Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I’d guess it’s not the usage of a VPN that has triggered this, but rather a new account immediately presenting multiple IP addresses. I’d guess that would trigger abuse flags at most places (especially from known VPN IP addresses which tend to have a lot of malicious activity originating from them).

This isn’t to defend them - it seems very odd to immediately permanently suspend accounts like that!



Yes. Most likely it is just a correlation, not the real cause. We have been using https://focsec.com/ for detecting trial abuse in our products. People using VPNs (+ new free email accounts) to "restart" trial periods is something that is quite common, we found.


How resource intensive / business focused is your product?

Lots of people use vpns for work or privacy, I think that method would have a lot of false positives. In cases where trial account usage costs you very little or nothing I'd err on the side of not blocking users.


People don’t use public VPNs for work. The tunnel terminates in the same network that the physical office is on. And using a public VPN from a work machine for privacy is a very bad idea. That’s grounds for termination if they catch you and possibly an even worse issue if the company ends up under investigation for any reason. They’re going to take a very close look at anything of yours they can get access to since it won’t have ended up in normal audit logs.


What do you mean by public VPN? Do you mean free proxies? I'm talking about paid private vpns like expressvpn. The p in vpn stands for private so that's a bit redundant. Your traffic is still encrypted, these vpns can't run a MITM attack on you.


> I think that method would have a lot of false positives

What makes you think that? This is you saying that that detection service is not very good, FWIW.


> (especially from known VPN IP addresses which tend to have a lot of malicious activity originating from them).

While certainly true, in my experience unknown VPN IP addresses can be even more problematic since for them, even providers willing to support the interests of VPN users just see lot's of suspicious usage from you IP address without any real explanation.

> This isn’t to defend them - it seems very odd to immediately permanently suspend accounts like that!

Normally I would agree, but since the account is not only just a few days old but also didn't post or create comments, I think that immediately banning it makes sense.

For a new account which didn't create any content yet the user isn't loosing anything important if the account is deleted and since the user is unlikely to have any real attachment to the account yet, they are more likely to just create a new account than to deal with any warning/suspension/whatever procedures.

IMHO you shouldn't expect your account to stick around until you have at least some non trivial content in the account.

Of course the main account is a different story.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: