Hacker News new | past | comments | ask | show | jobs | submit login

That's not true, if the network is ipv6 aware, each user gets his own ipv6 with irccloud.

Not to mention the hardcoded usernames.

I'm against irccloud (you're paying to be man in the middled) but they definitely sorted the "can not ban" problem.




"each user" - what defines a user?

The problem with things like irccloud from a network operator perspective isn't that it's difficult to distinguish between users. It's that these systems often subvert protections the network has deemed necessary.

Imagine example.net runs an open proxy scanner on anyone that connects. They find this reduces abuse considerably. If (e.g. irccloud) either 1) doesn't pass the originating user's ip 2) isn't trusted to pass the originating user's ip or 3) doesn't run a similar open proxy scanner, then example.net's open proxy scanner solves nothing.

1) isn't always technically trivial. 2) isn't for us to decide and 3) is probably never going to happen as the network will likely always be ahead.

If you do manage to solve 1&2 between a mitm & a network then awesome. The problem is that this requires buy in from both sides. Just because irccloud.com support it doesn't mean it will automatically work on any irc network you try and connect to.


A user is defined by an irccloud account. Each irccloud account has a unique ipv6 and unique "user" name when connecting.

IE: sid655585@<unique_ipv6>

or: uid555512@<unique_ipv6>

s = subscriber, paid member

u = unsubscriped, free member.

It's possible, of course, to use this service to register many names and launch a spam attack using it. But, in that case you can just block all `u<star>@<star>.irccloud.com`[0] (assuming you can rdns properly)

Like I said, I'm not a super large advocate of irccloud, but just as webchat passes on the originating IP via cgi module extensions, irccloud fixes problems with abuse for operators.

I know this, because I have been running a large irc network for over 10 years.

[0]: I tried everything to make asterisks appear, but hackernews is doing something funky:

    u*@*.irccloud.com


Howdy! Yep I'm aware of all of that. I'm sorry for perhaps not being clear enough in my original comment.

You allude to a problem by suggesting blocking u*, these accounts can be created when the old one is blocked. Even subscriber accounts can be created at will & higher cost, though are likely less of an issue.

There is a problem that irc.example.net can't say "These users all seem to be originating from this single open proxy, lets block it." They need irccloud to do that.


Well it's been a while since I used it, but this was the state of it when I did.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: