Checksum verification for quoted messages/posts

[Rizzrack]

...

I seriously doubt it can work like that tbh...

Perhaps there can be a new "quick quote" option. You just select the required text (the selected text would be non editable and would not allow to skip words from block... so from "I am sure I found a scammer" one cannot select just "I am a scammer") and after it you can write the reply.
Something like this: https://github.com/epochtalk/epochtalk/issues/878

Only thing is it would not work with multiple quotes in the same post...

Sounds cleaner and perhaps doable. Simple implementations would have a higher change of (eventually) being added 

[1714023148]

1714023148

[1714023148]

1714023148

[1714023148]

1714023148

[Quickseller]

...

I seriously doubt it can work like that tbh...

Perhaps there can be a new "quick quote" option. You just select the required text (the selected text would be non editable and would not allow to skip words from block... so from "I am sure I found a scammer" one cannot select just "I am a scammer") and after it you can write the reply.
Something like this: https://github.com/epochtalk/epochtalk/issues/878

If you did the above, it would be clear that text was removed because there would be disclosures saying that text was removed.

Only thing is it would not work with multiple quotes in the same post...

Instead of the index's of the text that are removed being sent back to the server, the index's of BB code could be sent back to the server. There could be rules such as if a quote header is removed, the entire inner quote must also be removed.

[Rizzrack]

Instead of the index's of the text that are removed being sent back to the server, the index's of BB code could be sent back to the server.

What exactly do you mean by "the index of the text" ? hash ?

Code:

Full text: bla bla bla I am sure I found a scammer bla bla bla
hash: 8F0F7FEB60FC873A6066739931B68D78C1C6E8304953807A519202A23F9045B8

Text: I am sure I found a scammer
hash: F7CFCD9D9FEA2582DD256D5FD073CCB095B03282EEF987708E007C30711F013A

Text: I am a scammer
hash: 2BB8A5672EFD6382C8803E9DB05511A78AAAF8955F0B42222C109CC9F99A92A8

How do you propose to use hashes (I guess this is what you mean) for pieces of text ?

[ibminer]

^  It appears QS wants to send the index of the text itself (position of the beginning character of text), and I presume the ending index of whatever is being quoted... and then wants the server to verify the contents of what is being sent and provide its approval.. and also hash it for some reason?.. Why?.. not sure.

That is ridiculous. People post PMs and quotes of posts all the time. There are frequently questions regarding the authenticity of quotes when the original is not available. PM verification would remove that uncertainty.

When the 'original' what is not available?  user?  PM?... You've already stated the PM has to stay and exist to be verified, and even went as far as to say the PM could no longer be deleted once quoted. So I'm not sure what this PM verification idea is correcting when you say this 'removes the uncertainty of PMs when the original is not available'. Makes no sense to me.

The status quo is that someone can claim something was said via PM, and the person being accused can stay silent to pretty much guarantee they will come out unscathed. Mods rarely get involved in scam accusations, unless there are large amounts, or a lot of victims involved. If you can prove a PM was sent or received, you can trivially prove you have been scammed via PM.

You're not addressing the fact that someone can cherry-pick a comment from someone's message and make it "verified" by the forum, while spinning a story about what that cherry-picked comment is about. This will give the impression that the forum is verifying the perception being put out by whoever is cherry-picking the quote and saying what it was about. IMO, it adds weight/value to a poster that the forum shouldn't be adding into a situation like this.

The person being smeared better also hope they saved their copy of the message, or they cannot even defend themselves with their own version of a 'verified' message explaining the out-of-context quote.

Let's not mention the fact that this type of smearing could also happen in PMs behind-the-scenes where nobody could ever defend themselves on snips of things they have said privately which would be getting misconstrued to others.

Hell, all of those "impersonator" accounts (or alts, who knows..!) are going to have a great time with this feature self-verifying their own messages from their newbie impersonator accounts with very similar names/special characters, so they can scam more people.

I could keep going, but it's counterintuitive for me.. and this is seemingly a waste of time. <- edit: To clarify, I'm referring to my time here, not that the idea itself is a waste of time. I just see it as a double-edged sword, with the worse-case side sharper than the other, so-to-speak. (especially if the intent is to use QS's aforementioned blueprint.)

Wish you all the best on the idea though!

[OgNasty]

I would beware of any user who thinks that verification of private messages is a bad idea...  Checksums aren't some crazy idea that takes a ton of resources if implemented properly.  A checksum of an entire message would also eliminate the possibility of anything being cherry-picked as if you understand how checksums for an entire message could work and require the entire message to be quoted in order for it to be validated.  Think of it like validation of a PGP signed message.  I would beware anyone who thinks this is a bad idea.  

Perhaps it could also enable another feature of private communications, where a user could check a box to send a PM as private and therefore couldn't be verified as a legitimate quote publicly.  Users could even decide if they are willing to accept private communications or not.  Maybe these could even be features reserved for higher level members.

[ibminer]

If you really think a feature like this is needed, which I don't, it should *at least* be done with only the entire contents of a message, or nothing at all... even then, full messages can be taken out of context over the course of a discussion as well.

A checksum of an entire message would also eliminate the possibility of anything being cherry-picked as if you understand how checksums for an entire message could work and require the entire message to be quoted in order for it to be validated.  Think of it like validation of a PGP signed message.  I would beware anyone who thinks this is a bad idea.  

*shrug*

[AdolfinWolf]

Users can currently send/post incorrectly quoted messages to assist in scams or discredit other users.

This could be addressed by having a hash generated based on the content of a message, and then a checksum implemented to reject invalid quotes from being sent/reposted.

I mean it would be a cool feature notwithstanding that I personally have never seen a case where this could have prevented anything. Critical reading skills should prevent people from getting away with misquoting people, and lying about the contents of dms (or denying the existence thereof) would just cause a standoff where one party would look silly after theymos or any moderator? checks their PMs.

I'm guessing this might not happen in low-profile cases which I imagine would be the only reason something like this might be useful, but really in 99% of the cases it is immediately obvious who's the scammer and who's the actual affected party. And again, if it turns out to not be that simple I imagine it would not be that hard for a mod to check the pms manually.

I think the threat alone of an admin checking the actual contents of a pm would already make manipulation with on-site communication (pms) fairly unattractive, especially for more senior users. And really, wouldn't such a feature just cause a shift to other messaging apps like Telegram? Hard to see what exactly would be solved.

Perhaps development efforts would be better spent on finally making it look like this forum didn't come straight out of 2007, and more like their modern counterparts.

[OgNasty]

I mean it would be a cool feature notwithstanding that I personally have never seen a case where this could have prevented anything. Critical reading skills should prevent people from getting away with misquoting people, and lying about the contents of dms (or denying the existence thereof) would just cause a standoff where one party would look silly after theymos or any moderator? checks their PMs.

Maybe you’re not familiar of my situation with a member Vod? He spent years attacking me with lies and posting false information all because he misread a PM and made assumptions that when he discovered his idiocy he chose to lie and attack instead of admit his mistake. No administrator or moderator was any help in bringing the truth to light and chose to blame the victim and urge forgiveness of the liar. Being able to show that I was posting real quotes and Vod was lying might have saved this community a massive drama that ultimately led to Vod not being able to post here anymore and a lasting suspicion around me for being attacked with lies by a crazy person.

So if critical reading skills could have helped avoid that situation then users with critical reading skills here are in short supply.

[Rizzrack]

FWIW the guys working on Epochtalk told me that this is a planned feature that was previously discussed.

Not sure if it will be actually added or how exactly it would work but nice to know it was/is taken into account  

[ibminer]

FWIW the guys working on Epochtalk told me that this is a planned feature that was previously discussed.

For me, it's not worth much unless you can show where it was discussed and what was involved in the discussion.

Has anyone gotten an answer on why they removed the planned features list?  When do we get to see the 'rewrite'?

EDIT: I'm assuming this list is the most recent? which appears to show some of the older planned features, but I don't see anything related to what is being discussed in this thread?

[Rizzrack]

For me, it's not worth much unless you can show where it was discussed and what was involved in the discussion.

I assume during one of the meetings they had with theymos

Has anyone gotten an answer on why they removed the planned features list?  When do we get to see the 'rewrite'?

Epochtalk had a "roadmap" before, but at some point in 2020 ^{[or 2021]}, they removed that page ^{[you can still check some of its content from the following "archived version"]}.

I don't see those that relevant anymore...
Most of them are implemented and things like "Feature Parity with SMF forums" and "Build a complete installation and onboarding process" are things that should come without saying.

EDIT: I'm assuming this list is the most recent? which appears to show some of the older planned features, but I don't see anything related to what is being discussed in this thread?

Some of the issues on github were submitted my myself and other members of the community who tested the epochtalk environment on coinbistro.com like Veleor, for example. Some of them might already be solved in the VueJS branch. Did not test that one yet but by looking at the commits they seem to be on the final stretch regarding the frontend.

Besides those submitted issues I'm pretty sure they discussed with theymos some other features as well and also a certain implementation of this topic's main idea. From what I remember they were talking at some point to have a versioning option, similar to github commits for edited posts. Though available for mods if I remember correctly. From this there's just one more step to some user available info...

[ibminer]

This is more helpful, thank you!

What you describe makes sense to me as a mod tool, I would have much less concerns with that, and would not have concerns of a github style system that took a user to all the edits/modifications (this would be great).. unless you start allowing users to light up snips of quotes as green and 'verified' by the forum, then I think there are too many negative consequences from something like that, which seemed to be where this discussion was heading. I do still think performance would end up a problem on a forum like bitcointalk, but maybe? less problematic as a mod only tool... still seems like a decent amount of extra work per post/edit/etc.

[Quickseller]

FWIW the guys working on Epochtalk told me that this is a planned feature that was previously discussed.

Hopefully, once they get this feature completed, theymos can start using the new forum software.

[Bitcoin SV]

Users can currently send/post incorrectly quoted messages to assist in scams or discredit other users.

This could be addressed by having a hash generated based on the content of a message, and then a checksum implemented to reject invalid quotes from being sent/reposted.

You can sign every message on bitcointalk with a bitcoin address. And all your messages will be securely protected

For example:

-----BEGIN BITCOIN SIGNED MESSAGE-----

Message from OgNasty

-----BEGIN BITCOIN SIGNATURE-----

Version: Bitcoin-qt (1.0)

Address: ###################################

######################################################################

-----END BITCOIN SIGNATURE-----

[Rizzrack]

You can sign every message on bitcointalk with a bitcoin address. And all your messages will be securely protected

One can just as easily change the addy and the hash. Not really any different from how things currently are done.

Glad to see the BSV community is taking interest in signing messages though better later than never I guess