/meta/ - Ruthless criticism of all that exists (in leftypol.org)

>>44045
theres CP bots posting in siberia which goes to show these filters dont even work

>>44045
The vichan config is outdated, as i'm helping James encode the filter logic into a modular filter system. This system should compile a rating for a post based on multiple threat indicators, meaning operators will be able to decide with which granularity to block or hit users with a captcha and switch between various configurations on the fly.

Ideally boards will only use the system to block transparent bots, unless they need to fill a gap in moderation or they're actively under attack. In other words we're trying to do what cloudflare promises.

>includes blocks for all of *.ru, all of *.cn, etc
I've already separated the blocked IP-ranges into one for VPNs and another only for VPS hosting and similar commercial providers. Residential IPs should be unaffected either way.

>uses DNS-based blocks based on radlib DNS-check APIs.
I've looked through these lists and their data seems to be mostly collated from email spam reports and automated spamtraps. Do you know of any radlib-motivated blocks?

>>44046
AFAIK we're not in contact with the leftypol tech team yet. James is currently doing outreach on smaller imageboards.

>>44048
>Do you know of any radlib-motivated blocks?
No but OP in that post i linked is claiming RT and other .ru sites are blocked as well as many .cn sites, as far as i could tell? I come here to ask if this is true or not. i hope not.

>>44049
The fact i'm unable to post picrel is further proof leftypol.org isn't using our infrastructure. They probably still have the old d0llars filter on the tor node, because our filters don't indiscriminately block links, they only look for a configurable set of url shorteners and pastebin sites.

POSSIBLE EXPLANATION FOR WHY A WHOLE BUNCH OF LINKS SUCH AS RT LINKS AND X LINKS ARE SUDDENLY BLOCKED ON LEFTYPOL

To confirm the problem, try posting some random RT link (i.e., the Russian English-language news site). You'll receive a pop-up saying 'Suspicious post.' Keep the wording of this pop-up in mind. It's not wording that can be found in the site-independent leftypol source code:

https://forgejo.leftypol.org/leftypol/leftypol/search/branch/config?path=&q=suspicious&mode=exact

So it's likely come from a recent change to site-dependent files such as configuration files.

About a month ago, someone calling himself "James from netherchan" started appealing to admins/devs of vichan-based boards to include his configuration changes supposedly aimed at blocking CP. He first posted to sushigirl.cafe:

https://sushigirl.cafe/yakuza/res/1198.html#q1540
https://sushigirl.cafe/yakuza/res/1198.html#q1545
https://pastebin.com/raw/CFMd97uT

As can be seen from the pastebin, his configuration changes were strangely quite broad for anti-CP, including, for instance, TLD-wide blocks on all Russian *.ru and Chinese *.cn links:

'body' => '/\.(ru|cn [snip]
'action' => 'reject',
'message' => 'Suspicious post.',

All Telegram links:

t\.me|telegram\.me

All X/Twitter links:

x\.co

(Note that this also blocks the .com links.)

And so on. Note too the multiple instances of his custom message:

'message' => 'Suspicious post.'

There was no obvious RT block at that point, but he was continually making changes.

About two weeks ago, he created the following thread here on leftypol, using the name "James from the Internet" and claiming his suggested changes were solely to defend against "automated CP attacks":

https://leftypol.org/meta/res/43906.html

In it, he pushed for leftypol admins/devs to accept his configuration changes and appears to have established email contact with some folks at some point. Now, all of a sudden, generals like /ukr/ are getting their OP templates blocked because of matching filter links, requiring filter-evasion workarounds.

On his Twitter account (you can find it by simply searching Google for james netherchan), he engages positively with a bunch of Russophobes like Vatnik Soup. Relevant perhaps.

>>44055
>TLD-wide blocks on all Russian *.ru and Chinese *.cn links
I see what you mean. As i already said though, this config is outdated and James himself stopped using it on his imageboard. The leftypol mods never told us they were using it as well and if they were to get in touch with the github project, they would receive an updated configuration that is a lot more targeted and adaptable.

>>44049
I made that post. I can confirm that RT and X links are still blocked, but the tests I did for *.ru, *.cn, and at least one Telegram domain passed without blocks, so these filters likely got removed by someone along the line. (I'm maybe like, eh, 50% sure that a Telegram test got blocked for me around eight hours ago, but I can't reproduce that now…)

>>44056
Yeah, as noted in >>44057, I can confirm that the *.ru and *.cn filters haven't applied here on leftypol for any tests I've done. If you have access to the latest configuration, can you see whether there's an rt(dot)com block?

>>44058
We never had an RT block to begin with. I only see patterns for url shorteners, pastebins and various TLDs spammers could be using (which i personally find ill-advised) in our repo. If the leftypol mods banned other sites, because they're banderites or zionazis or whatever, then that's their thing to clear up.

>>44059
I can confirm that qt(dot)com gets blocked but not qy.com. It looks like someone may have unwittingly (?) created a broken filter somewhere.

>>44061 (me)
Found it:

|t\.co|

This filter directed at a Twitter shortener also blocks rt(dot)com, qt(dot)com, etc.

>>44062 (me)
So filters like t\.co and x\.co are problematic because they're going to match for all .com sites (not just .co) whose domains end with a 't' or an 'x'.

>>44062
>>44063
Sure, i can fix that. The solution is to surround each url pattern with "(^|[^a-zA-Z0-9-])" and "($|[^a-zA-Z0-9-])"

>>44045
I believe I saw the filters you are talking about. They were really aggressive, but potentially useful, so took only a few that looked like the less intrusive ones.
>>44052
>leftypol.org isn't using our infrastructure
I don't even know what infrastructure you're talking about tbh.
I've been working on and off on my own IP information microservice for the past month or so.
Also I've been less active in general cuz work lately, so I'm a bit out of the loop.
>>44055
Yup those are the links I was given. They're really aggressive indeed which is why I only installed some after a quick review.
> In it, he pushed for leftypol admins/devs to accept his configuration changes and appears to have established email contact with some folks at some point.
Never heard of the guy, but maybe he contacted the mod which gave the pastebin to me.
>>44064
I'll look into it

>>44064
Looks reasonable enough to me on little sleep.

>>44064
I don't think that's a good idea, it's going to make the regex engine match the whole text, which could have bad perf implications.
Use \b if you can https://stackoverflow.com/questions/7605198/how-does-b-work-when-using-regular-expressions#7606358

>>44065
I invited you to the bbs-guard project repository on github.
Flood detected; Post discarded.

>>44068
I've seen lex/yacc documentation mention the complement bracket expression being slow, but the above expression should never match more than one character directly surrounding the domain. "\b" is also not in POSIX, which is bad form.

>>44069
Thanks man. Do you happen to have matrix? There's a tiny Vichan developer group I could invite you to.
>>44070
> "\b" is also not in POSIX, which is bad form.
Yes but our reference here is the PHP engine

>>44071
Communication over github would be preferred, but you can reach me at glaive at chat.hashi.sbs. Also, James is the vichan developer, i only write the board-agnostic stuff.

>>44068
>>44064
Is filtering the entire .co space too aggressive (I only ever see it used by shorteners, phishing sites, and weirdos lmao)?

>>44072
…there's a way to communicate on github (beyond issues I mean)?

>>44074
There is a forum feature and we currently use one thread as a glorified chatroom.

>>44075
Oh neat

Holy fuck, I just did what I thought was correct as the CP bot likes to use link shorteners which sometimes contain .cn and .ru
I blocked them entirely on this reasoning nothing political.
I also did not block them here because get this….leftypol isn't my site.
I suggested other admins use my method tactics but I didn't think of the wider implications.
I didn't think people would get so upset when I tried to develop an anti CP tool.
Jeez.

>>44077
Admittedly I don't see any malice now that I've found the problematic t\.co filter responsible for the RT block.

It's those .ru and .cn filters (which weren't active on leftypol) that triggered my initial schizo paranoia suspicions. I knew that a lot of Westoid IT boomer bros block IP traffic from Russia and China countries, but I didn't see the utility of aggressively blocking all Russian and Chinese posted links, especially not as an anti-CP measure.

how do I fix this bug, happens on both firefox and chrome

wat does this mean, its stopping me from posting an mp4

>>44093
If you have an android try putting it through FFMPEG, might be an encoding issue.

>>44093
I don't know what version of ffprobe is on the server, but if you know someone who can run (I can't right now):

ffprobe -v quiet -print_format json -show_format -show_streams YOUR.mp4

Post the output you get.

>>44077
>CP bot likes to use link shorteners which sometimes contain .cn and .ru
>I blocked them entirely on this reasoning nothing political.
lmao, utter moron.
it never ceases to amaze me, a manual labourer, how legitimately retarded over-educated tech guys are without fail.

>>44137
It sounds like a case under-education actually, as they didn't know those wher chinese and russian domains.

"over-education" just sounds like heter theil brainworms.

Posting on Tor currently broken.

Tor is broken. god knows for how long.

>>44224
Really?

hcaptcha on tor no workie

>>44240
nvm it seems to only not work in /leftypol/ but fine in /siberia/ or in here. fuck em jumping cocks

Is there a way we could get syntax for ordered and unordered lists?

>>44254
The right thing would be to add https://wakaba.c3.cx/docs/docs.html#WakabaMark style lists to markup() in inc/functions.php, but the mutiline-sensitive nature of the syntax and the awkward pattern matching functions in php make this far more annoying than it needs to be.

>>44255
While I'm not too sure how thing work server-side, isn't there a way for the server to get a plain text of a message, and then use a non-php application for that, then stdout back to the php?

>>44257
Tinyboard/vichan already is a slow piece of shit, but introducing a fork() for something like this would be bad practice.

>>44254
>>44255
It's done. The list_markup() function works correctly, but someone should verify if the vichan part is sound.

>>37383
It's really quite difficult to use this site with VPN, can mods please refresh the IP bans?
Truthfully, we should all be using VPN on a site like this.
I also get DATACENTER NODE message a lot and I don't know why or what it means. Using phone
Thanks
t. would-be anon

Hammer & sickle flags don't show up in the json for some reason. Compare:
https://leftypol.org/siberia/res/760480.html#760637
https://leftypol.org/siberia/res/760480.json
In the latter there's no country/country_name for post 760637.

>Undefined array key 1 in /var/www/lp-prod/inc/lib/webm/ffmpeg.php at line 21
File rel: https://files.catbox.moe/urlht0.mp4
I literally posted this file here several times over the years, what did the devs do now?

Also youtube embeds are tripping up the fucking sign in faggotry
>Sign in to confirm you’re not a bot This helps protect our community. Learn more

>>44255
>>44268
Seems good. I'm finishing doing a couple of CSS changes to make it a bit more compact, and it should be good
https://forgejo.leftypol.org/leftypol/leftypol/src/branch/list-wakabamark-markup

So you wiped every Tor post for how many days ago? Damn. All because someone upset about the Israeli-Iran conflict threads started spamming emojis? Huh? What?

>>44362
I can't do anything about youtube though, since it's an iframe

>>44378
Cytube had a similar issue with youtube recently and fixed it somehow. Try asking the devs for it.

Thanks for posting it. Testing if I can post it too