Open peterthethinker opened 3 years ago
shadowpanther
commented
3 years ago If someone is using alternative accounts to circumvent the personal moderation restrictions, I feel that you should report such behavior via https://moderation.neos.com/, as a violation of Neos's guidelines.
peterthethinker
commented
3 years ago Yes this is true,,,
also having it as a tool we can insta-act-on is also nice.
AshtonSparx
commented
3 years ago iirc the only time it doesn't include a machine ID is if you session ban someone while they're not currently in the session. Neos doesn't store known-machine IDs' so it'll appear null and just ban their User-ID
3x1t-5tyl3
commented
3 years ago iirc the only time it doesn't include a machine ID is if you session ban someone while they're not currently in the session. Neos doesn't store known-machine IDs' so it'll appear null and just ban their User-ID
Not entirely. I accidently banned myself once and it does not include a machine ID. Neither of any bans of users I banned while I was in a session with them.
Frooxius
commented
3 years ago Would you mind elaborating a bit on how exactly you ban those people? Is it through the session menu when they're in the world or through the Contact list?
Did someone actively circumvent a ban you applied before? (I'd recommend answering this one in private if you have any details).
The ban system (both global and self-moderation one) already uses some fingerprints that should catch a lot of cases of alt accounts, so that should largely already be implemented, but it's not shown to you in the UI. The MachineID isn't a particularly good one anyways though, since that gets reset every time you clear the database, so it's more for user reference.
Understanding a bit more the flow could help though. E.g. if you use the Contacts to ban the person, it doesn't know those fingerprints, that's something we could potentially extend.
However unfortunately it's not possible to fully prevent someone from circumventing such system. With modified clients and enough effort, people can spoof any sort of ID being sent. Best solution for anything sensitive is to restrict the world to Contacts or Invite only, so you can vet people you trust to join.
If you encounter people bypassing it or causing you any trouble and harassing, I'd recommend making a ticket at https://moderation.neos.com so we can deal with the situation or put extra measures in place where possible.
I wish there was a way to not just ban per user but also per HW ID> this would be In addition to the user ban options. many people have Alt accounts and Its like playing wack-a-mole to ban them no matter the account.
I Ban people based on If they are a InfoSec threat to me and my biz .
Right now this is being undermined..
I dont allow self proclaimed back-hats in my sessions or friends list but still.
Knowing the mods have this privilege per machine ID then Why not my self
neos does promote self moderation after all. I dont Need to see or know the machine ID.
i just want to push a button and they are fully verboten from my sessions ect.