A method to make MCM more secure.

Status

arnavxv

Feedback score
0
Posts
148
Reactions
40
Resources
0
Introduction:
Right now, when people are banned, they can create a new account with a proxy or VPN. There has to be a better method to make MCM secure. This allows scammers to create account after account, escaping relatively unpunished.

Suggestion #1: Flagged Paypals
There should be an easy access list of flagged pay pals. In a scam report, the scammer's paypal would be put in (if proof is provided that its their paypal), and when the scammer is banned, their paypal would be added to a list. When doing deals, MCM users can easily cross check someone's paypal in a list in order to confirm that it does not belong to a formerly banned user.

Suggestion #2: Phone Verification
Phone verification would make MCM even more secure, and prevent the influx of alts. The phone number would be a requirement to register, you wouldn't need it every time you log in. Furthermore, it should be a requirement that the phone number be a valid phone number (no google voice) and maybe be a phone number registered within 100 miles of your IP address. (Just a possibility)
Alternate Phone Verification Idea: This idea was discussed in the comments. One would get a badge/medal if their account was phone verified, in order to not discriminate against the people who don't have phones. Existing people with a lot of rep would be relatively unaffected if they don't have a phone number.


Conclusion:
Scammers can easily create alt accounts with proxies or VPNs and continue scamming. The introduction of these verification methods will make MCM a safer and more honorable place.
 
Type
Suggestion
Status
Denied
Last edited:
PebbleHost
High performance, consistent uptime and fast support. Minecraft hosting that just works.

arnavxv

Feedback score
0
Posts
148
Reactions
40
Resources
0
I can go and buy a new number for 99p from my local supermarket

Fuck I can get a sim card for free nowadays, there's no real way to fully stop scammers, just to have common sense and learn about the telltale signs when someone is.

This would dissuade the average scammer, and make the creation of alts more difficult. I don't mean to be offensive, but by your logic, we shouldn't do anything to stop scammers because they can just get around the rules? Why scan user's IP addresses to detect for alts when anyone can use VPN? This won't get rid of the big time scammers, but will dissuade the majority of them.
 

Overlord

Supreme
Feedback score
2
Posts
569
Reactions
276
Resources
0
Believe it or not, it's possible.[DOUBLEPOST=1455113919,1455112423][/DOUBLEPOST]What we could do is a "Phone Verified" medal for people that verify their account.
When I said "not bad" it didn't mean I agree, I just mean it's a feasible idea.

I'm thinking how localbitcoins do it. Various ways to confirm your account. They use phone and ID amongst others. ID is obviously excessive and half the people here probably don't know what an ID is or if they even have a passport, lol. Phone isn't the worst idea in the world. It could obviously be faked but phone verification isn't a bad idea, and you could incorporate it to have alerts for premium members for possible suspicious account activity, like logging in and the IP/browser/device that did it, etc.
 

Ajdin

I used to be a big deal on here but now irrelevant
Supreme
Feedback score
12
Posts
2,419
Reactions
3,404
Resources
0
In the end, no matter what we do or add: everything will be down to the buyer buyer and seller. If you're an idiot, you'll get scammed.

I've been dealing on all kinds of forums (including MCM) for the past 6 years and I've NEVER been scammed. I've backed out of many deals because of many hints/reasons of a person being a scammer. I simply did this with every little doubt I had and it worked out great.
 
Last edited:

chucK_

chucK
Supreme
Feedback score
0
Posts
1,440
Reactions
823
Resources
0
For number 1, I said with evidence, as in, the scammer says in a PM that their paypal is [email protected] or something.

For number 2, a phone sign up would severely reduce the influx of alts.
1.) Scammer knows he's getting caught, tells him somone else's paypal.

2.) Phone verification is just not needed.
 

tjrgg

Supreme
Feedback score
1
Posts
998
Reactions
837
Resources
0
I didn't know about the differen



I feel this is necessary, as we are dealing with real money and scammers can escape punishment free.
There are ways of doing that without inconveniencing users. I'd much rather implement a solution that wouldn't inconvenience a user and require them to give us more information, especially when it's easy to get new email addresses and phone numbers. Not to mention that a solution for phone verification would cost us more than it would be worth.
 

JamesJ

Software Developer
Premium
Feedback score
0
Posts
156
Reactions
84
Resources
0
It's virtually impossible to block all VPNs. Anyone can just make their own VPN. We can only block them as we become aware of them.
I'm saying its a bad thing, not a good thing..
 

Jack

Retired Moderator
Supreme
Feedback score
11
Posts
1,209
Reactions
1,462
Resources
0
Getting a burner phone is just about as easily as getting a VPN nowadays.
We've reenabled Blockscript now (I think) so most VPNs/proxies should be blocked.
Also, our multiaccount catcher is very sensitive, if you're picking up what I'm putting down.
 

JamesJ

Software Developer
Premium
Feedback score
0
Posts
156
Reactions
84
Resources
0
Getting a burner phone is just about as easily as getting a VPN nowadays.
We've reenabled Blockscript now (I think) so most VPNs/proxies should be blocked.
Also, our multiaccount catcher is very sensitive, if you're picking up what I'm putting down.
Just because getting a burner phone is as easy as getting a VPN, doesn't mean VPNs should be blocked.
I still see no reason for them to be blocked..
 

tjrgg

Supreme
Feedback score
1
Posts
998
Reactions
837
Resources
0
Just because getting a burner phone is as easy as getting a VPN, doesn't mean VPNs should be blocked.
I still see no reason for them to be blocked..
You see absolutely no reason for them to be blocked? Can you elaborate on that?

What reason do you have for them not to be blocked?
 

JamesJ

Software Developer
Premium
Feedback score
0
Posts
156
Reactions
84
Resources
0
You see absolutely no reason for them to be blocked? Can you elaborate on that?

What reason do you have for them not to be blocked?
People should be more than able to use a VPN to protect their own privacy.

You hire a Moderator who decides to go a little rogue, leaks people's IP addresses, boom, people's IPs all over the internet - probably wont happen, however it could.

Blocking VPNs during registration - completely fine with that.

People use VPNs all the time. I personally use a VPN everytime I turn on my PC. I only go on this website when I'm on my laptop because you block my VPN.
 

Madbegger

SaiCoPvP & SaiCoSky Project Manager
Supreme
Feedback score
5
Posts
771
Reactions
424
Resources
0
People should be more than able to use a VPN to protect their own privacy.

You hire a Moderator who decides to go a little rogue, leaks people's IP addresses, boom, people's IPs all over the internet - probably wont happen, however it could.

Blocking VPNs during registration - completely fine with that.

People use VPNs all the time. I personally use a VPN everytime I turn on my PC. I only go on this website when I'm on my laptop because you block my VPN.
So you're stating that in the rare/slight chance a moderator may go rogue, you want VPN's to be allowed. That then would make multi-accounting a whole lot easier and then making scamming a much bigger issue. The staff selected are trusted/selected by Mick so it would be a really unlikely situation with it been a pain to leak a lot of IP's due to it not been a list. Alongside that staff that abused/got demoted in the past did not misuse their permissions to gain IP addresses even if they still had the permissions to do so.
 

JamesJ

Software Developer
Premium
Feedback score
0
Posts
156
Reactions
84
Resources
0
So you're stating that in the rare/slight chance a moderator may go rogue, you want VPN's to be allowed. That then would make multi-accounting a whole lot easier and then making scamming a much bigger issue. The staff selected are trusted/selected by Mick so it would be a really unlikely situation with it been a pain to leak a lot of IP's due to it not been a list. Alongside that staff that abused/got demoted in the past did not misuse their permissions to gain IP addresses even if they still had the permissions to do so.
I am aware there is a small chance, but it's still a chance.

And anyways, I said if you disable VPNs when registering, it can easily fix the situation of alting.
 

Madbegger

SaiCoPvP & SaiCoSky Project Manager
Supreme
Feedback score
5
Posts
771
Reactions
424
Resources
0
I am aware there is a small chance, but it's still a chance.

And anyways, I said if you disable VPNs when registering, it can easily fix the situation of alting.
If it was disallowed on registration then it still wouldn't resolve the issue of a 'moderator going rogue' or 'increased amount of scammers/multi accounters' as all staff have access to IP information to determine if a user is multi accounting. If it was only Admins that were able to access the Registration IP then that would cause issues with a mass amount of users needing to be checked every so often to ensure they aren't multi-accounting. Allowing VPN's would just cause issues that disallowing VPN's covers and only disallowing VPN's upon registration would just cause the issues above so it's best to leave it as it is.
 
Last edited:

tjrgg

Supreme
Feedback score
1
Posts
998
Reactions
837
Resources
0
People should be more than able to use a VPN to protect their own privacy.

You hire a Moderator who decides to go a little rogue, leaks people's IP addresses, boom, people's IPs all over the internet - probably wont happen, however it could.

Blocking VPNs during registration - completely fine with that.

People use VPNs all the time. I personally use a VPN everytime I turn on my PC. I only go on this website when I'm on my laptop because you block my VPN.
You're on the internet. Privacy has been thrown out.

IP addresses aren't private information and every single website you visit can obtain it easily, VPN or no VPN. A VPN makes it a little more difficult, but it can be traced.

My point here is that if a staff member wanted your IP, MCM isn't the only way they can get it. So if the reason you want to allow VPNs is so staff can't get your IP, then us allowing VPNs isn't going to accomplish that.
 

Jack

Retired Moderator
Supreme
Feedback score
11
Posts
1,209
Reactions
1,462
Resources
0
I personally use a VPN everytime I turn on my PC. I only go on this website when I'm on my laptop because you block my VPN.
Just add a route for MC-Market.
If you don't know how:
1) Open cmd.exe
2) "ping mc-market.org"
3) "ipconfig" to see default gateway of your local connection
4) route add <MC-Market IP> <default gateway IP>
 
Status
Top