1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Not Planned Make harder for banned members to re-register with Evercookie

Discussion in 'Closed Suggestions' started by AlexandrosD, Nov 22, 2010.

  1. AlexandrosD

    AlexandrosD Active Member

    See more @ http://samy.pl/evercookie/

    Anyone can easily change their IP address and delete their session cookies, something that allows banned members to easily re-register.
    It'd be awesome if evercookie gets implemented somehow in xenforo. An add-on would also do nice I suppose. Test it by yourselves. You can even change your browser. It can still detect you :D
    I have just suggested g0rn, the creator of Multiple Account Detection add-on, to use evercookie with his last add-on.
  2. MGSteve

    MGSteve Well-Known Member

    I like. Users may not I suppose. It would also probably need to be not standard, that way people won't know if its installed on the forum or not. If its added as standard, everyone will know that an XF forum has it and will know to get around it if they want to.
    dieketzer and AlexandrosD like this.
  3. AlexandrosD

    AlexandrosD Active Member

    It would be a successful add-on. I agree with all your points.
  4. NolF

    NolF Active Member

    I think it's immoral to create that sort of cookie. Flash and silverlight are already abused by marketing companies to track people and restore cookies. A lot of people find this practice unethical, and there has been quite a lot of buzz on techblogs about it. Determined users will be able to get around it, there always is a way, but in the process you will probably hurt honest members. Just use the discourage member, it's very effective to get rid of trolls and abusive members.
    Shadab likes this.
  5. dvsDave

    dvsDave Well-Known Member

    I would like to see this implemented and only activated for spammers. Once a spammer is ID'd it would set an evercookie on their machine. I'd also like to see a central repository where the spam post and the evercookie ID could be stored and utilized in a distributed anti-spam service. (in order to be added to the database, the spam posts would have to match spam filters designed to weed out false positives)
    Kaynil, OperaManiac and Jarod like this.
  6. Ingenious

    Ingenious Well-Known Member

    I think there are serious privacy and trust issues with this which you'd need to consider before using it in a public community.
    AlexandrosD, g0rn and Darkimmortal like this.
  7. Decent60

    Decent60 Well-Known Member

    The only downside, if they use a program like CCleaner, that would eliminate it. I do like the idea though as we have problems with people just don't get that we don't want them there :p
  8. JerzeeDevil

    JerzeeDevil Member

    The less you want them there, the more they want to be there is inherently the problem. A super cookie will not stop an angry ex member, especially one with technical skills.
  9. AlexandrosD

    AlexandrosD Active Member

    Such a cookie would make them spend more time, at least in the start, figuring out what's going on. Time is even, if not more, precious for the ones with technical skills. By the time they understand the technical details, it's more likely that the anger will pass.
    I've never encountered a technical skilled member who has caused any troubles, except maybe spamming for a profit. For someone to become angry at a board there's a good possibility it's administrator has done something wrong.
    Kaynil likes this.
  10. Decent60

    Decent60 Well-Known Member

    Evercookie would also save the innocent from getting IP banned, which should always be used as a very last resort but many sites use it as a secondary source to keep a person off the site. The longer it takes that person to figure out what's going on, the longer your forum is safe from their hassle. Think of it as more of a passive method of banning.
    Kaynil likes this.
  11. JerzeeDevil

    JerzeeDevil Member

    You are kidding right? About the Admin. has done something wrong bit? Anytime you have a large group of people you get a whole lot of opinions and also some built in human reaction to the whole community thing. The consider the forum "theirs" and a part of it. Then when something such as a banning temporary or otherwise occurs they go ballistic. This is one of the reasons I try t not ban folks.

    In the long run it is SO totally NOT worth the relentless accounts and proxies etc.

    Regardless, carry on! (with or without agreeing with me):D
  12. Decent60

    Decent60 Well-Known Member

    While I do agree that a community will try to make the forum "theirs", their reactions to certain events differs from community to community or niche to niche.
    Several websites that I've ran/helped with had no problem if a person got banned or if they themselves got a temp ban, as long as the reasoning was justified (almost all simply forgotten most of the rules, and few cases the situation was borderline so we let it go). Although I can certainly understand that there are communities out there that are completely opposed of any sort of authority though.
  13. Michael Dance

    Michael Dance Active Member

    sounds like a fantastic idea :) lets prey they include it :)
  14. Floris

    Floris Guest

    I think it's not the right thing to do, and would not force an evercookie on my visitors.
    JerzeeDevil likes this.
  15. Decent60

    Decent60 Well-Known Member

    I believe that the best design for this would be only to place an evercookie on the screen that shows the ban message. This way innocent members won't get any unwanted items placed on their computer and the the banned members have a bit harder time getting around it. I agree that something like this shouldn't be given to all members.
  16. AnthonyCea

    AnthonyCea Well-Known Member

    I would welcome any tool that bans automated spambot operators from the internet, in fact these information criminals and their web hosts should be jailed.
  17. groundup

    groundup Member

    I've researched this before and it can easily be construed as malware. It is subverting your own desire to remove software from your computer. There is no doubt that it is malicious, even if the only reason you are using it is because someone has malicious intent towards your forum.
    Kaynil and EQnoble like this.
  18. Decent60

    Decent60 Well-Known Member

    What harm is it doing? To the machine or user, there is no harm done, but rather an extra measure to prevent a person from entering a site that they are not wanted on whether temp or permanent. The cookie isn't removed by typical removal methods, however free programs (which probably should have be ran as part your computer's maintenance) such as CCleaner can easily remove the cookie.
  19. Shadab

    Shadab Well-Known Member

    I'm not sure what other browsers the script author tested, but this so-called "persistent" eventcookie is definitely not persistent. I just tested the script and it failed in all browsers I've got installed. And yes, Java as well as Flash plugins were installed and enabled while testing. Kinda useless if it can't persist even in Internet Explorer.
    • Google Chrome 8.0.552.210 beta (Incognito)
    • Firefox 4 Beta 7
    • Opera 10.63
    • Safari 5.0.1 (Private Browsing)
    • Internet Explorer 8 (InPrivate Browsing)
  20. Dean

    Dean Well-Known Member

    Did it persist in non-private/Incognito browsing? Did you test that?

Share This Page