Hackaday Hacked!

Well, that was “fun”. Last week, we wrote a newsletter post about the state of Hackaday’s comments. We get good ones and bad ones, and almost all the time, we leave you all up to your own devices. But every once in a while, it’s good to remind people to be nice to our fellow hackers who get featured here, because after all they are the people doing the work that gives us something to read and write about. The whole point of the comment section is for you all to help them, or other Hackaday readers who want to follow in their footsteps.

Someone decided to let loose a comment-reporting attack. It works like this: you hit the “report comment” button on a given comment multiple times from multiple different IP addresses, and our system sends the comments back to moderation until a human editor can re-approve them. Given the context of an article about moderation, most everyone whose comment disappeared thought that we were behind it. When more than 300 comments were suddenly sitting in the moderation queue, our weekend editors figured something was up and started un-flagging comments as fast as they could. Order was eventually restored, but it was ugly for a while.

We’ve had these attacks before, but probably only a handful of times over the last ten years, and there’s basically nothing we can do to prevent them that won’t also prevent you all from flagging honestly abusive or spammy comments. (For which, thanks! It helps keep Hackaday’s comments clean.) Why doesn’t it happen all the time? Most of you all are just good people. Thanks for that, too!

But despite the interruption, we got a good discussion started about how to make a comment section thrive. A valid critique of our current system that was particularly evident during the hack is that the reported comment mechanism is entirely opaque. A “your comment is being moderated” placeholder would be a lot nicer than simply having the comment disappear. We’ll have to look into that.

You were basically divided down the middle about whether an upvote/downvote system like on Reddit or Slashdot would serve us well. Those tend to push more constructive comments up to the top, but they also create a popularity contest that can become its own mini-game, and that’s not necessarily always a good thing. Everyone seemed pretty convinced that our continuing to allow anonymous comments is the right choice, and we think it is simply because it removes a registration burden when someone new wants to write something insightful.

What else? If you could re-design the Hackaday comment section from scratch, what would you do? Or better yet, do you have any examples of similar (tech) communities that are particularly well run? How do they do it?

We spend our time either writing and searching for cool hacks, or moderating, and you can guess which we’d rather. At the end of the day, our comments are made up of Hackaday readers. So thanks to all of you who have, over the last week, thought twice and kept it nice.

206 thoughts on “Hackaday Hacked!

  1. I would very much enjoy if new posts did not completely bury discussions after ~24 hours. With a (possibly optional) registration, one could be notified about replies and maybe there might be a side panel with articles I’ve most recently commented on (or set to watch) with the number of unread comments on them. Some comments here are very insightful and I enjoy reading them.

  2. Why not optional registration?

    If you are logged in, you can edit your previous posts. If you are not logged in, you can’t edit.

    This would also help reduce confusion between two people commenting with the same name, as registered users could be visually distinguished from unregistered ones.

    Also, edits should preserve history. Click a little + icon or something to see the previous version.

  3. Do both, Login and Anonymous, and blend into a nice thread view UI. Robustness to this kind of attack, as login posts would persist for reputable users, accessibility by those not wanting to create a full account otherwise, but subject to increased moderation. Potential for reputable users to facilitate moderation.

  4. My WWIV BBS in 1993 had an “edit” button/feature in the forums. It’s 2024…. time to modernize; you are 30 years behind.

    “Comment Removed by Moderator” if you want more transparency. Don’t just memory-hole them as if they never existed. That leads to the “anger of the un-personed”.

    Study the “Streisand Effect” before you publish an article like the one you did last week. You just made things worse for yourselves.

    Want to prevent a “reporting” attack like the one you described? User access control. Don’t permit anonymous users access to functions like that. Require a login. Again, it’s 2024, and this is the Internet. The irony is that this is one of the few places around that gets into the guts of “classical” hacking and malicious code. You should know to do better for your own house. It will also allow you to identify belligerent parties in the event of such a thing in the future. And people nowadays seem to be making a career out of being offended and silencing those they don’t want to have a voice; this practice has no place in a civilized conversation. This is a poor debate tactic; a “richard” move.

  5. Some ideas which may or may not work:

    Perhaps have the report button add a weighted value to a hidden score, and have a threshold for automatically hiding a message.

    The age of the user account, if any, increases the weight. An account that was just registered is equivalent to a non-logged-in user. The total number of reports in the moderation queue from the same AS decreases it.

    Have the moderation team see the reports ordered by decreasing weight, and give them the option to mark the ones below a threshold as false in bulk.

    The ratio of reports marked false from the same AS in the past also decreases the weight.

    Require a CAPTCHA to report a comment, at least if the weight is low enough. Neural networks will probably be able to solve them, but at least it will act as a proof of work.

    Require a valid email address to be entered (or a logged in user) when reporting a comment, and require the user to click on an emailed link to submit the report, at least if the weight is low enough.

  6. There has been lot of recommendation but i will agree captcha is must have. You can make it so if there is high traffic of reporting or comments SITEWISE then the captcha gets activated and gets harder depending on the traffic.

  7. Actually, at least one of those “Report comment” was from me, accidentally bumping it as I scrolled on a touch screen.
    I will scroll on the left side from now on.
    I was immediately like “Crud crud no undo -sigh- sorry, moderators”-

  8. Putting Reddit and Slashdot next to each other without a comment is kinda dishonest – one is not like the other. The first, with up/downvotes accessible to anyone anytime, leads to brigading and hive-mind behavior. The second, with mod points being scarce and available only to people abstaining from discussion, works (worked?) much better.

  9. I think the “This comment is being moderated” message is a good idea, as well as a confirmation button to avoid accidental reports. I’d think only allowing a post to be reported once, from any ip, would help. That way a mod can decide if it’s ok or not, and after that there is no way to report that post again.

  10. Transparent Moderation System: Implement a notification system that informs users when their comments are under moderation. A simple message like “Your comment is being reviewed” could alleviate confusion and frustration.
    Enhanced Reporting Tools: Introduce a tiered reporting mechanism where users can categorize the nature of their report (e.g., spam, abuse, off-topic). This could help moderators prioritize and handle issues more effectively.
    Upvote/Downvote Mechanism: Consider a modified voting system that minimizes the popularity contest aspect. For instance, use a system that allows users to upvote but not downvote, focusing on promoting positive contributions without penalizing others.
    Highlight Constructive Comments: Create a feature that showcases “Comment of the Day” or “Top Insights,” which could promote quality discussions and recognize valuable contributions.
    Community Guidelines: Clearly outline community standards and expectations regarding behavior in comments. This can be pinned at the top of the comment section for easy visibility.
    User Reputation System: Implement a reputation or karma system that rewards users for positive contributions (e.g., receiving upvotes, reporting spam). This could encourage thoughtful participation.
    Threaded Discussions: Enable threaded comments to allow users to respond directly to specific comments, creating more organized and coherent discussions.
    Moderation by the Community: Allow trusted users (with a certain reputation score) to assist in moderation. This could help reduce the workload on editors while empowering community members.
    Examples from Other Communities: Look to successful tech forums or platforms like Stack Overflow for inspiration. Their systems for upvoting helpful responses and maintaining quality discussions could provide valuable insights.
    Regular Feedback Loops: Establish periodic surveys or feedback mechanisms to gather user input on the commenting experience and make iterative improvements.

    These changes aim to enhance user experience, maintain constructive dialogue, and protect the integrity of discussions within the Hackaday community.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.