|
|
|
How do folks feel about our open newuser? I think it was the way to go here for a very long time but, no longer. Almost all online forums have gone the way of requiring some type of validation prior to allowing someone to post. I'd like us to consider doing the same. Here is one example of how it could be accomplished. Anyone can login now and read, anonymously. No account needed. This would stay the same. Or someone could run newuser, login under his/her account and read. This would maintain a participation file and conference list and make keeping up much easier. What would be different is that the ability to post to the conferences wouldn't be automatic. Newuser would make this clear and point folks to an email address, grexaccess@gmail.com, for requesting posting privileges. A bunch of non-staff helpers would man the email account and have the authority to then flip a software switch and turn on a user's posting privileges. Backtalk and Fronttalk already have this feature we just haven't been using it. Pico can't do this so we'd need to finally remove Pico and go with Fronttalk. It's time to do this no matter what happens with this proposal. The idea here is to make it a little harder for true vandals to do their thing. Each request for posting access would require an email transaction and a little time. I personally don't want to see this used as a form of censorship so I'd like to see helpers only have the authority to turn accounts on but not to turn off someone's posting access. That would be done by staff using the same criteria they now use to nuke accounts, meaning distruptive behavior intended to make Grex unusable by the rest of the community, illegal activity, etc. I don't know if this would work but I'd like to see it in action for a few months and go from there. Such a change would require a membership vote of approval. Anyhow, what do you think?
70 responses total.
That sounds like it would require much less effort than continually adding to a twit filter and doing fixseen.
Here's an apropos article about The Well, a sister site that used Picospan. http://www.wired.com/techbiz/media/magazine/16-01/st_15thewell Other than have people to "staff" the email account, it sounds good. "Here's the most interesting quote in the article, from one of the founders, Steward Brand (of Whole Earth Catalog, et al): One thing that we insisted on was no anonymity. Lots of the systems now like anonymity or encourage it. Personally, I would have preferred to see it go the other way. The Well's compromise is that people can have whatever amusing handle they want, but it's linked publicly to a real person. That gives the accountability I wanted. I knew that flame wars would happen unless somebody's nose was identifiable so that, if necessary, you could go punch that nose. What The Well did was connect cyberspace with real space a little better." It seems to me that we could maintain all our blue-ribbon, free-speech attributes under this proposal. I'm for it.
I dont think this is a bad idea but I worry that there wont be enough people to validate bbs posters.
I believe that anyone familiar with the early history of the US, both as a nation and a colony, will understand that anonymity is a KEY element of free speech. I do not support any such proposal as the wells. I'd rather have people informally vouching for each other as has been the proposed already.
It would require, at the least, ditching Picospan (which we cannot modify to do this) and getting new software (that we can modify to do this). Or somehow otherwise restricting access to Picospan, even if we can figure out the backwards compatibility issues. I'm more worried about resources to do that sort of thing than anything else. I'd suggest that we make it on a conference setting, but that would definitely require changing the software. I believe YAPP basically did this (they had a concept of `fishbowl conferences'). If we could get our hands on YAPP, we'd be good to go; anyone want to contact the Thaler's and ask if they'll donate us a license, or maybe even open-source it?
I asked Jan about the software issues before proposing this. He said Backtalk and Fronttalk already have the capability to switch posting privileges on and off, both globally and on a conference by conference basis. I asked him if Fronttalk was ready to take the place of Pico and he said it was although there would be some differences and no doubt a few glitches that would require some attention in the short run. He offered to attend any board meeting where his input on the software would be helpful. Re: #4. I too wish we could all be anonymous with instant access and use the system in such a way that the next person to login found it usable. That would be lovely indeed.
I kind of like the idea of allowing anonymous users to post if they have been vouched for by a known user though.
I would love to know what problems we expect this to fix..
A very good question, and one I hope someone answers satisfactorily.
Someone who intends to repeatedly cripple the conferences would need to go through a few more hoops in order to do so. That's about it.
I guess I don't see that as a compelling justification.
with polytarp now walking the straight and narrow we only have one user who has a chronic habit of playing vandal. This proposal can't stop him for long. I vote we pay tod's gas money to drive south and kick his arse.
I follow about six or eight discussion groups and none of them allow someone to post to the group without first going through some type of authorization. Some are less anonymous than others but some type of admission process is required TO POST. That I can tell, they seem to not run into the kind of problems we have here. But there are other variables as well, so who knows. I entered this for a couple of reasons, one, to see how others feel about Grex trying something that seems to work well elsewhere. The second reason is I see Grex as dying and it will help me, just a little, to know I tried to intervene. But we've always been a cooperative and if folks want to continue, as is, that's the way it has to be. I do thank those who shared their opinion on this though.
And do you really think that removing anonymity is the least intrusive way to accomplish that goal?
This way doesn't remove anonymity.
If I understand it- the poster has to be authorized somehow (some do this by requesting an alternate e-mail address), but their posts can be entered 'anonymously'?
A person runs newuser and can enter as much or as little personal information as she / he wants. She then emails grexaccess@gmail.com asking for posting privileges. A Grex volunteer answers that mail telling the person they will be able to post within a few hours. That mail doesn't bounce. The posting switch is flipped. In the event this person is a vandal they get one shot to be disruptive then the staff nukes the account. Could they come back? Sure, using yet another email account and a proxy IP connection. Thems the hoops. Again, it seems to be enough on a number of discussion groups I belong to but unless we try it we'll not know how it would work on Grex.
Attaching real persons to BBS users seems hypervigilant. I would be more in favor of attaching real email addresses or something virtual which doesn't require invasion of privacy.
It looked like Mary's proposal did just require an outside e-mail address... not something like a copy of a drivers license sent in...
Re: 18 Who suggested anything like that?
re #20 Did I say anyone suggested more than what I favor? You simply asked how others feel and I'm telling you. Next time just make it multiple choice if you don't like people's responses.
Mary, your proposal stated "Each request for posting access would require an email transaction." I don't think it's fair for you to expect us to guess at exactly what you meant by an "email transaction." Given your vagueness, I think the comments that followed were quite reasonable.
Do we all understand each other now? Can we move on? :) What's under discussion is a global switch to allow posting, accompanied by a modest hoop to jump through to get the switch thrown, one that still allows anonymity. Not sure how I feel about the "global" part. I'd still like to see at least some of Grex open to posting by any user by default. But it would be interesting to try running some conferences with a posting switch and see how it works out in practice. Let the users vote with their feet, so to speak. Dan is absolutely right in #5 that implementing any of this would require ditching Picospan. It's a great piece of software, but I think it's time to do that regardless of the outcome of this discussion. I've got reservations about Yapp though - closed architecture, questionable support. At M-Net they still don't seem to have gotten all the glitches out, despite considerable effort, months after moving to a new machine. In any case, I think that going forward we'll want the flexibility and adaptability that web-based conferencing software such as backtalk/fronttalk affords.
Let's be honest. We're not just talking about collecting an email address. We're talking about headers and IP information. There's much more to this than is necessary for meaningful discussion forums. I'm really missing the whole point of a "switch" other than to maybe stop the bot kiddies whom will only code around it.
I really don't think it matters that much either way. There are so few people trying to use Grex to bypass repressive regimes and use Grex as a freedom of speech platform, that us having a few IP addresses in some mail headers isn't going to be that big of a deal. On the other hand, if someone is determined to harass Grex, they'll just go through the motions of getting `validated' and go from there. If they time it right, like at night, they can load up Agora or another conference with oodles of goo before anyone notices and moves to stop them. Either way, I don't think we either gain or lose that much. I can think of a few technical ways we could do this that wouldn't require anything other than an email address (e.g., user runs a program *on grex* that generates a request to a help queue; a volunteer looks at it at some point a little later down the road, and runs a program that generates some unique token and stores it somewhere and sends it to the user along with instructions to login to grex and run some program; that program asks for the token, and if it matches, puts the user into a Unix group, deletes the token, and that group is listed in the conference configuration for each conference as the one that allows posting. The conferences, in turn, are configured in `fishbowl' mode to allow reading by all and posting only by the individuals in that group. No IPs or anything else are necessary, and the software would be pretty easy to write). With respect to YAPP, I think an interesting question is whether we can ask the Thaler's to just open source it. Then we can modify it as need be. The source code was already available on M-Net for some time; I would assume a few people grabbed it. In any case, going forward, we need the flexibility and adaptability of software that *we can modify*. We've had some good ideas in the last few years, but I have felt that we have been hamstrung in terms of implementing them by concerns about backwards compatibility with Picospan. That program has served us well, but it's time to move on. Fronttalk is a pretty good replacement, but does have a few bugs. Perhaps we should consider paying Jan a few thousand dollars to fix them and make it ready for prime time?
I really don't think it matters that much either way. Sure, if there is an endless supply of staff willing to maintain it.
We already log IP addresses, right? Like, available for anyone to see by simply running "laston". Dan, when your newuser sends a request to the help queue and when the token is sent back, it sounds like this all happens internally. A valid offsite email account wouldn't be linked to this new poster? The standard for entering commentary on blogs and in forums seems to be linked to email verification. Sometimes it's an automatic email response that's generated requiring a click-through to complete verification, sometimes it's a social link, but email is involved. Am I not understanding your suggestion, maybe? Fronttalk and Backtalk are already configured to turn posting privileges on and off. It sounds like your scheme would be a separate program that would need to be written? Why not just go with Fronttalk and Backtalk? I'll email Jan and ask him to take a look at this discussion.
Regarding #27; Yeah, sorry, I should have been more specific. The idea is that a new user logs into grex (after getting an account by logging in as newuser or similar) and runs some program. That program asks them for an email address and creates a request on their behalf in an RT `help' queue. The RT system generates email to the `validators' who look at the RT queue, `take' the request, and then run some program on Grex that sends the user a randomly generated token via email to the email address they entered earlier. The user then logs into Grex (or maybe uses some sort of web interface), and runs a third program that accepts asks them for that token and adds them to a Unix group that is allowed write access to the conferences. In this case, the only additional piece of information we get about them is a valid off-site email address. We never get email *from* them, so we don't have originating host IP addresses in headers that, e.g., Hotmail or whatever might put into a message one of their users sends. If a user is paranoid about privacy, he or she can create a throw-away email account somewhere (like on hotmail, yahoo, gmail, whatever) using tor and use that as their validation address.
Maybe I'm not understanding something here. If the "solution" to the "problem" is turning off accounts that are used for "abusive" activities, then why is any email needed? Maybe my lack of computer knowledge is showing here, but can't staff already nuke abusive users? If I missed something in an earlier post, just point me back to it.
Staff can nuke an abusive user and within, maybe, 90 seconds, that user is right back at it. That's the reality of an open newuser with automatic posting privileges. It's so quick and easy and automatic that we aren't even bothering to nuke existing vandals. Like, why?
I thought the standard response currently was to nuke the account AND block the IP. Are anonymizers that big a problem? I'm pretty sure we block those on mnet as well, if there's a problem.
Proxy servers are abundant and simple to use. I mean, if I use 'em, doesn't everyone?
Maybe proxyies should be blocked.
Yeah, when you figure out how to do that, please let the Chinese government in on it. Try as they may... http://en.wikipedia.org/wiki/Proxy_server
scrubit.com ?
captcha? And a quicker response to garbage posts.. (like purging the whole thread). How is the current proposal going to solve the problem of Chad lying and logging in as Ms Miss Jane Eyre? Staff will have to ponder if the person they just allowed is genuine or Chad in disguise.. Look IRC has already solved this problem - more responsible chan-ops, with the power to purge posts. Use the hive mind Luke :p
My proposal has nothing to do with censoring twits. We already have some great tools to work with there where each reader can decide for him or herself what's of interest and what isn't. This proposal is about giving staff a few extra tools when it comes to dealing with known vandals flooding the conferences. That's it. It also wouldn't require a lot of staff work to get it going and almost none once it's in place. Are there ten people who would be interested in seeing this put to a vote?
I am definitely in favor of giving it a try.
I'm in favor of voting on this, and I'm in favor of trying to implement it.
|
|
|
- Backtalk version 1.3.30 - Copyright 1996-2006, Jan Wolter and Steve Weiss