Re: distributed simultaniously connecting clones

[Christophe Kalt <kalt@xxxxxxxxxxx>]

On Jan 13, Helmut Springer wrote:
| just heared an interessting idea to counter global limits.
| 
| if one connects one's clones simultaneously to the servers each server
| will allow access since there no other client at that moment.

right, but what did you expect?
Each new feature to prevent abuse becomes obsolete after
some weeks/months as people find more complicated ways to
reach their destructive goals.
This is yet another example, and people who ask for more and
more repression should really learn how futile it is, and
understand why there's sometimes no point in preventing a
specific type of abuse.
Fighting clones is a good example, and I have warned people
many times that each new anti-clone feature results in
"better clones", and every time this happens, fighting them
becomes at least twice as difficult as before.  Just think
of the escalation in this particular case:
   *  flood control
   *  limit on client received Q
   *  penalty(replacing flood control)
   *  local limit / IP
   *  global limit / IP
   *  ...

clones did NOT exist before flood control was implemented,
but their evolution followed very closely ircd's evolution.

| recounter: add some random delay to each connect as SLOW_ACCEPT adds
| a static one.
| problem: the net may be really slow, so that random dealy has to be
| several seconds which of course annoys users.

SLOW_ACCEPT is already quite random, and slow; I don't want
to make it worse which becomes useless as soon as lag kicks
in.