Pages:
Author

Topic: No more signature images (Read 13346 times)

hero member
Activity: 686
Merit: 500
Wat
July 13, 2012, 10:46:01 PM
Someone needs to create ascii banners for advertisers Smiley
legendary
Activity: 2156
Merit: 1072
Crypto is the separation of Power and State.
July 13, 2012, 01:47:48 PM
looks like the forum is going back into circa 1980s text only BBS but all these complicated schemes to validated and revalidated are dumb.

Three options
1) No images
2) Locally cache images
3) Accept that you may be attacked

I <3 txt only 80s BBSes!!!1

And so:

Option 4)

Can I allowed for putting big ANSi arts in my sig?  8^P

Code:

                  ,.=ctE55ttt553tzs.,
             ,,c5;z==!!::::  .::7:==it3>.,
          ,xC;z!::::::    ::::::::::::!=c33x,
        ,czz!:::::  ::;;..===:..:::   ::::!ct3.
      ,C;/.:: :  ;=c!:::::::::::::::..      !tt3.
     /z/.:   :;z!:::::J  :E3.  E:::::::..     !ct3.
   ,E;F   ::;t::::::::J  :E3.  E::.     ::.     \ttL
  ;E7.    :c::::F******   **.  *==c;..    ::     Jttk
 .EJ.    ;::::::L                   "\:.   ::.    Jttl
 [:.    :::::::::773.    JE773zs.     I:. ::::.    It3L
;:[     L:::::::::::L    |t::!::J     |::::::::    :Et3
[:L    !::::::::::::L    |t::;z2F    .Et:::.:::.  ::[13
E:.    !::::::::::::L               =Et::::::::!  ::|13
E:.    (::::::::::::L    .......       \:::::::!  ::|i3
[:L    !::::      ::L    |3t::::!3.     ]::::::.  ::[13
!:(     .:::::    ::L    |t::::::3L     |:::::; ::::EE3
 E3.    :::::::::;z5.    Jz;;;z=F.     :E:::::.::::II3[
 Jt1.    :::::::[                    ;z5::::;.::::;3t3
  \z1.::::::::::l......   ..   ;.=ct5::::::/.::::;Et3L
   \t3.:::::::::::::::J  :E3.  Et::::::::;!:::::;5E3L
    "cz\.:::::::::::::J   E3.  E:::::::z!     ;Zz37`
      \z3.       ::;:::::::::::::::;='      ./355F
        \z3x.         ::~======='         ,c253F
          "tz3=.                      ..c5t32^
             "=zz3==...         ...=t3z13P^
                 `*=zjzczIIII3zzztE3>*^`

legendary
Activity: 1120
Merit: 1003
June 14, 2012, 12:02:48 PM
This new policy seems to be more about the mods' personal tastes than the demands of the community.


...yes, this "new" policy from November of last year...

oops...I don't know how I ended up on this thread. I seem to remember it was like it was the third or fourth down in the 'meta' forum when I clicked on it.

sorry
legendary
Activity: 966
Merit: 1004
Keep it real
June 14, 2012, 10:15:57 AM
This new policy seems to be more about the mods' personal tastes than the demands of the community.


...yes, this "new" policy from November of last year...
donator
Activity: 446
Merit: 262
Interesting.
December 24, 2011, 09:12:48 AM
Is this change definitive or you're looking to fix it?
hero member
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
November 28, 2011, 10:15:53 PM

Result: Some people have images, some don't.


its not that they are blocking one and not another


 Huh
hero member
Activity: 896
Merit: 1000
Buy this account on March-2019. New Owner here!!
November 28, 2011, 10:03:04 PM
its not that they are blocking one and not another

the way it works is as soon as you change your signature it starts to blocks images

so the people who still have images in their signature means they have not changed it since before the new rules
vip
Activity: 980
Merit: 1001
November 28, 2011, 08:27:26 PM
what is happening with this?

It seems rather discriminatory that some pools can use sig images still while others are blocked.
and when will the avatar pool images be blocked? or are they ok?

or are these forums not about fairness? it is one thing to deal with the trolls and the crap that comes from them, but when the administration stops being fair to all participants....
maybe it is time to move to a forum that is more consistent in its admin...

either do the job properly or allow the free for all that there was previously....
member
Activity: 98
Merit: 10
November 09, 2011, 01:32:57 PM
Youknowwhatelsewecouldgetridof?Whitespace.

W cld rmv ll vwls. tht mght b fn.

Trolling much? That always gets you what you want.

No, it's called continued satire to show the ridiculousness of this whole ordeal. Sometimes a comical response has more of a point than to piss off other posters.

full member
Activity: 154
Merit: 102
Bitcoin!
November 09, 2011, 01:17:11 PM
Seriously, this should be rather trivial and doesn't really deserve all this drama.
Yup.
hero member
Activity: 576
Merit: 514
November 09, 2011, 01:15:14 PM
- add column "showsigimg" to database and default it to 0
- add checkbox "Don't show images in users' signatures" under "Look and Layout Preferences"
- mod source to toggle showsigimg depending on checkbox state
- mod source to add into head section if showsigimg==1

Problem solved. Thanks to btc_novice for starting this idea.

My goal is to make the best Bitcoin forum possible, not to appeal to current users.
If users are not appealed, then this won't be the best forum possible. Simple as that. You can have the greatest product in the universe, but if nobody wants it, you're fubar'ed. See Betamax.

Seriously, this should be rather trivial and doesn't really deserve all this drama.
full member
Activity: 154
Merit: 102
Bitcoin!
November 09, 2011, 01:05:48 PM
Like I said before, I think it's a better policy to assume that people don't want images.
From a pure usability and UX standpoint, the best policy would be to assume that people DO want images, perhaps clickable thumbnails that show the full image in a lightbox.

On the other hand, this is a privately owned website, and the owners are free to do as they please. Smiley

As for dealing with security issues (cookie stuffing and CSRF), simply host all images locally and have stringent checks to validate them as clean image files.  That's a no-brainer for me.

EDIT:  IMO, sig images are a distraction to useful discussion, but embedded images in posts can be very helpful to discussion.
legendary
Activity: 1204
Merit: 1015
November 09, 2011, 11:57:38 AM
Why not write a server side script that would allow users to input ad-hoc an external image link, it would then be tested for various properties (i.e. the size of the file, whether it is a valid image file, whether it is a dynamically generated image, whether it obeys the dimension restrictions) and if the image passed the criteria, permission would be given to the post parser to display the embedded image. If not, then the image would not be embedded.

When the images are external, the image itself can always be replaced later.  So just because it passes today or tomorrow, in 3 days, I could keep the same image url, but the image itself is different.  The only solution is local images or no images. Otherwise, there truly is no guarantee.

I'm aware of that. Read the second part of my post again.
Your entire idea blows up when you consider that the image could be dynamic. That means that a script generates it. Scripts can be told to always serve the exact same image to the forum server when it's checked. At that point, the only way to avoid IP address whack-a-mole is to put the image checker behind tor. Even then, the script can simply be told to serve the static image to any user behind tor, instead of the dynamic image, since that would only impact a small fraction of the people who would load the image.
legendary
Activity: 1400
Merit: 1005
November 09, 2011, 11:53:05 AM
I can't wait until we have enough people at bitcoinforums.net that we can have proper discussions there, and get away from this forum.  Hopefully, theymos pushing away users from this forum with this new image scheme will make that happen.
hero member
Activity: 714
Merit: 504
^SEM img of Si wafer edge, scanned 2012-3-12.
November 09, 2011, 05:53:00 AM
I know no one is going to care about me, but I'm going to look for a different forum. This is ridiculous. 4chan has thumbnails (which I always expand using javascript anyway), and reddit/IRC/everything2 are only popular with nerds for a reason.

The only good solution I've heard to this… "whim", is to have a checkbox to turn on or off embedded images. If they were turned off, they would be automatically turned into a link. But this suggestion is being completely ignored.
There is no such thing as the perfect forum, you should be looking for the perfect forums.

This non-issue is being solved with a sledge-hammer.
sr. member
Activity: 336
Merit: 250
November 09, 2011, 02:02:15 AM
... all these complicated schemes to validated and revalidated are dumb.

Really? Why are you involved in bitcoin again?
It's not that complicated.

Three options
1) No images
2) Locally cache images
3) Accept that you may be attacked

Let me expand on that:

1) No images
2) Figure out a way of solving the problem and save server costs
3) Locally cache images
4) Do nothing and accept that you may be attacked
donator
Activity: 1218
Merit: 1079
Gerald Davis
November 09, 2011, 01:52:45 AM
When the images are external, the image itself can always be replaced later.  So just because it passes today or tomorrow, in 3 days, I could keep the same image url, but the image itself is different.  The only solution is local images or no images. Otherwise, there truly is no guarantee.

Exactly.  Sadly it looks like the forum is going back into circa 1980s text only BBS but all these complicated schemes to validated and revalidated are dumb.

Either you host images locally or don't bother trying to do anything else because odds are no scheme is going to stop a determined hacker.  Given how easy it is to host images locally it simply doesn't make sense trying to make the "problem" more complicated only to have it be a token security measure.

Three options
1) No images
2) Locally cache images
3) Accept that you may be attacked
sr. member
Activity: 336
Merit: 250
November 09, 2011, 01:52:21 AM
Why not write a server side script that would allow users to input ad-hoc an external image link, it would then be tested for various properties (i.e. the size of the file, whether it is a valid image file, whether it is a dynamically generated image, whether it obeys the dimension restrictions) and if the image passed the criteria, permission would be given to the post parser to display the embedded image. If not, then the image would not be embedded.

When the images are external, the image itself can always be replaced later.  So just because it passes today or tomorrow, in 3 days, I could keep the same image url, but the image itself is different.  The only solution is local images or no images. Otherwise, there truly is no guarantee.

I'm aware of that. Read the second part of my post again.
vip
Activity: 574
Merit: 500
Don't send me a pm unless you gpg encrypt it.
November 09, 2011, 01:46:33 AM
Why not write a server side script that would allow users to input ad-hoc an external image link, it would then be tested for various properties (i.e. the size of the file, whether it is a valid image file, whether it is a dynamically generated image, whether it obeys the dimension restrictions) and if the image passed the criteria, permission would be given to the post parser to display the embedded image. If not, then the image would not be embedded.

When the images are external, the image itself can always be replaced later.  So just because it passes today or tomorrow, in 3 days, I could keep the same image url, but the image itself is different.  The only solution is local images or no images. Otherwise, there truly is no guarantee.
sr. member
Activity: 336
Merit: 250
November 09, 2011, 12:24:37 AM
Quote from: mjcmurfy
So the best way to ensure ideas can be expressed effectively is to ban any form of imagery and limit people's means of communication to text only? This is broken logic.

You're not limited to text. You can easily include a direct link to an image, and readers can access the image with a single click. It's not a huge barrier.

Why not write a server side script that would allow users to input ad-hoc an external image link, it would then be tested for various properties (i.e. the size of the file, whether it is a valid image file, whether it is a dynamically generated image, whether it obeys the dimension restrictions) and if the image passed the criteria, permission would be given to the post parser to display the embedded image. If not, then the image would not be embedded.

Either the forum needs to check and recheck images constantly, which is expensive, or client-side code needs to be used to prevent large images, which might not work for all users. I don't find either of these solutions acceptable.

Validated images could potentially be replaced with something else later, necessitating continuous checking - granted, but you just need a database table that keeps track of validated images that the parser can re-query at runtime. If the image has been modified, the image 'hash' would be different and the image would have to be reverified manually by the poster else it would not be displayed, and no further checking would be done until the OP revalidated the image.

You wouldn't have to do this image hash checking each time the thread is loaded, you could just set up a daily cron that would reverify a certain % of the embedded external images table. Maybe have it so that each image is checked once every 2 days or so, or spread it out slowly over a period of time.

You could make it a quite efficient process that would not require that much by way of server resources. We have gotten pretty good at driving down the cost of hashing power, have we not? And it would seem that it would be better in terms of resource usage than actually storing the images, using up potentially huge amounts of disk space and a heckuva lot of bandwidth - simply to ensure their integrity.

This way requires no additional disk space and much lower bandwidth costs as the server only has to download the image once every two days, instead of uploading it hundreds of times per day to individual users.

Obviously I was talking about the bandwidth of readers...

Then why were you using it as justification for getting rid of embedded images? It is trivial in comparison to the cumulative bandwidth that delivering locally stored images would clock up. And why should the operators of the forum care about how much bandwidth a few images take up on the end-users side? If you watch a single youtube video, I'd imagine it would still account for more bandwidth use than a week's worth of surfing this forum.

Quote from: mjcmurfy
Why not hold a vote on the issue to find out how correct your assumptions are?

I know that my security concerns are justified.

A vote would determine only what the majority of current users want, which is not very important. It's easy for the majority to be wrong.

Yes, they are of course justified. It is just the conclusions you are drawing that I have questions about. We don't need to crack this walnut with a sledgehammer. There are workarounds that can be put in place.

Your lack of respect for what the users of the forum think is quite cynical and arrogant. At the end of the day, you have to keep your members on side, as they are the ones that produce all of the content and make this forum what it is. Telling them directly that what they think is not important is a highly presumptuous move for you. People remember statements like that.

Yes it's easy for the majority to be wrong, but it's even easier for a single individual to be wrong.
Pages:
Jump to: