Need help? Check out our Support site, then


Bad Design Allow Site Owner Alterations.

  1. Protein Wisdom Alters Commenters’ Words to Mock Them
    http://patterico.com/2009/12/20/protein-wisdom-alters-commenters-words-to-mock-them/

    Protein Wisdom is apparently powered by WordPress. As I comment in the thread at Patterico, good software design would not allow even the site ops to alter someone's words without leaving a visible trace for others to see:

    Properly designed software would not encourage this, or at least, would acknowledge it has happened by "This comment was edited by the site proprietor. To see the original comment, click here" and provide a link to the original comment.

    I'm not saying you should not allow the proprietor to alter it at all, just that a trace should be left behind which others can use to call attention to if one should abuse the power to deal with things other than spam and/or inherently offensive/abusive entries.

    This is very, *very* bad design on WordPress's part.

    Yet another reason to NOT use WordPress, or to trust blogs which do so.

  2. You did not specify a blog address or reason for posting when you created this topic.

    This support forum is for blogs hosted at WordPress.com. If your question is about a self-hosted WordPress blog then you'll find help at the WordPress.org forums.

    If you don't understand the difference between WordPress.com and WordPress.org, you may find this information helpful.

    If you forgot to include a link to your blog, you can reply and include it below. It'll help people to answer your question.

    This is an automated message.

  3. That's not a WordPress.com blog.

  4. And by the way, wordpress's editor does track post and page revisions - at least in 2.8 and later, so there is a way to see what changes have been made.

  5. Obviously they're talking about self-hosted WordPress.

    It's a ludicrous claim. All self-hosted blog apps allow site owners to alter comments. (Even if the software didn't provide a UI to do it, the site owner has access to alter the database directly).

  6. "Spambot" -- The topic is relevant no matter if it's about .com or .org. Both have input to, and power over, the software, albeit indirectly in one instance.

    (yeah, I know it's "a bot" -- the points it makes still need replies)

    This is an egregiously bad design flaw, and should be fixed as quickly as possible. Site proprietors should not be able to alter user comments without leaving a trace and chance of exposure if the power is abused.

    And people should be fully aware of it until it is fixed, and be pushing for it to BE fixed.

  7. obloodyhell, it's not a design flaw.

    There is no possible way it can be done. No self-hosted blog application prevents blog owners from altering comments, because it's impossible.

  8. It's a ludicrous claim. All self-hosted blog apps allow site owners to alter comments. (Even if the software didn't provide a UI to do it, the site owner has access to alter the database directly).

    The assumption you make is that all site owners can personally edit such. There is a reason they are using canned software -- and part of it is usually strongly limited coding skills on their part.

    Yeah, it's possible to get around it. This does not mean that the software should not discourage this being done, and there are ways to write it better to stop that.

    And yeah, it's not a wordpress.com blog -- again -- SO WHAT?

    The software shouldn't encourage it, should explicitly even make it difficult to do. And wp.com has input into that, more than most.

  9. There is no possible way it can be done. No self-hosted blog application prevents blog owners from altering comments, because it's impossible.

    OK, what part of "genius" did you think applied to you?

    READ CAREFULLY.

    I explicitly</i> did NOT say "prevent alteration" -- I said it should LEAVE TRACES.

    That's a categorically different thing. And yes, it IS correct that a really savvy site op can override that by going in and explicitly editing the DB themselves.

    There are ways to make THAT painful enough that it's not something someone is going to do without really, really good reason.

  10. It's not a WordPress.com blog: this is WordPress.com. You are complaining about software which is not in use here.

    At LEAST direct your paranoia to the correct site.

  11. Au contraire, it would be a bad design if you didn't allow the owner/administrator of the blog to have such privileges.

  12. Removing the edit function from the UI would have the opposite effect to what you're intending.

    It would allow site owners to claim that they hadn't altered a comment ("I'm using WordPress so I couldn't have!") when in fact they have.

    (Self-hosted) WordPress is open source. Anyone can modify it. Anyone could install a plugin that allowed modifying comments without leaving a trace.

    The mistake you are making is to assume that blog comments are authenticated or verifiable. They are not.

    it would be a bad design if you didn't allow the owner/administrator of the blog to have such privileges.

    - that too.

  13. And by the way, wordpress's editor does track post and page revisions - at least in 2.8 and later, so there is a way to see what changes have been made.

    Does it make it so in such a way that it's self-evident to the average user, so that people can notice it themselves, easily?

    Blogspot, for example, allows me to delete my own comments... but it still leaves a trail, so it's not like my comments just "disappear", giving me the capacity to claim I never said anything at all.

    Yes, that happens on a different level than what we are speaking of, but it's a part of good behavior on the part of the software.

    WP does not exhibit good behavior.

  14. Blogspot's comment system is a closed system, not a self-hosted application.

  15. We answer technical support questions posted by those who have issues with using wordpress.COM blogs only. You don't have one but have received your answers from Staff anyway so maybe the time has come for you to slip slide away. Yes, we have no bananas and no troll food either.

  16. You could try Tumblr. Tumblr does not allow comments in the first place unless the theme has been hacked.

  17. 1) Are you ALL frigging idiots?

    > It's not a WordPress.com blog: this is WordPress.com. You are complaining about software which is not in use here. At LEAST direct your paranoia to the correct site.

    So you DON'T use the EXACT SAME SOFTWARE?
    Oh, wait, the bot said it:
    WordPress.com utilizes the same WordPress software which you can download at WordPress.org.

    So that's bovine excrement on your part.

    2) I also EXPLICITLY stated that it wasn't a question of ALLOWING someone to alter comments, but to do so without leaving any trace. That is another order of magnitude issue.

    > (Self-hosted) WordPress is open source. Anyone can modify it. Anyone could install a plugin that allowed modifying comments.

    Closest to a valid argument, but the design of its comment engine can be done in such a way that it's discouraged -- tracking and validation information can be built into the comment engine in such a way that you would have to replace the entire thing. And you can make it a part of the strictures of the open source licenses that are applicable that said tracking information will not be removed without a clear warning to the reader that this is in effect.

    So it's a resolvable issue.

  18. Indeed there's always that opportunity and it's available free of charge. It's a closed system too in more ways than one. Why several wannabe political pundits have set up their own soapboxes over there so they don't have to rise to the challenge of being exposed by commenters as concocting fallcious arguments.

  19. > Blogspot's comment system is a closed system, not a self-hosted application.

    So yes, you ARE an idiot. Attack a trivial side point which ignores the issue being raised.

  20. Closest to a valid argument, but the design of its comment engine can be done in such a way that it's discouraged -- tracking and validation information can be built into the comment engine in such a way that you would have to replace the entire thing.

    You're welcome to build it. WordPress is open source.

    And you can make it a part of the strictures of the open source licenses that are applicable that said tracking information will not be removed without a clear warning to the reader that this is in effect.

    You're also welcome to seek legal advice on how to do that without violating the terms of the GPL.

    Both things should be done here:

    http://wordpress.org/

  21. We answer technical support questions posted by those who have issues with using wordpress.COM blogs only.

    > Yes, we have no bananas and no troll food either.

    Geeez.

    "Its' not oooooour probleeeeeeeemmmmmmmm"

    Your software sucks, your site sucks, your support people suck.

    I'm a "troll" because I think ill of your piece of crap software which you clearly have input into the design of but really clearly couldn't give a rat's ass about.

    That's not be being a troll, that's blatantly self-evident from your attitude.

    Gee, you make it so hard to maintain my exceedingly low opinion of WordPress as a whole.

  22. @tellyworth
    As that link in the OP is not relevant will you please consider removing it?

  23. obloodyhell, you're in the wrong forum.

    The people you're insulting have no control or influence over the WordPress software that's used on the blog you're complaining about.

    You might as well walk into Microsoft complaining about iPods.

    I'll leave your rant here as a self-rebutting advertisement.

    Stop with the insults and behave please.

  24. @obloodyhell Modrator Note: Please stop the abusive tone Now or you will have your posting privileges revoked.

  25. Someone may, indeed, be an idiot. It's the one who can't understand what we've repeatedly said: that WordPress.COM and WordPress.ORG are different software, and that he/she/it is in the wrong place.

  26. I go out for dinner and a couple glasses of Kendal Jackson Merlot and miss all the fun, but at least I got to read it.

  27. BTW, if he launches this mission over at .ORG forums with the attitude he did here, they will eat him alive.

  28. And I'll be over there to watch **** she clicks her wine glass rim against his **** Salute!

  29. Some people let their emotions over-rule their intellect. That is why some people need emotional fitness training and possible more. You guys were patient.

  30. lettershometoyou
    Member

    Well that was loads of fun.

    I have only once come across a blogger - and that's using the term loosely - who changed my comments to look like the opposite of what I said. I didn't let it bother me.

Topic Closed

This topic has been closed to new replies.

About this Topic