Trust Scan Feature

[alice]

A trust scan feature would be useful. It could either be free for all members or be for upgraded members only as an extra perk (which is what some other forums do).

Example things a trust scan could show:

The "trust scan" button could appear at the bottom of each user's post or below their postbit somewhere, and maybe on their profile.

 

[adamawesome135]

Honestly 200 IQ

 

[Mick]

Since you (I think it was you?) brought this idea up on a separate suggestion thread I've been thinking about it a bit, and I think it could actually be something worth doing and could possibly prevent scams.

If we did make a system like this I think it would also be quite a nice idea to allow people to enter their discord tag and ID on there so that you can easily check that against the user you're dealing with if it is over discord perhaps?

Would really love to see more feedback and input on this.

 

[ajl]

good idea, besides the password checking and ip checking could be used maliciously.

 

[Zyger]

good idea, besides the password checking and ip checking could be used maliciously.

How could it be used maliciously?

 

[alice]

Since you (I think it was you?) brought this idea up on a separate suggestion thread I've been thinking about it a bit, and I think it could actually be something worth doing and could possibly prevent scams.

If we did make a system like this I think it would also be quite a nice idea to allow people to enter their discord tag and ID on there so that you can easily check that against the user you're dealing with if it is over discord perhaps?

Would really love to see more feedback and input on this.

It was me. There could be a "base trust scan" for all users, and upgraded users would get an "extended trust scan" that shows more information such as last password change and whatnot, which could aid in finding scammers or recently hijacked accounts. I don't know how it would be used maliciously.

To get their UID+Discord tag, you could either have the user manually enter it (typos might be made), or you could implement a Discord OAuth2 login URL where users login with their Discord account and then the forum backend would automatically parse that information, including their Discord e-mail address + UID + Discord Tag. The e-mail address would be kept private but could be used by staff when finding multi accounts on here, but I don't know if that's a good idea. They wouldn't actually be logging into the forums with their Discord account though - just once at an isolated endpoint to let the backend parse their account information.

 

[Yoda]

Looks like a great idea however feel like this should be a thing that gives users the choice whether to enable this feature.

 

[alice]

Looks like a great idea however feel like this should be a thing that gives users the choice whether to enable this feature.

I don't know why everyone's so security paranoid about it.

The example trust scan image I showed was from the largest hacking forums in the world whose owner is known to be extremely strenuous with security and keeping his members safe.

If you have nothing to hide like multiple accounts, then you have nothing to worry about. If someone knows that you have 2FA or recently changed your password or something, no harm done. Most of the information can only let users know that the account was potentially hijacked and can't be used in malicious ways.

 

[Mick]

It was me. There could be a "base trust scan" for all users, and upgraded users would get an "extended trust scan" that shows more information such as last password change and whatnot, which could aid in finding scammers or recently hijacked accounts. I don't know how it would be used maliciously.

If we introduced a system like this I think that it's our free users who would need it the most since they tend to be the people with the least experience/knowledge about dealing with other people.

There is the slight worry that if we allow people to do a trust scan to see information such as whether they have 2FA enabled. If I wanted to hack an established member's account you could easily know whether to bother cracking their password based on that info, for example.

 

[alice]

If I wanted to hack an established member's account you could easily know whether to bother cracking their password based on that info, for example.

Account hijacking would be 99% less of an issue if you enabled e-mail verification by default for all unrecognized logins:

which is what many forums do and almost all big websites (Twitter, Instagram, Amazon, Google, eBay, etc.)

And password cracking would be useless because even if they found their password (which isn't worth it with recaptchas and ratelimiting), they wouldn't be able to login. Not worth the effort.

Also, perhaps don't include their Discord username and tag in the trust scan because people do tend to change their Discord username daily. Keep it to UID only which doesn't change.

Other things a trust scan could show:

• Discord UID
• Last Discord Verification (last time they verified their Discord)
• Special Characters in Username (True/False)
  
• Username changes (1, 2, 3, etc.)
• Last username change
• Password reset in last week (True/False)
• Total trades
• Total $ traded (but this would be useful outside the Trust scan too)

 

[pomduh]

I like it

 

[ajl]

How could it be used maliciously?

assuming that the features in the image were added, if people were hacking accounts, they could see if people have 2FA and when their last password change was, this would allow them to find easy targets

 

[Zyger]

And password cracking would be useless because even if they found their password (which isn't worth it with recaptchas and ratelimiting), they wouldn't be able to login. Not worth the effort.

If the database is ever leaked, they'd be able to crack the passwords millions of times faster since they wouldn't be limited by recaptchas or ratelimiting, but yeah you're right about everything else.

 

[Polarbears]

Where does privacy come into play with all of this? Some people might want this information private, it all depends on the user. And how do we know that this feature will not get misused?

 

[Lotus]

I personally believe the example posted doesn't help address scams, it helps catch people who may be compromised, although rather poorly since now users would be making that judgement with limited information compared to moderators. Note that many of the users onsite may not have technical experience and may incorrectly interpret all the data with their own conclusions.

It's only highlighting account security, an exceedingly rare causation for a scam since most people are the original owners of their account when they get banned. In fact, I feel we would be misleading a lot of users by calling it a 'trust scan' due to the aforementioned reasoning.

If we want to address and promote account security, there may be a number of different less intrusive approaches such as 'reminding' users to use 2FA etc. Or what alice suggested earlier regarding verification from unrecognised locations, which I personally am not aware if it is already enabled or not.

From a business-minded decision, there are a lot of people are worrying about their privacy which is likely to scare away a lot of new potential users for the site or even some existing ones. You may argue that nothing critical is being leaked, but it will be a fact that many will find this sort of information disclosed to be 'uncomfortable' - we'll just be looping back to the reasoning that not everyone is technical in nature and we need to accommodate their concerns as well.

I do think it might be nice having an aggregator that includes already public information such as account age, Discord details, feedback system details and scam resolving information, which would make things more convenient. But I don't think it will be appropriate to include 2FA, IP, password information and all the relevant dates associated with them.

 

[MarkElf]

-1 from me. Too much sensitive information is provided publicly to users and this wouldn't help reduce scamming in any way. If a user can't practice safe business transaction protocols (I.e varifying on-site, checking join date, checking rep) then this won't help a buyer identify a scammer from a legit seller/buyer.

I also don't believe adding a trust factor like this would reflect positively to an outside user. I recall seeing nothing but 'scam site' back in 2015-2017 from Spigot users. Although significantly less common now, it still makes users hesitant to use the site when finding such a result when searching Spigot. Adding a trust factor, at least in this format, would only show that issue continued.

I think a trust factor, for the ignorant, might help as a simple rating (out of 5 stars or higher number is better) based on hidden factors including a fake character discord, join date, reputation, posts, reactions, etc. I supposed reputation is technically supposed to accomplish this already.

 

[Ivain]

I get the whole 'logging in from new location' thing every few months. I've logged in from the exact same PC on the exact same connection (Ethernet, not wireless) every time. The reason for this is dynamic IPs. Because of Ipv4 shortage, many ISPs recycle IPv4 addresses across users. This is also what leads to false positives with 'duplicate ips' between users.

- Why are password resets included? I could just be very forgetful (or be using a different PC that I dont have my password manager on) However, having a lower or higher number of password resets says absolutely 0 about safety. If I've had 3 password resets in 100 days of account age, a 4th reset isn't going to suddenly make my account compromised. Even if it is compromised with the 4th reset, it isn't going to be suddenly detectable.

-The number associated with username changes really isn't relevant, it's the already viewable username history that's relevant because people might change a name with negative associations to get away from it.

This entire thing seems to be entirely focused on whether or not someone's account has been compromised. It has little to nothing to do with the person actually being a scammer. The only thing I can see that is relevant to that is username history with actual usernames listed, something which is already a feature, and account age, something that is very debatable due to it usually being new users that scam with the occasional 'exit' scam from an older user. Aka account age does not directly affect likelihood to scam.

By account age, assuming low age = high scam chance, I am one of the least likely people to scam.
However, many people whose account age matched mine until they got banned for scamming got, well, banned for scamming.
Therefore account age does not directly correlate with likelihood to scam. I could have made a dozen dormant accounts a year ago using different data, browsers and VPN ips, and then use each of them with a month or two interval to scam with.

The reason the current 'reputation' system is semi-effective is because it is supposed to make tangible a 'sense' of what a person would have to gain by scamming.
Again using myself as example, I will explain. If I took on a large amount of jobs at once, and got paid 100% up front in a way that prevented chargebacks of any sort (or used a disposable paypal with false data or something), I could probably net a few thousand with an 'exit scam' by now if I tried.

However, because my identity is well-known within the minecraft creative community, it would completely obliterate my ability to make money in the Minecraft community, forcing me to start from scratch reputation-wise. It would likely take at least half a year before I could count on getting jobs for a reasonable fraction of my current prices, if not more. Each of these 6+ months would be missed income by the many hundreds, not even counting Bedrock Marketplace income, and ignoring the fact several people know my real name and could out me in a heartbeat if I returned after scamming.

This type of 'sense' of what someone has to lose/gain from scamming is the only effective way of predicting if someone can be trusted and/or is going to scam.
Account age, username history, reviews/reps, etc. are all factors of this 'equation', but none of them are worth a damn thing by themselves because they offer no guarantees either way.


TLDR: This has nothing to do with trust and everything to do with account security. With 2FA and/or GAuth enabled, the rest are purely detection methods and honestly mostly irrelevant. I'll confess I've been mostly absent and haven't a clue how much of a problem account hijacking is right now, but this seems a rather invasive system for something that can really be condensed down to '2FA' yes/no, 'GAuth' yes/no, 'account age' and perhaps a 'region change in the last 30 days'.

PS:
Much more effective than this suggestion would be data on how to make your damn account secure. I don't think any of my accounts have ever been 'hijacked' since the one time I 'got' a Runescape account from a friend's friend when I was 10, played a bit on it without changing any data(mostly wood farming, I didnt have a clue what I was doing), then woke up one day to find its password had been changed.

When it comes to security, password management/generation and 2FA bound to a hardware device (flash drive etc) is about as good as it gets unless you're an idiot that loses things a lot (aka me), in which case an online service that is reputable and/or has more to lose from leaking than from not leaking security might be better. A hardware-based system cannot be circumvented remotely, only through physical theft or social engineering.

 

[Yoda]

Also logging in from a new location could be when I log in from North Korea one day and Iceland the next.

 

[Sky.]

I see no reason why not, as long as its properly implemented with features to prevent abuse, there is not reason to not have this feature.