a y New AntiTroll Feature

Good stuff. This is really needed just by looking through yesterdays posts re. the DARPA funding. The serious OpenBSD userbase suffers, and negative opinions about the OS and the people using it gets more common as people act badly here. We have been compared to the Amiga users, which is not very flattering in my book. So everyone.. read up on how to advocate OpenBSD properly , and wise up.

The privacy concerns were not taken lightly. Jose and I exchanged many emails arguing this point. It was not something we wanted to do.

here in spain, Telefonica puts transparents proxys between us and the world, in slashdot some proxies was banned because they thought it was malicious ip.

if you want to use the original ip you must use IP-Client or Ip-Forward-to fields but here present a problem, what happens if i am in my office and i have a proxy to surf because i dont use nat :?
I supose you would log an internal ip if you use that,

I only want tell that "thanks" to our provider we are getting into troubles and i spect no one in spain make trolls here.

see you

Interesting concept and I hope it works.

I'd think of all forums in the world where someone might know how to use a spoofed IP or know how to access any of the hundreds of free web proxys on the internet to hide their IP an OpenBSD forum would be one of the most knowledgable.

It's a tough problem and unfortunate the trolls are causing so much annoyance. It seems like perhaps a better solution would be to require registered user accounts with passwords, etc, so the good accounts with several productive posts could be differentiated with the brand new account with 1 or 2 troll posts. I realize this type of system would probably bug a lot of people though, and also (perhaps) take considerable time for the website to reprogram and implement.

It's an unfortunate problem.

Not sure if that would work. Bad comments may continue for a while, less the IP posted is for an unprotected system. :)

I remember when another *BSD message based web site, started posting the IP. I never agreed with the owner of that site, and know others who stop viewing the site, for simlar reasons. Rude, and unkind comments towards various persons and products, were common place there. Most of those comments at the time I stopped reading the site, were towards those who bad english for various reasons. The owner of the site removed posted comments, even edited and reposted the messages. I wish him and them a lot of luck.

I liked your last paragrahp a lot.

This site has been very helpful, and fun over the years, and hope for it to continue. Just rememeber, you own the site, and you can controll it in any way you want. If the readers/users/clients do not like it, they can go elsewhere.

-- Cindy

Jose, this is utter nonsense! I personally emailed you about this some time ago and suggested a registration system much like Slashdot whereby users log in and register themselves.

This is a crappy approach because a better approach exists. Nobody wants their personal details posted to a public forum, and your shooting OpenBSD in the heart!

Is this idea non-obvious? Because I really really can't emphasise how much I think it's a bad and wasted idea, although I do understand the theory behind it, I just believe it's utterly the wrong approach.

(note: posted through an anonymous proxy, otherwise I wouldn't post at all--I don't plan on using an anon proxy everytime I feel like posting)

As a stop-gap measure, you could display the address, save the last octet... That, at least, provides a reasonable amount of privacy for legitimate users. After all, most people have dynamic IPs anyhow.

Personally, I would rather put up with the trolls than have this happen... Something better must be an option...

Yeah, like the trolls can't find anonymous proxies to post through...

http://www.atomintersoft.com/products/alive-proxy/proxy-list/

I would ensure you publish the proxy added fields too, and maybe reverse DNS for them.

If people think that a IP address is "personal information" they are pretty weird as best.

You could, of course, just force known-troll IPs to be moderated, or even just allow any non-troller to 'gag' a known troller IP.

The possibilities are endless, but I doubt just posting an IP will help any, unless you start blocking that IP, or at least demand that posts from that IP are registered users with verified email addresses.

Good luck either way.

Dom De Vitto (217.169.21.114, aka dom.devitto.com)

What we need is trolld, to populate a pf table.

This is a terrible, terrible idea. You're effectively encourage vigilante justice on the Internet (any trolls will use a proxy), which is a BAD idea. It's also an excellent way to encourage people to attack those who might have an opinion that differs from their own (and we KNOW no one around here would fly off the handle with little provocation).

I'm not an admin but have been working to learn OpenBSD over the past two years. OpenBSD Journal has been a tremendous help to highlight important issues and provide perspective regarding ths OS and the community. The stories, comments and links have proved invaluable to me. I've clearly noted a change in the past year or so due to negative and unnecessary comments that don't help anyone. Sometimes it's necessary to spend time filtering through the noise just to find what is of important. The people who work on OpenBSD and dedicate their time to supporting the OS in all the ways it happens are what makes OpenBSD valuable. I was drawn to the project because I saw an organized project with a unique product and process to improve and develop it. To have expectations that everyone will agree and if someone doesn't agree with me I'm going to degrade others just doesn't do justice to the community or the OS.

My point? There is so little time in life we don't have time for anything other than quality and accomplishing something of value. I probably don't agree with everything that Theo and the team do either but I would lose far more by complaining and trolling than using what is available to the best extent possible. I promote OpenBSD where I can and I hope the community sticks together and works for the common goal of improving it, using it to the best extent possible, and enjoying the opportunity to work together.

OpenBSD Journal became a victim of Slashdot Trolls(patent pending?), and you(Jim and Jose) make a hasty decision that has a negative impact on those who post on the site daily.

take a breather. you have had 48 hours of time to dwell on the issue, and you decide to expose everyone to hostile retaliation if unpopular statements are made. give the thought 7 days to settle in your mind and come to a rational conclusion instead of having emotions drive you to an inappropriate decision.

try approaching a significant other with the situation and have them suggest a solution. the more choices, the better.

Jim, Jose, you have just made everyone possible victims to the 'Appeal to Force' fallacy. shame on you.

all in all, the decision is a poor one and does not solve the problem.

Let's see how this affects the quality of posts.

If this doesn't work, try something else. Maybe this, combined with other practices might do the trick.

Trolls generally thrive on exposure and conflict. Why not simply delete obvious trolls, and any responsed to them??

Man, those verizon.net trolls are annoying little sh*ts!

And I've been wanting user accounts at deadly for ages.

Surely, we could just use user accounts and a slightly modified moderation system that allows moderating the trolls into oblivion?

My beef against /.'s moderation system is that people who can moderate on a subject are only those who have not spoken under that story. The problem with this is that the type of person qaulified to make a reasonable, educated moderation, is more likely to be talking in that story as opposed to moderating it. So this leaves moderators who DON'T KNOW WHAT THEY'RE TALKING ABOUT (thus "these moderators are on drugs")!

How about /. style moderation where there are no AC's, any user can moderate at least once on any post (except their own), even if they've posted in that story and moderation points on posts that don't "go down in flames with just two points".

And how about moderation weight that increases with a moderators own "Karma"? So that troll accounts have less moderation power than people who have a lot to contribute?

Posting the IP will only hurt genuine users and not phase in the slightest trolls.

Showing users' IP won't help, neither disabling anonymous coward.

In my opinion, a troll is fun to read and useless to answer.

Have you considered a troll tagging feature (votes, J&J's will, whatever) ?
- People who laugh when they see a troll just laugh and pass to the next serious message.
- People who do not understand see the tag and do not write what I consider silly and sometimes truly intolerant replies.

Well if you go to Slashdot, and tweak your settings to display only +5 posts, it's like you're on a different site (as opposed to viewing all comments there)

What this community needs is A group of moderators, selected by the site owners, and then submoderators, that are created out of registered users that have posted comments the community and moderators have considered helpful.
Want to make sure that both moderators and unregistered visitors get a say in whether a comment is positive or not?

Easy.

Just insert some extra cells into the karma database, and allow a separate score for registered users and anonymous users. I.E. unregistered people can vote as well- and two separate scores are kept.

THis is important- some people will not want to register, but will be interested in moderating. That way, if someone wants to see what unregistered users have to say, she will just have to select out of three options

1)sort comments by moderator score 2)sort by anonymous score
3)sort by both
Am i brilliant or what?
Please notice that the computer i'm posting from is not even mine. I 'borrowed' someone elses. I'm actually across the globe from this computer right now.
Get my point?

It reminds me of this citation :

"They that can give up liberty to obtain a little temporary safety deserve neither liberty nor safety"
- Benjamin Franklin

The funny ( or sad ? ) thing here is that citation is being advocated by OpenBSD itself ( Crypto Globe shirt ... ) .

What should be thought about it? Maybe you do not consider your IP as an important element of your privacy, but then what? your location? your nationnality? .. ok, I may be be paranoid... but still, I don't feel confortale knowing my IP being told to everyone. And since OpenBSD users are supposed to be security aware, don't they have the best tools (as experience) to do some damages...? ( by the way, i'm pretty sure this has been taken in consideration and considered as one of the best ways to threaten scared trolls ).

Also, I know jose puts a lot of time on this site, and that, being a maintainer of the site, he can do whatever he wants, but couldn't this kind of decision be made by the community? Making a poll, allowing a single IP per vote , or voting by email, I don't know, maybe other ways exist.

As one mentionned, why bother with trolls? by reacting like that you give them an eay win.

An what defines a troll? maybe we all have been considered as trolls by persons not were not agreeing with us, but isn't that what free talk is all about? I find it quite sad that people advocating "Free code, Free speech" doctrines fall in the trap of censure. As I do believe that this will affect people postings, and it could make more damage the interesting ones.

Am I the only one thinking like that?

Just thought I would provide a link to a recent post which probably prompted this.

http://www.deadly.org/article.php3?sid=20030417082752&mode=flat

In it essentially two guys go back and forth for quite a while, one of them being an AC and the other not being one. Regardless of your position on the issue, it does get a little annoying when two people take over a dicsussion like that.

So no, it is not (entirely) about the recent slashdot post and the trolls that will inevitably come.

while i think this will help the troll problem, i think accountability these days on the internet is not always a good thing.

logs for monitoring a system are one thing, but storing them for too long is asking for trouble these days

Perhaps what is needed is a veil. People need to register a persona and when they post anonymously it can still say anon, but in fact still gathers moderation points for the author because they are still registered. The slashdot filtering on moderation values is a good direction to go though I have my doubts about that particular implementation. The biggest problem with the /. system is probably (though I don't have analysis to back it just a feeling as a regular reader) that it drifts towards a rut in which the same old opinions get heard and the original new thoughts from the minority are too often drowned out. A little like life I guess.

Why not take take an md5 checksum of ip address and a constant secret concatenated. Then post the first 10 characters of the checksum. This would provide as a means for recognizing posts from the same IP address without the privacy concerns of actually releasing it.