The DU Lounge
Related: Culture Forums, Support ForumsDon't post malicious code or mess with the software.
Don't post malicious code or mess with the software.Do not attempt to intentionally interfere with or exploit the operation of the Democratic Underground website or discussion forums (eg. by "post bombing" or using any other flooding techniques, by attempting to circumvent any restrictions placed on your account by the forum software, etc.) Do not post messages that contain software viruses, Trojan horses, worms, or any malware or computer code designed to disrupt, damage, or limit the functioning of any software or hardware.
http://www.democraticunderground.com/?com=termsofservice
olddots
(10,237 posts)I get it some of you people are computer wizzes but knock off the goofy games .
Rove once suggested that disrupter's should hang out and build their post counts first... Most of the trolls can be regularly found in the lounge doing just that.
Tuesday Afternoon
(56,912 posts)just an attempt to try and explain it. Jurors are all the time excusing crappy posts in here because "it's the lounge"
If you can't beat 'em ... might as well join 'em ....
haha ...
that is my EXCUSE for participating in the threads in question.
Not my finest hour.
CaliforniaPeggy
(149,580 posts)It was an amusing exercise, for me anyway.
However, I do see your point.
NYC_SKP
(68,644 posts)steve2470
(37,457 posts)If Skinner is going to strictly interpret the TOS, then yes, we all need to post "normally".
I get a geek/nerd kick out of NYC_SKP's and Make7's threads. I admit to a tad of annoyance from both of them but I was the one trying to figure out the mystery in both. It was my own fault I got a tad annoyed.
Whatever Skinner says, I'll abide by, of course.
NYC_SKP
(68,644 posts)No viruses, worms, no disruption or damage or limiting of software functionality.
A post with no subject line, and one that sends you to your journal, does none of these things.
cliffordu
(30,994 posts)Some people really get bent out of shape for not being able to play.
Or smart enough to figure it out.
My cat had to do it for me.
bluesbassman
(19,370 posts)cliffordu
(30,994 posts)surrealAmerican
(11,360 posts)It was not a virus, or in any way capable of damaging anyone's computer.
Just like any other post you find annoying, you can just avoid clicking on it.
First this, next thing it's "ghost kicking" again. It's juvenile and I'm prone to consider it an exploit, a fun exploit but nevertheless outside the ToS.
Further, we don't know what havoc it's creating server-side.
olddots
(10,237 posts)like a vampire looking at a mirror well I laughed because it keeps me on my internet toes and didn't get hurt plus I learned some stuff.
In_The_Wind
(72,300 posts)Chan790
(20,176 posts)ConcernedCanuk
(13,509 posts).
.
.
If one was really concerned with the security on this site, I believe they should PM the Admins;
not shove it in their face as to what one of over 200,000 members can do to this site.
Certainly not educate others as to how to accomplish it.
There are lurkers here for over ten years.
As there are "sleeper units" in the USA.
It's easy to check out (lurkers)
No posts in over ten years? - yep -
some forgot they ever joined,
but not all of them;
no way.
CC
Baitball Blogger
(46,699 posts)I know what NYC SKP did. Was there a copycat?
NYC_SKP
(68,644 posts)Posted a really cool post that sends people who click on it to their own journal.
Locked now, this would have been the link: http://www.democraticunderground.com/1018469361
pinboy3niner
(53,339 posts)Lady Freedom Returns
(14,120 posts)Dr. Strange
(25,919 posts)Look, if you don't want me to email you pictures of nude clowns bathing in Cheerios, just say it.
Lady Freedom Returns
(14,120 posts)madinmaryland
(64,931 posts)Or I will post a picture of Geddy Lee and TZ naked tebowing!! Wait, didn't TZ do that already??
Dr. Strange
(25,919 posts)Something to do with her religion.
madinmaryland
(64,931 posts)Make7
(8,543 posts)My 'Post' thread wasn't just a prank - I was actually trying to make a nuisance of myself so they would fix this potentially disruptive error.
If posting a link to someone's own journal is malicious then everyone seems to have malicious links in all of their posts - click on someone's user name or avatar in any of their posts and where do you end up? Those aren't labeled as links to someone's journal either.
Whether typing and/or copying standard text characters into the text entry fields and hitting the [div style="display:inline-block; padding:2px; border:1px solid #999999; border-radius:0.2308em; background-color:#eeeeee;"] Post my reply! button can be considered messing with software is debatable. Annoying, probably. Incentive to use the Trash this thread or Ignore features of the DU3 software, quite possibly (they disabled showing us how many star members are ignoring us, so I can't report any recent increases).
I thought I was actually doing something relatively innocuous - first to see if the software would actually let me, and when it did to highlight that it needed to be fixed sooner rather than later. The problem is that ANY html tags could be inserted into thread/reply titles and then be loaded for every page that title appeared on (the thread itself, the forum listing, the latest page, and even the greatest page).
I did a test (which I deleted) to see what html code I could fit into the 100 characters of a title - guess what I discovered? I could link to an external script which would load and run on any DU page that the title would appear on. If I can run a javascript file from an external site without any size restrictions, what on that DU page would I be prevented from messing with - pretty much nothing. The possibility for mischief in changing what was displayed and/or linked to on that page would be almost unlimited.
If DJ13 hadn't made a typo in one of his titles and if NYC_SKP didn't copy it as an OP in here, someone might have stumbled upon that bug and figured out a way to actually do things that were truly disruptive - they might even have done more than post a blank thread title or make a thread title link to one's own journal.
The hole is plugged now, so I guess we won't have to worry about it anymore.
Ptah
(33,024 posts)so they would fix this potentially disruptive error.
I might have done the same, if I thought the DU admin was unresponsive to suggestions,
or had a pattern of ignoring members concern.
It seems the same fix could have been accomplished with a private message to the admins.
It appears that you felt it was necessary to 'rally the troops' for admin to respond.
And I am glad that the error has been repaired, for that I thank you.
Make7
(8,543 posts)Last edited Thu Sep 5, 2013, 06:33 PM - Edit history (1)
Not even the Admins before they locked it.
[hr]
First off, I had to actually post my thread to see if it really would change the link in the forum listings. Once I saw that it did I had to decide whether to leave it up or edit/delete it. My leaving it was in part due to the Admins seemingly inconsistent mechanism for fixing reported bugs. (Lord knows they are busy people with a lot of stuff to deal with running this site, so sometimes things get lost in the shuffle.) Quite a while ago I sent Elad a message about an issue that could only occur when a post was viewed in a thread - that one hasn't been fixed yet.
And I am still confused about the problem with https:// links here - they still don't work unless you put them in a [link] tag. There were more than a few threads about that issue over a time span of many months in Meta-discussion and then in Welcome & Help - when someone asked about secure links in Ask the Administrators they did address it but it didn't fix the actual URL of the link, just the displayed text. Does this take you to YouTube over a secure connection?
https://www.youtube.com/
Wouldn't you expect it to?
I did notice that when I posted a reply in an Ask the Administrators thread which I wasn't supposed to be able to post in, the issue got fixed in less than a day. So I guess my decision to leave the 'Post' thread was based on what I thought would be likely to get the issue addressed as quickly as possible. If someone had asked me to edit/delete it, I would have changed my post and then sought an alternative way to stress the importance of plugging that particular hole.
I sometimes forget that some people that don't know much about computers can get worried when things don't act as expected and think they might have some virus or malware (although I can't think of any purpose for malware to redirect someone to their DU journal - especially if it's empty). But this bug of allowing html tags in post titles could have been a goldmine to a malicious intruder - so some discomfort to get it fixed is probably well worth it when one considers what possibly could have happened. Imagine what you could do if you could run an external script on every page a thread title appears on - the thread page, the forum listing, the latest page, the greatest page, and even the home page. Yikes!