My SMF 3.0 Dream

Started by Xarcell, October 06, 2011, 01:51:46 AM

Previous topic - Next topic

Joshua Dickerson

Xarcell, what do you mean by #25? #21 - use what works best.
Come work with me at Promenade Group



Need help? See the wiki. Want to help SMF? See the wiki!

Did you know you can help develop SMF? See us on Github.

How have you bettered the world today?

SoLoGHoST

#41
What I'm saying is that SMF is using a hash to change the name of all files that get uploaded, why not do this for pm messages in the same way?  The hash can be stored in a column where the pm messages are stored or where ever, than for the message, you can make it an array...

$pm = array(
    'message' => {holds the actual message that could be base64_encoded or not},
    'id' => {id of message to match against that matches the primary key},
    'hash' => {why not store the hash in here also for checking against},
// Just some more, if you'd rather store this in there as opposed to the columns of the database for this, doesn't matter really.
    'user_from' => $user_info['id'],
    'user_to' => {ids of all the members that this message has been sent to},
);


Than just serialize this entire array and place it into the database.  Unserialize it when it is needed, and do some checking with it.

Serializing
base64_encode(serialize($pm));

Unserializing (where $row['pm'] is the serialized array from the database table)
unserialize(base64_decode($row['pm']));

Anyways, I'm not looking at SMF's pm table right now and haven't in awhile, so I'm just going from memory here.  If you are saying that using a hash is not going to help in security here, than why bother using a hash for file attachments at all?  What security does this provide other than hiding the original filename from members and from being stored on your server with that filename and ofcourse the .htaccess and index.php file that helps with this also.

Anyways, I haven't completely thought this out, I'm just throwing things out there that should be considered.  It's not my call anyways.

青山 素子

Quote from: SoLoGHoST on December 12, 2011, 11:44:14 PM
What I'm saying is that SMF is using a hash to change the name of all files that get uploaded, why not do this for pm messages in the same way?  The hash can be stored in a column where the pm messages are stored or where ever, than for the message, you can make it an array...

$pm = array(
    'message' => {holds the actual message that could be base64_encoded or not},
    'id' => {id of message to match against that matches the primary key},
    'hash' => {why not store the hash in here also for checking against},
// Just some more, if you'd rather store this in there as opposed to the columns of the database for this, doesn't matter really.
    'user_from' => $user_info['id'],
    'user_to' => {ids of all the members that this message has been sent to},
);


Than just serialize this entire array and place it into the database.  Unserialize it when it is needed, and do some checking with it.

What benefit would this give you? Also, how would this affect the database calls needed to find all messages to an individual user?

Filenames are hashed to prevent collisions in filenames. For example, if two users (or even the same user did this twice) uploaded a file called image.jpg, you'd run into a collision depending on how you structure the file storage. Creating a hash with some variable data prevents this collision. You don't need this in a database table because you can make an artificial unique data column (usually called "id"). It also prevents more simplistic filename guessing games or tricks of uploading files ending in ".php" and calling directly to make them execute on the server.



Quote from: SoLoGHoST on December 12, 2011, 11:44:14 PM
If you are saying that using a hash is not going to help in security here, than why bother using a hash for file attachments at all?  What security does this provide other than hiding the original filename from members and from being stored on your server with that filename and ofcourse the .htaccess and index.php file that helps with this also.

See the above explanation. It's more about preventing filename collisions than security. The fact that it helps a bit with blind upload attacks is a nice bonus.


Quote from: SoLoGHoST on December 12, 2011, 11:44:14 PM
Anyways, I haven't completely thought this out, I'm just throwing things out there that should be considered.  It's not my call anyways.

Yeah, I don't think you're considering how the system would have to work when you start serializing internal data structures (it gets messy). Anyway, as long as the server has the key, it's trivial to decode the messages or to write some quick code that will do all the processing and present a nice list for you. Private messages are designed to offer some basic privacy from casual snooping, not complete security from a dedicated user.

It's kinda like a simple lock on a file cabinet - it keeps the basic snoops out. For those that want to get in, it's just usually a simple wafer lock that can be opened with the file on a nail clipper.
Motoko-chan
Director, Simple Machines

Note: Unless otherwise stated, my posts are not representative of any official position or opinion of Simple Machines.


SoLoGHoST

Yeah, I see what you mean, and duhhh, definitely see what you mean on file attachments, argg!  Forgot that the user's id value prepends to the filename also to help with this collision of hashes that could even occur.

.Vapor

Great ideas ! I especially like the "forum, blog, article" idea for posts / content.

+1 to almost all of them :)

Nitesh Kunnath

Any news on what all has been accepted for 3.0 and what all ideas has been scrapped from the list mentioned here ?

Fustrate

We're not far enough to definitively accept/deny most of these things, but we're keeping everything in mind. Much of the list applies to aesthetics and minor tweaks instead of the major groundwork.

Don't hold me to any of this, but:

Quote1. Yes
2. Yes
3. No
4. Yes
5. Might as well, but not a concern at this point in development
6. It'll happen in some form
7. Yes
8. Yes
9. Yes
10. There will be a way to compress js/css (I'm also looking at LESS compilers)
11. Good idea
12. Would probably be a mod/plugin
13. Yes
14. I'm not a theme designing person, no comment
15. Yes
16. Won't eliminate the post page, but we will expand quick/ajax reply
17. Yes
18. Yes
19. No comment/opinion
20. I'd like to see it
21. Yes, PNG > GIF, but I'm a bit wary of SVG. Haven't used it enough.
22. Karma won't be in the central product anymore. Calendar and Karma are bloat that should be optional.
23. CSS-wise? Yes
24. Yes
25. 3.0 will support at least Apache, Litespeed, and nginx fully.
26. Sure, why not
27. Good idea
28. Isn't that already in 2.0? I honestly haven't looked in a LONG time.
29. iirc, big guy keeps pushing for it for 2.1
30. jQuery yes, jQuery mobile no
31. Good idea
32. As I said before, no way.
33. I think that's going to be in 2.1
34. Good idea

Norv could reverse any of that, but it's what I'm aiming for at least. Knowing myself, though, I have a different opinion every week :P
Steven Hoffman
Former Team Member, 2009-2012

RoCKeT-88

Quote from: Kindred on October 26, 2011, 11:08:39 AM
pretty urls are pointless....

and attachments in PM is a bad idea.   If someone distributes illegal or copyrighted material via PM, this now makes the ADMIN responsible....   and the admin can not (easily) scan PMs.

Just curious how this makes the admin responsible?
Insert Witty Signature Here.

Kindred

Because, as owner/admin, you are legally responsible for the content of your site, whether you participate or not
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Antechinus

Actually I was thinking about this yesterday. It is still possible for PM's to contain illegal or unethical content even without attachments, so I'm not sure that argument against PM attachments is really a valid argument.

RoCKeT-88

#50
Quote from: Kindred on April 03, 2012, 06:50:56 PM
Because, as owner/admin, you are legally responsible for the content of your site, whether you participate or not

Oh really.  If that was the case there would be no sites online with any kind of uploads of any kind, PM, Post Uploads or Gallery Uploads etc and no ISPs and hosting providers as well.     SOPA | PIPA did not pass btw had it then it would have been a whole new ball game in town.  This could change and let's hope it doesn't.   I just checked with my host and have chat transcripts and as I suspected I am good with my understanding on how the DMCA take down works.  It's quite simple actually.  I just need to get the DMCA instructions set up on my site.  Sorry just because we hear it on the net doesn't mean we should take it for gospel.

Thanks for responding though.

P.S. There are lot of resources on the net that explain this in much more detail than I ever could here in a few minutes.  Might be a good idea to check some out if anyone is in doubt which imo is always the best policy in situations like this or even consult an attorney but I really don't feel that is necessary in this situation.

P.S. 2  You are legally responsible to follow the steps in a DMCA take down notice that much I will say is correct.
Insert Witty Signature Here.

Kindred

I beg to differ... I have been on both sides of the responsibility issue, both as the initiator and the target...   So, yes... An admin IS responsible or everything on his site.
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

RoCKeT-88

#52
 :D  As I have let me tell you, being on both sides that is. 

You can beg to differ that is your right.  They way it works though is the uploader is still responsible for the content.  When the site is alerted the site does have responsibility as already stated actually till the site gets a DMCA the site can not legally enforce other entities copyrights only one person can do that and that is the holder or a representative of the holder.  If that was the case there would be no uploads hot linking here and I bet we can find some copyright issues here?  Yes or No?  As I said it's really quite simple the way it works.

I mean the easiest way to prove me or the way it works wrong is show us.  This would surely be the best way.  Let me post some from my point.




The U.S. Digital Millennium Copyright Act (1998) and the European E-Commerce Directive (2000) provide online intermediaries with limited statutory immunity from liability for copyright infringement. Online intermediaries hosting content that infringes copyright are not liable, so long as they do not know about it and take actions once the infringing content is brought to their attention. In U.S. law this is characterized as "safe harbor" provisions, and in European law as the "mere conduit" principle. See here the site needs to be notified.




The enforcement of copyright is the responsibility of the copyright holder.[7] Article 50 of the Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPs) requires that signatory countries enable courts to remedy copyright infringement with injunctions and the destruction of infringing products, and award damages.[5] Copyright holders have started to demand through the ACTA trade agreement that states act to defend copyright holders' rights and enforce copyright law through active policing of copyright infringement.[8] It has also been demanded that states provide criminal sanctions for all types of copyright infringement and pursue copyright infringement through administrative procedures, rather than the judicial due process required by TRIPs.[7]  Here you can see who has the responsibility of enforcing copyright and it is not the site as the site has no idea if they person has permission from the company plus the site is not in a position to decide what is and what is not a violation just the holder or a rep of the holder can.




This is a quick run down from Wikipedia.  I am not going to spend hours finding other sources but I will wait for your sources that list the site as being responsible.

If this was even remotely close Photobucket, imageshack and youtube(just on Prince videos alone) would have already been shut down long ago?  Yes or No?
Insert Witty Signature Here.

Fustrate

It's not just a matter of copyrighted material, it's also things like child pornography. With public attachments, you have a reasonable chance of finding it yourself or having it reported, but with PM attachments they're storing the images on your server and you're none the wiser. It's easier to just not open yourself up to that in the first place than having to explain to LEOs that you didn't know it was there. Place like Youtube and imgur monitor for that stuff and are big enough that LEOs won't blame them, but none of us are.
Steven Hoffman
Former Team Member, 2009-2012

RoCKeT-88

#54
Quote from: Fustrate on April 04, 2012, 12:28:08 AM
It's not just a matter of copyrighted material, it's also things like child pornography. With public attachments, you have a reasonable chance of finding it yourself or having it reported, but with PM attachments they're storing the images on your server and you're none the wiser. It's easier to just not open yourself up to that in the first place than having to explain to LEOs that you didn't know it was there. Place like Youtube and imgur monitor for that stuff and are big enough that LEOs won't blame them, but none of us are.

This is an interesting discussion and hard to find good discussions on the net but the discussion is not whether or not it opens yourself up but rather who is responsible.

Child porn is another issue altogether.  However the uploader is still responsible less of course you can prove the site is knowing its going on and allowing the users to do but as I said child porn is not copyright and another issue all together.  No different than a user using webmail how many small little sites like us have people with email accounts?  So are you saying sites should only allow admin to have email through the domain?
Insert Witty Signature Here.

Fustrate

It may be another issue, but it's an issue with PM attachments. Yes, the uploader is responsible in the end, but you're going to go through quite a bit of (stuff) with law enforcement to show that you don't have any liability. The cops who deal with CP are trained not to take anyone's word.
Steven Hoffman
Former Team Member, 2009-2012

RoCKeT-88

#56
Quote from: Fustrate on April 04, 2012, 12:37:56 AM
It may be another issue, but it's an issue with PM attachments. Yes, the uploader is responsible in the end, but you're going to go through quite a bit of (stuff) with law enforcement to show that you don't have any liability. The cops who deal with CP are trained not to take anyone's word.

I agree to that.  However as I said in the previous post which I edited to include what I am saying here  that wasn't what the discussion was.  I agree it could be a serious pain but the uploader ultimately remains responsible. 

Still there is a due process at least in some countries anyways but yes it could be a real PITA if some dumb ass was to upload CP to PM attachments or to webmail as both are the basically the same situation and there is no difference between PM attachments and webmail.  So webmail is toast too?

Thanks for stating the pink that is what this little side discussion is truly about.
Insert Witty Signature Here.

SoLoGHoST

#57
Interesting that you actually have researched this and proved this to be wrong RoCKeT-88!  Thanks!  TBH, seems to me that there were too many haters of my PM Attachments mod and those not really knowing the real truth, that the uploader is responsible for what they upload.  In any case, if this were even an issue, PM Attachments could be unapproved until they were reviewed, but than we have an issue on PERSONAL CONTENT, which is what PM Attachments are about.  I originally coded PM Attachments with all attachments within all PM able to be viewed.  A whole section was dedicated to this, but than SMF Customization Team told me that this was a security issue that PM Attachments should not be able to be viewed because they were considered personal, which makes sense (even if the only people that could view them were the FORUM ADMINISTRATORS), which are the same people that it goes to when reporting Personal Messages, but than they say that the Owner of the site is responsible for the content on the site so you can't allow it to be uploaded without some sort of reviewing of the files to be sure they are appropriate for your site.  Both of these contradict each other, cause you just can't satisfy both of these at the same time.  It's either one or the other.  And honestly, if you aren't responsible for the content on your site, or if you notify the user, while they are sending a Personal Message with an attachment, that the content may, or will, be viewed by forum administrators before it is approved, or before the actual Personal Message gets sent, than what is the problem??

Here's the problem...  A Grudge against my Mod!  The demand for it was too great...  So many people requested it, and I made it first.  Even SMF's own Customization Team members and others talked about creating it in certain topics where it was requested...  BUT NOW...  Believe it or not, they have a problem with it!  Let's try to rationalize a way to say it is not wanted without actually saying that, shall we??  Let's try and create a problem that makes sense to everyone...

Whatever...

RoCKeT-88

#58
Quote from: SoLoGHoST on April 04, 2012, 01:10:45 AM
Interesting that you actually have researched this and proved this to be wrong RoCKeT-88!  Thanks!  TBH, seems to me that there were too many haters of my PM Attachments mod and those not really knowing the real truth, that the uploader is responsible for what they upload.  In any case, if this were even an issue, PM Attachments could be unapproved until they were reviewed, but than we have an issue on PERSONAL CONTENT, which is what PM Attachments are about.  I originally coded PM Attachments with all attachments within all PM able to be viewed.  A whole section was dedicated to this, but than SMF Customization Team told me that this was a security issue that PM Attachments should not be able to be viewed because they were considered personal, which makes sense (even if the only people that could view them were the FORUM ADMINISTRATORS), which are the same people that it goes to when reporting Personal Messages, but than they say that the Owner of the site is responsible for the content on the site so you can't allow it to be uploaded without some sort of reviewing of the files to be sure they are appropriate for your site.  Both of these contradict each other, cause you just can't satisfy both of these at the same time.  It's either one or the other.  And honestly, if you aren't responsible for the content on your site, or if you notify the user, while they are sending a Personal Message with an attachment, that the content may, or will, be viewed by forum administrators before it is approved, or before the actual Personal Message gets sent, than what is the problem??

Here's the problem...  A Grudge against my Mod!  The demand for it was too great...  So many people requested it, and I made it first.  Even SMF's own Customization Team members and others talked about creating it in certain topics where it was requested...  BUT NOW...  Believe it or not, they have a problem with it!  Let's try to rationalize a way to say it is not wanted without actually saying that, shall we??  Let's try and create a problem that makes sense to everyone...

Whatever...

I have no idea about what has been going on with this mod or feature to be honest it just happened to catch my eye and I felt like a good discussion about it nothing more nothing less.  I just though it was kinda odd they had anti SOPA PIPA avatar and what they were saying would have been true if those would have passed.  I said luckily they didn't as being responsible for someone else s wrong doing makes absolutely no sense now does it?
Insert Witty Signature Here.

青山 素子

Quote from: SoLoGHoST on April 04, 2012, 01:10:45 AM
that the uploader is responsible for what they upload.

True, but given the recent developments in the "take down first, figure out guilt later" actions going on, even if the uploader will be responsible, the site owner will have quite a fight while their website is down. Also, the owner will have to prove that they had no knowledge of the file activity and probably undergo investigations.


Quote from: SoLoGHoST on April 04, 2012, 01:10:45 AM
In any case, if this were even an issue, PM Attachments could be unapproved until they were reviewed, but than we have an issue on PERSONAL CONTENT, which is what PM Attachments are about.

Yep, having to do the whole approval thing and active monitoring means you lose whatever safe harbor status exists.


Quote from: SoLoGHoST on April 04, 2012, 01:10:45 AM
but than SMF Customization Team told me that this was a security issue that PM Attachments should not be able to be viewed because they were considered personal, which makes sense (even if the only people that could view them were the FORUM ADMINISTRATORS), which are the same people that it goes to when reporting Personal Messages,

Yes, but reports are actively sent by one of the parties to the messages, not proactively viewed by those administrators.


Quote from: SoLoGHoST on April 04, 2012, 01:10:45 AM
but than they say that the Owner of the site is responsible for the content on the site so you can't allow it to be uploaded without some sort of reviewing of the files to be sure they are appropriate for your site.  Both of these contradict each other, cause you just can't satisfy both of these at the same time. 

Nope, you can't. That doesn't mean that they are contradictory. PMs should be as private as possible, and administrators will have problems if a file in those has some legal issues.

PMs and their contents should be private unless one of the parties chooses otherwise. Attachments use up space and should have the ability to be reviewed if needed. Therefore, attachments in PMs is a bad idea.


Quote from: SoLoGHoST on April 04, 2012, 01:10:45 AM
Here's the problem...  A Grudge against my Mod!  The demand for it was too great...  So many people requested it, and I made it first.  Even SMF's own Customization Team members and others talked about creating it in certain topics where it was requested...  BUT NOW...  Believe it or not, they have a problem with it!  Let's try to rationalize a way to say it is not wanted without actually saying that, shall we??  Let's try and create a problem that we can pass as fact to everyone.

I honestly don't think it's about you. Besides, you can always post your modification elsewhere. It's not like you're being prevented from doing it anywhere.
Motoko-chan
Director, Simple Machines

Note: Unless otherwise stated, my posts are not representative of any official position or opinion of Simple Machines.


Advertisement: