Auriga wrote:leeh wrote:Auriga wrote:Perhaps we need to start thinking in a different mindset. I just don't know what that is just yet.
Theres nothing saying you have to require registration - you could just make it optional to get something.. (ie, a user spoof).
You are right, but this still does not solve the problem of drones, and proxies, and spambots.
Nope - but you can do so much to help the real users. Channel modes that only allow registered users in, usermodes that ignore messages from unregistered users..
I personally like the of turing tests to connecting users - I wouldnt deny service to those who cant pass it, but I might be inclined to restrict it slightly, or offer extra features to those who pass it. You could always sort out exempted I:'s for BSPs and stuff, having a contact email for any abuse problems.
Auriga wrote:It just means we'll have less conections to look at ... but that being said, many of the problematic hosts on irc, are trojaned with more then one connection ... (One they dont know of..) and their own connection to irc, which means both will become spoofed if they choose to "register"? How do you manage spoofing people with dynamic ips's and idents? If they change their ident, we end up with an administrative nightmare of constantly responding to e-mails with spoof changes. I think we'd need to provide spoofed only servers where everyone registered.. might have access to a special IP and perhaps an Iline password..
But this also does not stop drone runners from just adding that iline, and server info to their drones...
I wouldnt do spoofs via the current method - it doesnt scale. You can easily implement stuff that allows some form of 'services' to give a user a spoof.
That way you could make most of it automatic - stuff like adding hosts etc. Youd have to implement a fair few guards into it, restricting how many users can use a specific account, how many accounts a specific host can login to, proxy checks when people register the account, etc.
It would get abused, but the abuse might be of a more controllable level..
Auriga wrote:No matter what we do will appears "services" like.. and i dont know how many people would be willing to accept this on efnet. Although they really would have no choice.. eventually... because many networks are being forced to head in this direction in order to proect their "interests.
Its a matter of time until more people fuck shit up for the network, and more "services" and other things will need to be added to avoid giving control to the kiddies who would by choice bring the network into the ground.
I think its all about surviving. efnet would be in pieces if it didnt have no join(|op) on split, and with no join on split you require a method of allowing users to regain ops..
Itll never be solved until machines are secure by default, or the internet is destroyed.. ;)