Beefy Boxes and Bandwidth Generously Provided by pair Networks
The stupid question is the question not asked
 
PerlMonks  

How about a "reclaim your post" feature?

by Anonymous Monk
on Jan 25, 2015 at 22:47 UTC ( [id://1114478]=monkdiscuss: print w/replies, xml ) Need Help??

We all know that posts sometimes accidentally get sent from Anonymous Monk because the user's session got logged off. But presumably we still know what IP-address it came from, and that these are likely to be fairly-unique. How about a feature that lets you reclaim an anonymous post that came from your IP? One positive experience-point would be deducted, total not less than zero, so that you could not upvote a post (to find out what the XP count is), then adopt it to promote yourself to the papacy.

Replies are listed 'Best First'.
Re: How about a "reclaim your post" feature?
by Your Mother (Archbishop) on Jan 25, 2015 at 22:57 UTC

    Sounds like a good idea though I rather think it should go through a consideration stage since IPs are not good security. Please post your proposed patch for the change to this thread and include it <readmore /> if it’s lengthy.

      Sounds like a good idea though I rather think it should go through a consideration stage since IPs are not good security.

      Um, how about a Cryptographic nonce? Like Plack::Middleware::CSRFBlock but using Session::Token

      And after posting anonymously, there is a form with a nonce and a submit button of [LOGIN AND CLAIM OWNERSHIP OF THIS POST YOU JUST MADE] that way there is IP nothing ... you made an anonymous post, great, own it immediately or you can't own it

        Excellent++. Stacking it such that signing in doesn’t drop it would also be a good idea. Or IP + User Agent string + time limit HMAC or something would’t need a cookie/session at all and make it such that a “replay” attack wouldn’t work in … 10 minutes (based on post time) or so. More secure than the login under HTTP. :P

Re: How about a "reclaim your post" feature?
by choroba (Cardinal) on Jan 26, 2015 at 17:22 UTC
    We all know
    Do we? It has never happened to me. I noticed it reported, though, by some users.

    BTW — was  t h i s  very post submitted in the “indicated way”, as well?

    لսႽ† ᥲᥒ⚪⟊Ⴙᘓᖇ Ꮅᘓᖇ⎱ Ⴙᥲ𝇋ƙᘓᖇ
Re: How about a "reclaim your post" feature?
by chacham (Prior) on Jan 26, 2015 at 14:36 UTC

    If the post was made by mistake, this sounds like a great idea. However, this can then be used for other reasons too.

    For example, say you have a controversial post and want to know how it will be perceived. Posting anonymously is an option, though the user gives up the right to mark it as his own. This idea would allow people to claim it if it is perceived well. That is, anonymous posting becomes an "insurance policy" against negative experience.

    Second, this can lead to a malicious use, where someone posts anonymously and a second person claims it for him, say, when he walks away from his desk.

    There are other cases where this can be used negatively. But, it is a good idea.

    Let's examine this for a moment. There are two reasons post anonymously. One, unintentionally, such as they forgot or are too lazy to login, they followed a bad link on the site which logged them out, or they didn't have access to their password, such as if they forgot or if they are using a different browser or computer.

    Two, intentional. The user wants to post anonymously.

    In the fist case, making it easier for users to reclaim their post is a great idea. In the second case, reclaiming a post is more controversial, especially after any up-votes. Whatever is done--if anything at all--it must take both of thee cases into consideration.

    Perhaps a user should be allowed to reclaim a post only when it has not been up-voted, no replies have been made, and it is within a certain time frame (such as 10 minutes.) This would negate a case where the user is "testing the waters". The time frame helps on a smaller scale, that is, noone took the post negatively, but noone took it positively either, which means the post can be claimed without negative impact.

    Perhaps it can be taken one step further. If the time frame has not yet passed, but the post has been up-voted or replied to, the user can claim it, but not receive any positive benefits of up-votes. Also, it would be duly noted that it is a claimed post.

      That is, anonymous posting becomes an "insurance policy" against negative experience.

      It can also become an insurance policy against positive experience -- reclamied posts gain no XP :)

      Second, this can lead to a malicious use, where someone posts anonymously and a second person claims it for him, say, when he walks away from his desk.

      This is not so much important I think (if your desk is insecure, well, not perlmonks problem)

        This is not so much important I think (if your desk is insecure, well, not perlmonks problem)

        True, but it's something to keep in mind when considering a new feature. PM, obviously, can't take responsibility for an insecure desk, but it might be able to help.

Re: How about a "reclaim your post" feature?
by sundialsvc4 (Abbot) on Jan 26, 2015 at 18:01 UTC

    Aye, I take credit for this thread.   I just couldn’t resist the temptation to post it anonymously.   :-D

    And the use-case basically is mine.   “IP-address” is a form of fairly-unique identification (meant only to keep someone from swiping Anonymous posts by someone else, when they’ve accumulated enough positive-XP?).   Sure, it might be reasonable to require “consideration,” but I’m not entirely sure that it’s necessary for the use-case that I am thinking of.

    The use-case that I am thinking of, of course, has to do with a recent comment that I made to a Meditation, and in fact was(!) able to Update (as “my own”) several times, when, suddenly and unexpectedly, I was no longer logged-on and(!!!) the post that I had been editing suddenly had become(!!!!) anonymous.   I’d like to recover from whatever PerlMonks session-handling bug this might have been, and to reclaim my post as my own.   (No matter what XP it might have accumulated ... I’ll take my lumps if there be any.)   In particular, I’d like to reclaim the ability to edit it.

    And that’s all.   That’s my use-case; nothing more or less.   I don’t care about XP here, one way or the other.   I want to compensate for the negative effects of a PM web-site bug which happens occasionally.   Since I do not myself stoop to manipulation of XP through exploitation of the Anonymous Monk disguise, concerns about this angle are of no interest to me ... and I would like to have the feature without delays or complications caused by “XP-proofing” it.

      We all know that posts sometimes accidentally get sent from Anonymous Monk because the user's session got logged off.

      …fairly obvious. Why I replied with snark, asking for a patch, knowing that the poster would never deign attempt to write code to address this “known problem.”

      All you have to do to prove this is a problem, or to allow someone to explain what you or your agent/env is doing wrong, is to capture your sessions here with a browser dev tool (even current IEs have a good one at this point) and then forward the info once it happens again. This is not rocket science brain salad surgery. This is Help Desk 101.

      If you tend to find yourself accidentally anonymous, make a small but noticeable change to your user settings. body { background-color: pink; } in your Display Settings / Stylesheet Settings / On-Site CSS Markup and you'll know right away whether you are logged in or not.

      Jenda
      Enoch was right!
      Enjoy the last years of Rome.

        > make a small but noticeable change to your user settings. body { background-color: pink; } in your Display Setting

        I think he heard this advice already a dozen times and will stay confident in ignoring it.

        To draw something positive out of this superfluous thread, why don't we activate globally a different default design (for logged in users that is)

        I volunteer implementing it, if there is a common consensus which design to choose.

        Or is this already active and I didn't notice?

        Update

        NB not for our OP, for newbies.

        Cheers Rolf

        PS: Je suis Charlie!

      I want to compensate for the negative effects of a PM web-site bug which happens occasionally.

      If you think there's a bug then raise a bug report. The correct way to handle a bug is to fix the bug, not to patch around the symptoms.

      Aye, I take credit for this thread.

      No, I wrote the root node. No wait, it was BrowserUk. No, it was paco.

      That's just not how it works: when you intentionally post anonymously you have given up right to reclaim your node.

      As for "accidential" logouts: You are the boy who cried wolf. You've already been advised that until you actually provide a real trace, real bug report, or real patch, you are indistinguishable from a troll.

      I don't care about XP here, one way or the other.

      Then why do I hear you are the star of Worst Nodes?

      "IP-address" is a form of fairly-unique identification

      No, it's not. The "unique identification" you are looking for is called "being logged in".

      And the use-case basically is mine.

      ...

A reply falls below the community's threshold of quality. You may see it by logging in.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: monkdiscuss [id://1114478]
Approved by Old_Gray_Bear
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others chanting in the Monastery: (6)
As of 2024-03-19 03:11 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found