Author

Topic: New forums? (Read 2661 times)

U2
hero member
Activity: 676
Merit: 503
I used to be indecisive, but now I'm not sure...
November 30, 2016, 01:25:53 PM
#19
There should be some kind of notice whenever the forums IP is going to change, as Chinese users have to manually specify the IP in their hosts file because the forum is blocked there.

Well I'll be damned. You learn something every day. I just assumed because there was a Chinese local board that it wasn't banned there.
full member
Activity: 196
Merit: 101
November 30, 2016, 01:11:19 PM
#18
I guess he is using AWS as a front-end webserver to filter out DDoS, he mentioned the idea some time ago:

I really like the idea of having a bunch of firewall servers which handle the TCP handshake and then send real traffic to the real server(s) via a GRE tunnel. Since it works at the TCP level, the firewall servers do not need the HTTPS key and aren't particularly sensitive security-wise. It doesn't protect against application-level attacks, but generally those are easier to protect against by just blacklisting or limiting misbehaving IPs. I wish that more companies would offer this service. The forum's previous DDoS protection did this, but it was some amateur operation which had its own reliability issues, making it unacceptable. Incapsula was willing to do a special deal, but their price was ridiculous. I think that someone could make money by buying a few dozen servers distributed across the globe and selling GRE-tunnel-based DDoS protection from SYN floods and maybe also bandwidth leeching (by tracking when new IPs start using way more traffic than anyone else), ideally with anycast IP addresses to distribute traffic among the firewall servers. I think that you could do it largely with standard iptables rules, though it'd be very complicated. If I was setting up a service like this, I would oversell like crazy -- each site is only actually DDoSed a very small percentage of time, so you only need enough ordinary capacity to protect against one or two active attacks --, but then have some sort of backup plan to add more servers in an emergency (maybe by spinning up EC2/DigitalOcean/Vultr instances, which are expensive compared to a dedicated server but quickly available in case more capacity is needed now).

EC2 = Amazon

There should be some kind of notice whenever the forums IP is going to change, as Chinese users have to manually specify the IP in their hosts file because the forum is blocked there.
copper member
Activity: 2996
Merit: 2374
November 30, 2016, 01:11:39 AM
#17
Why doesn't it sound like something theymos would do?
theymos has said in the past that he does not want to use cloudflare because doing so would essentially be giving google/cloudflare the HTTPS keys, allowing google to commit MITM attacks, and to access sensitive user information.

Using AWS allows Amazon access to this information, as well as the ability to access encrypted copies of the forum's DB plus any necessary decryption keys necessary to decrypt such copies of the forum's DB. I believe that Amazon most likely has internal controls to prevent rogue employees from doing this, but the same is probably true for google.


Do you live with the guy?
If you are curious, you should ask him. I don't think this matters though.
Vod
legendary
Activity: 3668
Merit: 3010
Licking my boob since 1970
November 30, 2016, 12:43:59 AM
#16
It's defiantly hosted on AWS.

Defiantly?  Who is forcing Theymos to host elsewhere?   Wink

(I've made this mistake too, in an email to 400 people lol)
legendary
Activity: 1204
Merit: 1001
November 29, 2016, 11:02:56 AM
#15
Hosted on AMAZON AWS
As the forum is right now aswell.
Is this true, or is there some kind of DDoS protection going through AWS?

The forum's WHOIS is showing as AWS, however hosting the forum on a cloud provider does not sound like something theymos would do.

It's defiantly hosted on AWS.

Cloudfare is commonly used as a front proxy to mitigate DDoS attacks. The reality is you can only do so much filtering. The key to surviving a DDoS attack is having a robust infasructure with plenty of capacity to handle those bandwidth floods.

Why doesn't it sound like something theymos would do? Do you live with the guy?

The elasticity of AWS is just what a forum with spikes needs.

Personally I think AWS is shit and don't like the setup. I always had storage and bandwidth requirements that AWS would bill me a fortune for. Best to contact DCs and workout a colocation deal.



Anyway, this forum has become a cesspool and I don't see the new forum changing that. Smiley 
copper member
Activity: 2996
Merit: 2374
November 29, 2016, 02:31:37 AM
#14
Hosted on AMAZON AWS
As the forum is right now aswell.
Is this true, or is there some kind of DDoS protection going through AWS?

The forum's WHOIS is showing as AWS, however hosting the forum on a cloud provider does not sound like something theymos would do.
legendary
Activity: 2436
Merit: 1104
November 28, 2016, 09:28:00 PM
#13
I would guess design is a point that comes a little later in the developing processs.
From what I've heard, there will be several "skins" available and the current design isn't final yet, either.
Besides that, looks aren't everything.

Oh, that's great. I was really worried about the dark theme. I honestly prefer the current design.
I've seen some other forums that went with the dark theme and I just couldn't get used to it.
Hurts my eyes for some reason and I find it hard to navigate.
I like this forum. Especially the design since it is so unlike all the others. It's easy to use.
hero member
Activity: 994
Merit: 544
November 28, 2016, 09:03:05 PM
#12
I usually like to embrace change, but seriously change for change sake is just crap,  dont like the look of the beta site at all  Undecided

I totally agree with you. THe beta site isnt good at all its dull and the features are poor. When we speak of change we always think of change as development. But the new site isnt that way, its like changing to excellent to crap. I hope they just remove the beta site, its boring and poor. If they push it I hope they will improve it to be better than it is now.
legendary
Activity: 2296
Merit: 1014
November 28, 2016, 08:11:57 PM
#11
'News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.'

Where's the new software??
It will be deployed soon so thats why this warning to everyone be able to access their accounts.
Well i should check mine also Tongue
legendary
Activity: 1204
Merit: 1001
November 28, 2016, 07:40:51 PM
#10
Well I'm all for something new as long as it's super secure. Accounts get hacked here all the time.

JS is very trendy now especially due to NodeJS. The idea is to keep it non-blocking and as realtime as possible.

PHP is most common language for web applications. I'm not sure if JS is the right technology for a forum unless you want to make it more chat like.

Personally I prefer Python. In my mind it's the most superior language. And lots of performance critical apps are written in python too. Google writes most of its apps in python.

If I were building a forum from the ground up I would use the Flask microframework.   
hero member
Activity: 1190
Merit: 525
CryptoTalk.Org - Get Paid for every Post!
November 28, 2016, 06:27:43 PM
#9
Looking the BETA it's like The Bot Net forum design, reminds a bit. Good to see the forum will be improved. From times and times some changes are needed to make the experience of members better and to don't become overpast. That will be a big step for BitcoinTalk forum. Everyone likes new features, so it will be a good update.
hero member
Activity: 490
Merit: 520
November 28, 2016, 06:25:05 PM
#8
I don't know for sure, however I would expect for them to be implementing either more secure or more "streamlined" layouts for the forum at some point, and I'm suspecting that it is going to add some new security features if they want people's emails to be ready to go at any point.

Curious how everything is still in beta, but hey, if it works, I wouldn't change it.
copper member
Activity: 1904
Merit: 1874
Goodbye, Z.
November 28, 2016, 06:12:43 PM
#7
I usually like to embrace change, but seriously change for change sake is just crap
This isn't. The current forum is running on a pretty old version of SMF (though heavily customized and modified).
The new forum software is supposed to bring new features for both, users and moderators. It should ease up a thing or two.
Especially since it's custom built and it can be adjusted to the needs of the forum.

dont like the look of the beta site at all
I would guess design is a point that comes a little later in the developing processs.
From what I've heard, there will be several "skins" available and the current design isn't final yet, either.
Besides that, looks aren't everything.
sr. member
Activity: 434
Merit: 250
November 28, 2016, 06:09:50 PM
#6
Can someone who knows about this setup speak on the reasons to use Javascript over PHP?
PHP is the standard when it comes to forums, especially.
Wondering what the performance, security, etc is like in comparison.
hero member
Activity: 1106
Merit: 521
November 28, 2016, 06:01:38 PM
#5
I usually like to embrace change, but seriously change for change sake is just crap,  dont like the look of the beta site at all  Undecided
copper member
Activity: 1904
Merit: 1874
Goodbye, Z.
November 28, 2016, 05:38:57 PM
#4
Hosted on AMAZON AWS
As the forum is right now aswell.

Looks like they are using epochtalk. That's pretty new stuff built on modern technologies. Will be prone to bugs and hacks for sure.
https://github.com/epochtalk/epochtalk
Not only new, but also custom made for this forum specifically. We could argue about the "new" part though, given how long there's being worked on already.

Lots can be improved. I'll try to hack the shit out of it on my free time to help harden it.
That would be called beta testing Smiley
Have fun.
legendary
Activity: 1204
Merit: 1001
November 28, 2016, 05:35:44 PM
#3
Looks like they are using epochtalk. That's pretty new stuff built on modern technologies. Will be prone to bugs and hacks for sure.

https://github.com/epochtalk/epochtalk

SSL seems to be configured properly as they are using the https://cipherli.st ciphers but the key is weak (https://www.ssllabs.com/ssltest/analyze.html?d=beta.bitcointalk.org)

Hosted on AMAZON AWS

Lots can be improved. I'll try to hack the shit out of it on my free time to help harden it.
legendary
Activity: 1232
Merit: 1017
November 28, 2016, 05:24:08 PM
#2
The new forum is currently in the beta phase, it is taking so damn long. I think the design is a bit boring, also I have no clue what will be different for the user experience. I noticed that it was coded in javascript instead of php, which gave others a big heart attack.
http://beta.bitcointalk.org
legendary
Activity: 1204
Merit: 1001
November 28, 2016, 05:23:15 PM
#1
'News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.'

Where's the new software??
Jump to: