This has been well known for a while; they block all third party clients and libraries outside of using their official bot API.
Having been on the receiving end of over 50k compromised accounts attacking my server (with verified phone enabled); largely stolen oauth/access tokens from real users, I can also see why they would do that as a platform owner.
On the other hand, as a rms-thoughtpattern, this is awful.
Third-party clients will often fail to act like the first-party one, causing them to be detected as userbots and banned automatically, among many other things. Modding the official client is usually looked past, as long as it doesn't touch the websocket/REST APIs in any way, but custom clients are verboten.
Obligatory "I don't work at Discord, just actively develop against their API" goes here.
I'm pretty sure the official client doesn't have the scriptability needed to be useful for perpetrating spam attacks. So the point being made was that banning 3rd party clients is one of the most effective ways to prevent spam, but at the cost of also banning benign use too.
What does Powercord do? This is the first time I've been made aware of third-party mods for Discord, so maybe there's something obvious that I'm missing, but even looking at their website (https://powercord.dev/) there seems to be absolutely no information about what it actually does.
"Raids" or spam attacks use 3rd party clients/headless libraries that fingerprint identically as this repo, unfortunately.
There are also a number of cases where a few third party clients that let you modify the background, font, etc. came with malicious code to steal tokens.
This is probably true. The amount of fishing scams I've seen on discord lead me to believe that is by far the main way it is done, and the scale is more than sufficient for the attacks we're seeing.
then there is less incentive to install one. Which will lead to less possible targets. I think they compared the risk of compromised third party clients to the usability.
Outside of bots and spam, third party Discord clients also often disable a lot of Electron's options that guard against XSS stuff escaping the sandbox, which is pretty dangerous. I wouldn't be surprised if Discord wanted to minimize the chance of some really big problem stemming from lots of users using these unsafe versions.
Discords around financial or economic topics (e.g. cryptocurrencies, Steam trading) are heavily abused by scammers that use large numbers of bots to attack or phish users.
I could see an argument where Discord wants to keep control over how they are fighting such abuse, and banning all non-granted API access could be one part of that.
This isn't really surprising since Discord owns the whole API and it was only a matter of time this would happen which is why I have little hope for third-party clients for GitHub, Twitter, Reddit, YouTube etc, since they have official clients for them. [0]
Either the API gets blocked for third-party clients, or you purchase a high price for it.
This project seemed innocuous enough. And it's a shame Discord killed it. As long as services are centralized, platform owners keep doing things like this.
I wonder how long until Discord starts blocking things like Matrix or IRC Bridges. That or the Bot API may already be useful enough to say something "works", but is so functionally useless that you have no reason to use it. (e.g. you can bridge to a channel, but not bridge instant messages)
Isn't Didcord on-premise? How could he be banned? Hopefully someone will be able to answer. Please don't downvote only because you think the question is stupid.
It's nothing specific to bots. Discord's TOS doesn't allow you to use a thirdparty client. This has been the case since day 1 (I think) but they haven't been enforcing it. Now the creator of this client has had their account banned, so it seems that Discord may be cracking down on the use of unofficial clients.
Mind you, Discord's ToS do not specifically mention third party clients at any point. They do say that they can ban your account for whatever reason, however.
They collect a significant amount of device information, even more if you have the apps instead of just browser, do tons of fingerprinting, all things I would consider gross as a personal opinion
This kind of behavior should be illegal. Remind me again why anyone here is using proprietary chat software? Just use IRC, or if you simply must use something else, use Matrix.
I wouldn't say illegal: as a producer, Discord obviously owns the platform, the rules seem sufficiently within the bounds of convention right now, and consumers are still free to choose.
The main problem I've seen with Discord is on the consumer end, in some cases: we've even had FOSS projects and advocates, of all people, moving away from FOSS and open standards, in the tools they use themselves, to embrace very non-open systems.
Some huge drawbacks to non-open systems have been understood for a few decades. And so there have been some industry collaborations on interoperation, some very hard-fought battles, some major human achievements of distributed cooperation to build great things... but then too often we just casually discard societal progress.
Discord has integrated:
-communities (as servers)
-forums (as text channels)
-direct messages
-voice chat
-video chat
-private group calls
This can all be used from their web-app. Their centralized server model allows people to join/leave calls at will, saves conversation history, and just so happens to give the company a great deal of data. It's all extremely convenient.
I agree with you that Discord is abusive of its power, and I would much prefer to utilize a free-software solution. Unfortunately, I do not believe any communication software in the world, free or unfree, comes close to the value proposition of discord.
User-friendliness. IRC and even Matrix is daunting to the average mom or gamer-friend. Even if they're not, there's the network effect (I can't convince even a quarter of my friends to move over to Matrix or IRC).
I think the problem is the business model where the strategy is to grow big enough so you can sell to someone that knows how to abuse a monopoly. How do you grow big ? Give away stuff for free, pay gatekeepers like ISP's so users can use your service for free, and pay platforms to have your service as the default.
Why do users use it? It's cool, it's free, and others are using it.
What happens when you sell? The founders get a lot of money, the software become uncool, and users will be leaving to another chat app that is cool and free.
This kind of behavior should absolutely not be illegal. As much as we might hope for and prefer open APIs, companies must have the right to protect their APIs as they see fit.
