Pages:
Author

Topic: Checksum verification for quoted messages/posts - page 2. (Read 1888 times)

legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
And what happens when one quotes only a part of the post?
Or, even worse, what happens when one quotes an noncontinuous part of the post? (uses ~snip~ or similar)
This would be possible to implement, even if someone wanted to quote part(s) of a post.

A person who wants to quote part of a post (or PM) could tell a tool which parts of the post (or PM) that he wants to quote, the tool could produce the exact text that should be copied (including its own implementation of "~snip~"), calculate the hash of the quoted message, and the source/reference of the message, and store this information in a forum database table (that is indexed by message ID). As long as the hash of the quote and message source match, the quote could be shown as verified.

So the original message would not need to be checked every time the new post is displayed. This would account for any possible issues regarding someone editing their post, breaking the quote verification. Although there could be a message displayed if a quoted message has changed since the verification request was generated.

This would basically mean implementing an (over)complicated editor that can handle the quotes like this. I hope that you don't realistically expect that users will use other (external?) tools for this purpose.
I don't have hopes for a such editor get implemented. I think that getting the new forum running/live even without such a feature is more important. That's why I've proposed only something simple.

Of course, if somebody has the time and willingness, sky is the limit, and then we can probably have an editor that handles the quotes, have notification if the quoted post was edited, have versions of the quoted post (for various uses, including the use for correctly showing/handling older quotes)... but, again, I don't realistically expect this come to live.
copper member
Activity: 2996
Merit: 2374
And what happens when one quotes only a part of the post?
Or, even worse, what happens when one quotes an noncontinuous part of the post? (uses ~snip~ or similar)
This would be possible to implement, even if someone wanted to quote part(s) of a post.

A person who wants to quote part of a post (or PM) could tell a tool which parts of the post (or PM) that he wants to quote, the tool could produce the exact text that should be copied (including its own implementation of "~snip~"), calculate the hash of the quoted message, and the source/reference of the message, and store this information in a forum database table (that is indexed by message ID). As long as the hash of the quote and message source match, the quote could be shown as verified.

So the original message would not need to be checked every time the new post is displayed. This would account for any possible issues regarding someone editing their post, breaking the quote verification. Although there could be a message displayed if a quoted message has changed since the verification request was generated.
legendary
Activity: 3472
Merit: 1724
After a quick smoke I thought of tons of corner cases and sounds really troublesome to make this for posts. If it gets implemented I see it for PMs only...

Ideally it would be optional for both forum posts and private messages, but with unverified private messages being accompanied with some sort of warning.
copper member
Activity: 786
Merit: 710
Defend Bitcoin and its PoW: bitcoincleanup.com
To be fair mprep's mentioned option also sounds nice:

AFAIK theymos wanted to have quotes replaced with references to posts (something like what 4chan or similar image boards have) in the new forum software.

If you want to quote part of a post you can do it the same way you do it now, but it you want to show you did not edit the post you could use [>>21856705] or similar and the whole post will be quoted and title of the quote turns green. So it would NOT just show >>21856705

Also helpful for cases where the post is deleted afterwards and someone quoted it for reference. And if it's edited you can have 2 or more "green quotes", because it matched the post at the time of writing. Should not be too problematic I guess...

After a quick smoke I thought of tons of corner cases and sounds really troublesome to make this for posts. If it gets implemented I see it for PMs only...

For example:

User A makes a post
User B quotes him and checksum OK
User A edits his posts
User B edits his post and checksum is now NOT OK ?!


legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
And what happens when one quotes only a part of the post?
Or, even worse, what happens when one quotes an noncontinuous part of the post? (uses ~snip~ or similar)

I mean that it could be interesting as feature, but I don't think that it can be implemented correctly.
And maybe one easy way would be to just add a link/script that creates a popup so one can check for himself the original post and compare. (And yes, I said easy way, not perfect).
donator
Activity: 4760
Merit: 4323
Leading Crypto Sports Betting & Casino Platform
Interesting feature !
I indeed see it working mainly with PMs because posts can be edited and if it's a longer post it would be modified (shortened) anyways.

Users can currently send/post incorrectly quoted messages to assist in scams or discredit other users...

And when the checksum verifies show the title green like links:


I can see it's utility...

What a great and simple way to put my idea into use.  Thanks for posting this.  I like this implementation.  It's simple to see and if you weren't aware of it or cared, it isn't in any way disruptive.  When I think about how much money could have been saved from users falling victim to MITM scenarios with this feature, it makes me feel like this should be a fairly important feature that should be implemented either on this forum, or the new one.  It seems like so many of the recent forum changes have centered around turning users against each other as they compete for merit and trust, it would be nice if a feature was put in place to help protect those that need protecting instead of empowering users who advertise services to launder money for successful scammers.
copper member
Activity: 786
Merit: 710
Defend Bitcoin and its PoW: bitcoincleanup.com
Interesting feature !
I indeed see it working mainly with PMs because posts can be edited and if it's a longer post it would be modified (shortened) anyways.

Users can currently send/post incorrectly quoted messages to assist in scams or discredit other users...

And when the checksum verifies show the title green like links:


I can see it's utility...
newbie
Activity: 6
Merit: 0
Did you know that in qunatity like this direct string comparation with evaluation of character change like on github is more suitable implementation? It doesn't do more harm on processor to multiply one character of a string to compare on, literally checksuming is faster when you have to compare checksums of checksum of chceksum, otherwise it's pairwise more efficient if you can fit into L1
full member
Activity: 211
Merit: 100
Users can currently send/post incorrectly quoted messages to assist in scams or discredit other users.

This could be addressed by having a hash generated based on the content of a message, and then a checksum implemented to reject invalid quotes from being sent/reposted.
I want to know how my posts are posted and monitored. Those articles are of interest to anyone. Readers will find it useful or not. Should there be clear rules for posting?
full member
Activity: 322
Merit: 134
>>21856705
We can already do that. We don't, though, because just look how stupid it is. How is it even supposed to solve anything?

No, we can't.  You can take a PM quote from someone and change the quoted text, then forward it to someone else.  This is the type of scenario that would benefit from a method of validation.  

I would agree with you. I have had a friend who almost fell for a scam this way. This had happened some time ago and I can't recall the specific details.
I do remember however that the trade was meant to go down between 3 people, and the scammer created false quotes in the name of the second person as if they had written to them. Then these quotes were sent to my friend. Before he sent any funds, he contacted the first person just to verify things, only to then find out that he had been completely fooled by the details of the trade.

While it is a good idea, I do think that it would be too much of a hassle to introduce and maintain, and won't reduce the amount of scamming that is happening on this forum. However, I may be wrong.  Smiley

EDIT: An example of this
global moderator
Activity: 3794
Merit: 2612
In a world of peaches, don't ask for apple sauce
>>21856705
We can already do that. We don't, though, because just look how stupid it is. How is it even supposed to solve anything?
You can't preview the quote content without opening up the page the post is on though.
donator
Activity: 4760
Merit: 4323
Leading Crypto Sports Betting & Casino Platform
>>21856705
We can already do that. We don't, though, because just look how stupid it is. How is it even supposed to solve anything?

No, we can't.  You can take a PM quote from someone and change the quoted text, then forward it to someone else.  This is the type of scenario that would benefit from a method of validation.  
legendary
Activity: 4542
Merit: 3393
Vile Vixen and Miss Bitcointalk 2021-2023
>>21856705
We can already do that. We don't, though, because just look how stupid it is. How is it even supposed to solve anything?
global moderator
Activity: 3794
Merit: 2612
In a world of peaches, don't ask for apple sauce
AFAIK theymos wanted to have quotes replaced with references to posts (something like what 4chan or similar image boards have) in the new forum software.
donator
Activity: 4760
Merit: 4323
Leading Crypto Sports Betting & Casino Platform
Users can currently send/post incorrectly quoted messages to assist in scams or discredit other users.

This could be addressed by having a hash generated based on the content of a message, and then a checksum implemented to reject invalid quotes from being sent/reposted.
Pages:
Jump to: