote the whole post and write "100% agree".
I do not reply to every single post. if I did, I would be full time forum support and no time developing. So, just like everyone else, you can make a point then just let me take it in and consider it. I will reply if I need more information.
Do you know, sentences or phrases in capital letters are seen as "SHOUTING" and are usually considered rude?
It doesn't look like you are being calm and reasonable, but instead you seem to be shouting at everyone.
IP hash especialy for each host, that hosts owners could not share IP's (hashes) with anothers servers, additional InSim packet to request IP info, like main things as country, is it's vpn. Each host would have uniq unknown identifier to host owner or any one that haves that hash. Me as owner never needed an raw ip address, it's more like identifier, not the ip itself also handy to look info about that ip in lookups for suspicion.
Since I wrote my comment here I've been reading some stuff and found out that in Sweden it is illegal to store "raw" IP addresses, I believe the standard nowadays is to hash them to circumvent this law. They are considered private information and therefore the law is really strict about what you can store, how long you can store and to whom you can share.
Currently I am in favour of an identifier created based on some values from the client computer. And possibly also a country code sent separately though I haven't looked up how to do that yet. I know such functions are available on the web server but our master server is not written in php.
The idea is:
1) Avoid sending guest IP addresses to hosters.
2) Allows hosters to identify if someone uses multiple user names from one computer.
3) Allows hosters to identify if the same user name is used from multiple computers.
As far as I understand, this is why hosters have previously used the IP address, although as already discussed, it is a flawed method. No doubt the identifier I mentioned could be hacked too (by a persistent annoying guest) but I think it would have to be deliberate. IP addresses can change randomly on some connections so to some extent the computer ID should be more reliable.
I wonder if something as simple as a crc32 of some values obtained by LFS from the guest's PC locally would be enough. It would compress a few strings and numbers all into a single 32-bit integer so it would be impossible to reverse to obtain any information about the computer it came from, even if you know the algorithm that created the crc32.
The other thing about using a crc32: as a 32-bit number, it could be processed by the same functions as the current IP address field, by existing legitimate host programs. If could even take the place of the IP address in existing InSim packets, except that of course you cannot use it to identify the user's country.
It is possible that more than 1 computer could produce the same identifier but unlikely as there are over 4.3 billion possible values.
Please let me know if it sounds right, or if I'm missing anything.
Good afternoon. No, I didn't know writing in capital letters was interpreted that way. I meant to emphasize the phrase, just that, but not by shouting... and certainly not at a keyboard... I'll keep that in mind for the next post. Thanks for teaching me something new... by the way, I'd like to take this opportunity to teach you something too... I've lived in the United States, Spain, Italy, Argentina, and Brazil. In all of those cultures, it's considered rude; it could be construed as illegal (and it is) to fail to comply with a law's terms and conditions (a contract between two or more parties). Personally, I find it not only forward, but disrespectful and rude for you to tell me, "You seem unreasonable." Don't worry, I'm not yelling at anyone. I apologize to anyone who may have been offended by my bad habit of writing like that. Best regards.
Buenas tardes.
No, no sabia que se tomara de esa manera, el escribir en mayuscula, quise resaltar la frase, solo eso,
pero no gritando...
y menos a un teclado... Lo tendre en cuenta para el proximo post.
Gracias por enseñarme algo nuevo, .... por cierto, aprovecho para enseñarte algo tambien... eh vivido en
Los Estados Unidos, España, Italia, Argentina y Brasil, en todas esas culturas, se considera de mala educacion, se podria interpretar como ilegal (y lo es)
no cumplir con un una ley de terminos y condiciones, (contrato entre dos o mas partes).
Tambien en lo personal, me parece no solo un atrevimiento, falta de respeto y de mala educacion, que me digas, "parece que no sos razonable".
Tranquilo, no estoy gritandole a nadie. Sepan disculpar los que se hayan sentido ofendidos por mi mala
costumbre de escribir asi.
Saludos.
Since we are going for unique identifiers as replacement for IP as identifier. I would suggest 3 separate identifiers that would work in parallel.
- Network identifier (something that is already being talked about above)
- Hardware identifier
- Client identifier (random value assigned on every fresh LFS installation)
I would not discuss how they should be implemented as that should not be publicly available as even tho security through obscurity is something that we shouldn't rely too much on, in certain instances it can help. It would be crucial to have good implementation of those in order to avoid future headaches.
Many more examples can be found of GeoIP implementations. Iptables (Linux firewall), webservers itself can have a GeoIP module, someone created a REST API based on JSON but this all goes beyond the potential use scope here I guess.
I fail to understand in what program LFS is being written though nowadays. Back in the days it was VS2015? Let me research for a sec. [..] Yeah, I dunno, those postings are too old but I'm sure there is some C solution to this. Grok (or others) can also assist with that.
---
crc32 has 4.2 billion combinations, just as much as IPv4 addresses (4.3 billion but not all are publicly used). The collision rate -ending up with the exact same crc32 from two different devices on the planet- should be low.
I'm frankly worried what kind of turn this topic is gonna take. I also have the feeling that is again related to some specific user group and now everyone has to suffer.
But this is transparent for the users. Is it not advertised that LFS is doing the hosting. Is is also absolutely clear, that if you access an internet service like a game server or webpage or whatever, you expose your IP address to the service provider. If you don't want that, either don't use that service or use a VPN.
The way I see it, you are a service provider to us, just like i3D/Hetzner/OVH/etc are service providers to you. What would you say if i3D sends you a message like "Hey, we will no longer provide you with IP addresses as we think you should not have that information".
You will probably reply to them these two things:
- "It's not your job to decide what information we should have"
- "That's not the service we paid for"
And we would send the same messages to you.
Guess what? We're also fighting the baddies here. On a daily basis. In fact, 99.9999% of the baddies are on the clients' side, not the hoster's side. You may have come across one rogue hoster now, who abused his abilities. But does that mean we all have to drop our weapons? It's like you have found one rogue cop in your line, would you expect all cops to drop their shields, helmets and batons? That is highly disproportionate.
None of that does really compensates a potential loss of the IP address.
As for TC, I can say that many of our security related functions rely on the IP address.
Such as:
- Detect ban evasions
- Detect stolen accounts
- Detect VPN/proxy usage
- Detect the user's country
All of these information are important to determine who we're dealing with. Imagine every person would walk around anonymously, wearing a mask. This would lead to anarchy.
As for the hardware-guid info mentioned above, thats something I'd like to see anyway. Just as I proposed it in the thread about "selling accounts" some months ago.
I'm not sure what option would serve all needs, but if the 25 years in software development have taught me, then it is: If you can't decide which way to pick, make it an option.
For instance, you could add an option to the host panel "Require user's connection details: (yes/no)" (or similar) and the user can see in the server list whether the server will receive that information. Maybe add a filter or user option too. On the connect page you could add a warning in red saying "Your ip will be revealed to the server owner".
I'm trying to understand how "allowing hosters to identify if someone uses multiple user names from one computer" and "allowing hosters to identify if the same user name is used from multiple computers" does not compensate for a loss of IP address. To my understanding, people evade bans by using multiple LFS accounts. Stolen accounts are the same user name joining from multiple computers. Scawen also mentioned sending the country code separately. What am I missing here?
I fail to understand myself why the IP address is so important in relation to abusers. In my day to day experience most abusers use a VPN/proxy. Or believe it or not, Starlink.
However not all VPN users are potentially malicious. Earlier the discussion was, if and how, it was possible to detect VPN usage. This is being done by researching the actual owner/company of the IP address.
Masking the IP address is counterproductive in the search for detecting malicious activity but when a hardware identifier is being added which cannot easily be altered then it would be a pretty big security increase. Far better then working only with an unmasked IP address as most gamers do not have ten computers with LFS installed or going to be bothered with swapping hardware to change the checksum.
geoIP country info was and is nice to know for the sake of communication. Lots of websites change their language based on that info. I expect(ed) the same for moderators and InSims, although I'm not busy with LFS myself anymore. The online atmosphere is too tense nowadays to put it mildly.
Buenas tardes a todos.
Los invito a reflexionar, ... Para que un usuario usaria varias cuentas, o cambiaria su IP, para entrar a un server?
-Porque se castigaria al servidor con recortes herramientas para detectar
dichos usuarios?
-Porque se protege tanto a dichos usuarios?
En respuesta al señor Scawen....
y cito:
Los desarrolladores no querrán asumir la responsabilidad de revelar las direcciones IP de los usuarios a los proveedores de alojamiento.
Que problemas legales conllevarian esa "responsabilidad"? (para LFS)
Los desarrolladores querrán proporcionar una ayuda más sólida a los proveedores de alojamiento para identificar a los jugadores problemáticos.
Eso lo tienes al alcance de un click, y no pasa por desviar el tema, ni se trata de una IP.
Good afternoon, everyone.
I invite you to reflect... Why would a user use multiple accounts, or change their IP, to access a server?
Why would the server be punished by cutting tools to detect such users?
Why are such users so protected?
In response to Mr. Scawen...
and I quote:
Developers won't want to take responsibility for revealing users' IP addresses to hosting providers.
What legal issues would such "responsibility" entail? (for LFS)
Developers will want to provide more robust support to hosting providers to identify problem players.
That's just a click away, and it's not about getting off topic, nor is it about an IP.
This would be a real nice addon. A hardware-id would be a very useful addition for identifying malicious users and stolen accounts, but it cannot replace the need for a IP address due to the lack of factual data for correlation. A really reliable result requires combining all available information.
The IPs also tell whether VPN/proxies are in use and whether the detected country is correct. On TC we also do an instant reverse lookup for these cases, and also do DNSRBL lookups to check an IPs reputation.
Access to raw information is crucial as only raw data tells the truth. Anything pre-processed is inherently unreliable , prone to being wrong and cannot be verified/validated later in case of disputes or to find errors.
All that is simply necessary to satisfy our, totally valid, safety concerns to keep the servers a safe place. Without safety I really can't tell if we can continue hosting TC servers. Which would be a shame after 20+ years and the hundreds, or rather thousands, of LFS accounts sold purely through the gaming experience TC provides.
During the years, we learned that progress on LFS really takes a while, sometimes painfully long and we also got used to the fact that many improvement suggestions, even ridiculously small ones, are just ignored, but please don't let us beg just to keep the status quo. That isn't fair.
During the last night, I thought again about the my idea from above (bottom of https://www.lfs.net/forum/post/2124850#post2124850) and came to the conclusion it might be the best of all choices as it really satisfies everyone's needs.
- Scawen / LFS: Can wash their hands in innocence (As they put the choice now into the client's hands)
- Hosters: As they can choose whether they require that information
- Clients: Are now properly informed and can freely decide whether they want to accept and connect
It's a bit like anonymous calls via phone. If you think you're entitled to hide your number while calling, I'm entitled to reject that call.
The amount of work in the LFS client / server / hosting-site is also relatively low.
Little addition: I'm not talking about what information is being shown on the admin panels on lfs.net. Our concerns are mainly about the information sent via Insim. However, some people might like or want to see that information in the website, but even their needs would be satisfied with an option.
(<= there is a hidden pixel here)