Here are those posts of his from the Staff forum that may be interesting. I'll paraphrase non-Satoshi posts where necessary for the posts to make sense. Note that he never actually said "bitcointalk.org" -- this appears due to automatic text substitution by the board.
I left the admin account set to the original SMF theme so if I somehow completely wedge the custom theme I can still get in to fix it.
I've got a neat little 12x12 coin image to replace those pip stars with. Should look nice. Also some nice button images to try.
The registration page has "hide your e-mail address" unchecked by default. I must fix that in php before we can open up.
The Announcements forum is currently moderator access only.
12x12 coin for pip stars done.
Registration page "hide your e-mail address" checked by default done, haven't tested it yet.
Sirius: Let's get a proper SSL certificate
I think I could receive @bitcoin.org, but I'd rather procrastinate on this and work on other things first. Is there a reason we need this sooner?
Sirius: All internal links are pointing to https, so everyone always gets an SSL warning.
I didn't know all the forum links point to https. I always use https so I wouldn't have noticed. SMF is supposed to detect and give you the same as what you've got. If you're on an http page, then all the links should also be http. If that's not working then I need to fix it.
OK, the problem was that $boardurl was switched to
https://www.bitcoin.org/smf again. It's supposed to be
http://bitcointalk.org and the software will replace http with https as needed. It always assumes the base $boardurl is http. It can't switch it in the other direction.
$boardurl is "Forum URL" under:
Under Admin->Server Settings->Core Configuration
The cause of the problem is that the default fill-in for "Forum URL" is the cooked $boardurl, with https in it. So, if you are logged in with https, it fills it in with https, so if you submit that page as is, you change it to https.
It's an accident waiting to happen if you ever submit that page without changing the https to http each time, that happens.
I switched it back to http, please doublecheck that all the links are now http if you're using the forum as http.
I don't have time to fix the admin page right now so it's not an accident waiting to happen.
It would be nice if the forum could be at
www.bitcoin.org/forum/ instead of
www.bitcoin.org/smf/ but that's a whole nother thing. Would you be in favour of that change? If we want to do that, I should do it because I already know where all the path settings are and how to do it, since I had to figure all this stuff out the first time there was the Forum URL https/http problem. There are other urls under Admin->Themes and Layout. I think if a mirror directory forum -> smf was created, it would be possible to change the urls in the admin interface without the forum software stopping working.
Is there any reason to have e-mail confirmation?
If you're doing that out of spam concerns, I've already got that covered. I made some customizations to the registration HTML so any spambots designed for SMF won't be able to figure it out. The CAPTCHA image URL requires an extra parameter, and there are 3 different CAPTCHA images, but only one shows because the others have stuff like width=0 height=0.
Twice I've seen reports of Live Protection causing initial block download to stall out early.
https://bitcointalksearch.org/topic/stuck-on-513-blocks-305Just brainstorming here how this could happen.
Someone saying they got 513 or 1001 blocks before it stalled, yet they report having 10 connections. The person had port forwarding, and must have since this is Windows and outbound from windows is limited to 8, and they had 10 connections. With port forwarding usually you'd have more than 10, but if IRC was blocked, I could see how inbound would be a lot more limited like 10.
Seems like Live Protection is allowing connections to be made, but keeping them silent. Or maybe only allowing a little data to go out but not much, which is strange. Maybe it doesn't want to block outbound requests like browser page requests, which are less than 1K or so, but it wants to shut down large data transfer, so it stops it after just a little bit of data like the size of a URL.
If IRC is blocked, you typically do get like 501 or 5?? or 1001 blocks at first from the seed node. You connect to a seed node, get the address list, then disconnect from the seed node but it usually slips in one or two block requests before the disconnect, hence around 500 or 1000 blocks. If Live Protection zombies all further connections, that would give the result the guy got. Maybe it zombies all inbound connections, and after the first seed node, the inbound connections came and gave him 10 connections so he didn't connect outward anymore, so it's all inbound connections.
That seems to fit what happened the best. IRC blocked by Live Protection. The node connects to a seed node, gets roughly 500 or 1000 blocks, broadcasts inbound IP address to the net, disconnects seed node, doesn't get any more outbound connections before the inbound connections give him 10 connections and it stops looking for outbound. Now all his connections are inbound, and maybe Live Protection zombies the inbound, letting them connect but not letting any data through (or only one direction). He doesn't get the usual 50 or so connections because he's not visible on IRC.
I still don't see a pegged thread about Microsoft Security Essentials Live Protection. Someone needs to write a thread telling people if they have Microsoft Security Essentials how to exempt or whatever bitcoin.exe and pin it ASAP. I'm really busy, surely someone else can do this?!!
I'm adding this to the readme.txt of the 0.3.1 release:
If you have Microsoft Security Essentials, you need to add bitcoin.exe to its
"Excluded Processes" list.
Kind of a blind guess because I don't have it so I can't look exactly what it says, but going on what others have said.
Here's another case:
https://bitcointalksearch.org/topic/no-blocks-downloaded-ms-security-essentials-users-please-read-323I used that link to write the following in the readme.txt:
If you have Microsoft Security Essentials, you need to add bitcoin.exe to its
"Excluded processes" list. Microsoft Security Essentials->Settings tab,
select Excluded processes, press Add, select bitcoin.exe, OK, Save changes.
Is there anything else we should do? Maybe a link on the lower part of the homepage like "If you have Microsoft Security Essentials, see these instructions to add bitcoin.exe to the Excluded processes list."
You shouldn't chat in the #bitcoin room.
Do you think it'll gravitate toward #bitcoin-dev on freenode or lfnet? freenode's the better choice because you may get noticed by other people on freenode.
Does anyone want to take over management of the .po files?
You would monitor the translation forum when translators come along with .po files.
The job is basically what I've been doing with them, which includes editing the .po file as a text file to fix up spacing, using poedit on it to update the strings from the latest sourcecode and maybe fixing up anything the automatic update got wrong, generating the .mo file. Edit their e-mail address out of the header, put their forum name instead. Need to know how to use SVN. Attach the .po file back to the person so if they make any more changes they can go from the edited version. Would make more sense for a non-developer since you don't need any development skills for this.
Gavin: Is there a DoS attack on the network happening now?
I'll take a look a the logs.
It could be someone's server farm all starting at once.
There have been some issues with garbage addr messages in previous versions. Not saying that's the problem now, just want to make you aware.
In 0.1.5 there was a bug where a socket could get closed twice, which (maybe only on linux) could end up closing another random socket that could get reopened by IRC. If that node was in the middle of receiving an addr message, IRC content could be converted into addr messages.
0.3.0 ignores addr messages from 0.1.5, but a 0.2.0 node could relay it. I don't think there are any 0.1.5 nodes left anymore though.
In 0.2.9, I added a checksum to the message headers so no unintended messages can get into the system. The new verack message is part of the version negotiation used to switch to the new header. I'm embarrassed that I didn't do this originally, but I thought TCP already does that.
I have seen addr messages that are made of other addr messages shifted by 3 bytes. I added some filtering in 0.2.9 for that in net.h. The comment there explains how a 3-byte shift might happen if just the right bytes are garbled.
Garbage addr messages always have something else in the pchReserved field, so no nodes actually try to connect to the garbage addresses.
These problems should improve as more 0.2.0 nodes upgrade.
0.2.0 obsoletes on 20 Feb 2012. 0.3.0 nodes will require the checksum header on that date and refuse to talk to 0.2.0 nodes.
I looked at the logs. It looks like it's just heavy addr traffic. I only saw a few garbage addresses, it's mostly well formed addresses.
There's much too much addr traffic though. I'm making adjustments to quiet it down.
I added some code in 0.3.0 to limit the amount of addr messages, but the limits were pretty loose. I'm limiting it down much more in 0.3.2. In 0.3.0, it only sent to 10 other nodes, but those 10 nodes changed every hour, so you could have the same addr going around every hour. In 0.3.2 I'm lowering it to 4 nodes and every 12 hours.
I suspect the reason e-mails from bitcoin.org such as the validation e-mail from the wiki are getting spamblocked is because we didn't have e-mail validation turned on for the forum, so maybe spammers used the forum to set their e-mail to people they wanted to send spam to and then PM themselves so it would e-mail there. The only way to really know would be to look at the mail server logs and see if there's a large volume and what it is.
I turned on e-mail validation of new accounts on the forum, but now people can't sign up because the validation e-mail gets spamblocked. Someone said gmail is one case.
So here we are, nobody new can sign up to the forum.
It would help if we could turn off the forum's notification e-mail features. I tried to disable what I could, but it only had settings for forum thread notifications. Can someone tell me if PM notifications are still active or any e-mail notification anywhere else on the forum.
Maybe we should disable the forum's access to the e-mail server entirely, then turn off registration e-mail until we work this out further. I don't know where that setting is in the SMF interface.
Gavin: I've unstickied the "Post your Static IP" thread
Good, it really isn't needed anymore. The old IP's listed aren't known to have -allowreceivebyip so they're not much use, and we're downplaying the send-by-IP option anyway. Laszlo's IRC allows TOR users, and also they can get seeded with the seed nodes, so it's not needed for that anymore either.
grondilu deleted the whole "What will governments do against Bitcoin?" thread, which had diverged more into a philosophical debate about politics.
I removed the "Remove own topics" permission for regular users. I didn't know they could do that. It would be OK if it only deleted if it only has your own posts in it, like if you accidentally posted in the wrong place.
At the same time, I enabled "Move own topic".