/operate/ - 8chan Operation & Discussion

Happy 18th

Other than the Adelaide thing nothing has really happened. I'll get to writing.

This month: The virtues (or pitfalls?) of the Tor hidden service and the Adelaide "crisis".

https://8ch.net/_t/20150618.txt

>>27146

Hotwheels you likely won't read this but I just wanted to say this: you are cool and one of the few non SJW holdouts on the internet.

If only you were a Dutch citizen! You could apply for a special handicapped subsidy to hire prostitutes (no joke).

Alas.

Another month passed, where's the new transparency report?

>>30402

p-please

>>30525

8chan was never about transparency

>>30554

You can have transparency but that transparency should not come at the expense of others

t. ancap /intl/-pro

>>30402

>>30525

A-are you s-still alive, c-cripplemoot?

Can making OPs with cute short haired girls be an /operate/ tradition?

>>30662

I'm okay with this

July 2015 transparency report, please.

>>30402

>>30525

>>30633

>>30718

I assume 8ch is compromised

Btw, there should be a direct link to all the the archived transparency reports (e.g. the https://8ch.net/_t/ url should be freely browsable and linked on the homepage)

The canary means literally nothing

It would make sense to schedule at exact day (e.g. the first day of the month) to publish these, or better publish every DMCA, NCMEC or governmental request immediately, as soon as they are received

If a Court order prevents immediate communication of these requests, the canary should go away

Otherwise, we're just fooling ourselves with these "transparency reports" and with these canaries

>>30767

DMCAs are posted on >>>/dmca/

>>30767

>I assume 8ch is compromised

I'm kind of worried about HW tbh. Both his twitter accounts have been silent for a week. He used to tweet multiple times per day up until the 16th. After that, nothing.

When was the last time he posted on 8chan?

>>30718

>>30718

>>30718

>>30718

>>30718

>>30718

>>30718

>>30718

>>30718

>>30718

>>30718

>>30718

>>30718

>>30718

>>30718

>>30796

He posted on /homosuck/ today

>>>/homosuck/372429

>>30767

I often wonder why we really need to see DMCA requests. I realize that the whole transparency thing is interesting, but what's the point of public DMCA requests except to publicly display the requester's email, home address, phone number, name, etc.

What else would be done with the information?

>>30809

That's not hotwheels though. Posting style is completely different.

July Transparency Report

https://8ch.net/_t/20150722.txt

I made a mistake so there is an ammendment: https://8ch.net/_t/20150722-a.txt

>>30796

>I'm kind of worried about HW tbh. Both his twitter accounts have been silent for a week. He used to tweet multiple times per day up until the 16th. After that, nothing.

Twitter is a waste of time, worse than IRC.

Also, I have recently been dedicating myself to the self-serve ads system (https://softserve.8ch.net) because I think it will make 8chan solvent but because it is being written by 2ch's hired Filipino programmers it means that to work on it I have to back and forth between Race Queen office to my apartment, so less time to make posts on chans.

Any time not spent on that I am talking with Josh and making sure he is writing the new software in a way we can use and not alienating people.

Don't worry, I'm still here. /tech/ is my main board btw, if you are bored try to guess which posts are me. :^)

>>30882

>Twitter is a waste of time, worse than IRC.

glad we can all agree on that, what do you think of SJWHub's new CoC?

>>30884

>I literally have no idea about what I'm reading or talking about, I just saw "feminism" in the post so we should boycott them immediately! xDDD #GitGayte

back to >>>/gamergatehq/ with you

>>30885

Damn son, triggered much?

>>30886

triggered by your lack of comprehension, yes :^)

>>30887

Go back to >>>/tumblr/ if you get so easily offended by imaginary things then :^)

>>30888

haha epic :p well memerino'd my friend-o ;^) nice trips too tbw lol xD

>>30889

thanks mr autistic :)

>>30882

Oh, and

>Making sure he is … not alienating people.

>↓↓↓scroll down to see posts↓↓↓

lel oh lel

>>27146

>/islamicstate/

Them again?

>>30882

>that SAPOL BTFO

10/10 Hotwheels.

>>31320

shit like that is the reason I love reading these

>>30882

Updoot:

Canary Watch updated the link to 8ch on the website ( https://canarywatch.org/8chan/ ) but the last Transparency Report check was on 2015-07-25 AND the link to the transparency report is still wrong.

Have a example of a proper report/canary link:

https://canarywatch.org/qubesOS/

(Links to the Transparency Report page instead of the main page of the website, updated report listed)

https://canarywatch.org/cloudflare/

(Links to the transparency report page instead of main page of the website)

You might want to consider making a Proper Canary.

>>31561

Wait a minute

>QubesOS

>2016-06-03

That's not a valid date.

>>31562

>>QubesOS

>>2016-06-03

>That's not a valid date.

Wow, EFF is really bad at record keeping.

>mfw these are the people in charge of protecting internet freedom

I'm scared.

Ahem

BUMP

Make a proper page for canary watch and link it to the canarywatch.org crew. Remember to list your transparency reports here.

>>31567

>>31562

It makes perfect sense if you're aware of the TimeQube

SEPTEMBER REPORT WHEN

>>36037

>>37421

I'll ask him about it, but i doubt there's much to report.

>>37433

that's too much work for him. honestly I'd like jim to start replying to posts here. He's clearly in charge and isn't high off his mind 24/7

September transparency report, please?

>>37569

<nunufag> copypaste do you think you'll be doing a september transparency report, or is there simply not much to report

<copypaste> yes i will, i've been distracted by 4chan

<copypaste> there were a few DMCAs and stuff

It should be out soon.

Well that was sooner than i thought. Here's the September transparency report: https://8ch.net/_t/20150923.txt

>>37598

>EFF

You need to pester those guys until they fix it. At least force them to respond.

>>27133

From 2014?

All she really needed to do was lose a little weight, and all is now good.

>>37599

And of course, by 'you', I mean

>>27139

Bumping for October

Yo Nunu, where's our October transparency report, bruh?

>>40196

Is it really that time again? I'll be sure to remind him about it.

>>40196

Here's the October Transparency Report: http://8ch.net/_t/20151020.txt

There's a slight typo though, it should be "if threats are made" rather than "if threads are made".

>>40285

Or should it? :^)

>>40285

Requested is also spelt wrong

>>40285

Can we get transparency into what copydud was on when he tried to write this?

>>40285

8chan doesn't store data on expired posts? Not even in its ad system?

>>40285

So what hotwheels is saying is that because the threads had expired - ALL user data associated with it had been completely deleted from 8chan servers & associated systems

Well, that probably pissed the Feds off

>>40323

This is why we must not archive every thread in infinity-next like Josh wants to

>>40325

Have you considered that we can just archive posts but no the data associated with it?

>>40331

That's not what the idea was though. The idea was to take out the page limit since "now we have the capacity to just keep all threads, thread pruning was not an intentional feature but to save storage space"

Bumping for October/November Report

Yo nunu, it's that time of month again. Not your period….the Transparency Report

>>40332

Next automatically prunes IP address data after a certain amount of time, and has way more ephemerality and pruning control than the software we're running now, both of which are totally configurable by the admin. There's no built-in "archiving", 8archive will take care of that as far as I know.

Where the fuck are the reports?!

You fags have been slacking at everything except your super seekreet irc cult/cabal circle-jerk tbh

smh

>>43710

>Bumping for October/November Report

The October Report can be found here: >>40285 , i'll be sure to ask him about the November report.

>>43724

Alright then, it should be out on the 20th "as usual".

>>43734

Welcome to 8chan - where the FBI, pedos, potatos & virgins find love ❤

Wonder if the FBI agents assigned to monitor 8chan ever start adopting a chan culture perspective of the world. You know we probably rub off on the G-men atleast a lil bit.

>>40285

>"beta uprising" posts

And what board might have this been on?

Here's the November Transparency report: https://8ch.net/_t/20151120.txt

Not much to report, other than the upcoming switch to infinity next.

Monthly Bump

nunu, where's the November transparency report, mang?

>>45403

>where's the November transparency report

I'm assuming you meant to say the December transparency report, but if not then i posted the November report here >>43964 .

If he doesn't post the December report today, then i'll be sure to ask about it.

>>45403

>>45421

Here's the December Transparency report: http://8ch.net/_t/20151221.txt

Alright then, here are all of the transparency reports for 2015.

March 17, 2015: https://8ch.net/_t/20150317.txt

April 21, 2015: https://8ch.net/_t/20150421.txt

May 18, 2015: https://8ch.net/_t/20150518.txt

June 18, 2015: https://8ch.net/_t/20150618.txt

July 22, 2015: https://8ch.net/_t/20150722.txt , https://8ch.net/_t/20150722-a.txt

August 18, 2015: https://8ch.net/_t/20150818.txt

September 23, 2015: https://8ch.net/_t/20150923.txt

October 20, 2015: http://8ch.net/_t/20151020.txt (Typo correction: it should be "if threats are made" rather than "if threads are made")

November 20, 2015: https://8ch.net/_t/20151120.txt

December 21, 2015: http://8ch.net/_t/20151221.txt

The months January & February didn't have their own reports since those months were included in the March report.

Where's the transparency report for this month, you lazy cripple?

>>46136

here you go, you overentitled, nescient, lazy piece of fucking shit:

https://8ch.net/_t/20160118.txt

Hey Nunu, any chance the new TRANSPARENCY REPORT is gonna be posted?

So is there a transparency report this month? C'mon with it, guys. :^)

>>46959

No transparency report. Hotwheels is too busy abandoning his promise to fix the site and creating some autistic emoji language to do his actual job.

Will one of you shits take 5 minutes from smoking meth & beating off to anime to actually do your fucking job? Where's the transparency report?

>>46959

>>46963

>>46967

>>46989

I'll ask him about it, probably just a minor delay.

It seems that the cripple published the last report on twitter.

I refuse to re-link it as much as he refuses to acknowledge the existence of this board.

He addressed the /ips/ and cross-site requests issue (that allowed "ip farming"). Sadly, he isn't aware that CSP does literally nothing and still believe that allowing any kind of CSS from external sites is good. He refused to answer in the dedicated /operate/ thread ( >>47028 ). He, and his proxy nunu.

Thank you for you consideration, IRC circlejerkers.

>>47059

https://t.co/9moUscWZ35

:^)

—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

- From the period between January 18 2016 to February 24 2016, 8chan received 0 requests from US government agencies.

8chan complied with 2 DMCA requests during the period between January 18 2016 to February 24 2016. https://8ch.net/dmca/res/3.html#19 https://8ch.net/dmca/res/3.html#20

8chan neither received nor complied with any requests from foreign (non-American) governments.

8chan's warrant canary has not expired and is being monitored by the EFF at https://canarywatch.org/8chan/.

On February 23 and February 24 2016, bugs in the CSS parser were found and disclosed by the board owner of 8ch.net/ips. This caused users of that board to access a server being run by the board creator. This only affected boards where board owners willfully added the malicious CSS.

This caused a bit of back and forth with the guy who found it. The first way he got around the URL block was to add a CSS escape sequence \002f (/) which the parser was not aware of. This was patched by disallowing escape sequences.

/ips/ countered with @import, and then a data: URL of type text/css, base64 encoded to get around the URL filter. This was patched by disallowing imports.

/ips/ countered _AGAIN_ with a data URL which set an SVG file as the background. The SVG file then loaded an external image, as per the SVG standard, which triggered the server access.

The SVG finally put a stop to any hopes of CSS parsing itself being able to stop this. What would need to happen to stop this would be to (1) evaluate all data URLs (2) request all data URLs server side (3) parse SVGs server side for outside links, making sure to ignore w3c.org defs… I decided to admit defeat here and just go for a content-security-policy, because I also want to allow sites like COCAINE.NINJA, 0X0.ST and MY.MIXTAPE.MOE, which allow uploading of all filetypes for stylesheets.

The W3C Content-Security-Policy standard is supported in Firefox, Chrome MS Edge, IE 11. It allows webmasters to specify explicitly which domains are allowed for cross-server requests, preventing this type of IP farming by board owners once and for all. As an added bonus, it makes us mostly immune to unforeseen XSS attacks, such as the <8chan.pw> XSS in YouTube embeds circa April 2015.

Unfortunately, while implementing CSP, I did not notice that allowing 'self' does not allow data URLs, which are used by CAPTCHAs. This caused CAPTCHAs to not work for around 12 hours bcause I went to bed after I thought the bug was fixed. CAPTCHAs and user JS is now working with Content-Security-Policy, so for your protection you should re-enable it in your browser. Sites other than 8chan rely on it.

—–BEGIN PGP SIGNATURE—–

Version: GnuPG v1

iQIcBAEBCAAGBQJWzUOVAAoJEBDdyYOQGqGDRLQP/i7ssiZSmXsOL6v3uDR8SeC1

kNL6rsFS5+2hJX3I0jwev8lLG/UDb27wFl+31+TakhZsGWEPmjoKZ+QNtk/VRsr1

EXvnMqtvuRmWHY3BNEssfaE7yF8PwVsC+XmksWWYcTtP1fk6KtuJkGSjUvVPKC5x

/7weeaW5NvVBPMQF7eaJeWJ/GtUrcdkY6xVY98Rtsz98oTuHH4j6wiYk3ov+E8yM

zK1pO+ZjH1x6BxtCWYCaeZwL4HyilSGeRNirzuo7koTpVraIq8sjlSjtUCiNwY3T

5fI7I8KQxGEu7HA2wLApKAxof2SseT7CoVIa7r1kjEBQcojmZ3eLWg8BApykybfa

pmwrBoTyAgA47txJ7Cm9lmrIVtUc55WLnKxxBnb1EaQ9L2JmDeHA2arT3W7I8RE4

5FsPZznYrH551UMInpLRogoZ4uh7amKSh0Lr4mNNW7MKjORDStG4QFpmV3B82vLy

AtfV+/uE4bd9UO2e2GCEejPVmGPxbh9VsiaF6Jo9SqTuA+zYJmIVRqT87bwEAviO

zAjb+FEVMUifGn+rRJUpKEBjM3GP69ZJcuWN71jZpavqQAvg0fCCyiS4y87x0Kkk

StoUAJOJXT6ApA2eZ3Q0xnd7OYcq7l6/fvJV8wLda5kUz95vnF0Q4bxue1HT76hT

yCimZG69hBs3H/Kjz/1s

=O3RX

—–END PGP SIGNATURE—–

2

Yo, nun, my nigger…where the fuck is the newest transparency report? did hotwheels get picked up by the cops for smcking around his filipina ladyboy whore again?

Wake up & Manage your board NUNU, you lazy negro!

>>47541

>>47555

>>47569

Sorry about the delay, I'll ask him about it.