Forgot your password?

Comment: Re:Tedious story already OBE (Score 1) 253

by Anrego (#48217473) Attached to: We Need Distributed Social Networks More Than Ello

It honestly was a bunch of guys without any idea of how to build a good, secure, scalable application trying to build one.

Pretty much this. They should never have gotten the amount of attention they did. Had they not been obligated at that point to produce something, they probably would have realized they were in way over their head early on.

I gotta give it to the guys for coming up with the idea

There have actually been several attempts at this. Obviously many have come afterwards as well. There's actually a wikipedia article listing them:

and open sourcing the protocol

They screwed this up. They didn't so much design a specification and get community buy in as just start coding and released what they had. Again, inexperience shows.

and generating the hype

This is the one thing they did right! In addition to raising a shit tonne of money, they got people not only talking about an alternative to facebook, but mainstream news was actually talking about what exactly a "distributed social network" meant and why someone might want that. What they really needed was one or two people who knew what they were doing on their team (someone who knows security and someone who knows how to develop a specification). They had a lot of energy and were very good at projecting that enthusiasm, they just didn't have the skill set to deliver.

Comment: Re:Tedious story already OBE (Score 1) 253

by Anrego (#48215997) Attached to: We Need Distributed Social Networks More Than Ello


I already made a fairly lengthy post about this above, but for advertising security as a killer feature, it became very clear that they had no clue what they were doing. It wasn't that they missed a few bugs, it was that their fundamental design didn't incorporate anything more complex than "check if the user is logged in before doing stuff". You can't just fix that.

Comment: Re:Tedious story already OBE (Score 3, Interesting) 253

by Anrego (#48215967) Attached to: We Need Distributed Social Networks More Than Ello

Needed a bit of polish, but definitely promising. Never got the critical mass though.

Understatement! Diaspora was a complete mess.

Security was the problem everyone focused on. Good security is built in at a foundation level and a fundamental component to the entire design and implementation.

Generally when you are talking about a secure application, you have a primitive layer which does authentication and data access, and a layer on top of that which provides logic and user interface with all data access going through that first layer using some kind of authentication token. In this way, a small bug in say, the image upload script, won't let you do much because all operations through the primitive secure layer require an authentication token, which limits the scope of what those operations can do (to say, the logged in user).

Shitty security, like what diaspora had, basically does checks at the top layer (is this user logged in? good.. run this query!). The problem with this is that a small bug _anywhere_ gives you full access to _anything_, which is precisely what was happening. Sure you can patch those small bugs as you find them, but there will always be more.

In other words, it wasn't that diaspora had some security bugs or needed some polish, it was that security wasn't an integral part of the software, which can't really be fixed without a complete rewrite.

The less focused on problem was that the thing wasn't built to a specification, they just kinda started coding it. If you want to build something open and interoperable, that's not how you do it!

And then the main problem was that it had no killer feature to attract users. It did what the other two established offerings did, except without the established user base. Being full of security holes and having no api arn't really thinks most users care about, yet it still failed to gain any kind of adoption.

I honestly felt kind of sad for the team (one of whom apparently killed himself, possibly over stress of the whole thing). They were all very inexperienced, and we've all at some point said "hah, I could write a better <something> in a few weeks!" at that point in our careers. Usually we take a crack at it, realize we are in way over our heads, and it dies quietly. These guys got a shit tonne of attention, were obligated to produce something they didn't have the skills to produce, and then basically crashed and burned before us all.

Comment: Re:"fun" (Score 1) 131

by Anrego (#48177569) Attached to: Snapchat Will Introduce Ads, Attempt To Keep Them Other Than Creepy

Effective as advertising, not effective at generating profit.

I get that there's a reason generic "targeted" advertising took over. Arranging rental of ad space on a website was a pain for both parties and a much higher bar for entry than copy+pasting some code. This combined with the ongoing death of the topic specific website ensure the days of a website owner hand picking advertisements they think their audience might go for are probably not coming back.

As far as the advertisements actually generating effect, I think the old way was way better. Companies like google are succeeding on pure scale.

Comment: Re:"fun" (Score 1) 131

by Anrego (#48177359) Attached to: Snapchat Will Introduce Ads, Attempt To Keep Them Other Than Creepy

There actually was a time, when sites hosted their own ads, and advertisers payed a flat rate! You'd see the same ad over and over again, sitting their in the corner.

If it was interesting or confusing, eventually you'd break down and _have_ to click it to find out what the hell they were even trying to sell. At the very least if it was interesting it stuck in your head.

I actually think this was far more effective than all this targeted advertising we've got now.

Comment: Re:Bleh (Score 1) 131

by Anrego (#48177273) Attached to: Snapchat Will Introduce Ads, Attempt To Keep Them Other Than Creepy

I have no idea, but I'm not a creative person!

I tend to lean towards the "pro version" model of funding as long as the free version isn't totally crippled and they don't start moving free functionality to the pro version. Come up with some neat but not essential extras (I'd probably pay money to be able to group contacts together and send snaps to "everyone in group 'work friends'") and there's probably plenty of people like me who's buy it.

Comment: Re:It's not a bug, it's a feature!! (Score 2) 131

by Anrego (#48177249) Attached to: Snapchat Will Introduce Ads, Attempt To Keep Them Other Than Creepy

Key word is: supposed to.

Yes we all know it would be trivial to store every bit of data that goes through that service. There's no end-to-end encryption mechanism that I'm aware of or anything else that would prevent them from logging everything.

But there service is still predicated on their insistence that they don't. To sell advertising (especially if they sell it as targetted advertising) or to show targeted advertising to users (hey, I talked about dildo swings the other day, and here's an ad for one, what a coincidence!) would basically be admitting that they do keep stuff, which would probably cause an epic shitstorm.

Comment: Bleh (Score 3, Interesting) 131

by Anrego (#48177183) Attached to: Snapchat Will Introduce Ads, Attempt To Keep Them Other Than Creepy

Handful of friends and I use snapchat mainly to send stupid shit to each other. It's kinda fun, but none of us are really using it to chat or anything.

I might have considered paying a buck or two for the app (we've had some fun with it), but deal with ads, fuck that shit. The stupid random "live from Oktoberfest" shit that's been showing up lately is annoying enough.

I always wondered how they intended to fund/make money from this. I was kinda hoping for something more creative than "once it's popular, we'll show ads!".

Comment: Re:Hope! (Score 5, Informative) 519

by Anrego (#48169929) Attached to: Debian Talks About Systemd Once Again

I've used gentoo for a long damn time, so my ability to objectively gauge it's difficulty is probably long gone.

That said, I for one think gentoo has gotten far easier to install and especially maintain. The default profiles are no longer the joke they once were, and most packages are using more generic high-level use flags so you have one --with-feature-x instead of the old --with-compat-mode-z --with-doublefork --with-some-other-unrelated-but-required-flag type stuff you had years ago, which translates into much simpler USE flags. You can actually leave make.conf relatively untouched and still end up with a decently functional system, especially if you want a desktop and go for one of the desktop profiles.

Portage is also a lot smarter these days, being able to resolve many issues that it previously would have died on. When it does run into problems, the descriptions these days are much nicer than before!

I'm being completely honest when I say that systemd has been the first major gentoo headache I've had in a while. Everything was just dandy then suddenly I'm having to switch packages around (udev being the big one), and having to blacklist udev and systemd because so much random shit pulls them in (and a -systemd use flag isn't enough), and then uninstalling a bunch of random packages (like some power management widget that got pulled in by god knows what for some reason).

I know you've probably written off gentoo at this point, here's a completely random bit of usage advice:

- Set use flags as you need them, even if this means re-installing the same thing multiple times. This avoids big important packages being pulled in as mere dependencies (though you can add them to the world list afterwards) and more importantly lets you set up and configure everything one at a time and makes it more likely that you'll notice error messages.
- Don't be afraid of package.keywords, especially for very specific use flags.
- Avoid gnome if possible. I don't know wtf it is with gnome, but it seems to be the poster child for weird and hard to diagnose issues as well as crazy dependency trees.
- Pay attention to what virtual packages are doing. Usually they are in your best interest, but not always.
- Don't bother using ebuilds for web apps

Nothing is more admirable than the fortitude with which millionaires tolerate the disadvantages of their wealth. -- Nero Wolfe