Forums Feature Suggestions Irc Privacy Guard

I'd like to see some sort of privacy protection in not only Mirc, but the whole of Irc itself. Anytime a user gets on Irc, the /who and /whois commands expose him to every freak that wants to get his/her information. This is a serious security hole which can lead anyone right to your doorstep! I think we have come to a point where the only ones who should know what your IP is, and anything else about you are the Server Security (IrcCops and Admins)- not even channel OPs should get your IP (anyone can be a channel OP, who knows how many mass murderers are out there collecting your info for their little "list"). Channel OPs should get a unique username and that's it. They can still do whatever they need to do (kick, ban or whatever) but there shouldn't be access to your IP. There is no valid reason why everyone who gets on Irc has to give up their privacy to any nut who wants to get info on them.

So I hope for a feature that will protect user's private information from prying eyes.

Now, how can he (freak) do that... except if you give him that info?

mIRC is an IRC client, it is not IRC. Khaled has absolutely NO control over what happens on 'IRC' as a whole. It is not mIRC's decision to hide your IP address or hostname either, and generally you cannot track someone down to their very house. It is not a 'security hole'.

The risk of 'freaks' is one that is very real amongst all chat mediums, not just IRC. That is why many parents choose to restrict their children's time online. There are many abusive weirdoes out there, and caution should be exercised - however, mIRC is not your bodyguard. You are your own bodyguard on the Internet. If you're worried about privacy, don't give people your full name, your address, and so forth. True, hiding your country is hard without taking extra steps (see below), but personally identifiable information is not obtainable unless you give mIRC that information or give the person you're talking to that info. The 'Full name' and 'Email address' text boxes in connect options do not need to be filled in or given *true* information.

For information on hiding your IP address, see this post.

Regards,

Most major servers already have some form of IP masking. Smaller private servers which don't are generally used by friends or people you would trust to that extent. Also, I've never heard of an IrcCop, I think you mean IRCop (IRC operator). I could be wrong but the the thought of someone policing an IRC network makes me laugh.

Mentality,

I am making a post about what I'd like Mirc to be - not what it is. All those things you said Mirc doesn't do, it could do in the future. I am not talking about the security of the world, either - I'm specifically talking about IRC. Despite your comments I would still like to see those or better privacy features in Mirc or Irc as a whole. I don't need to see what is available now, I am talking about what could be available in the future and will make Irc and Mirc safer and more valueable.

Now I know you guys aren't going to act like you don't know that a /who, /whois, and even /whowas command can lead someone to your front door! You get the IP, you go to the whois website, or Network Solutions / Verisign - in nothing flat you have the users address, phone, real name, server, and other pertinent information. I had a problem with two jokers who decided to go over the line. One of them overwrote my website and stupidly left their Irc address. The other one threatened to hack my because I was using "his" username. I found both of them in about 15 minutes! So don't tell me there isn't a security risk that needs to be addressed.

Additionally, I use AOL, and for some bonehead reason there are a lot of idiots on Irc who don't like AOL users (as if we WORK for AOL, dumbnuts). They do /whois on me and all of a sudden I'm getting flamed. This kind of idiocity is not only unneccessary - there's no reason for it. Why should some nut be able to look at my IP when all he's looking at it for is to come back and insult me? That's another reason why we need to get some privacy standards established.

Lastly, all software reach to provide everything to it's users (look at Internet Explorer for example). If that weren't the case Microsoft wouldn't have hundreds of different software titles and upgrades - security or not - for each one. If enough people want Mirc to be thier "bodyguard" (somebody has to do it - why not the browser your using???) and are willing to pay for it, either Mirc will evolve to that point - or people will start shopping elsewhere. The way you are talking is passionate - but not business sense. You grow a business by providing needs, not chastising people when they make new ideas because it isn't "how it is". How it is is dead - it's about how it can be. Security and privacy is the missing link in Irc, and if Mirc can provide those, all the better.

You seem to be missing my point. mIRC cannot hide your IP or hostname, it is up to the server you use, with the methods explained in the post I linked to (please read it if you haven't yet).

mIRC is NOT the same as IRC, and 'IRC as a whole' is not controlled by Khaled. I know that people can be lame, I know that people can be abusive, I know it can be frustrating too. There's nothing Khaled can do to mIRC to circumvent this however.

Regards,

There is always a way - it's all nothing but 1's and 0's.

I hope you tried doing that on yourself. If so, you'd see that unless you're running your own ISP, that information isn't even remotely close to being about you. I just did a search for my IP at Network Solutions and it said that I was in Milton, Queensland somewhere, which is two days drive from where I live. The most accurate information returned about my IP is that I'm in Australia, which I'm more than happy to admit.

I'm not an expert on these matters and I'm sure there is a way that information can be used with harmful intentions, however, I would say that it'd take more than just entering an IP address on a website.

No, there is not a way. The client has nothing to do with it. You can want it to be that way as much as you like, but that's just the way things are. If you're not prepared to follow the suggestions in the 'Hiding your IP Address' post, then you'll either have to put up with it, or leave IRC. For 95% of people this is not an issue.

Seifer: Correct, your IP should not return your exact street address unless you're acting as an ISP, which is obviously virtually never. Sometimes the info can be fairly accurate, my old IP used to return a neighboring town of mine - however, put that in perspective. Thousands of people live in the two towns - some random person from, say, the USA, is going to find me, fly over to the UK and then track me down (somehow) out of those towns? I don't think so...

As I said, online security is not something to just 'brush off' as nothing. I'm sorry, but mIRC can't do anything more than is already possible. Not everything is possible, even if you want it to be.

Regards,

That is exactly what I wanted to say... and don't be lame... there's no way somebody can find your street address by your ip address (except in some low procent cases, try to search this forum for it)... Do I need to give you my IP???
Try to find my country or continent (without looking in my info ).

People finding out your IP isnt the end of the world. Most ISP's use dynamic numbers that change whenever you connect. It is true that those who have broadband stay longer with the same IP, but still, ISP's don't inform others about the private informations of the IP's "holders", unless there's a strong reason to do it.

The most you can get is the country the person is in. Maybe the state, if the internet provider only reaches a small area. However, that hardly can drive the "freak" into your house.
I am not saying that IRC is safe. Internet is not safe if you're not careful (and sometimes, even if you are!), but there is no base to ask for a huge system (protocol, maybe?) - that has been working since 1988 - to change.

Firewalls, anti-virus and proxy servers help hiding your information and getting you safe. Internet Explorer, as you mention, lets hundrets of cookies in your PC without you even know! I chose to use Opera instead of IE, and yet I run Ad-aware everyday and find cookies and browser hijackers. IRC isn't definately the main thing that allows ppl to find out your IP and/or your coutry. Most pages get your IP as soon as you access it!

At last (I dont like writing long posts, I feel I make too many grammar mistakes :P), the person's IP - numeric or not - are the main bases to set a ban and protect your channel or network from abusers and DDoS'ers. Heck, without an IP you would not be able to use internet!

I hope this can show that IP's aren't the information that ppl need in order to harass. Your e-mail, for example, gets more attention than your IP: spams are a plague hard to get rid of, and you just need an email addy. That said, I should get back into my cave.

Greetings,
Zyzzyx.

Edit: I have just looked up my IP address on Network Solutions: turns out that, according to the page, I'm in Montevideo, Uruguay! I can assure you that I'm not even close to Uruguay, even though it is in the same continent.

Just a little note... Actually in some cases you can findout user's city by his ip address... but that's it...

Yes, if the ISP is local or if they show it in the alpha numeric IP. I don't know about other countries, but here it is not common to do show it (nor is to use alphanumeric IPs).
Still is a whole city in the 1st world (I assume, with the AOL deal), where most ppl have internet.

magusat999, did you know a website can gather more information about you than anyone on irc could ever do?

Web servers can get information such as your operating system, your browser, your resolution, your IP address, and other things, yet you don't seem as paranoid about surfing the web...

If you don't like the fact that someone knows ur using AOL, don't use IRC at all, then you won't have to worry

If you want something changed on the protocol level - talk to the IRCd coders, mIRC is just a _client_ software, it does not control IRC.

Or even better - find some web chat or instant messenger which has the features you need.

"who knows how many mass murderers are out there collecting your info for their little "list""

You take more chances of that happening IRL every day than you do IRC, by handing ppl far more info on you than they could get from /whois. You have your address and phone number on checks, lots of ppl see each one you write. The unthinking clerk (or you) who proclaims your phone number and address for everyone in line behind and around you to hear. The caller id feature on phones. Business cards or notes hanging on bulletin boards. The employees at every company you do business with. Carelessness with credit card receipts.

While i can see your concern about privacy in general, ppl who get into unpleasant situations IRC generally do so because of info they give to strangers not from what a /whois shows.

Don't like the 'lack' of security? Don't use IRC. Go use a pen and paper, and your local post office.

Can't use the local post office, the postmark would probably give more specific location info than an IP address .

Oh Noes! (*Runs around screaming in mock horror and astonishment*)

We can't have that happening! :P

Just use a fake return address and severe brown paper wrappiing...

PM