I've always wondered why Google makes me jump though hoops when I'm tunneled through my VPN. I'm logged in to Google for chrissakes, that should be all the difference in both of these situations.
this post was submitted on 15 Apr 2024
39 points (85.5% liked)
Lemmy.world Support
3228 readers
2 users here now
Lemmy.world Support
Welcome to the official Lemmy.world Support community! Post your issues or questions about Lemmy.world here.
This community is for issues related to the Lemmy World instance only. For Lemmy software requests or bug reports, please go to the Lemmy github page.
This community is subject to the rules defined here for lemmy.world.
To open a support ticket
You can also DM https://lemmy.world/u/lwreport or email report@lemmy.world (PGP Supported) if you need to reach our directly to the admin team.
Follow us for server news π
Outages π₯
https://status.lemmy.world
founded 1 year ago
MODERATORS
There's some very good reasons:
- VPN traffic could be masking an attack on the account
- By using a VPN, they lose a degree of certainty that it's you, they can't use the IP address as a factor to establish the probability it's actually you
- Differentiating you as a person, from other people with the same source address, perhaps who are behaving poorly, or who've implemented robots to do things Google doesn't like.
I fully believe VPNs should be a fundamental right on the internet, nobody should have to identify themselves by IP address to use the internet. But from an account security perspective alone there's a good reason to be extra super duper sure of somebody before allowing them to log in
But, I'm LOGGED IN. To Google. Bad actors on the same VPN ip address are not logged in as me (I hope).
Say that to the victim of cookie stealing attack
Somebody might have stolen your login cookies, and is impersonating you. If the IP that your traffic originates from changes rapidly that could be an indicator.
Hello @Zak@lemmy.world ,
we understand your frustration, but lemmy doesnt give us any alternative to that, as we cant block posts/comments from younger accounts easily.
The issues with the UI, that it doesnt give any real feedback is, sadly an issue with the LemmyUI, but it will be probably improved in the future.
We are looking into better alternatives to that, but until then we sadly have to stay on our current path.
We will be of course announcing if we found an alternative to that.
Thanks for the explanation. It seems I should be proposing improvements to the Lemmy software since the software doesn't currently support the policy I'm suggesting.
The worst part about this issue is, once you hit submit and get the infinite spinner, the text box for the post or comment is locked, and you can't even copy/paste the text in order to try again after turning off the VPN, and you can't cancel the submission to unlock it.
The fact that I have a 10 month old account with consistent activity should outweigh any IP address reputation issues.
I dont even know where to begin unpacking this flagrantly ridiculous sentence, but Iβll just say this is the same energy as the βdevs are lazyβ entitlement when popular video games suddenly acquire a cheater problem
Proposing changes like this is how open source projects work.
Account age and reputation metrics are a pretty good way to limit abuse because the supply of established accounts is limited, making them difficult to replace when they get banned.
Lol nice trolling attempt!
For anyone else reading, I'm a dev, and I didn't get any "devs lazy" vibe from the OP.
It's a sensible request, not a ridiculous one.