Would be awesome if you could identify which users are connected on the same IP.
It should of course be modified and sent in a way that the IP is still hidden, but the value will be the same between users from the same IP.
There’s a definite need for something like this with spammers getting more annoying these days, and ban evaders still being an issue.
This would be really useful to have. Just hash the IP; instant privacy.
I guess it wouldn’t be quite that simple, a hash would need to use a private and non-predictable salt for each IP to prevent someone from generating a lookup table.
An API endpoint would work great; one that gives a list of the last 5 or so IPs (obfuscated) an account used, and the number of logins on each IP (or number of messages sent, or some other benchmark). That would take care of the issue of seeing whether or not that’s the main IP they log in with, or just temporary IP, like somebody else’s internet connection. And if it listed the number of accounts that logged in from that IP, it would help gauge whether it’s a public IP (like a university) or a private home connection. In fact, Twitch could pre-cache the owners of all the major IP blocks, which should make it pretty easy to differentiate between private connections from an ISP, and commercial connections, which it could include as a flag in the API response. Just thinking out loud here, since I think it’s a good idea.
This is not something we are likely to do, as is has privacy implications. As IPs are not per-user, you reduce the security of every user on a particular IP address to the lowest denominator, regardless of what data you expose to external users.
For example, if Alice and Bob are on the same IP address (living on a college campus), they would share the same external facing “hash.”
Now, if Bob is dumb, and has his info exposed through skype, or whatever means, a malicious user now knows that Alice is connected through the same IP, and might know her address, her IP, or other sensitive information.
For this reason, we are not planning on implementing this feature, but are always open to suggestion!
What about an identifier that indicates multiple accounts are using the same email address? I have several accounts registered to my main account email, so if you’re creating spam accounts it’s reasonably to think that it would be easier to reference an existing email than spoof captcha’s (and if it’s not a spam account, but just somebody being a PITA there’s a reasonable chance they would reuse their email.)
Even if you could see the IP (or some hash of it), there are always some spammers who go to extreme lengths to spam/harass, especially if they are intentionally targeting a channel.
I’ve run #wow on quakenet since WoW was still in beta and over the years we’ve had to at times use some pretty extreme measures to prevent the spammers that such a well known game attracts, and sadly there’s not always an easy way to prevent some spammers without also impacting legitimate users. For example I remember a few years I think it was the German ISP t-dialin had a system that made it trivial for users to go through hundreds of IPs to spam, and so at times the whole of t-dialin had to be banned, or a blanket *.de ban.
Even if there was a system in place that let channel broadcasters/mods see an IP and let them blacklist troublesome IP’s (or IP range), it wouldn’t stop persistent spammers as it is still trivial to get around. The spammer problem is something I hope Twitch is in the process of dealing with on their end, and I would hope recruiting some more experienced global mods/admins to deal with the issue (as I’ve seen global mods in huge channels that seem to sit by and do nothing to try to prevent it, unless they are powerless?).
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.