You are viewing a single comment's thread.

view the rest of the comments →

1
9

[–] MadCamel 1 points 9 points (+10|-1) ago 

Using IPs is a very bad idea.

What will happen when the UK's IWF or Russia's ROSKOMNADZOR considers a page on voat obscene? These systems implement page-by-page blocking by routing all traffic to any site with a censored page through proxies. The end result is that you start to get entire COUNTRIES of users coming from only 20 or so IP addresses.

Also, I don't see how it's possible to securely store IP addresses given the tiny amount of entropy in an ipv4 address. You'd have to use something really heavy like pbkdf2 with a few thousand rounds. At this point it would take the server a few seconds at 100% CPU load to encode a single IP address. I doubt this is being done. Therefore it's VERY safe to assume that a malicious actor with access to voat's database could pull IP addresses from it. And voat's databases are kept on cloud servers...

Don't get me wrong, it's not a huge problem. There are plenty of easier ways for a malicious actor to get users IP addresses. But I don't like that Atko is promising something he can't feasibly deliver...

0
3

[–] Acharvak 0 points 3 points (+3|-0) ago 

Don't know about IWF but Russia's Roskomnadzor doesn't have nationwide proxies. It sends blacklists to ISPs, who then block websites themselves.

But IP-based voating restrictions are still a bad idea because of dynamic IPs, carrier-level NAT and other problems.

0
0

[–] MadCamel 0 points 0 points (+0|-0) ago 

Ah, thanks for the info. I'm more familiar with IWF. They do the same thing, sending blacklists to ISPs. The ISPs then route (not DNS jiggering, actual routing/traffic interception) IP addresses of sites with blocked pages through an ISP-owned transparent proxy farm.

[–] [deleted] 2 points 0 points (+2|-2) ago 

[Deleted]

0
1

[–] peacegnome 0 points 1 points (+1|-0) ago 

you'll have to elaborate on that; i have only seen evidence that he is working with all the best intentions.