> I'd rather have Discord some user data that I'm consciously putting there instead of my enemies from the game DDoSing/Stalking me
Security by obscurity is not a real solution. If you have a public IP connected to the internet, you will be subjected to attacks and port scans either way.
Configure your network and firewall correctly and ensure no ports are open instead of trusting the false sense of security given by some proprietary vendor who has your data.
> sounds like: go put effort and decrease your UX.
"UX" is subjective. For me, Discord has horrible UX, with its flashy, slow, obnoxious UI and its incessant cacophony of tips, "new feature" notifications, and advertisements for "Discord Nitro".
Putting in the one-time effort to configure an IRC client (and making it "fancy") seems worth it to me instead of having to continually put up with Discord's whims. At least there is no threat of enshittification with this approach. "IRC Nitro" will never be a real thing. With Discord, you can never be sure. Elon might just decide to buy it on a whim and rename it something like "XDickswords" if he feels like it.
>If you have a public IP connected to the internet, you will be subjected to attacks and port scans either way.
Yes, and somehow it magically happened this way that during decades of having access to internet we were being DDoSed only when targeted by ppl from the game that had access to our IPs from TeamSpeak/Ventrilo, right?
Because what incentives attacker would have to DDoS random IPs?
>Configure your network and firewall correctly and ensure no ports are open instead of trusting the false sense of security given by some proprietary vendor who has your data.
Again, put effort, time to manage firewalls and security solutions.
I'm not even sure if this would work this way.
They purchase $5 (or who knows how much nowadays) stressers and DDoS your IP, so even your ISP feels it and you lose internet access.
My friend's village had no internet access for X hours.
And all of that for actually what? solving issue which could be easily avoided?
You don't understand the threat model of OP: it's not a case of "general internet port scanner getting into my network" it's a case of "guy I've pissed off in this video game DDossing my residential internet connection or using that information to dox me". For the latter no level of security on my own network is going to prevent the bad outcome, but effectively having a proxy through a 3rd party does (and discord does go to extra lengths to avoid webRTC from leaking IP info)
The "threat model" of OP is the consequence of a wrong usage pattern. You keep your identities separate. If you're in a high-stakes environment where being DDoSed or attacked is an actual threat, you compartmentalize that identity adequately by going through a proxy, VPN, TOR, I2P, or using a different medium altogether. Fortunately, unlike other services, this is extremely easy with IRC since the identity is just a nick, and nothing prevents one from having as many identities as needed.
This obsession with having a single centralized identity where some vendor is trusted to painstakingly guard the linked PIID is misguided, unsafe, and harmful. Discord will fall prey to a data exfiltration attack eventually, and affected people will only then realize that this trust was misplaced. The fact that people are comfortable giving Discord their phone numbers while being worried about their client IP being exposed on IRC is baffling.
It's not a matter of one single identity. Whether you use one or multiple you have a real practical problem which does actually happen which is prevented by discord without the need for using a 3rd party tool or you have a selection of alternatives which don't. Giving discord your phone number (which theoretically could be a problem) is really not an issue by comparison (hint: while not exactly the paragon of virtue, discord in general is more trustworthy than a random user of it).
It's not a real practical problem – and I'm not sure why we're pretending that it is one. Let's clearly state what the problem is: OP wants to play MMOs & online games against potential threat actors who may DDoS and/or doxx them. Which is why they simultaneously also want to shield their identity from them. An analogy would be somebody who wants to play games with the neighbourhood meth gang while not wanting to get stabbed.
This is not safe or reasonable behaviour. Even if these people lack a client IP, a motivated attacker can piece your identity together from what you say and/or post eventually. Discord just makes that a bit more difficult at the cost of you handing over PIID of greater importance.
Then don't talk to them on a public Mumble/Ventrilo/IRC server without adequate precautions.
Most MMOs & online games offer an in-game chat client that does appropriate cloaking & is also moderated (so an offender risks a ban if they engage in harassment). Nobody is forcing OP to invite these people onto his VoIP server.
Security by obscurity is not a real solution. If you have a public IP connected to the internet, you will be subjected to attacks and port scans either way.
Configure your network and firewall correctly and ensure no ports are open instead of trusting the false sense of security given by some proprietary vendor who has your data.
> sounds like: go put effort and decrease your UX.
"UX" is subjective. For me, Discord has horrible UX, with its flashy, slow, obnoxious UI and its incessant cacophony of tips, "new feature" notifications, and advertisements for "Discord Nitro".
Putting in the one-time effort to configure an IRC client (and making it "fancy") seems worth it to me instead of having to continually put up with Discord's whims. At least there is no threat of enshittification with this approach. "IRC Nitro" will never be a real thing. With Discord, you can never be sure. Elon might just decide to buy it on a whim and rename it something like "XDickswords" if he feels like it.