Testers needed over at test.lfgss.com

Posted on
Page
of 6
  • Is there a good place to do 'proper' testing posts?

    I've found something that I think is a bug (playing with creating a thread here, http://test.lfgss.com/conversations/464/­) and I'd like to try and replicate it, but I don't want to be sticking a load of test threads up there, as it feels somehow the wrong place to be doing it...

    Is http://sandbox.microco.sm/ running the same version as http://test.lfgss.com/?

    Cheers!

  • .

  • Is there a good place to do 'proper' testing posts?

    I've found something that I think is a bug (playing with creating a thread here, http://test.lfgss.com/conversations/464/­) and I'd like to try and replicate it, but I don't want to be sticking a load of test threads up there, as it feels somehow the wrong place to be doing it...

    Is http://sandbox.microco.sm/ running the same version as http://test.lfgss.com/?

    Cheers!

    The http://test.lfgss.com site is the best place right now.

    It will be wiped before we do the import.

  • I currently can't log in to test.lfgss.com, Persona seems to be down.

    This is an issue, since I always have to re-login when I visit microcosm, it never keeps me logged in. This is the case on all platforms I use: android chrome and windows chrome. Relying on Persona to be always up is a risk, but one I can understand.

    In other news, I don't like that hovering over external links shows me an "microco.sm/out/blah" link rather than the true destination. Much like in a twitter app, it makes me nervous about clicking on the link. Goatse.cx etc etc.

  • We can self-host Persona, and we will probably end up doing so. This is why we chose it, world-class security that we have the option to self-host and lock-down (unlike Facebook, Google, et al).

    We've reported this outage to their IRC channel, and they are responding already.

    http://personastatus.org/

    On the link thing, this is addressed in Issue #153:
    https://github.com/microcosm-cc/microweb­/issues/153

    It's part of the security layer, in that you could set user preferences and we could ultimately block sites for you based on preference (goatse.cx lemonparty and other shock sites). We can block malware for all. We can render spam useless (by cutting off the traffic). We can determine which destinations should get re-written (when to drop in Strava widgets or embed YouTube), etc.

    And yes, it grants a means of monetisation in that we can support affiliates and stuff.

    But without us doing the redirection none of the above is possible. We think that is a worse outcome than doing the redirection.

    This is no different from Twitter: https://support.twitter.com//entries/109­623 Except that shortening isn't even a factor for us. We also operate the policy that it is not possible to opt-out of link redirection.

  • I currently can't log in to test.lfgss.com, Persona seems to be down.

    This is an issue, since I always have to re-login when I visit microcosm, it never keeps me logged in. This is the case on all platforms I use: android chrome and windows chrome. Relying on Persona to be always up is a risk, but one I can understand.

    I've just deployed a change which means this shouldn't happen any more. If you're still having trouble, file a github issue with more info.

    In other news, I don't like that hovering over external links shows me an "microco.sm/out/blah" link rather than the true destination. Much like in a twitter app, it makes me nervous about clicking on the link. Goatse.cx etc etc.

    We render the original URL as the title attribute so it's obvious where it goes (which it wouldn't be if we were trying to mislead people, but we aren't).

  • Great answers, thanks guys.

  • Good news about persona. Making registering easier will remove a major barrier to some people joining TABS microcosm

  • Firefox isn't happy about the SSL cert:

    test.lfgss.com uses an invalid security certificate. The certificate is only valid for the following names: *.microco.sm , microco.sm (Error code: ssl_error_bad_cert_domain)

  • Yeah, for any of the CNAME'd sites, accessing them over SSL will call the SSL certificate for our front-end which is for *.microco.sm.

    It is possible to use multiple domains with SSL, but requires re-configuration of the web server as well as the sites to provide us with the SSL keys.

    We aren't yet offering the use of custom SSL certs, but it's something I want to do in future... obviously to ensure that LFGSS gets them.

  • Er, I've also been messing around with the theme recently (testing new admin panel) so it may look weird occasionally.

  • I'm not sure if this is an issue or not, but it seems sorta easy to fake sites. Copy logos/names, duplicates seem acceptable.

    Not sure what you'd gain from it. But there you go.

    http://lfgsss.microco.sm/

  • It really is easy which is the point.
    I just created a logo with a free logo generator for my porridge forum

    http://porridge.microco.sm/

  • The point is to easily make fake pages which mimic other pages?

  • I'm not sure if this is an issue or not, but it seems sorta easy to fake sites. Copy logos/names, duplicates seem acceptable.

    Not sure what you'd gain from it. But there you go.

    http://lfgsss.microco.sm/

    I don't know how we'd police that, since you can do the same anywhere that allows you to create site/profile/etc.

    Even with a custom domain, someone could just buy lfgsss.com and point that to a similar sounding site on microcosm.

    If it were a matter of impersonation or trademark infringement that was reported to us we might (legally) have to step in, but otherwise I don't think there's much we can (or should) do.

  • Yeah, I wasn't really sure either. I thought the one thing would be to not allow duplicate names for sites, but I don't know if that raises more issues.

    Just thought I'd mention it.

  • It's a copyright issue and not a technical one.

    If we receive a takedown notice from a copyright or trademark owner, your site will be deleted.

    Given how hard it is to start a community, how much energy that takes, it seems like a bad investment on your part if the risk is that it can be deleted without warning at any moment if you've gone and intentionally tried to pass yourself off as something you're not.

    This is kinda like domain name rules enforced by ICANN. If you bought cocacola.com you should expect to lose it once they find out... and on the internet, they'll always find out.

  • I'm getting an Internal Server Error when attempting to start a new forum.

    It's when I come back from persona, using microcosm@mashton.com sign in address...

  • If we receive a takedown notice from a copyright or trademark owner, your site will be deleted.

    Does this not make any Microcosm owner vulnerable to spurious takedown requests from malicious parties?

  • Does this not make any Microcosm owner vulnerable to spurious takedown requests from malicious parties?

    I think velocio missed the word 'authentic' or 'verified' or some such...

  • I think you'd be surprised. I once had two long-standing and completely unrelated forums utterly demolished by a web hosting provider after he received a spurious takedown request over alleged libel posted on one of them by a member. No communication was opened with me between his receiving the request and deleting fucking everything, and there was nothing I could do about it other than begin from the beginning again*. Neither community really recovered. The takedown request wasn't a legitimate one, either. The host wasn't really bothered about authenticity, nor was he interested in verifying it. Even if Velocio does attempt to very the legitimacy of a request, what criteria is he going to go by? Is he going to be the arbiter of law here? Does he really have time for that?

    *this was the point at which I learned not to rely on your web hosting provider to do your backups for you, even if you're actually paying them for the service

  • I assume that David was talking about cases in which copyright, a legal category, exists. Where there's no copyright, there would be no case (unless there are other categories this could fall under)? As Microco.sm grows, presumably it will have to hire/instruct (a) lawyer(s), anyway, from a certain size onwards.

  • shit, I thought a notice of infringement was something more official, ie court sourced. If the system is that streaky then some thought is definitely required into avoiding spurious razing of sites.

  • shit, I thought a notice of infringement was something more official, ie court sourced. If the system is that streaky then some thought is definitely required into avoiding spurious razing of sites.

    That's the DMCA.

  • It would be a proper process, with skeptical lawyers looking over the requests quizzically from our side.

    If a copyright/trademark owner could prove their case, then yes the site would be razed.

    It really isn't as common as you imagine, this stuff exists everywhere: Twitter, Facebook, Google, DNS system, even every post on LFGSS.

    Yet somehow everything works.

    Owners of sites will of course be contacted, with a request to prove their position, etc. But ultimately if the scenario that was outlined... fake sites... came to pass, then the fake site should expect to be deleted.

  • Post a reply
    • Bold
    • Italics
    • Link
    • Image
    • List
    • Quote
    • code
    • Preview
About

Testers needed over at test.lfgss.com

Posted by Avatar for Velocio @Velocio

Actions