Labor Day:
In observance of Labor Day (a federal holiday in the United States celebrated on the first Monday in September) I am hereby inviting the SoylentNews editorial staff to enjoy a three-day weekend — Saturday, Sunday, and Monday. Stories will be scheduled and released on a weekend-story-spacing schedule. The holiday marks the unofficial end of summer and it often marked by parades, sales, cookouts, and the like.
These volunteers give selflessly of their spare time to try and make sure we keep the stories coming. Please join me in thanking them for their generous sacrifice of spare time and experience to keep those stories coming!
Tor:
(short for The Onion Router) is in the process of rolling out an updated protocol. ThIs update is NOT compatible with prior versions. SoylentNews has had support from the early days of the site (thanks to NCommander, IIRC). As nobody on staff has experience in this area, our support will cease at any time - the TOR site is saying October. It was laudable at the time. Unfortunately, its more recent use seems to have been primarily by spammers. As such, we could lose access to Tor at anytime as our network "neighbors" either upgrade or find themselves no longer "adjacent" to back-level versions like ours is. You can still access this site using TOR with our normal URL.
Sock Mods
We have been methodically identifying and shutting down sockpuppet accounts. These are NOT allowed. Attempts to bypass the will of the community by controlling multiple accounts is forbidden. One user, one account. Do NOT use another account (or accounts) to upmod one-or-more accounts that you control. If you do not like getting downmods, take a look at the comments you post. Sure, occasionally, someone might mis-moderate a comment by accident (heck, *I* have done it!) In our experience, such errors are generally rare and are frequently followed at some point by others, offsetting moderations.
So: "Sock mods" are being tracked. We are methodically investigating cases. Accounts are being disabled, and never in isolation. It takes agreement by at least two admins, and usually more, for any action to be taken.
If you are generally a positive contributor to the site, such impacts to your karma are usually just "line noise" in the grand scheme of things.
Mod bombs:
In a similar vein, if you disagree with someone, do not attempt to silence them by using multiple accounts to mod their comments down.
We have seen cases of both "mod bombs" and "sock mods". We have held back on taking action until we are certain. Any action taken is first confirmed by at least one other staff member. Complaining about moderation is OFF TOPIC and tends to get moderated as such.
Limits
We've previously tried to set concrete limits. "Give them an inch and they'll take a mile." I have personally witnessed cases where one account downmodded another account 4 times in one day. For ten days in a row! That was just enough to avoid getting moderations reversed, but certainly enough to show a concerted effort to moderate the commenter rather than just the comment.
This will no longer be tolerated.
Admins can see who has moderated whom. We talk among ourselves. We discuss cases that come up. It's pretty simple, really: "Don't be a jerk!"
(Score: 5, Informative) by janrinok on Monday September 06 2021, @12:38PM (2 children)
The TOR site suggests that, for now, the key length in use is sufficiently long to defeat easy decryption, but they do not think that this will remain the case in the future. They are extending the length of the key so that it remains secure for a much longer period
See also:
However, they do say "V2 onion addresses are fundamentally insecure." Read into that what you will.
(Score: 2) by jasassin on Monday September 06 2021, @01:04PM
Thanks! Good stuff!
jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A
(Score: 2, Informative) by Anonymous Coward on Tuesday September 07 2021, @03:50AM
From their mailing list:
To very quickly summarize why we are deprecating, in one word: Safety. Onion
service v2 uses RSA1024 and 80 bit SHA1 (truncated) addresses [1]. It also
still uses the TAP [2] handshake which has been entirely removed from Tor for
many years now _except_ v2 services. Its simplistic directory system exposes
it to a variety of enumeration and location-prediction attacks that give HSDir
relays too much power to enumerate or even block v2 services. Finally, v2
services are not being developed nor maintained anymore. Only the most severe
security issues are being addressed.