Re: Anti-collide patch

[Joern Westermann <jw@xxxxxxxxxx>]

Kaspar Landsberg wrote:
> 
> the problem with the FNC (forced nick change) solution is that it can easily
> result in a loop. Suppose a nick collision happens and Guenthi changes to
> Guent6387. But now, there´s some guy sitting on one of your channels and
> sees that you get a new nick. All he needs now is a lagged server or a
> server which is currently reconnecting and he can hook up "on the other
> side" a client with the same nick, resulting in a nick collision, which
> makes the whole thing restart from 0 ad infinitum.

I know. This way a channel cannot be taken over, but it'll be a totally
useless channel. But I could also think about a script to defend against
this approach: It notices a collide and after the channel rejoin it
kicks out all non-channel ops and sets the channel +i. So it's
impossible for the attacker to find out the new nick after the next
collide.
Ok, I also hate those warscripts. :(
> 
> A better approach (cf. Beeth´s unique-ID proposal) would be to do the FNC to
> a nick which cannot be taken from normal users like nicks starting with a
> number.
> 
Unfortunately all current IRCNet servers reject a nick with a leading
digit as "errorneous". So it won't be possible to mix new (even unique
ID) servers with old version. And if you see that after several months
after the release of 2.10 dozens of servers still stick with 2.9, how
would anyone force a whole net to upgrade at once?

   Guenthi