Posts made in one do not appear in the other.
I have sent a post via nntp with details, but it does not show here. I just had to subscribe and make this double post so that admins can see the problem in one or the other interfaces.
If you want more details, please ask via email or via nntp, I don’t track the forum via web.
On Sun, 22 Aug 2010 02:38:38 +0000, robin listas wrote:
> Posts made in one do not appear in the other.
>
> I have sent a post via nntp with details, but it does not show here. I
> just had to subscribe and make this double post so that admins can see
> the problem in one or the other interfaces.
>
> If you want more details, please ask via email or via nntp, I don’t
> track the forum via web.
Should be fixed for most of the groups now, we believe we’ve narrowed the
problem down to a couple of specific forums at present.
Jim
–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
On 2010-08-22 06:25, Jim Henderson wrote:
> On Sun, 22 Aug 2010 02:38:38 +0000, robin listas wrote:
>
>> Posts made in one do not appear in the other.
>>
>> I have sent a post via nntp with details, but it does not show here. I
>> just had to subscribe and make this double post so that admins can see
>> the problem in one or the other interfaces.
>>
>> If you want more details, please ask via email or via nntp, I don’t
>> track the forum via web.
>
> Should be fixed for most of the groups now, we believe we’ve narrowed the
> problem down to a couple of specific forums at present.
I think I have received the posts I noticed as missing. I have to check more carefully later.
Thanks.
One thing I have noticed, though, unrelated: I had to login with my novell account name, and this,
the login name is what appears in the forum posts. IMO, we should instead get a choosen name
displayed, independent of the login.
–
Cheers / Saludos,
Carlos E. R.
(from 11.2 x86_64 “Emerald” GM (Elessar))
Carlos E. R. wrote:
> I think I have received the posts I noticed as missing. I have to
> check more carefully later.
the unplanned sometime-Saturday disruption was reversed during the
weekend…
ThankYou* to those responsible for the repair!!
to me, this is very welcomed signal that we (the community of openSUSE
forum participants) are more important to the project than earlier
observations (of Monday action) might have led me to believe…
–
DenverD
CAVEAT: http://is.gd/bpoMD [posted via NNTP w/openSUSE 10.3]
On Mon, 23 Aug 2010 13:43:20 +0000, DenverD wrote:
> Carlos E. R. wrote:
>> I think I have received the posts I noticed as missing. I have to check
>> more carefully later.
>
> the unplanned sometime-Saturday disruption was reversed during the
> weekend…
>
> ThankYou* to those responsible for the repair!!
You’re welcome. I’m the one who raised the issue when it occurred.
> to me, this is very welcomed signal that we (the community of openSUSE
> forum participants) are more important to the project than earlier
> observations (of Monday action) might have led me to believe…
As I’m fond of saying (and I know I’ve said to you many times), there’s
always more going on behind the scenes than we tell everyone - this time
we were able to get things sorted out by disabling the gateway to a
couple of groups that apparently are problematic, so the problem’s not
100% solved, but better than it has been for a few weeks now.
We haven’t been ignoring the problem, but have been looking at different
things to identify the root cause so we can fix it for good.
Troubleshooting can be a long process of changing one thing and waiting
to see if the problem changes, and then trying the next thing. When a
failure is intermittent, that makes it that much harder to isolate root
cause.
We appreciate everyone’s patience, and as always, please also realise
that we are never satisfied when a solution hasn’t worked.
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
On Sun, 22 Aug 2010 13:54:41 +0000, Carlos E. R. wrote:
> One thing I have noticed, though, unrelated: I had to login with my
> novell account name, and this, the login name is what appears in the
> forum posts. IMO, we should instead get a choosen name displayed,
> independent of the login.
The login information is all integrated, so we pull the information from
the Novell login system.
Jim
–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
On 2010-08-23 16:59, Jim Henderson wrote:
> On Sun, 22 Aug 2010 13:54:41 +0000, Carlos E. R. wrote:
>
>> One thing I have noticed, though, unrelated: I had to login with my
>> novell account name, and this, the login name is what appears in the
>> forum posts. IMO, we should instead get a choosen name displayed,
>> independent of the login.
>
> The login information is all integrated, so we pull the information from
> the Novell login system.
Can’t the forum software recognize the login, and display a name as choosed by the user? I just
looked a little around. I saw that it is possible to customize how the time is displayed, personal
details to show to others, like what country one is from, what signature to put on each post… The
displayed name should also be customizable, no? :-?
–
Cheers / Saludos,
Carlos E. R.
(from 11.2 x86_64 “Emerald” GM (Elessar))
On Tue, 24 Aug 2010 04:01:51 +0000, Carlos E. R. wrote:
> On 2010-08-23 16:59, Jim Henderson wrote:
>> On Sun, 22 Aug 2010 13:54:41 +0000, Carlos E. R. wrote:
>>
>>> One thing I have noticed, though, unrelated: I had to login with my
>>> novell account name, and this, the login name is what appears in the
>>> forum posts. IMO, we should instead get a choosen name displayed,
>>> independent of the login.
>>
>> The login information is all integrated, so we pull the information
>> from the Novell login system.
>
> Can’t the forum software recognize the login, and display a name as
> choosed by the user? I just looked a little around. I saw that it is
> possible to customize how the time is displayed, personal details to
> show to others, like what country one is from, what signature to put on
> each post… The displayed name should also be customizable, no? :-?
It would be somewhat confusing for people to be able to constantly change
their display name - almost as bad as allowing people to use multiple
identities. You’d end up with another avenue for spammers to shill for
their products (I’ve seen that done in the past - where someone posted
under an account with one name, and then answered with another name -
same account - saying how wonderful “product X was and I heartily
recommend it to everyone”.
No, I think opening up changing any part of one’s identity to being
modified just leaves room for far more abuse than useful purpose.
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
On 2010-08-24 06:11, Jim Henderson wrote:
> On Tue, 24 Aug 2010 04:01:51 +0000, Carlos E. R. wrote:
>>> The login information is all integrated, so we pull the information
>>> from the Novell login system.
>>
>> Can’t the forum software recognize the login, and display a name as
>> choosed by the user? I just looked a little around. I saw that it is
>> possible to customize how the time is displayed, personal details to
>> show to others, like what country one is from, what signature to put on
>> each post… The displayed name should also be customizable, no? :-?
>
> It would be somewhat confusing for people to be able to constantly change
> their display name - almost as bad as allowing people to use multiple
> identities. You’d end up with another avenue for spammers to shill for
> their products (I’ve seen that done in the past - where someone posted
> under an account with one name, and then answered with another name -
> same account - saying how wonderful “product X was and I heartily
> recommend it to everyone”.
Hey, I can do that any minute! >:-)
Remember I post via NNTP, I’m not tied by registration, and can use any display name I choose. I
choose to display as “Carlos”, instead of using my (faked) email login name.
What I suggest is not that different. People could register with a login name, and display a more or
less real name instead. Both parts of the names could be displayed, same as both sides of mine are
displayed via nntp. Readers could choose what to display, perhaps a skin or configuration. Hover the
mouse over the name and the login displays, for example.
And of course, you can impede the name from being instantly changed. Delay it for a day, or make all
past posts change to the new name, instantly. Thus they can not answer to themselves as another
name, both posts would show the same name - plot discovered 
I know almost nothing about forums. I’m just curious - because, for example, on Bugzillas people see
my real name, not the login name. And via nntp I can also choose a display name. Thus my surprise at
seeing how my posts, when done via forum, show with such a different name that those via nntp.
Hint: the first post of this thread is mine. 
> No, I think opening up changing any part of one’s identity to being
> modified just leaves room for far more abuse than useful purpose.
The important part, the login, is immutable anyways. Filters could work on that one, not the display
name.
–
Cheers / Saludos,
Carlos E. R.
(from 11.2 x86_64 “Emerald” GM (Elessar))
On Tue, 24 Aug 2010 13:03:28 +0000, Carlos E. R. wrote:
> Remember I post via NNTP, I’m not tied by registration, and can use any
> display name I choose. I choose to display as “Carlos”, instead of using
> my (faked) email login name.
As do I (use NNTP, that is). We don’t say that the NNTP and web
interfaces are equivalent.
> What I suggest is not that different. People could register with a login
> name, and display a more or less real name instead. Both parts of the
> names could be displayed, same as both sides of mine are displayed via
> nntp. Readers could choose what to display, perhaps a skin or
> configuration. Hover the mouse over the name and the login displays, for
> example.
Would that we had developer resources to do this type of development. I
can put the request in the hopper, but I can tell you it’ll be far, far
down the list of things we’ll even look at to put resources into.
> And of course, you can impede the name from being instantly changed.
> Delay it for a day, or make all past posts change to the new name,
> instantly. Thus they can not answer to themselves as another name, both
> posts would show the same name - plot discovered
>
> I know almost nothing about forums. I’m just curious - because, for
> example, on Bugzillas people see my real name, not the login name. And
> via nntp I can also choose a display name. Thus my surprise at seeing
> how my posts, when done via forum, show with such a different name that
> those via nntp.
>
> Hint: the first post of this thread is mine.
Which more or less proves my point about the abuse possible when one can
change one’s display name.
>> No, I think opening up changing any part of one’s identity to being
>> modified just leaves room for far more abuse than useful purpose.
>
> The important part, the login, is immutable anyways. Filters could work
> on that one, not the display name.
Sure, but it’s also about how people perceive the conversation. In the
shill example I provided, that happened on CompuServe, and it was amazing
how long the vendor in question got away with it even though the ID
number was displayed on every message.
Needless to say, when people caught on, there was quite the firestorm. I
even have a T-Shirt somewhere commemorating the event (because someone
decided it was worthy of that kind of rememberance)
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
On 2010-08-24 22:53, Jim Henderson wrote:
> On Tue, 24 Aug 2010 13:03:28 +0000, Carlos E. R. wrote:
>
>> Remember I post via NNTP, I’m not tied by registration, and can use any
>> display name I choose. I choose to display as “Carlos”, instead of using
>> my (faked) email login name.
>
> As do I (use NNTP, that is). We don’t say that the NNTP and web
> interfaces are equivalent.
No, they aren’t. NNTP is limited in some ways, and better in others. I was exploring if it could be
improved.
>> What I suggest is not that different. People could register with a login
>> name, and display a more or less real name instead. Both parts of the
>> names could be displayed, same as both sides of mine are displayed via
>> nntp. Readers could choose what to display, perhaps a skin or
>> configuration. Hover the mouse over the name and the login displays, for
>> example.
>
> Would that we had developer resources to do this type of development. I
> can put the request in the hopper, but I can tell you it’ll be far, far
> down the list of things we’ll even look at to put resources into.
Now, that’s a good reason
>> Hint: the first post of this thread is mine.
>
> Which more or less proves my point about the abuse possible when one can
> change one’s display name.
>
>>> No, I think opening up changing any part of one’s identity to being
>>> modified just leaves room for far more abuse than useful purpose.
>>
>> The important part, the login, is immutable anyways. Filters could work
>> on that one, not the display name.
>
> Sure, but it’s also about how people perceive the conversation. In the
> shill example I provided, that happened on CompuServe, and it was amazing
> how long the vendor in question got away with it even though the ID
> number was displayed on every message.
Wow.
The problem of “moving” identities with display names on a forum, can be solved by the software
always displaying the current “display name” on all posts. A user changes his name, no problem: all
his posts change names, not only new posts. But of course, doing this requires that the software
supports this, and if resources are limited, can’t be done. I understand that, it was just an idea.
> Needless to say, when people caught on, there was quite the firestorm. I
> even have a T-Shirt somewhere commemorating the event (because someone
> decided it was worthy of that kind of rememberance)
Re-wow. 
Yes, I also remember similar issues in Fidonet. Not to the point of the T-shirt, though
And more recently and close, in one of the suse mail lists.
Then, perhaps you should think about some time in the future needing a login to post via nttp.
Better you have it prepared and ready to implement, just in case.
And on the forum, just consider that if somebody wants to play that two identities trick to reply to
himself, they can do it simply by registering twice at Novell.
–
Cheers / Saludos,
Carlos E. R.
(from 11.2 x86_64 “Emerald” GM (Elessar))
On Wed, 25 Aug 2010 01:54:11 +0000, Carlos E. R. wrote:
> Then, perhaps you should think about some time in the future needing a
> login to post via nttp. Better you have it prepared and ready to
> implement, just in case.
It’s been considered, but the solution that’s in place doesn’t readily
access authentication sources very well, and authentication for NNTP is
cleartext, so there’s always the risk of people exposing passwords they
didn’t intend to (such as the password that gives them access to their
SLE license codes).
I explored the idea of authenticated NNTP (and wrapped in SSL, which
introduces additional issues like not all clients supporting NNTPS -
yeah, I’ve looked at that in depth as well) a couple years ago.
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
On 2010-08-25 06:16, Jim Henderson wrote:
> On Wed, 25 Aug 2010 01:54:11 +0000, Carlos E. R. wrote:
>
>> Then, perhaps you should think about some time in the future needing a
>> login to post via nttp. Better you have it prepared and ready to
>> implement, just in case.
>
> It’s been considered, but the solution that’s in place doesn’t readily
> access authentication sources very well, and authentication for NNTP is
> cleartext, so there’s always the risk of people exposing passwords they
> didn’t intend to (such as the password that gives them access to their
> SLE license codes).
Wow. What a can of worms.
> I explored the idea of authenticated NNTP (and wrapped in SSL, which
> introduces additional issues like not all clients supporting NNTPS -
> yeah, I’ve looked at that in depth as well) a couple years ago.
I see it is more complicated than I thought.
The real solution for that would be a modification of the protocol, implemented on servers and
clients - and would take years. Is NNTPS a standard already?
The alternative, if we have to use something, would be expendable passwords, not the password used
for authentication to Novell. It would be enough to deter spammers, if needed. I mean, we do not
need real security, just to defend ourselves from spammers, no?
–
Cheers / Saludos,
Carlos E. R.
(from 11.2 x86_64 “Emerald” GM (Elessar))
On Thu, 26 Aug 2010 02:42:00 +0000, Carlos E. R. wrote:
> On 2010-08-25 06:16, Jim Henderson wrote:
>> On Wed, 25 Aug 2010 01:54:11 +0000, Carlos E. R. wrote:
>>
>>> Then, perhaps you should think about some time in the future needing a
>>> login to post via nttp. Better you have it prepared and ready to
>>> implement, just in case.
>>
>> It’s been considered, but the solution that’s in place doesn’t readily
>> access authentication sources very well, and authentication for NNTP is
>> cleartext, so there’s always the risk of people exposing passwords they
>> didn’t intend to (such as the password that gives them access to their
>> SLE license codes).
>
> Wow. What a can of worms.
Yep - the flip side is to have multiple accounts/passwords, and that’s a
tough sell because one of Novell’s strengths is identity management and
the ability/tools to unify identity so people don’t need to keep a
spreadsheet of all the usernames and passwords they use.
>> I explored the idea of authenticated NNTP (and wrapped in SSL, which
>> introduces additional issues like not all clients supporting NNTPS -
>> yeah, I’ve looked at that in depth as well) a couple years ago.
>
> I see it is more complicated than I thought.
>
> The real solution for that would be a modification of the protocol,
> implemented on servers and clients - and would take years. Is NNTPS a
> standard already?
Well, ‘standard’ in that there’s an IETF definition for it (it’s just
NNTP over SSL/TLS), but most clients don’t actually implement it.
> The alternative, if we have to use something, would be expendable
> passwords, not the password used for authentication to Novell. It would
> be enough to deter spammers, if needed. I mean, we do not need real
> security, just to defend ourselves from spammers, no?
Thing is, most spam here originates from the web interface. We have
tools and techniques for identifying repeat offenders, but we tend not to
discuss them because explaining how we do that gives the spammers tools
to work around them. One of the advantages to being a little mysterious
about certain things.
As for expendable passwords, still an issue with people entering the
wrong one and entering the one that’s their ‘keys to the kingdom’ as it
were. Yeah, I looked at that option as well, but logically the same user
ID with a different password can be even more confusing than a completely
separate authentication system.
Then there’s having to work within what the software we’re using is able
to do. Default authentication mechanism is a flat text file, and
increasing the size of the file increases the login time for everyone -
with 50,000 members, assume a credential added for each user (whether
they use it or not - because we have no way of knowing whether they will
or not until they fail, and the NNTP protocol doesn’t allow for a ‘query’
for that). Works well for small groups (and “group of users” passwords
are actually used for certain private areas), but a shared password isn’t
an ideal solution for public groups because everyone needs to know the
password - and if everyone knows the password, there’s not much point to
having it.
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
On 2010-08-26 22:31, Jim Henderson wrote:
> On Thu, 26 Aug 2010 02:42:00 +0000, Carlos E. R. wrote:
>> The real solution for that would be a modification of the protocol,
>> implemented on servers and clients - and would take years. Is NNTPS a
>> standard already?
>
> Well, ‘standard’ in that there’s an IETF definition for it (it’s just
> NNTP over SSL/TLS), but most clients don’t actually implement it.
There doesn’t seem to be much active developing re nntp, I think.
For instance, I’m using leafnode and it has several known bugs, with the next version not coming
through. Viewvers are also stuck, IMO.
>> The alternative, if we have to use something, would be expendable
>> passwords, not the password used for authentication to Novell. It would
>> be enough to deter spammers, if needed. I mean, we do not need real
>> security, just to defend ourselves from spammers, no?
>
> Thing is, most spam here originates from the web interface. We have
> tools and techniques for identifying repeat offenders, but we tend not to
> discuss them because explaining how we do that gives the spammers tools
> to work around them. One of the advantages to being a little mysterious
> about certain things.
Ok, I don’t really need to now, it is just my curiosity
> As for expendable passwords, still an issue with people entering the
> wrong one and entering the one that’s their ‘keys to the kingdom’ as it
> were.
Argh!
> Yeah, I looked at that option as well, but logically the same user
> ID with a different password can be even more confusing than a completely
> separate authentication system.
>
> Then there’s having to work within what the software we’re using is able
> to do. Default authentication mechanism is a flat text file, and
> increasing the size of the file increases the login time for everyone -
> with 50,000 members, assume a credential added for each user (whether
> they use it or not - because we have no way of knowing whether they will
> or not until they fail, and the NNTP protocol doesn’t allow for a ‘query’
> for that). Works well for small groups (and “group of users” passwords
> are actually used for certain private areas), but a shared password isn’t
> an ideal solution for public groups because everyone needs to know the
> password - and if everyone knows the password, there’s not much point to
> having it.
Complicated, I see.
I think, if it is ever needed, that people wanting nntp access would have to log into the forum, and
choose a login/pass for themselves. Perhaps the login should be forced different than the Novell
one. Change only via http on the forum or nearby.
This only if spam becomes a problem via nntp.
–
Cheers / Saludos,
Carlos E. R.
(from 11.2 x86_64 “Emerald” GM (Elessar))