Viewing a single comment thread. View all comments

squat wrote

I don't have an opinion on the proposal itself, but several people have expressed concern that /u/ziq could take the site down? I guess it's hosted on their server or something? Perhaps this should be a separate thread, but, regardless of the outcome of this vote, are there not things we could do to mitigate this now? Surely we could just get another server? I would be willing to help out with that financially if that was an issue, I'm sure other people would too. We just need a copy of Postmill, a dump of the database and control of the DNS records, and somebody with some sysadmin skills, right? I guess /u/ziq controls the DNS. How many people are there who have the necessary access to the server to make a dump of the database... is it just /u/ziq?

I can't make a judgement about whether they can be trusted or not, but I think their stepping down as an admin isn't worth much if they still have exclusive control of the underlying server. I find it astonishing that people are genuinely worried that this could be the end of this site. We can take steps now to ensure that, whatever /u/ziq does, the site and the community will survive. Maybe we lose the domain (fine, we just get another one)... worst case scenario we lose everything, but even then we can just set up a Postmill instance somewhere else and try to migrate people there. If there was somebody other than /u/ziq that the community trusted to be a custodian of regular backups of the database then the worst thing that could realistically happen is we have to change the domain. Everything else could be quickly restored.

I think if /u/ziq wants people to regain their trust, they need to hand over the credentials for the DNS registrar and for the server on which the site is hosted. But maybe the community needs to work out first whom should get that access.

5

Random_Revolutionary wrote

Imo you're overblowing the gravity of ziq's actions. He fucked up, but didnt really put the site in danger nor put the users in danger (appart from the whole opinion manipulation thing). He was always trying to improve raddle, got caught up in his mess, but came clean quite a while later. I too trust ziq with the server.

8

An_Old_Big_Tree wrote

emma has server access also. ziq's been willing to hand over everything, but the appropriate people have not been willing to take it on.

It would require a trusted user, not based in the US, who is willing to pay the bills and have those bills in their name. As things stand we don't have that, and ziq's been willing to hold it in the meanwhile.

There's not even a small part of me that thinks ziq would delete raddle, nor would they fight a ban. They anticipated a potential ban in the process of apologising.

7

squat wrote

There's not even a small part of me that thinks ziq would delete raddle, nor would they fight a ban. They anticipated a potential ban in the process of apologising.

It's still a problem though when several people in this thread have voted no or abstained, explicitly because they fear that ziq could retaliate. But what you say is reassuring and I'll take your word for it.

For what it's worth, I'm not based in the US (out of curiosity though, why does that matter?) and I'd be willing to put stuff in my name and to pay the bills (I already host a couple of things like this anyway). Obviously there's no way in hell that I'm a trusted user, given that this is my third post ever and I only signed up a few hours ago. But let's see if I stick around and become invested in this place, perhaps with time I could gain people's trust.

Actually, you know what, I could even just rent out a server somewhere, pay up front for a really long length of time, and then just hand the login details for the hosting company over to an admin here without ever even logging in or setting up an OS on the server myself. Whoever here does set up the OS could set it up with full disk encryption and their own login details and I would never have the keys or passwords in the first place.

Obviously I would still be the contact for the hosting company and could log in to the management panel (or if not, at least convince them on the phone to reset the password for me or something). But even assuming I got in, I could wipe and/or reinstall everything, but I couldn't tamper with the site, and also whomever I hand over the account to would get an email notification if I logged into it, so there's a degree of accountability nonetheless. Basically I just sign up, pay some money, give the details away here, and "forget" about it, people here don't necessarily even need to trust me very much.

Maybe this discussion is for another place and time, but I'll leave this here for the record. If people want to have a conversation about this and they decide that they're interested, PM me and we can work out the details and then I'll get on it.

4