Not planned Make harder for banned members to re-register with Evercookie

[AlexandrosD]

What is the point of evercookie? Evercookie is designed to make persistent data just that, persistent. Bystoring the same data in several locations that a client can access, if any of the data is ever lost (for example, by clearing cookies), the data can be recovered and then reset and reused.

See more @ http://samy.pl/evercookie/

Anyone can easily change their IP address and delete their session cookies, something that allows banned members to easily re-register.
It'd be awesome if evercookie gets implemented somehow in xenforo. An add-on would also do nice I suppose. Test it by yourselves. You can even change your browser. It can still detect you
I have just suggested g0rn, the creator of Multiple Account Detection add-on, to use evercookie with his last add-on.

 

[MGSteve]

I like. Users may not I suppose. It would also probably need to be not standard, that way people won't know if its installed on the forum or not. If its added as standard, everyone will know that an XF forum has it and will know to get around it if they want to.

 

[AlexandrosD]

I like. Users may not I suppose. It would also probably need to be not standard, that way people won't know if its installed on the forum or not. If its added as standard, everyone will know that an XF forum has it and will know to get around it if they want to.

It would be a successful add-on. I agree with all your points.

 

[NolF]

I think it's immoral to create that sort of cookie. Flash and silverlight are already abused by marketing companies to track people and restore cookies. A lot of people find this practice unethical, and there has been quite a lot of buzz on techblogs about it. Determined users will be able to get around it, there always is a way, but in the process you will probably hurt honest members. Just use the discourage member, it's very effective to get rid of trolls and abusive members.

 

[dvsDave]

I would like to see this implemented and only activated for spammers. Once a spammer is ID'd it would set an evercookie on their machine. I'd also like to see a central repository where the spam post and the evercookie ID could be stored and utilized in a distributed anti-spam service. (in order to be added to the database, the spam posts would have to match spam filters designed to weed out false positives)

 

[Ingenious]

I think there are serious privacy and trust issues with this which you'd need to consider before using it in a public community.

 

[Decent60]

The only downside, if they use a program like CCleaner, that would eliminate it. I do like the idea though as we have problems with people just don't get that we don't want them there

 

[JerzeeDevil]

The less you want them there, the more they want to be there is inherently the problem. A super cookie will not stop an angry ex member, especially one with technical skills.

 

[AlexandrosD]

A super cookie will not stop an angry ex member, especially one with technical skills.

Such a cookie would make them spend more time, at least in the start, figuring out what's going on. Time is even, if not more, precious for the ones with technical skills. By the time they understand the technical details, it's more likely that the anger will pass.
I've never encountered a technical skilled member who has caused any troubles, except maybe spamming for a profit. For someone to become angry at a board there's a good possibility it's administrator has done something wrong.

 

[Decent60]

Evercookie would also save the innocent from getting IP banned, which should always be used as a very last resort but many sites use it as a secondary source to keep a person off the site. The longer it takes that person to figure out what's going on, the longer your forum is safe from their hassle. Think of it as more of a passive method of banning.

 

[JerzeeDevil]

Such a cookie would make them spend more time, at least in the start, figuring out what's going on. Time is even, if not more, precious for the ones with technical skills. By the time they understand the technical details, it's more likely that the anger will pass.
I've never encountered a technical skilled member who has caused any troubles, except maybe spamming for a profit. For someone to become angry at a board there's a good possibility it's administrator has done something wrong.

You are kidding right? About the Admin. has done something wrong bit? Anytime you have a large group of people you get a whole lot of opinions and also some built in human reaction to the whole community thing. The consider the forum "theirs" and a part of it. Then when something such as a banning temporary or otherwise occurs they go ballistic. This is one of the reasons I try t not ban folks.

In the long run it is SO totally NOT worth the relentless accounts and proxies etc.

Regardless, carry on! (with or without agreeing with me)

 

[Decent60]

You are kidding right? About the Admin. has done something wrong bit? Anytime you have a large group of people you get a whole lot of opinions and also some built in human reaction to the whole community thing. The consider the forum "theirs" and a part of it. Then when something such as a banning temporary or otherwise occurs they go ballistic. This is one of the reasons I try t not ban folks.

In the long run it is SO totally NOT worth the relentless accounts and proxies etc.

Regardless, carry on! (with or without agreeing with me)

While I do agree that a community will try to make the forum "theirs", their reactions to certain events differs from community to community or niche to niche.
Several websites that I've ran/helped with had no problem if a person got banned or if they themselves got a temp ban, as long as the reasoning was justified (almost all simply forgotten most of the rules, and few cases the situation was borderline so we let it go). Although I can certainly understand that there are communities out there that are completely opposed of any sort of authority though.

 

[Michael Dance]

sounds like a fantastic idea lets prey they include it

 

[Floris]

I think it's not the right thing to do, and would not force an evercookie on my visitors.

 

[Decent60]

I think it's not the right thing to do, and would not force an evercookie on my visitors.

I believe that the best design for this would be only to place an evercookie on the screen that shows the ban message. This way innocent members won't get any unwanted items placed on their computer and the the banned members have a bit harder time getting around it. I agree that something like this shouldn't be given to all members.

 

[AnthonyCea]

I would welcome any tool that bans automated spambot operators from the internet, in fact these information criminals and their web hosts should be jailed.

 

[groundup]

I've researched this before and it can easily be construed as malware. It is subverting your own desire to remove software from your computer. There is no doubt that it is malicious, even if the only reason you are using it is because someone has malicious intent towards your forum.

 

[Decent60]

I've researched this before and it can easily be construed as malware. It is subverting your own desire to remove software from your computer. There is no doubt that it is malicious, even if the only reason you are using it is because someone has malicious intent towards your forum.

What harm is it doing? To the machine or user, there is no harm done, but rather an extra measure to prevent a person from entering a site that they are not wanted on whether temp or permanent. The cookie isn't removed by typical removal methods, however free programs (which probably should have be ran as part your computer's maintenance) such as CCleaner can easily remove the cookie.

 

[Shadab]

I'm not sure what other browsers the script author tested, but this so-called "persistent" eventcookie is definitely not persistent. I just tested the script and it failed in all browsers I've got installed. And yes, Java as well as Flash plugins were installed and enabled while testing. Kinda useless if it can't persist even in Internet Explorer.

• Google Chrome 8.0.552.210 beta (Incognito)
• Firefox 4 Beta 7
• Opera 10.63
• Safari 5.0.1 (Private Browsing)
• Internet Explorer 8 (InPrivate Browsing)

 

[Dean]

Did it persist in non-private/Incognito browsing? Did you test that?