User Controls
In the interest of transparency(ATTN:Lanny)
-
2016-12-09 at 5:02 PM UTCYea, I noticed the gigantic pile of shit SBT and Psycho etc. have been doing with their bots before but this could be some real dogshit.
Lanny? What's going on? -
2016-12-09 at 5:31 PM UTC
Originally posted by RisiR Yea, I noticed the gigantic pile of shit SBT and Psycho etc. have been doing with their bots before but this could be some real dogshit.
Lanny? What's going on?
if theres some advanced fuckery going on here im safe bc not my laptop -
2016-12-09 at 5:33 PM UTCI'm save because I steal my neighbours wifi and use 15 year old technology but still.
-
2016-12-09 at 5:44 PM UTCI'm safe because I've used unproxied internet to do drug deals for years and have never so much as seen a hint of someone watching me. Nobody cares. No, really. They don't care.
-
2016-12-09 at 5:45 PM UTCWhat are the chances technology is one of the popular boards and we get spambots on a 10 person forum DerPADEEEEWEEWE!!!!!
-
2016-12-09 at 5:50 PM UTCType niggasin Google and we the top of the list before Jay-Z niggas in Paris. This site yuge nigga.
-
2016-12-09 at 5:54 PM UTC
Originally posted by SCronaldo_J_Trump What are the chances technology is one of the popular boards and we get spambots on a 10 person forum DerPADEEEEWEEWE!!!!!
what the fuck is this derpadew thing? it sounds like something markiplier or some other cringey youtuber says -
2016-12-09 at 6:39 PM UTCWhy are all you niggas so paranoid? Other than Sophie's unverified semi-legitimate concern, you niggas think you're going down for shitposting?
-
2016-12-09 at 7:35 PM UTC
Originally posted by -SpectraL Beware, people. This shit has been trying run malicious scripts between you and the server, and now he's trying to find out what location the logs are at, since he can no longer access them with the new server.
Yeah except we didn't switch server fuck face. And what are these scripts you speak of? Do you even Live HTTP headers? Do you even intercepting proxy? IF you actually did you could see Lan runs antiCSRF tokens. And CSRF is the only type of of attack that fits your extraordinarily vague description of "between you and the server" that and maybe some XSS chicanery. -
2016-12-09 at 7:48 PM UTC
Originally posted by Ajax Why are all you niggas so paranoid? Other than Sophie's unverified semi-legitimate concern, you niggas think you're going down for shitposting?
Just sick of PI rats is all. Nowhere else on the internet is this ever a problem except 4chan, and all the technology posters use meme arrows. -
2016-12-09 at 7:51 PM UTC
Originally posted by SCronaldo_J_Trump Just sick of PI rats is all. Nowhere else on the internet is this ever a problem except 4chan, and all the technology posters use meme arrows.
That's an interesting connection. -
2016-12-09 at 9:07 PM UTCYou tryna fuck me, dawg? Keep it one hundo.
-
2016-12-09 at 9:14 PM UTC
Originally posted by Sophie I was just wondering what kind of logs you keep if any at all. IPs/logins/user-agents/activity, i assume you need to keep track of IPs for bans and stuff but is there anything else?
I ask because something something opsec, something something threat model.
Very little actually. ISS itself doesn't store IP addresses persistently at all, although I may start down the line because IP bans and alt account detection is useful. uWSGI and NGINX keep access logs which have IP addresses and time stamps. Posts have creation timestamps so you could tie users to IP addresses my matching those but it's tedious so I'm never going to do it.
The closest thing to "activity tracking" I do is thread and forum read flags, I could timebox the last time you looked at a thread but that's about it. Of course things like posts and threads and PMs are tracked because they wouldn't be a thing if they weren't.
Originally posted by -SpectraL Beware, people. This shit has been trying run malicious scripts between you and the server, and now he's trying to find out what location the logs are at, since he can no longer access them with the new server.
You're a fucking idiot spectroll, Sophie has never had access to the server and there have never been "malicious scripts" (just a poorly written WYSIWYG editor). Last time you brought up these "malicious scripts" you dropped it because you don't know what the fuck you're talking about and will do anything you can to keep that from becoming even more obvious than it already is.
Originally posted by RisiR Yea, I noticed the gigantic pile of shit SBT and Psycho etc. have been doing with their bots before but this could be some real dogshit.
Lanny? What's going on?
Nothing is going on, just spectroll's usual fear mongering. -
2016-12-09 at 9:34 PM UTC
Originally posted by Lanny Very little actually. ISS itself doesn't store IP addresses persistently at all, although I may start down the line because IP bans and alt account detection is useful. uWSGI and NGINX keep access logs which have IP addresses and time stamps. Posts have creation timestamps so you could tie users to IP addresses my matching those but it's tedious so I'm never going to do it.
The closest thing to "activity tracking" I do is thread and forum read flags, I could timebox the last time you looked at a thread but that's about it. Of course things like posts and threads and PMs are tracked because they wouldn't be a thing if they weren't.
You're a fucking idiot spectroll, Sophie has never had access to the server and there have never been "malicious scripts" (just a poorly written WYSIWYG editor). Last time you brought up these "malicious scripts" you dropped it because you don't know what the fuck you're talking about and will do anything you can to keep that from becoming even more obvious than it already is.
Nothing is going on, just spectroll's usual fear mongering.
Thank you for elaborating. Next thing in spectroll's playbook is saying you must be in on it. Just you watch. -
2016-12-09 at 10:46 PM UTC
Originally posted by Sophie Thank you for elaborating. Next thing in spectroll's playbook is saying you must be in on it. Just you watch.
He already said that.
What would there be to exploit as a forum adminstrator? What maliciousness could be done with such powers?
-
2016-12-09 at 10:55 PM UTC
Originally posted by RisiR He already said that.
What would there be to exploit as a forum adminstrator? What maliciousness could be done with such powers?
A couple of things. You should assume by default that forum administrators are your adversary. And not in a talk trash about them way. Just in a way that when push comes to shove, they'll fuck you over with regards to the authorities. You generally want to be in the business of giving no one personal information about you and by connecting and posting on a forum you are leaking info by default. -
2016-12-09 at 11:26 PM UTCDon't make me mistrust Lanny. I like him.
-
2016-12-09 at 11:33 PM UTC
Originally posted by RisiR Don't make me mistrust Lanny. I like him.
I like him too, which is all the more reason why you should not expect nor want that he will go to jail for you. When he or the host gets subpoenad they will hand over all the logs or get slapped with obstruction charges. This is true for all online venues and you should factor that into your threat model. -
2016-12-09 at 11:38 PM UTCI'm pretty sure we'd just be dismissed as a bunch of lulzy but retarded and "mostly" harmless bunch of drug addicts by the feds
-
2016-12-09 at 11:46 PM UTC
Originally posted by reject I'm pretty sure we'd just be dismissed as a bunch of lulzy but retarded and "mostly" harmless bunch of drug addicts by the feds
True, but better safe than sorry.