* importing my old blog to here * reading latest news about trolling (yep. a LJ staff) * trying to testing linux (ubuntu 10.4) * done update some clients in cybercafe yesterday
Gotcha. Mark has been checking into this and it's basically some inefficiencies that didn't really become a problem until traffic picked up past a certain point. We'll be looking into ways to make the code more efficient.
- How are you guys preventing trolling (especially by staff) while keeping the freedom-of-speech thing you got here? Besides keeping them happy, of course.
- How will you address concerns that DW will follow LJ's footsteps in the long run, especially when you get a whole lot of free users?
- Is a DW/Diaspora integration (or integration with a similar service in the future) something you'll consider, especially with the LJ/FB integration blowing up on their faces?
s a DW/Diaspora integration (or integration with a similar service in the future) something you'll consider, especially with the LJ/FB integration blowing up on their faces?
I, personally, hope that we can integrate in some way, not just with Diaspora, but with other networks, including the big two, but that we do so in a way that doesn't suck. Most of the initial complaints and furore weren't about the idea of integrating, they were against the sucky, privacy denying implementation and the atrocious UI.
A one-way integration, if wanted, I can agree with. It's something WP has had around for quite a while now, and has served them well. Posterous has also had this option for a while with its autoposting feature. (The only reason I stopped using it is the unwieldy default-RTF posting. Also it doesn't autopost well enough to every place.) It's the two-way integration that scared me.
Oh, yeah, I've seen complaints about DW's OpenID in a public post somewhere, about it not being secure enough especially when buying/selling sites are involved? (I can't remember the post though, sorry.)
Possibly a post by a friend of mine actually, some silly merchant using OpenID for way beyond what it's specced for, and letting you login there and store credit card details &c.
OpenID is a proof that, at the time you used the login, you had control of that URL. I've got extant OpenID accounts for a domain I haven't owned for a year (couldn't afford renewal, some spammy SEM harvester bought it), etc.
Basically, if you delete your account, it gets purged, and then someone else signs up for it, they get access to all the off-site stuff you've had, which could be a problem if a) you're an idiot and b) the off site access gives people access to private stuff.
There might be ways around it, but not using the OpenID protocol as specced, but then, it was only ever designed to say "I really am me making this comment right now", I've been impersonated on other blog sites, and I'm a minor target compared to some friends.
OpenID is a proof that, at the time you used the login, you had control of that URL.
Not quite true. It's proof that, given that URL, the provider behind that URL was satisfied enough to warrant to where you logged in that the URL belonged to you.
Which means that the entire burden of deciding whether or not to let you in rests with the provider, and you may not directly have control over the URL at all. For example, using myopenid.com, you have *no* control over the URL you get; it's just assigned to you. It's also easy enough to code a provider that accepts every single request regardless of the URL (as long as it was in their domain) and doesn't even *try* to authenticate you, but such a provider would very quickly be blacklisted by any site that didn't want to become overrun by spammers.
Anyway, yes. Just wanted to make it a tad clearer. :)
Well, ok. OpenID from a reputatable provider. Even then though, on some sites these days I can login wby typing google.com or yahoo.com. While I'd love to be controlling those domains, somehow it ain't going to happen.
That they resolved you back with your unique identity is quite good though.
![[staff profile]](https://www.dreamwidth.org/img/silk/identity/user_staff.png){kind=small}
no subject
* importing my old blog to here
* reading latest
* trying to testing linux (ubuntu 10.4)
* done update some clients in cybercafe yesterday
no subject
no subject
no subject
no subject
no subject
no subject
no subject
no subject
- How will you address concerns that DW will follow LJ's footsteps in the long run, especially when you get a whole lot of free users?
- Do you guys intend to participate in Diaspora's open-source developer opening? They're opening by Sept. 15. http://www.joindiaspora.com/2010/08/26/overdue-update.html
- Is a DW/Diaspora integration (or integration with a similar service in the future) something you'll consider, especially with the LJ/FB integration blowing up on their faces?
Thank you so much!
no subject
I, personally, hope that we can integrate in some way, not just with Diaspora, but with other networks, including the big two, but that we do so in a way that doesn't suck. Most of the initial complaints and furore weren't about the idea of integrating, they were against the sucky, privacy denying implementation and the atrocious UI.
And, somehow, I don't see Fu every trolling...
no subject
A one-way integration, if wanted, I can agree with. It's something WP has had around for quite a while now, and has served them well. Posterous has also had this option for a while with its autoposting feature. (The only reason I stopped using it is the unwieldy default-RTF posting. Also it doesn't autopost well enough to every place.) It's the two-way integration that scared me.
Oh, yeah, I've seen complaints about DW's OpenID in a public post somewhere, about it not being secure enough especially when buying/selling sites are involved? (I can't remember the post though, sorry.)
no subject
OpenID is a proof that, at the time you used the login, you had control of that URL. I've got extant OpenID accounts for a domain I haven't owned for a year (couldn't afford renewal, some spammy SEM harvester bought it), etc.
Basically, if you delete your account, it gets purged, and then someone else signs up for it, they get access to all the off-site stuff you've had, which could be a problem if a) you're an idiot and b) the off site access gives people access to private stuff.
There might be ways around it, but not using the OpenID protocol as specced, but then, it was only ever designed to say "I really am me making this comment right now", I've been impersonated on other blog sites, and I'm a minor target compared to some friends.
no subject
no subject
Not quite true. It's proof that, given that URL, the provider behind that URL was satisfied enough to warrant to where you logged in that the URL belonged to you.
Which means that the entire burden of deciding whether or not to let you in rests with the provider, and you may not directly have control over the URL at all. For example, using myopenid.com, you have *no* control over the URL you get; it's just assigned to you. It's also easy enough to code a provider that accepts every single request regardless of the URL (as long as it was in their domain) and doesn't even *try* to authenticate you, but such a provider would very quickly be blacklisted by any site that didn't want to become overrun by spammers.
Anyway, yes. Just wanted to make it a tad clearer. :)
no subject
That they resolved you back with your unique identity is quite good though.
no subject
I promise to print the CLA and get it to you within the next 24hrs, honest...
no subject
no subject
no subject