posted ago by james43552352345 ago by james43552352345 +6 / -0

I'm doing some research into the various types of reddit bans, how they work and how they're implemented.

I'm interested in knowing more about the "ban evasion" ban where it will permaban your account. From my understanding it appears to link accounts through IP address.

If my understanding is correct, wouldn't it be possible to simply make a bunch of accounts, go to widely used public IP addresses (like universities, hotels, fast food places etc.) then get these dummy accounts banned. That would flag the IP address as someone doing ban evasion and in theory wouldn't it also start permabanning other random reddit accounts that are connecting through that IP address?

Comments (11)
sorted by:
monkebrau 5 points ago +5 / -0

They 100% IP ban. I’ve tested it.

It would be funny to do this in a San Francisco Starbucks.

james43552352345 [S] 5 points ago +5 / -0

Yeah seems like a petty big security flaw IMO considering it could start permabanning random reddit accounts lol. There are some pretty big universities in my area and I'm considering going to those campuses, logging into their free wifi and then posting a bunch of BS to get these dummy accounts permabanned.

kung-flu-fighting 1 point ago +1 / -0

Funny, but I would imagine big NAT IP's may already be known.

Wolf_22 1 point ago +1 / -0

I doubt it's just IP-based. I know that it would be in my tool set if I were Reddit, sure, but I'd also include more complex forms of evaluations, like criteria centered on commenting patterns, word use, subreddit frequency patterns, etc.

That said, if all they use is an IP-based form of banning, that to me seems amateur for a billion dollar company... It'd have to be much more algorithmic than that as it's pretty easy doing things using alternate IP addresses.

DinduNutting 4 points ago +4 / -0

Well this is a topic i used to have a long experience in lol. A few years ago it was all an nonexistent joke and you could freely ban evade everywhere, unless you like really pissed off the admins, got law enforcement involved, or something else extreme like that. I used to get banned from subreddits and brigade all the time. I openly taunted all the mods and admins about it for years without any actions taken. Lol I would have like 50 accounts saved in my browser and i would freely switch in between them as i was banned without worries. Eventually (around the 2015 fatpeoplehate banning if I remember correctly) they started to somewhat enforce the new content policy rules and actually suspend and ban accounts. This is also when they started to check new account creation for the same cookies and ban off of that. Not until a bit later they started actually to check the account creation ip. Pathetically enough, even at this point you could still spam votes and brigade quite a bit on multiple accounts from the same ip address without much issues. (Great job retard admins!!!)

But nowadays their website uses much more evil tactics against ban evasion like browser fingerprinting. And good luck creating an account over tor or any commonly used vpn. They are picky and you will be likely shadowbanned, if you weren't already tricked into wasting time and giving up your newly created email address lol.

But to this day they will almost never ban based off of ip address access alone. Keep in mind all my accounts were only created and accessed through vpns and tor, some would be suspended and blocked but it was always possible to login to others. Because so many people use vpns and tor nowadays, I think there would be too many complaints over innocent users banned. It's not just proxies either, think about all the shared wifi hotspots, mobile nat, universities, libraries, etc. There's no way banning so strictly could fly. But I would still be careful with this, I've heard of people getting randomly banned on vpn accounts. Also you will never know if some butthurt soyboy admin like u/spez might manually look up your account in their database to edit your comments and stalk you. To just reliably maintain a good standing reddit account nowadays would require an investment into a decent proxy or vpn service. If you use a known proxy they make you wait 10 minutes in between posts like when you get super negative karma. Or maybe try your luck to get a new home ip by resetting your internet modem.

But why don't you ask yourself, nowadays why would you even want to bother spending time contributing to such a garbage, user-hostile website just to make generate content and money for chinese investors?

ultra-royalist 4 points ago +4 / -0

They can see IPs, and ban accounts if they come from the same IP as a past banned account.

I believe they do not do this for mobile out-ports, like all the Verizon IPs, so crazy go nuts there if you want.

I like your idea. I think that everyone should:

  1. Go to a place with public IP
  2. Create multiple accounts
  3. Post material designed to elicit a ban (ivermectin, race/IQ stats, etc)
  4. Watch Reddit ban every free wi-fi in North America
Oaky 2 points ago +2 / -0

I'm perma IP banned on reddit for being a naughty boy.

They only seem to track where the account was created though. I made another account on a different IP and I'm not banned on that account yet despite using reddit through my old IP.

BlokeyMcBlokeFace 2 points ago +2 / -0

If you make a new account that they connect to a banned one, the new account will instantiate, but be shadowbanned from the very start.

justicein2020 2 points ago +2 / -0

ban evasion bans don't happen unless you really piss them off.

and yes. they are as useless as you describe.

that's reddit. a platform built by smart people now run by pedophiles without a clue.

XxxRDTPRNxxX 1 point ago +1 / -0

I've had over a dozen accounts banned and I don't believe their banning is based on IP address.

I mean think about it. One college troll would get his entire school network banned. One troll would get an entire VPN server banned. And in the end it wouldn't really stop the troll, because ISPs can change your IP on a regular basis, and you can also use the site through a VPN or TOR.

They don't want to end up with hundreds of millions of IP addresses permanently blacklisted because there's a good chance the troll doesn't even use it anymore and they could be blocking a potential new user.

So how do they identify you? I believe they use what's called "fingerprinting". Basically, when you visit a website there's certain pieces of information about you that your browser gives out to the website like OS version, languages installed, fonts installed, the screen resolution you're using, browser version, browser extensions etc...

In years past this was all pretty anonymous data that just helped developers better design their sites and identify compatibility issues.

But now that data is being collected and processed by algorithms to create a unique "fingerprint" of each device.

For example: There may be hundreds of millions of users with windows 10. And hundreds of thousands of users with a screen resolution of 1600x900. And there are tens of thousands of people with your specific adblocker installed. And another 10,000 have another extension that you use. And there are also millions of other users who's PCs are configured for your time zone.

However, There's only one single user that has windows 10, exists in your time zone, uses the same browser that you use, has the same screen resolution, has all your same plugins installed, etc..... And that's you.

So basically they've figured out how to take data that was previously anonymous, and analyze it as a package to be able to identify your specific computer no matter what IP you might be using.

Once they've got you fingerprinted they can figure out what all your alt-accounts are by seeing if you log into multiple accounts. And once they know what all your alt accounts are, it's pretty easy to have an automated system to tell them if you're using alt accounts to post in subs that you're banned from.

I've had accounts shut down almost instantly when I tried to post in a sub I was previously banned from.

Since then, I've been changing up little details here and there on my browser config to avoid detection, as well as using a VPN.

XxxRDTPRNxxX 1 point ago +1 / -0

Also, If you're intersted I have access to an account that's 100% shadow banned.

It appears to exist and function as a normal account when logged in, but it's completely invisible to everyone else and none of my comments appear on any subreddit. Even my profile appears to not exist to other users.

I believe reddit admins lurk here @ and saw a screenshot of my recent trolling and used that to target the associated account.