Jump to content
OpenSecurity.global
  • Recently Browsing   0 members

    No registered users viewing this page.

Recommended Posts

I think I am just Quentyn - then again there is only 1 of me 

Just now, Quentyn T said:

I think I am just Quentyn - then again there is only 1 of me 

gah i am Quentyn T it seems :) 

Share this post


Link to post
On 7/19/2019 at 5:25 PM, Kevin Beaumont said:

@Quentyn T, are you okay I change your name to full name?

apologies for the delayed response not an issue at all 

 

or can i be just Q... like Mace Windu and his purple lightsaber 🙂

Share this post


Link to post
12 minutes ago, allison nixon said:

someone's mother clearly named her child "dark overlord" but i'm not going to judge

Funny, that’s what I call my 6 year old daughter!

Share this post


Link to post
1 minute ago, Ian Chisholm said:

Funny, that’s what I call my 6 year old daughter!

you are a good parent. One day she will grow up into an administator with a user id of 1

Edited by allison nixon
  • Haha 1

Share this post


Link to post

Is it possible (and desirable?) to perhaps redact displaying surnames to readers who aren't logged in?

  • Like 1

Share this post


Link to post
6 hours ago, Alan Coo said:

Is it possible (and desirable?) to perhaps redact displaying surnames to readers who aren't logged in?

I don’t have an easy way of doing so, unfortunately - plus it would get confusing as there’s multiple people with same first name. 

Share this post


Link to post

For me, an avatar usually ends up being the main identifier for people I'm familiar with.

That said, no way to do it means that option is off the table. 🙂

For full names, my concerns are only twofold: abuse (survivors or just avoiding stalking) and having comments tied to an employer.

General anonymity is important to me, and abuse of that trust in an invite-only environment comes down to admin moderation. Open environments always break down due to all-allowed user input, but more closed environments are all about admins.

  • Like 1

Share this post


Link to post
24 minutes ago, Nicholas L said:

On that note, it doesn't seem to have a place to add the last name?

Fixed it for you 🙂

Share this post


Link to post

I've generally been messaging people to enforce the real name policy, but I've just deleted 5 accounts where they haven't replied or I haven't had time to message them - if you registered with only a first name or a nickname and I deleted you, please get another invite and use a real name.  Cheers.

Share this post


Link to post

Who is doing the verifying that people are using their real name and not John Doe?

What is the reasoning for having a real name policy?

It matters to some of us, especially for the tone of "open" security.

With proper moderation, it shouldn't matter what names people use.

Share this post


Link to post

Just a choice while getting the thing of the ground basically, I’m sick of Twitter where people with anime avatars are attacking each other. 

Share this post


Link to post

Oooh, as large forum owner for 20 plus years and worked for one the the UKs biggest commercial moderation providers for 5+ years,  this is a pet topic of mine. Buckle Up 😄

Once a forum hits a certain critical mass, you've lost control and the best moderation can provide is damage control and all hope of significantly shaping how that community behaves is lost. 

Whilst they are still small, the community feel makes forums mostly self-regulating, nobody wants to be the one that hurts the community and anyone that tries is soon ousted (either technically booted or simply ostracised). But as forums grow, the community feel is sadly lost, rather than simple expulsion, battle lines get drawn on grey issues, factions form,  moderators are soon seen as enforcers, police, censors, not helpful community members and some people turn up who just want to watch the world burn. Think that would never happen here? Well, imagine trying to "moderate" InfoSec twitter!

Now there are some things you can do to lengthen that "community" phase, most of it based around "reputation", we all work in the same industry and it's comparatively small, making being a dick on here potentially cause you reputational damage in real life can be a massive incentive to play nicely. Similarly the invite system contributes massively because nobody wants to risk their reputation by inviting somebody who later turns out to be a dick. Obviously these are just behaviour shapers, not controls as there isn't a person amongst us who couldn't spin up a credible alternative online persona in a matter of minutes, but these speed bumps to work expand the "community" phase of its lifespan.

The bad news is, I've never seen a forum grow beyond that size that hasn't turned into semi-toxic chaos, a battleground for keyboard warriors. For traditional forums the STW cycling forum is the nearest I've seen and weirdly Reddit, but that's because it's users so so compartmentalised into individual subs (and you know it's bad when Reddit is an example of "good"!) 

TLDR; At this size and whilst it grows, Real Name and links to real life personas are good mechanisms to exploit and moderation only needs to be very light touch. When it hits critical mass, nothing can save you, moderation will just make everyone angry for not enforcing their view of right/sensible/acceptable (so only effective for damage limitation) and if you're using volunteer mods, they'll start to despise the place. 
 

  • Like 2

Share this post


Link to post

I’ve run many large communities over the years and I’ve no worries on that front, Glenn - there are levers can be pulled to keep a community okay at scale. 

  • Like 1

Share this post


Link to post

Reddit has actually been pretty good these days as a standard, which is strange to say (and definitely will depend on which subs you peruse!).

As someone who's also managed and been part of plenty of communities over the past 25 years, +1 to Glenn for saying: "... rather than simple expulsion, battle lines get drawn on grey issues, factions form,  moderators are soon seen as enforcers, police, censors..."  This always eventually happens over some tangential topic. This is the part of user-supplied content that gets every community eventually (and at scale, is dogging current large social media sites).

To me, the best way to stave that off is, kinda like Reddit, having a tight enough control on the scope and topic of your community. If we shouldn't be talking about politics here, for example, then that gets removed. That's where a place like this has potential, as we're probably going to 95% of the time be talking about infosec-related topics and not "re-tweeting" politics or other charged news stories like Twitter. And in some Clubs that are offtopic, they still have a particular topic, which satisfies that as well.

So, that's what I mean by moderation: staying on topic, and cutting off the topics that shouldn't be around. And people can pick fights or post garbage whether they use real names or not (just look at the Facebook groups in the past year outed for their harassment and grossness). I'd just like to make sure good security folks aren't left out because a) they want to use a name they're recognized with here, or b) have an interest in not being stalked, or c) not want their opinions necessarily tied to/with/influence-by an employer.

Thankfully this isn't a scale like other places that try this, like Google+ (let's save it, they have a financial interest in knowing your real persona). If there's ever a group that should appreciate a little opsec or anonmity online, it should be infosec.

Just also want to say, thank you for the respectful, open discussion, which is all I intend my pieces to be as well. 🙂

Edited by Michael D

Share this post


Link to post

It’s definitely fun, the real name thing has generated a bunch of issues I expected and a bunch of things I haven’t. Same with the invite system. 

The way I look at it, the site isn’t for everybody, and that’s okay. As different platforms provide different things. I’ve thought about dropping both real names and invites, but then you basically become Hackforums. 

My hope with what we currently have is people use it to post content which helps others, and a majority of that is visible to all. Then as that grows, we invite more people to the point where it is easier to get an invite than not.

We may also get into a position where the site just dies of lack of interest (I think the most likely scenario), and that’s okay too - I like experiments. We’ll see what it looks like in a few months. 

Share this post


Link to post

For what it's worth, I like the invite-only process for now.

For longevity, it all comes down to, imo, two things. Continued advertisement of existence, and a core group that drives content.

Share this post


Link to post
On 8/7/2019 at 3:43 PM, Kevin Beaumont said:

I’ve run many large communities over the years and I’ve no worries on that front, Glenn - there are levers can be pulled to keep a community okay at scale. 

I don't doubt it 😄 

Share this post


Link to post

Got invited by my email used as real name. Have no problem with using my first name initial plus last name (or the other way around). However, can't edit my name on my own.

Share this post


Link to post
1 minute ago, scjepsen said:

Got invited by my email used as real name. Have no problem with using my first name initial plus last name (or the other way around). However, can't edit my name on my own.

If you post a ticket in here it will get fixed: https://opensecurity.global/forums/forum/57-private-support-forum/

Share this post


Link to post

Some people have used the one time name change to change to nicknames.  That wasn't the intention of the feature, which also had a banner describing why it is there.  If it keeps getting abused it will get removed.

Share this post


Link to post
2 minutes ago, James Valente said:

What's the solution for people whose real name is fewer than 10 characters?

Join with a bunch of numbers at the end, and I'll strip them off as I see 'em.  It was to stop people signing up as Dave and such.

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Members online now

    No members to show

×
×
  • Create New...

Important Information

We use cookies as we're cookie monsters. Privacy Policy