Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - Arantor
5296
Features / Re: Post moderation
« on November 29th, 2011, 10:46 PM »
Hmm, I found another issue that I'm not sure how I want to resolve.

Sometimes, we will know in advance that the message will be moderated, e.g. post count or board rules, but if it's the case where it will be moderated based on content, how should that be dealt with?

On the one hand, I'm thinking we could take it back as if it's an error (but displayed otherwise) and list that it will be moderated and give the reasons why, or it can just go back round to the posts (as in Wedge, return to the post after posting is default) and be shown as moderated. The only thing is that I'd sort of like to show the *reason* why it was moderated, but that means storing that information somewhere...

Thoughts?
5297
Features / Re: Password Hashing
« on November 29th, 2011, 06:19 PM »
Bad idea. It will cause more support issues, more confusion among users and so on, and most people will leave it off if they're coming from SMF 2.

You do realise that there are much more significant things to be concerned with in terms of security than brute-forcing individually salted and hashed passwords, right?

(Long story short: you're asking us to implement something that virtually just you is interested in...)
5298
Features / Re: Password Hashing
« on November 29th, 2011, 04:10 PM »
I should also note that if we made anything above SHA1 default, that's *even more* users who will have to go through password-upgrading on conversion, a factor that won't exactly endear convertees to Wedge, though it will be entirely accurate in that it will indeed upgrade security.
5299
Features / Re: Privacy options
« on November 29th, 2011, 03:34 PM »
Quote
Unfortunately, I tested it on my iPod and it has issues:
You mean the little grey line that appears after the item itself in the container? I thought that was intentional, to indicate there's more...
Quote
- because there's always a combo box, Safari will enlarge the page and focus on the input box. And because of that, you get the keyboard and you suddenly can't see the list of items at all... Good luck browsing it!
Doesn't happen on an iPad. The keyboard appears, sure, but the items are still accessible (and you can hide the keyboard should you choose to do so)
Quote
either a complete list of friends, or simply 'friend types', something I will probably add in the future (close friends, family, co-workers, etc.) I'm just not sure whether it'll be something that doesn't hurt performance, really.
Anything that's more involved than 'all or nothing' of a group is more work and it will have performance issues. The real question is whether that's needed or wanted.

I've seen plenty of requests for the 'just me' and 'just me + moderators' setup. I'm really not comfortable with having just me always show moderators, though. I'm thinking the journal/blog setup where you have private posts and public posts and some of those are going to me really 'me only' items. I'd be OK with admins (only) having access but not moderators. Just me implies a certain level of privacy, after all.
Quote
- friend granularity would be hard, or even impossible, with a simple number. Unless we give friend groups a unique ID for everyone (like, I'm new to this site, and the first friend group I'll create will have id #2356 because there are already 2000+ other contact lists), and we start these IDs above 3 or 4 (used for default, logged in members, and all friends.)
Correct. Which is why I'm not keen on offering it, for the simple reason that it's a massive pain to cope with, because it makes processing it much more complex - and this is something that has fairly major performance concerns to mess with.
Quote
It would probably make a lot of sense, and would certainly help with sql queries.
I don't really like the idea of there being an 'everyone' contact list, no matter how notional it is or where it's used, because it always leads to trouble. I've been down the road of being in an environment with 'everyone' lists and people end up making information open to more people than they thought with 'everyone'.
5300
FAQs / [FAQ] Re: What is Wedge?
« on November 29th, 2011, 02:27 AM »
Let me clarify one thing right now.

The lack of styling, padding and margins is not a flaw of bbcode as a whole. It's a limitation *solely imposed in SMF* through one of the more... irritating 'features' it has, one of which I will be happy to note is the source of a bug that's *years* old and still not fixed because no-one wants to do the work required to fix it, which is more than a few lines of tweaking but gutting the bbcode preparser and rebuilding it.[1]

The other thing about using the html passthrough is the inherent insecurity of doing so...

As far as wikitable syntax, I'm assuming we're both thinking of the same thing, using | and - and { and } to indicate structure *shudder*.
 1. Specifically, while there is, on the surface, nothing preventing adding such attributes to the table bbcode, the way certain common structures are validated will specifically break doing so, because it will assume that it's invalid markup simply because it's not a basic table tag containing a basic tr tag. It's a flaw of a specific implementation, not of the overall concept.
5301
Features / Re: Privacy options
« on November 28th, 2011, 10:23 PM »
Chosen is slick, really slick. It even works great on iPad.

I'm not sure what the options on Noisen are. Normal topic privacy setup would imply:

* topic starter only can see it
* topic starter and their contacts can see it
* topic starter and moderators
* anyone who can access the board

This should cover all the main cases. I don't think list of groups is needed, and I think that if it's down to the above, a simple number could deal with it.
5302
Features / Re: Password Hashing
« on November 28th, 2011, 10:16 PM »
It's still prohibitive to build rainbow tables of per-user salted hashes, though.
Posted: November 28th, 2011, 10:12 PM

Also, don't forget that users don't usually care about security if it inhibits other things, such as performance.
5303
FAQs / [FAQ] Re: What is Wedge?
« on November 28th, 2011, 10:00 PM »
Wiki code is fine until you want anything even remotely complex, like the table syntax, I have yet to fully understand how that is "easier" than either the HTML or bbcode equivalent.
5304
Other software / Re: No 501 status on SMF yet?
« on November 28th, 2011, 09:58 PM »
Awesome news :)
5305
Features / Re: Password Hashing
« on November 28th, 2011, 09:57 PM »
For what reason, though? There are also side consequences, like performance and compatibility to contend with.
5306
Features / Re: Password Hashing
« on November 28th, 2011, 08:34 PM »
None at this time. SHA1 of lowercase username and password should be enough for now, and the password upgraded accepts plenty more types...

If you're thinking to something else, what and why?
5307
Features / Re: Post moderation
« on November 28th, 2011, 07:18 PM »
I still want it to be easy to use though, regardless of how big or little it gets... This is the part that's stumping me because while Outlook/Thunderbird filters are what I first thought of when thinking of this feature, I still find it a bit clunky to use and I want to design something better.
5308
The Pub / Re: Logo Madness
« on November 28th, 2011, 07:16 PM »
It should kick ass as much as Wedge does.
5309
Plugins / Re: Crazy idea
« on November 27th, 2011, 09:55 PM »
Ah, just checking in case the point was missed. I'm a big fan of automating stuff like this...

In other news, ergh, maybe I shouldn't have had that second beer :/
5310
Plugins / Re: Crazy idea
« on November 27th, 2011, 09:50 PM »
Well, here's the thing. It would work like Aeva does. You just post the link and it *auto embeds* the material for you ;)