Threaded Mode | Linear Mode

Ellira · 08-18-2009, 06:07 AM

I've recently had it brought to my attention that users can be given elevated powers to use through mIRC. One particular user of my chatroom was given this by a user of another everywherechat room ("he gave me a special login"), and can now use it to track what usernames people are using as they enter chat, whether registered or not. As admin of my chat, I don't even have those powers, so for a start it's somewhat annoying that a normal user of my chat has more idea of what's going on than I do. Secondly, I often go in my chatroom "undercover" to make sure people are behaving even when there isn't a mod around. Thirdly, I don't like the idea that someone has that much knowledge--I feel my users have a right to sign in anonymously so long as they're sticking to the rules, it's all in good fun.

If anyone can tell me how to stop this happening, I'd be grateful. The user shows up as:

UserID: AZ Staff
Realname: AZ Staff

I can only guess they've been given privileges as 'staff' on another network, and it spills over into my network. It's not secure, I don't like it, I want it to stop.

I'm done whining now, thanks in advance for any help you can give me.

j · (This post was last modified: 08-18-2009 06:16 AM by j.)

Outside of EWC administrators, no one has any "elevated powers." Users of IRC clients other than the provided Flash client can take advantage of some features inherent to the IRC protocol, such as checking the ip address or hostname of a user.

This is somewhat limited in two ways. The first being our masking routines which make it impossible to see the full IP address or hostname. The second being the fact that most people's ip addresses change on a fairly regular basis.

That said, if you log out of the chat and come back a few seconds later, it's likely your ip address will be the same, and therefore the mask will be the same. This makes it pretty obvious who you are.

The internet is a fickle creature when it comes to anonymity. It's possible to be very anonymous, to an extent. I'm quite fond of saying, "the only true security is ignorance." No matter what mitigating steps are taken, with the right knowledge, people can sort out quite a bit.

EWC appreciates your right to be anonymous, this is a large part of the reason we mask IP addresses. But, while masking protects your true identity... it doesn't necessarily protect your virtual identity between sessions. There's a fair amount of information about internet anonymity on Google.

Ellira · 08-18-2009, 06:26 AM

Thank you very much for your reply. I've talked in the support chatroom as well, and I now fully understand what's going on. Thanks again!

Venus143 · 10-05-2009, 02:58 PM

EWC appreciates your appropriate to be anonymous, this is a ample allotment of the acumen we affectation IP addresses. But, while appearance protects your accurate identity... it doesn't necessarily assure your basic character amid sessions. There's a fair bulk of advice about internet anonymity on Google.

_________________
Temporary medical