💾 Archived View for tilde.cafe › ~otus › log › 2021-12-03-ip-logger captured on 2022-04-29 at 12:50:51. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2021-12-04)
-=-=-=-=-=-=-
Recently I learned that some IRC clients fetch websites linked in the chat. This can be used to display a title next to the link or show an image directly within the chat window. However there are security and privacy concerns: malicious websites may be able to exploit bugs in the client (without user interaction) and the website invariably learns the user's IP address.
Out of curiosity I tried out the second part today: I posted a link from iplogger.org (alias domain yip.su) in large channel on libera.chat. The channel #libera has about 2200 users and is intended as channel for network help but also (mis)used for general chatter.
Some reactions : one person immediately warned others not to click the link to a "porn site", two other people corrected them and noted that "it's just an ip address logger" and the first person agreed and noted that they misread their "blocklist". Yet another person noted that it was a picture of a frog. I was asked not to post IP address loggers again.
Only a handful of people clicked the link (no doubt in part thanks to the warning). However I still logged 212 connections from 95 distinct hosts
I observed that there are a few different clients that prefetch all URLs without user interaction: The Lounge (164 hits), Textual (8), Lime Chat (4), unknown iOS clients (12), unknown Mac OS X clients (4). Two well known services are also found in the list: IRCCloud and Discord. Top countries are the US with 73, Germany with 32 and Canada with 21 hits. This is most likely due to the user distribution of Libera and the availability of cheap hosting in these countries. The most common client in my list is The Lounge, which is a combined bouncer+web-client which is usually installed on a server and not on a PC or smartphone.
Is there a problem? By default Libera.Chat shares the IP address (or hostname) of a user with all other users. There are cloaks that hide the IP address from regular users however they are incomplete and they are "not intended as a privacy feature" (according to the guide). Suggested workarounds are bouncers, cloud based hosts and TOR. Since The Lounge is usually installed in the cloud only the IP addresses of these servers were recorded. The remaining hits are mostly from residential networks. A VPN will hide the IP address private as well, if all connections are made through the VPN.
I conclude that if you want to keep your IP address reasonably private you should use a cloud based client and/or disable the automatic prefetching of links sent in IRC.
Since many people didn't like the IP address logger (one person reported me on tilde.chat #cafe) I won't repeat the experiment. I don't completely get the fuss however, Libera makes it very clear that you shouldn't expect privacy: public IP addresses, ineffictive cloaks, most websites log visitors, still people are annoyed if I make it obvious that their IP isn't hidden.