One of my friends has been telling me all about how he is free to break the rules on any message board he signs on to because he is on a Mac and has dial-up. I keep telling him that there are still ways to block him, but he's being a prig, and thinks that since his IP is reassigned by his ISP every time he logs on to his computer, that he is invincibe to most of what can be done, and the fact that he is on a Mac means that the other blocking thechinques won't work. I think this is BS and that a message board wouldn't set up rules that they could not enforce to all users, and I want to ask the people who would know.

While a dynamic IP does offer a form of 'ban evasion', a smart admin knows how to deal with it.

There is no such thing as immunity to forum banning. The admin can ban an entire range of IPs or even an entire ISP in extreme cases. (A board I post on once banned the entire campus of Arizona State University to block a stalker who kept moving from computer to computer in the labs to get back on.) Another measure is to ban the use of free e-mail accounts for registration; if you can't use Yahoo and Hotmail, you'll quickly run out of legitimate e-mail addresses to use. To put it simply, your friend doesn't know what he's talking about.

using proxys can get around a lot of that ^ (ISP banning). And email addresses are easy to come by.

using proxys can get around a lot of that ^ (ISP banning). And email addresses are easy to come by.
Not that easy. I'm talking complete and total banning of any and all free e-mail sites. Unless you happen to run a POP3 server, you're not going to get an awful lot of pay service e-mails unless you're really that dedicated to trolling, in which case more power to you, because you'll just keep getting banned.

I know of a couple of sites that if you create a webpage through them they will give you 10 or so e-mail addresses for you to distribute. You can reassign them at will and create new ones whenever you want. They tend to not count as free a-mail addresses when a site is blocking stuff liek hotmail and yahoo.

And of course, that only matters on boards where you can't have multiple accounts with the same e-mail address.

I post to about 6 or so message boards. This is the only one with a rule like that.

And of course, that only matters on boards where you can't have multiple accounts with the same e-mail address.

I post to about 6 or so message boards. This is the only one with a rule like that.
You must post on some funky message boards. Most of the ones I've been to make it impossible to have multiple accounts on the same address. As in, there doesn't have to be a rule; if you try, the server tells you to back up and use a different e-mail.

And there's always the joys of the e-mail address ban.

Wizards of the Coast
Paizo (aka Dragon and Dungeon magazines)
several boards hosted on the BbBoy system

Oh. Official company boards.

Yeah, those tend to be rather stupidly set up.

As far as I know, UBB, vBulletin, phpBB, YaBB, and many other board software packages are set up to only allow one email address (by default anyway) if you select the option to confirm email addresses.

Oh, and I forgot: Proxy services get around an IP ban until the forum bans the proxy. Wikipedia, for instance, has most IP proxy services banned across their whole range to prevent people from circumventing blocks. There are solutions to every single proposed way of getting around a ban.

And there are ways to get around every single block or ban as well.

It's probably true enough. Your friend could probably get away with that sort of thing for quite a while if he tries hard enough, or he can make up escape routes from banning until you are blue in the face explaining to him how to catch him.

The only real way to win this arguement is not to fight his battle. "Yeah, you probably can, but I simply prefer to win arguments with people online using intellect, wit and a pleasant demeanor, instead of resorting to childish actions that tend to destroy the environment of discussion which lead to accounts getting banned. But that's just me." ;)

And there are ways to get around every single block or ban as well.
No, there aren't. The admin literally holds all the cards; if you get bad enough, he can simply stop approving new accounts, but I have never seen someone so determined that the above measures didn't stop him.

The admin stoping new accoutns would work but I mean while still allowing the new accounts. But yes the admins can generally block anyone if the really want to.

No, there aren't. The admin literally holds all the cards; if you get bad enough, he can simply stop approving new accounts, but I have never seen someone so determined that the above measures didn't stop him.
Then you, my friend, have never seen a /b/tard.

As far as I know, UBB, vBulletin, phpBB, YaBB, and many other board software packages are set up to only allow one email address (by default anyway) if you select the option to confirm email addresses.


See, and I'll disagree with you. Every UBB and vBulletin system I've used allows multiple.

And to Renegade Paladin: No, it's not just commercial sites. You can include enworld.org in the list. I know for sure they allow multiple accounts on the same e-mail address (and they, like WotC) use vBulletin).

And there are ways to get around every single block or ban as well.
Not true. Rich would just send WampaX to the kid's house to teach him a lesson. :P

No, there aren't. The admin literally holds all the cards; if you get bad enough, he can simply stop approving new accounts, but I have never seen someone so determined that the above measures didn't stop him.
Isn't stopping the flow of new blood into a forum generally bad? It's hardly a viable solution.

Isn't stopping the flow of new blood into a forum generally bad? It's hardly a viable solution.
I didn't say it was a good idea, but it is a possibility.

Not true. Rich would just send WampaX to the kid's house to teach him a lesson. :P

Yeah, probably not.
I could only expense out for something akin to a 1 hound-power Radio Flyer*. Good for round the block, not so good for international travel.


*Dog pulled wagon

What? I'm so confused!?

You'd only expense out?

What? I'm so confused!?

You'd only expense out?

Expensing, the process by which you submit reciepts to your employer for a reinbursment of the amount spent on goods and services purchased during a business trip.

...oh. Well, I sort of get what you're saying, then...

What, the Giant can't even spring for a catapult?

Interesting topic. System security is always fun to discuss...

Now, I'm inclined to agree that there's a workaround for every solution. In a system that allows external registration, that's pretty much always the case.

Lining up what we have

The forum software could potentially access the following information:
IP Address
ISP
Approximate physical location (via IP/ISP - not 100% reliable)
Email Address
User ID
Browser Info (name, version, etc)
MAC Address

Each of these has a workaround.

IP addresses can be changed by proxy, or even by service provider
Using a very large ISP could make blocking the whole thing "unreasonable". ISP can also be changed
Physical location could be blocked, but can also be faked via proxy
Email addresses can be made and remade. Cheap domain registration could even allow someone to have dozens of their own domains and email addresses
User ID could be changed by registering a new account on the forum
Browser information is not only too generic, but could be changed by installing a new browser
MAC addresses can be changed or spoofed on the operating system level, or by swapping out network hardware.

Human intelligence, however, can pick up certain patterns of behaviour and recognize them as belonging to a specific individual. If a particular user is banned for whatever reason, it's quite possible to intuitively recognize that user having returned by way of behaviours on the forum and the nature of their posts. This isn't a 100% reliable method, but with practice can regularly pick up the culprit.

It's possible to design a system whereby entry can be controlled into a forum (I've personally modified a phpBB forum to accept registration by invitation only), but creating a system that will allow open invitation to everyone except a specific person just isn't going to work, since that specific person could always make a "new them".