:wtf: How can this be so wrong??? (AKA the Discopocalypse thread)
-
Fuck that shit. I do that with an AJAX call to the server.
But that wouldn't be Doing it wrongTM. Plus it would mean using something other than Javascript
Everything must be written in Javascript, even the server side.
-
One time I was going to include a library to do it for me in order to avoid reinventing the wheel, but then I remembered blakey's admonition to just write the few lines of code required to make it happen.
No, my admonition(?) is to use a language with a comprehensive and cohesive library, but not download a 500k DLL that somehow claims to implement MVC when you can just... implement MVC in like 6 lines of your own code.
-
On a discourse instance? Let the Jeff begin!
-
@blakeyrat said:
Rolling your OWN GUID? That's ridiculous.
I always reuse someone else's GUID every time I need one. Am I doing this right?
-
-
Holy shit. Using that feature is outright illegal in Germany and other European countries. You could probably even get in serious trouble for using software that has a feature for spying on private conversations which you cannot turn off.
-
Discourse doesn't care with no silly european laws
https://meta.discourse.org/t/compliance-with-eu-cookie-law/17727
-
For this very reason, two (Dutch) sites that I am a member of have rebranded PM's as DM's (Direct Messages), clearly state in their ToS that messages may be read be mods/admins and that very same statement is repeated on the DM page itself.
-
Good idea, that's probably the only legal way to use Discourse.
-
On one hand-- anyone who believes any "private" message they send on a forum-- a piece of software that has no encryption and the services AND database is controlled by someone else-- is actually private-- well, that person is fucking deluded.
But on the hand, implying the messages are private while colluding on how to read those messages-- even though you know it's wrong-- and how to do it WITHOUT BEING CAUGHT is just levels of scuzz I can't even enumerate.
-
It shouldn't be gold-plated in the interface tough. It should at least require multiple steps to decode from the database.
-
It shouldn't be gold-plated in the interface tough. It should at least require multiple steps to decode from the database.
That would require private messages to be treated differently from regular posts, and not only is that , it's also a to information leaks.
Actually-- does any forum software out there actually encrypt private messages in any way? Like even going so far as to generate a public/private key for each user? I guess that'd be pointless, now that I type it, since the private key would be saved on the same server as the message. Unless the key is stored on the user's computer. But then you're restricted to using the forum only on that computer.
Never mind.
-
@Lorne_Kates said:
But then you're restricted to using the forum only on that computer.
Well, any computer with access to the relevant key. Which could be done via a browser extension? Just spitballin' hereâŚ
-
@Lorne_Kates said:
Actually-- does any forum software out there actually encrypt private messages in any way? Like even going so far as to generate a public/private key for each user? I guess that'd be pointless, now that I type it, since the private key would be saved on the same server as the message.
Not any I'm aware of, but half of these things can't even handle passwords properly, so...
For actual confidential data you really should be using vetted software like GPG, but this can be done without hassle of manual key management: you can store encrypted key on the server, and do all crypto on client side â Keybase can do that for example. Downside is that JS crypto is pretty new and untested, and you have to verify and trust the code your browser is running (which is harder than with real native things). Encryption with server-known key could be a layer of protection against leaks, but it doesn't affect the ability of site operators to look at the data.
That meta.horse thread is pretty ugh, but it just reinforces the idea that everything you put online that you did not encrypt yourself is public.
-
I think that's not what communication secret is about though. It doesn't say the admin/site manager should not be able to look at the messages. It just says he's not allowed to.
I do not know what the inclusion criteria is for the German communications secret law; from a Dutch perspective, the relevant constitution change still needs its second pass through parliament after the next elections, and even then it only protects against spying by the government. A separate normal law will be required to protect against spying by other citizens. Otherwise protection of privacy laws apply, but these infractions are apparently hard to prove.
-
Consistency!
-
So how would you make it so TL0 scum couldn't shit up the topic list and had to confine their babbled gibberings to topics that already existed?
-
I'd set them all to TL3 and point them at @blakeyrat's topics?
-
Holy shit man, they'd even be able to edit the titles! The humanity!
-
So how would you make it so TL0 scum couldn't shit up the topic list and had to confine their babbled gibberings to topics that already existed?
Indeed. But then why use zero in those other cases and not something like -1? [spoiler]Because negative signs are just number porn cluttering up the admin panel.[/spoiler]
-
What could possibly go wrong?
-
Unlike every other setting I've come across, setting max topics per day to zero does not disable it. Instead you need to set it to some arbitrarily high number. Whether this is an intended behavior or not, it definitely surprised me to behave differently to most of the other settings.
Hahaha, Jeff has moved it from the bug category to the feature category without leaving a comment.
Discourse might not be consistent, but at least Jeff is! ;-)
-
Wow a whole DAY! Impressive!
How about we think about it a bit longer than that?
What is happening I don't understand
did that post get misattributed or something
it sounds so reasonable
-
saaaaaaaaaaaaaaaaaaaaaaam! nooooooooooooooooooooooooooooooo!
-
Must've been; there's no Charlie and the Chocolate Factory meme. Also, didn't he ban us until six months and seven days from now for comments like that?
-
a. Oh ... 3 people just liked the post I just made, better go back and refine it.
Discourse: fixing what isn't broken since 2013.
-
Paging @accalia to the red bat phone... we need an auto-liker bot for meta.d that likes 3 random @sam posts every 60-75 minutes (randomized).
-
yeah no.
i ain't doing that.
feel free to do that if you want, the autoliker code's in giggityhub with the rest of @sockBot's code
-
Yes mistress U+1F498, I shall appear as summoned.
-
didn't he ban us until six months and seven days from now for comments like that?
: Do as I say, not as I do! Hahaha!
: But isn't that unfair and hypocritical?
: Sorry, no longer welcome here!
-
-
Yes master âââ , I shall appear as summoned.
-
@accalia said:
giggityhub
We should all start calling it that. Don't you agree @sockbot?
i intend to call it that now, and am really tempted to purchase the domain name too.
-
Powerful collaboration [...] and private projects. Public projects are always free.
Private plans start at $7/mo.Friction-less [...] across teams.
-
Btw @sockbot, you answered too late so the stupid trick I tried to pull failed.
-
Yes mistress Zecc. I apologise for my tardiness.<!--â, I shall appear as summoned.
-
.... is that an edit or did @zecc do something really clever that i missed?
-
Also, didn't he ban us until six months and seven days from now for comments like that?
Not that anyone is counting...
-
.... is that an edit or did @zecc do something really clever that i missed?
A while ago his long name was "Zecc. I apologise for my tardiness.<!--â"
-
i intend to call it that now, and am really tempted to purchase the domain name too.
yeah, just make sure you don't @accalia the name again.
-
the autoliker code's in giggityhub
i intend to call it that now, and am really tempted to purchase the domain name too.
Here's a little something I just knocked together. Ignore the certificate error.
https://doctorjones.cloudapp.net/
It's a fully functioning GiggityHubâ˘!
You can even log in, view your projects, etc.
It's a pass through proxy that I wrote a while ago, thought I'd put it to "good" use by making GiggityHub⢠a reality for you ;-)
Remember it is a proxy, so if you login, your credentials will go via my server. I'm not doing any man in the middle bullshit, but I thought I'd give you full disclosure.
-
Full disclosure, that was my fault if you're referring to servercooties.
-
Full disclosure, that was my fault if you're referring to servercooties.
Oh, really? Well, you can understand why I thought it was the resident L
orady O Tpyos.
-
Oh, really?
yep. it was @onyx. i copied and pasted the domain name to my registrar without spellchecking it.
Well, you can understand why I thought it was the resident Lorady O Tpyos.
indeed i can.
-
Is this thread where we post screenshots like this?
-
Who the hell is Ana and why is she signing her name in cooties?
Filed under: pattern recognition working overtime tonight...
-
It's a pass through proxy that I wrote a while ago, thought I'd put it to "good" use by making GiggityHub⢠a reality for you
You should sell that to some Chinese company and make a lot of $$$$$. They love mirroring whole websites, replacing nothing except the logo and the name.
-
I can share the source with you guys on GiggityHub⢠if anyone is interested. I haven't got time right now to explain why I made it, but it was a hack to get something working.
I admit the 90% use case would be nefarious, but perhaps we could set up an amusing mirror of meta.fail or something equally funny/trolley.
-
He ought to just throw that hobbit into the mountain and be done with this mess.
-
it was a hack to get something workin
That's how all good projects start:
"Hey, I wrote a little terminal emulator. Turns out, I accidentally wrote a whole operating system. Let's call it Linux and implement POSIX!"1
1 slightly inaccurate dramatization