So what merits what punishment?: A treatise on ban length

Public discussion of the forum software and other things run by Zandronum staff.
User avatar
fr blood
Frequent Poster Miles card holder
Posts: 933
Joined: Wed Mar 06, 2013 4:04 pm
Location: France
Clan: Incredible
Clan Tag: [I]

Re: So what merits what punishment?: A treatise on ban length

#41

Post by fr blood » Wed Jul 06, 2016 7:01 pm

So what should I do to have that guy black listed?

User avatar
Ivan
Addicted to Zandronum
Posts: 2135
Joined: Mon Jun 04, 2012 5:38 pm
Location: Omnipresent

Re: So what merits what punishment?: A treatise on ban length

#42

Post by Ivan » Wed Jul 06, 2016 7:04 pm

fr blood wrote: ** Trying to make a point about ethics **
Well, weren't you the one who would keep stealing other people's work and mix them up in a terrible wad and get it hosted? By that logic we should blacklist you too...

User avatar
fr blood
Frequent Poster Miles card holder
Posts: 933
Joined: Wed Mar 06, 2013 4:04 pm
Location: France
Clan: Incredible
Clan Tag: [I]

Re: So what merits what punishment?: A treatise on ban length

#43

Post by fr blood » Wed Jul 06, 2016 7:54 pm

Ivan wrote:Blah Blah
Yeah, I was a 12 year old boy who didn't know the rules and at the end when I knew that I was doing something wrong, I stopped hosting it.
Here we've got a different situation where the man know the situation, the rules but still doesn't care and wait for the "punishment".

Also how could I be black listed since I wasn't the one hosting it, people just had to complain at the hoster(who was Konar with GV at that moment).

Get more informations next time before starting that kind of answer. :rolleyes:

User avatar
Tux
Forum Regular
Posts: 510
Joined: Mon Jun 04, 2012 1:18 pm
Location: satan's gaping anus
Contact:

Re: So what merits what punishment?: A treatise on ban length

#44

Post by Tux » Wed Jul 06, 2016 7:57 pm

wasn't dima masterbanned for a myriad of malicious things anyway?

User avatar
fr blood
Frequent Poster Miles card holder
Posts: 933
Joined: Wed Mar 06, 2013 4:04 pm
Location: France
Clan: Incredible
Clan Tag: [I]

Re: So what merits what punishment?: A treatise on ban length

#45

Post by fr blood » Wed Jul 06, 2016 8:55 pm

Can't tell if it's the same Dima, but actualy the problem is Lister not him.

Deathtoll
 
Posts: 34
Joined: Thu Jan 29, 2015 2:04 am

Re: So what merits what punishment?: A treatise on ban length

#46

Post by Deathtoll » Thu Jul 14, 2016 3:43 am

How about making ACCURATE BANNING possible? Having trolls being able to use your name and then griefing to get an inattentive and reactionary player to call for a ban, then the troll disconnects, leaving you to get banned for no reason.

Nobody should be talking about banning until an actual reliable ban system is in place. How about an enforced login system? Is there even a design document to see on this?

User avatar
The Toxic Avenger
Forum Staff
Posts: 1372
Joined: Fri May 25, 2012 1:12 am
Location: New Jersey
Clan: Cube
Clan Tag: [A3]
Contact:

Re: So what merits what punishment?: A treatise on ban length

#47

Post by The Toxic Avenger » Thu Jul 14, 2016 4:16 am

So you're going around posting in random server/cluster/banning threads ranting about this?

What do you expect us to do about someone who banned you? Go ban him ourselves? Kicking and screaming isn't going to do anything. You go into zero detail and expect us to come up with a magical catch-all fix (let me tell you, cracking impersonation with nothing to use to clarify who's who is a hell of a task and you expect us to just figure it out and get it right every time) and you want us to stop everything and make our ban system work like yours (which BTW impersonation is a cluster issue or personal server issue, we don't masterban for impersonation) so what do you expect us, the Zandronum staff to do about server moderation that isn't even in our hands?

Enforced login system? Do you think we're Zdaemon? We're not Draconian, and do you realize how many people are against that?

User avatar
ZZYZX
Posts a lot
Posts: 742
Joined: Thu Jun 07, 2012 5:56 pm
Location: Ukraine
Clan: A3
Clan Tag: [A3]

Re: So what merits what punishment?: A treatise on ban length

#48

Post by ZZYZX » Thu Jul 14, 2016 7:03 am

The Toxic Avenger wrote:Enforced login system? Do you think we're Zdaemon? We're not Draconian, and do you realize how many people are against that?
Enforced login system isn't draconian. It's a common practice employed exactly to not do imprecise IP bans that are always too wide or too narrow for countries like Brazil. Killstrike here evades his G-line under anonymous connection every few days because he can. We already have required authentication in the forums. Do you think it's draconian too?

Enforced login system also effectively prevents impersonation and clan impersonation, especially if something like NickServ protection is implemented (i.e. there's a registered account, and only the person that owns it can use that name, while still being able to alias as random nicknames unlike ZDaemon, if that's SO important). Right here the problem was that you could have random guy use your nickname.

User avatar
mifu
Lead Administrator
Posts: 1025
Joined: Tue May 29, 2012 10:34 am
Location: Aussie Land
Clan: Demon RiderZ

Re: So what merits what punishment?: A treatise on ban length

#49

Post by mifu » Thu Jul 14, 2016 8:32 am

Does not change the fact that people do not want that. Also a dev said the login system we got would be an optional thing.

Now i know tta may have had his blast cannons on high but let me attempt to advise about this.

So anything related to ingame or domestic server issues (which are things like troll ingame, impersonation) are up to the server admin to take care off.

We will only master ban someone should they cheat or if they become like capo or filystyn (id like to call those people.. people with the potential to script kiddy and hack our services/ddos servers or anything zandronum sites)

User avatar
Jenova
Under Moderation
Posts: 197
Joined: Fri Jun 08, 2012 8:05 am
Location: Africa
Contact:

Re: So what merits what punishment?: A treatise on ban length

#50

Post by Jenova » Thu Jul 14, 2016 9:05 am

mifu wrote:Does not change the fact that people do not want that. Also a dev said the login system we got would be an optional thing.

Now i know tta may have had his blast cannons on high but let me attempt to advise about this.

So anything related to ingame or domestic server issues (which are things like troll ingame, impersonation) are up to the server admin to take care off.

We will only master ban someone should they cheat or if they become like capo or filystyn (id like to call those people.. people with the potential to script kiddy and hack our services/ddos servers or anything zandronum sites)
Could you please elaborate on "potential to script kiddy/hack"? What makes someone potentially dangerous? How do you gauge the potential of somebody to cause harm to Zandronum services? Also, does this only apply to official Zandronum services (website, irc, master server) or does this include non-official entities like server hosts, other users, etc?

Also, it's hard to take what the devs want at complete face value because there seems to be a disconnect on what the devs feel is right vs. what the admins think is right. Take the optional master banlist and external banfile suggestion. Despite being a good suggestion with support from many notable community members, as well as all of the developers, some of the admins still feel that it's a bad idea that shouldn't be implemented.
ZZYZX wrote:
The Toxic Avenger wrote:Enforced login system? Do you think we're Zdaemon? We're not Draconian, and do you realize how many people are against that?
Enforced login system isn't draconian. It's a common practice employed exactly to not do imprecise IP bans that are always too wide or too narrow for countries like Brazil. Killstrike here evades his G-line under anonymous connection every few days because he can. We already have required authentication in the forums. Do you think it's draconian too?

Enforced login system also effectively prevents impersonation and clan impersonation, especially if something like NickServ protection is implemented (i.e. there's a registered account, and only the person that owns it can use that name, while still being able to alias as random nicknames unlike ZDaemon, if that's SO important). Right here the problem was that you could have random guy use your nickname.
Enforced login system has been discussed many times, and while I do believe there are some benefits, it won't do anything to actually stop ban evaders. All they need to do is create a new account with a proxy and they're good to go.

User avatar
Ru5tK1ng
Posts a lot
Posts: 719
Joined: Fri Jun 01, 2012 9:04 pm

Re: So what merits what punishment?: A treatise on ban length

#51

Post by Ru5tK1ng » Thu Jul 14, 2016 3:34 pm

ZZYZX wrote:
The Toxic Avenger wrote:Enforced login system? Do you think we're Zdaemon? We're not Draconian, and do you realize how many people are against that?
Enforced login system isn't draconian. It's a common practice employed exactly to not do imprecise IP bans that are always too wide or too narrow for countries like Brazil. Killstrike here evades his G-line under anonymous connection every few days because he can. We already have required authentication in the forums. Do you think it's draconian too?
Implying the access to the forums is the same as access to the game. :rolleyes:


Enforced login system also effectively prevents impersonation and clan impersonation, especially if something like NickServ protection is implemented (i.e. there's a registered account, and only the person that owns it can use that name, while still being able to alias as random nicknames unlike ZDaemon, if that's SO important). Right here the problem was that you could have random guy use your nickname.
Whew lad, good thing you never saw the ZD banlist back in the day. Several instances of namefaking, impersonation and cheating (of course) still occurred despite the banning of the original accounts of the offenders.

Not to mention several bans of proxies that stretched the list for days.

User avatar
ZZYZX
Posts a lot
Posts: 742
Joined: Thu Jun 07, 2012 5:56 pm
Location: Ukraine
Clan: A3
Clan Tag: [A3]

Re: So what merits what punishment?: A treatise on ban length

#52

Post by ZZYZX » Thu Jul 14, 2016 3:39 pm

Ru5tK1ng wrote:Implying the access to the forums is the same as access to the game. :rolleyes:
Not the same from player's POV, but similar from staff POV and this is also a good example of how our staff isn't nazi even with forced auth. In other words, forced authentication doesn't automatically make MiFU Kilgore. As such, "forced auth what are we fucking zdaemon" doesn't make sense.
Ru5tK1ng wrote:Several instances of namefaking, impersonation [...] still occurred despite the banning of the original accounts of the offenders.
By preventing impersonation I mostly meant that people will know the exact account name (say, Siferah) and no one will be able to use this name as long as it's registered as a login. Thus impersonators will be forced to use lookalike names or just outright use random names and say "I'm this person", which is way more suspicious nor it helps against kickvotes.

User avatar
Mobius
Posts a lot
Posts: 706
Joined: Wed Jun 13, 2012 3:43 am
Location: The center of the A3's controversial and machiavellian conspiracy
Clan: Cube
Clan Tag: Aᵌ
Contact:

Re: So what merits what punishment?: A treatise on ban length

#53

Post by Mobius » Thu Jul 14, 2016 6:05 pm

ZZYZX wrote:
The Toxic Avenger wrote:Enforced login system? Do you think we're Zdaemon? We're not Draconian, and do you realize how many people are against that?
Enforced login system isn't draconian. It's a common practice employed exactly to not do imprecise IP bans that are always too wide or too narrow for countries like Brazil. Killstrike here evades his G-line under anonymous connection every few days because he can. We already have required authentication in the forums. Do you think it's draconian too?
He can always make a new account with a different IP. It doesn't change what Killstrike will do and has done. Ban evaders will find a way, and people will still impersonate one another. If you want additional security from impersonators then tell server clusters to enforce the same password system Konar6 implements in his private CTF server, and even that is not secure unless you whitelist SPECIFIC user IPs.

Can you imagine the plummet we'll see in Zandronum activity if we enforce a login system? I think one of the alluring factors of Zandronum was coming in "anonymously" without logins just to play. A login system will just create barrier of entry at this point.

Alien wrote:Enforced login system also effectively prevents impersonation and clan impersonation,
It doesn't. Clan impersonation is a problem with the clan's own security itself. You had a recent run-in with Killstrike being in "VGL" but that's no one problem but your own. People impersonating clans will happen with a login system because it is up to the user to be trusted with sending in genuine information. All someone has to do is use [clantag]alias when they make an account and no one but the clan itself will know who it is, and a clan with poor security will probably not think twice if the aliaser is theirs or not. I use to alias as Tosen in Zdaemon to beat people up in Zdaemon and a few times as Kal Foxis and never got in trouble for it or suspected.
Alien wrote:especially if something like NickServ protection is implemented (i.e. there's a registered account, and only the person that owns it can use that name, while still being able to alias as random nicknames unlike ZDaemon, if that's SO important). Right here the problem was that you could have random guy use your nickname.
What about people who don't use irc often or at all or people glined from an entire network like Killstrike or Ral?
Alien wrote:Thus impersonators will be forced to use lookalike names or just outright use random names and say "I'm this person", which is way more suspicious nor it helps against kickvotes.
What about proxies with alias accounts? How do you keep track of a genuine user from a dummy one? What about those who can't or won't use irc?
dewsome: i can do this all day
dewsome: do you think you're somehow special? i spent years arguing with nostar, jenova, mobius
<+Thomas13> Mobius u r inferior, go outside and get beaten up
Alfonzo ~ "I wonder who will hear him trash talk when the dirt closes over him?"

User avatar
ZZYZX
Posts a lot
Posts: 742
Joined: Thu Jun 07, 2012 5:56 pm
Location: Ukraine
Clan: A3
Clan Tag: [A3]

Re: So what merits what punishment?: A treatise on ban length

#54

Post by ZZYZX » Thu Jul 14, 2016 6:27 pm

Mobius wrote:Can you imagine the plummet we'll see in Zandronum activity if we enforce a login system? I think one of the alluring factors of Zandronum was coming in "anonymously" without logins just to play. A login system will just create barrier of entry at this point.
Not quite sure this is going to happen but ok, this is a valid and strong enough point.

Mobius wrote:
Alien wrote:especially if something like NickServ protection is implemented (i.e. there's a registered account, and only the person that owns it can use that name, while still being able to alias as random nicknames unlike ZDaemon, if that's SO important). Right here the problem was that you could have random guy use your nickname.
What about people who don't use irc often or at all or people glined from an entire network like Killstrike or Ral?
Alien wrote:Thus impersonators will be forced to use lookalike names or just outright use random names and say "I'm this person", which is way more suspicious nor it helps against kickvotes.
What about proxies with alias accounts? How do you keep track of a genuine user from a dummy one? What about those who can't or won't use irc?
<Siferah> Mobiuus how is it related to irc even
<Siferah> I just gave nickserv as an example
<Siferah> where you can alias as any name but if someone tries to use officially registered one without a password itll tell them to go away

User avatar
Ru5tK1ng
Posts a lot
Posts: 719
Joined: Fri Jun 01, 2012 9:04 pm

Re: So what merits what punishment?: A treatise on ban length

#55

Post by Ru5tK1ng » Thu Jul 14, 2016 6:34 pm

ZZYZX wrote:In other words, forced authentication doesn't automatically make MiFU Kilgore. As such, "forced auth what are we fucking zdaemon" doesn't make sense.
No one said anything about Kilgore. TTA means 'we' don't want to be like ZDaemon, following it's login structure.

Edit: Especially considering ST never had one.
<Siferah> Mobiuus how is it related to irc even
<Siferah> I just gave nickserv as an example
<Siferah> where you can alias as any name but if someone tries to use officially registered one without a password itll tell them to go away
So you want a type of nickserv functionality on the servers? Good luck coding it.

User avatar
Mobius
Posts a lot
Posts: 706
Joined: Wed Jun 13, 2012 3:43 am
Location: The center of the A3's controversial and machiavellian conspiracy
Clan: Cube
Clan Tag: Aᵌ
Contact:

Re: So what merits what punishment?: A treatise on ban length

#56

Post by Mobius » Thu Jul 14, 2016 6:52 pm

ZZYZX wrote:
<Siferah> Mobiuus how is it related to irc even
<Siferah> I just gave nickserv as an example
<Siferah> where you can alias as any name but if someone tries to use officially registered one without a password itll tell them to go away
You brought up as an example, but your example still falls under the issues security systems have trying to discern genuine and authentic information with bogus or junk information. Almost anyone can register with an account, but how do you determine if it's a genuine account by the authenticated person or someone like Killstrike being a meme person. I could even squat accounts under a system by creating would be aliases with proxies for a undetermined amount of time, and there's no real checks to see whether or not I am real or fake.

Then there's sleeper accounts.

Deathtoll wrote:How about making ACCURATE BANNING possible? Having trolls being able to use your name and then griefing to get an inattentive and reactionary player to call for a ban, then the troll disconnects, leaving you to get banned for no reason.

Nobody should be talking about banning until an actual reliable ban system is in place. How about an enforced login system? Is there even a design document to see on this?
Did you contact the admin of the server?
dewsome: i can do this all day
dewsome: do you think you're somehow special? i spent years arguing with nostar, jenova, mobius
<+Thomas13> Mobius u r inferior, go outside and get beaten up
Alfonzo ~ "I wonder who will hear him trash talk when the dirt closes over him?"

User avatar
AlexMax
FNF Team
Posts: 237
Joined: Tue May 29, 2012 10:14 pm
Contact:

Re: So what merits what punishment?: A treatise on ban length

#57

Post by AlexMax » Thu Jul 14, 2016 11:00 pm

If you actually want to fix ban-evades with the login system, charge $20 for every account creation. As long as creating accounts is free, a login system will never be an effective means of keeping banned players off servers.

However, I do think that the login system can be somewhat effective at cutting down on namefakers. What would be nice would be for any player to be able to see what account name any other player is using. The only catch is that you have to know what somebody's real account name is. Maybe that could be made easier by adding a field for Zandronum login server names to people's profiles. I opened a ticket for this feature in any case.

As far as forced authentication is concerned, while foolish to enforce everywhere, I actually think it would be a great idea to allow individual servers to force authentication before connecting, as a replacement for something like Konar's Private CTF password system.
The only limit to my freedom is the inevitable closure of the
universe, as inevitable as your own last breath. And yet,
there remains time to create, to create, and escape.

Escape will make me God.

Simk
New User
Posts: 17
Joined: Sun Jun 10, 2012 1:04 am

Re: So what merits what punishment?: A treatise on ban length

#58

Post by Simk » Thu Jul 21, 2016 11:57 am

In terms of exploits i find all this to be super subjective, For instance whats the difference between fireing rockets from your back and automatic sr50? Where do you guys draw the line?

User avatar
Mobius
Posts a lot
Posts: 706
Joined: Wed Jun 13, 2012 3:43 am
Location: The center of the A3's controversial and machiavellian conspiracy
Clan: Cube
Clan Tag: Aᵌ
Contact:

Re: So what merits what punishment?: A treatise on ban length

#59

Post by Mobius » Mon Jul 25, 2016 12:53 am

Simk wrote:In terms of exploits i find all this to be super subjective, For instance whats the difference between fireing rockets from your back and automatic sr50? Where do you guys draw the line?
The fact is has the word "automatic" in it.
dewsome: i can do this all day
dewsome: do you think you're somehow special? i spent years arguing with nostar, jenova, mobius
<+Thomas13> Mobius u r inferior, go outside and get beaten up
Alfonzo ~ "I wonder who will hear him trash talk when the dirt closes over him?"

Deathtoll
 
Posts: 34
Joined: Thu Jan 29, 2015 2:04 am

Re: So what merits what punishment?: A treatise on ban length

#60

Post by Deathtoll » Wed Aug 31, 2016 6:45 pm

Mobius wrote:
Did you contact the admin of the server?
Not possible since they want to hide behind registration on their site (TSPG) and seem less than willing to respond.

What Zandronum needs instead of a login system is a unique and short identifier that can be referred to instead of name when banning, which appears next to every player's name. That'll make the mistaken identification via name cloning problem go right away. The Identifier should not change with name change, either, and should ideally be tied to direct hardware configurations to make it prohibitively expensive or difficult to ban evade. This can also get tied into the master ban server list.

Post Reply