this post was submitted on 10 Oct 2023
67 points (95.9% liked)

Asklemmy

43907 readers
1184 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
 

If it blocks your IP, wouldn’t everyone who came to your house get banned as long as they’re using your Wi-Fi?

top 50 comments
sorted by: hot top controversial new old
[–] mp3@lemmy.ca 43 points 1 year ago* (last edited 1 year ago) (1 children)

Correct, and they could technically be at risk of getting their account banned if they consider those as possible alt-accounts for ban evasion too.

[–] Rocky60@lemm.ee 22 points 1 year ago (5 children)

What if somebody at, let’s say, a Starbucks gets banned, would every costumer be at risk?

[–] xusontha@ls.buckodr.ink 36 points 1 year ago (1 children)

Reddit should be able to tell by the number of different accounts that connect through an IP like that that it's not a home wifi network and treat it accordingly, the question is do they actually do that (probably cuz otherwise you'd never be able to connect through a VPN lol)

[–] user224@lemmy.sdf.org 3 points 1 year ago (1 children)

But... CG-NAT. Most people don't have their own IP, so how do you deal with this?

[–] elvith@feddit.de 5 points 1 year ago

Either they’ll see it like some kind of public WiFi, or there’ll be collateral damage. But keep in mind that CG-NAT usually only applies to IPv4, so if your ISP and home network support IPv6, Reddit won’t have said problem and see you IPv6 address.

[–] Genrawir@lemmy.world 13 points 1 year ago (1 children)

If that account only ever logged in there, maybe? I'd think they'd be smart enough to look at the most commonly used IP address by the account(s) in question. Then again, it is reddit.

[–] nitefox@sh.itjust.works 8 points 1 year ago

I mean, IP bans aren’t smart most of the time since dynamic IPs are a thing

[–] teamevil@lemmy.world 9 points 1 year ago

Probably....my ban followed every device because some AITA mod was a fuckface.

[–] mp3@lemmy.ca 6 points 1 year ago

They most likely don't rely on a single metric to determine if someone is evading a ban. False-positives can happen though.

[–] SatanicNotMessianic@lemmy.ml 4 points 1 year ago

I can’t say how they do it now, but it used to happen all of the time. A service would ban an IP that was shared, or even a range of IPs if the traffic was disruptive enough. Then the owner would have to contact the service to have their ban removed.

I’ve run into IP ban messages from both hotel WiFi and from VPN addresses.

[–] PerogiBoi@lemmy.ca 36 points 1 year ago (2 children)

Yes. I was IP banned from Reddit and my wife’s account got banned as well on her devices (I never once used her devices to log into my account).

This can be circumvented with a vpn, but why bother. Reddit is a toxic site that is meant to show you ads and get you enraged so you engage.

[–] Rocky60@lemm.ee 9 points 1 year ago (1 children)

I still miss it. It was a good entertaining time killer that has no replacement so far. I was in a lot of music and guitar subs that were fun to interact in

[–] PerogiBoi@lemmy.ca 11 points 1 year ago (1 children)

For me I found that it was full of people who desperately wanted to be right about everything.

I was banned from the 3Dprinting sub after posting a print in front of a 3D printer that was not the subreddit’s recommended printer and after I was called out for having “the wrong printer” I accused the multiple users of acting like they were in a cult. That resulted in a ban. Even my hobby subs were filled with unnecessary negativity.

There is much less content here but I fill it with as much interesting content I can because it’s friendlier here.

[–] Ataraxia@sh.itjust.works 4 points 1 year ago (1 children)

Or by browsing from your data plan, or refreshing your ip address. Unless you pull a static ip for which you pay for a dynamic one is going to change. Just power cycle the modem and it'll likely change. Sometimes it takes a few tries or leave it disconnected for a bit.

[–] PerogiBoi@lemmy.ca 2 points 1 year ago

Not worth it

[–] bestusername@aussie.zone 20 points 1 year ago

I'm pretty sure they focus on other ways like device ID; IPs are problematic since they're shared and recycled a lot.

[–] Ziggurat@sh.itjust.works 15 points 1 year ago

In general, ISP would sell a fixed IP adress as a fancy option, just unplug/replug your modem a couple of time and you'll get a new IP. As very few ISP don't offer IP6 yet another fancy option they have to pool their IP adresses among their customer

This make IP ban pretty unreliable, and there is way better way to identify a single user even in private browsing

[–] HelixDab2@lemm.ee 13 points 1 year ago* (last edited 1 year ago) (4 children)

It's complicated.

Reddit doesn't seem to ban an IP specifically, but they have ways of figuring out if accounts are associated. For instance, I was permanently banned for suggesting arson as a way of dealing with nazis moving in down the street. (I guess Reddit thinks that this is "encouraging violence", as if Nazis were human?). I always use a VPN. When I changed my location and logged in to an alternate account, that account got banned also. I made an account from a different computer a few days later, also with a VPN, and that account was banned as well; I had previously logged into my 1st account from that computer.

So I think that there's some kind of digital fingerprinting going on. I should have fingerprinting blocked on my computer, but it's still happening, somehow; there must be some kind of hardware configuration information that it's able to scrape that gives it a high enough degree of certainty that I'm me.. The only solution that I was able to come up with--I have not actually tried this--was replacing my computer entirely, and then creating a new account.

EDIT: I'm curious to see what would happen if I tried to log into my banned account from my wife's laptop. She has a reddit account; would they see me using her laptop as proof that her real account is one of my alternate accounts? IDK.

[–] Freeman@feddit.de 18 points 1 year ago (2 children)

One does not simply "block fingerprinting". Fingerprinting is incredibly complicated and very hard to avoid. You need VPN, Browser with no extentions and fixed windowsize (tor or mullvad), frequent cookie deletion, even the installed fonts/language packs can give them identifiers...

EFF has a good test which tests your browser

[–] Turun@feddit.de 6 points 1 year ago

If you have JavaScript enabled all this is useless. So add "disable JS" onto the list.

[–] HelixDab2@lemm.ee 3 points 1 year ago

I just checked their tool. With a brand-new private browsing window open, connected through a VPN, and a fair amount of blocking shit layered into my browser, it's showing that I'm blocking ads and trackers, but that I still have a unique fingerprint. Even tools like canvas blocker aren't preventing it. Running it through Tor, I have a non-unique fingerprint, but Reddit doesn't play nicely with the Tor browser. Attempting to use different clean installs of browsers (Vivaldi, Brave, Edge, Chrome (incognito mode), etc.) all have me as unique. Fonts could def. do it; I have to have a ton installed on my workstation.

[–] Modern_medicine_isnt@lemmy.world 6 points 1 year ago (1 children)

Its not machine specific, they can see very little about your machine. It's most likely your browser. The cookies can give you away.

load more comments (1 replies)
load more comments (2 replies)
[–] alokir@lemmy.world 11 points 1 year ago

Not sure if they IP ban you because it's not reliable. Most internet providers don't give you a static IP, you get a new one every time you connect to the internet.

I've been IP banned before from some Counter Strike (1.6) servers back in the day because they though I was cheating (I just learned the AK's recoil pattern), all I had to do was restart the router to play again.

I recently visited a forum for the first time and I wanted to comment but I couldn't because I was IP banned. Probably because someone trolled there with the IP that I ended up receiving.

Me and my friends got banned from an online game because we logged in from school computers and sent each other resources. They thought they were one person's alt accounts, which was forbidden. This was before wifi became commonplace so I guess they assumed everyone used their own internet.

I suspect that your IP is just one data point that they use to try to identify you if they do this sort of thing. Your browser (or their app) provides tons of information like screen resolution, device id, extension list, plugged in device list etc. These can identify you quite accurately.

[–] xusontha@ls.buckodr.ink 9 points 1 year ago* (last edited 1 year ago)

I would think so, unless you used a VPN or your IP changed (or if you used IPv6 I think)

[–] Zippy@lemmy.world 9 points 1 year ago (2 children)

How do you get your IP banned?

[–] CanadaPlus@lemmy.sdf.org 16 points 1 year ago (1 children)

I'm guessing be so persistent with getting banned and then making new accounts without using a VPN that they have to.

[–] Zippy@lemmy.world 4 points 1 year ago (1 children)

Sounds like something I should do in every Starbucks.

[–] CanadaPlus@lemmy.sdf.org 9 points 1 year ago (2 children)

It will take a lot of effort, but yeah, I guess you could be a hacktivist that way. A smarter approach would be to leave little Arduino proxies or something in public Wifi locations, so you could do it all remotely. And then, going to the logical conclusion you arrive back at DDoS from other people's hacked computers, which is a time honoured cybercrime strategy.

It would take a lot of time and it's still not going to sink Reddit if it's just you, though. Honestly looking at Twitter you have to do ridiculous shit to a big monopoly-ish network service to make people leave it. Like, more than Elon already did.

[–] user224@lemmy.sdf.org 3 points 1 year ago (2 children)

A little unrelated, but sometimes the DDoS protection can be a little too sensitive. The website of my school hands out temporary IP bans even if you just hit refresh too fast.

[–] CanadaPlus@lemmy.sdf.org 3 points 1 year ago

"The refresh button is hacking"

[–] Perhyte@lemmy.world 2 points 1 year ago

I recently got temporarily IP-banned from a site, apparently for subscribing to one of their RSS feeds and occasionally opening a post. The error page they served me (instead of the content I wanted to read) accused me of "botting". Why even have RSS feeds then? 🤷‍♂️

It's actually pretty easy aside from hardware costs. A good ol' Raspberry Pi can be set up to start an SSH server at boot and not do much else. Then, all you need is a tunnelling system and SSH -D can put a browser in that tunnel. With public-key authentication and the right tunnel, you can make all of this completely anonymous.

load more comments (1 replies)
[–] Pantherina@feddit.de 8 points 1 year ago (1 children)

Normally yes, but they may only do it for the "evil people using a hardened Browser" as they will recognize everyone of those Chrome, Edge or Safari users perfectly. Along with Opera, Vivaldi, Samsung Internet etc

[–] Flumsy@feddit.de 1 points 1 year ago (1 children)

Your IP address changes every 24h, doesnt it? How are IP bans effective at all?

[–] nabladabla@sopuli.xyz 9 points 1 year ago (7 children)

Maybe yours does, but that's not universal in the slightest

load more comments (7 replies)
[–] IzzyData@lemmy.ml 3 points 1 year ago

There is only going to be one IP address per house in most cases. If you check https://www.whatismyip.com/ on any computer in the same household it should come up with the same result.

[–] nyander@beehaw.org 2 points 1 year ago

In my experience, no. Reddit does not suspend based on IPs.

[–] Pratai@lemmy.ca 1 points 1 year ago (1 children)
[–] amio@kbin.social 6 points 1 year ago (1 children)

Well, not to put too fine a point on it, but it has users and content.

load more comments (1 replies)
load more comments
view more: next ›