feature request: configuration for servers that do not autoconnect

[merv4]

This is a middle-ground between "servers:" and "defaults:"; where the server can be configured (i.e tls, realname, nicks) but not connected to unless /connect <server> is called.

There are a number of reasons one would want this functionality; but for me, it is to mitigate correlation attacks - where if two accounts auto-connect at the same time, a person could eventually tell they belong to the same person.

I haven't looked at the source yet, but one nice solution is to add a server config called autoconnect: which defaults to true - preserving normal behavior.

A second solution is a separate section (maybe manual: ?) where servers could be configured and matched when /connect requests the same server.

[osa1]

I haven't looked at the source yet, but one nice solution is to add a server config called autoconnect: which defaults to true - preserving normal behavior.

I also think this would work, and it would be easy to implement too. Just add one more field to the config type. It should be parsed as expected by serde but IIRC for bool fields the default value is false, we should override it as true. Then check the field value on startup in the loop where we create connections and tabs. Should be a few lines of code if anyone wants to contribute.

There are a number of reasons one would want this functionality; but for me, it is to mitigate correlation attacks - where if two accounts auto-connect at the same time, a person could eventually tell they belong to the same person.

Do you mean if you auto-connect to two different servers frequently, but with different nicks, people will be able to tell that they're the same person, and you want to avoid that?

Sounds reasonable, just wanted to make sure I understand your use case.

[merv4]

I also think this would work, and it would be easy to implement too. Should be a few lines of code if anyone wants to contribute.

Sounds good, I'll take a swing at it. But all be warned, I'll be very very slow (no ETA). When I open the PR, anyone is free to take it over.

Do you mean if you auto-connect to two different servers frequently, but with different nicks, people will be able to tell that they're the same person, and you want to avoid that?

My exact case involves two channels that are identical across servers (including same members). I have a burner account in one to lurk when conversations get drawn out, as I rather listen than talk. Because the user count is so low, it can be easily suspected that the account belongs to me - leading to being called out. This is a small (even trivial) inconvenience; and I admit the entire situation is silly (even wacky). But for someone else this may be a deal-breaker.