Results of internal meetings regarding solving the registration issue on disroot.org

Sun, 30 Sep 2018 10:24:42 +0200

Hi there,

We would like to share our thoughts that came out of the series of brainstorming sessions we have had the last days.

Possible solutions we have considered and our opinion about them.

1. Invite only - where new accounts can be created only when invited by other users.
We have quite a strong position on that one. We started Disroot with the intention of being accessible to a wide audience. Invite only solution creates a barrier where only certain circles of people are allowed in. We want to be as open as possible for anyone seeking better solutions for their digital realm. By allowing invite only account we would've exclude a big portion of our current disrooters, supporters and contributors.

2. Paid accounts.
Money is the solution to everything... It's seems like the perfect tool to get all the abusers, scammers and spammers out of the platform. Paid accounts seems to solve the financial situation too. However, money also means another set of complications. First of, it closes the doors to those that can't afford to pay. It changes the whole nature of the project and creates a different relationship between disrooters (users) and admins, where certain expectations are held. It also asks for a whole set of new administrative tools and financial obligations which we would rather avoid. Such change to the project's nature is too drastic so that we feel it would be more honest to start a new separate platform based on paid accounts rather then change Disroot into such.

3. Approval based user creation.
This is the solution we are leaning towards. Originally we thought it to be too labor intensive, but after giving it some further thought we start to think approving account after a short delay will prevent most obvious abuse from happening. And with the help of some good automation backstage, we hope the extra work will be minimal.
The idea would be to ask new signups for a confirmation email address. After confirming the request (which will prevent automatic bot account creation and thus render re-captcha obsolete) we, the admins, will still have to approve the account based on a specific criteria we will develop, this will take up to 24 or 48 hours (to be decided). The waiting time will prevent spammers that need immediate access, our approval criteria will prevent other obvious abuse cases. Users could afterwards remove the verification email address or keep it as another possibility to reset password. We would like to try this method and see what the results are. How much abuse we can prevent, how much work will it impose on us and what other consequences it will bring.

meeting news disroot

show all 25 comments

Sun, 30 Sep 2018 10:54:59 +0200

hosh

Sun, 30 Sep 2018 14:42:29 +0200

I once considered making an account here: https://www.autistici.org/get_service . Their services are also free of charge but require pre-approval. Riseup have a list of "Radical Servers" at https://riseup.net/en/security/resources/radical-servers

Frank Aerror

Sun, 30 Sep 2018 17:44:39 +0200

👍 option 3

Abd Hessuk

Sun, 30 Sep 2018 20:35:07 +0200

Option 3 would be the best

Chuck Wagoneer

Sun, 30 Sep 2018 22:51:15 +0200 from Diaspora

I like Option 3 also. Is this a vote? :D

sunjam

Mon, 01 Oct 2018 02:49:00 +0200

I like Option 3. Also, inviting others to join Disroot is a fun idea fwiw

adinfinitum

Mon, 01 Oct 2018 09:29:04 +0200 last edited: Mon, 01 Oct 2018 09:31:00 +0200

+1 = Option 3
re: option2 - I am certain the seperation of a €root platform (for paid services) would provide a great +benefit support for all the hardworking admins @Disroot Community

#Love & #Solidarity
@PermaTec
@CeiloTierra

muppeth

Mon, 01 Oct 2018 09:57:53 +0200

This is not a vote. Just asking for feedback and sharing our ideas with others. There is also a discussion going on at https://forum.disroot.org/t/how-to-solve-the-abuse-problem-on-disroot-org-platform/4229/15
It's interesting to see other people's view on things.

leodurruti

Mon, 01 Oct 2018 16:48:35 +0200

I think option 3 would be the best.

autistici.org works this way and it's not annoying for the user (or at least it wasn't for me).

Steve A.

Sat, 06 Oct 2018 02:07:58 +0200 from Diaspora

Hey all - new user to disroot. It's attractive to me due to it being non-commercial. I'm attempting to get off of Google services and it seems that disroot might allow me to do that. I joined 24 hrs ago, and have had trouble getting my email setup. Is that because as a new user there is a waiting period? I have filled in my profile, with links to my blog and of course used my gmail account to sign up. Is there other verification that I should do? Thanks!

Massimiliano

Sat, 06 Oct 2018 08:49:06 +0200

@marathon@pod.disroot.org
We are glad to hear that you have chosen Disroot to get off Google. But unfortenly new signups for e-mail (not only mail) are closed at the moment due to abuse.
Admins are working on reopening signups soon, they are tweaking some final details.
The plans are to reopening signups in one or two weeks i think.
On the link beneath you can read the blogpost explaining the temporany closure

https://disroot.org/en/blog/temporary-closed-registration

muppeth

Sat, 06 Oct 2018 09:45:57 +0200

@marathon@pod.disroot.org The diaspora account you signed up for, is disconnected form all the other services we provide where currently as @Massimiliano pointed out signups are closed. Diaspora account does not provide access anything else (email, cloud, chat, etc) then diaspora itself.

jeroenpraat (hubzilla)

Sat, 06 Oct 2018 09:58:47 +0200

I think option 3, combined with option 1 is a good idea. When someone signs up with an invitation, the approval process can be shorter or maybe none.

Steve A.

Sat, 06 Oct 2018 16:43:56 +0200 from Diaspora

OK Thanks @Massimiliano & @muppeth I'll be patient.

Chuck Wagoneer

Sun, 07 Oct 2018 01:48:46 +0200 from Diaspora

Besides donating financially (which I do), how else can an ordinary not-particularly-talented guy get involved in this project? Do I need a different login for the community site (forums and such)?

Massimiliano

Sun, 07 Oct 2018 07:36:39 +0200 last edited: Sun, 07 Oct 2018 07:46:53 +0200

@Robin
For the Disroot forum you need to signup a new account, wich you are free to do on
https://forum.disroot.org

And besides forum you can join the Disroot general chat group

xmpp:disroot@chat.disroot.org?join

muppeth

Sun, 07 Oct 2018 08:35:23 +0200

Actually for the forum you can login with disroot account (just use login with disrootid' button.

muppeth

Sun, 07 Oct 2018 08:37:44 +0200

@Robin also thanks for donating 😃

Chuck Wagoneer

Sun, 07 Oct 2018 12:22:52 +0200 from Diaspora

Donating is easy and the least I can do. For all I'm getting, it's certainly worth paying at least as much as similar services charge.

Steve A.

Tue, 09 Oct 2018 12:45:43 +0200 from Diaspora

I have logged into the forum, but it doesn't seem to be very busy. I posted there, but most posts were months old. Then I saw a note to come here (pretty sure it was on that forum).

You know I don't mind donating monthly for this service either - I paid for Drive storage for Google, so it just makes sense. 👍 Does disroot.org have a Patreon account? If not maybe they might consider that. I don't use paypal and I'd prefer not to use Credit Card or digital currency. The latter, only because I'm not familiar enough with.

Massimiliano

Tue, 09 Oct 2018 13:50:41 +0200

@marathon@pod.disroot.org
Here is the parteon link
https://www.patreon.com/disroot

Steve A.

Tue, 09 Oct 2018 14:10:03 +0200 from Diaspora

Thanks @Massimiliano I donated ;-0

ghose

Wed, 10 Oct 2018 05:18:23 +0200

Hi disrooters

#Faircoin has been added to cryptocurrencies
https://disroot.org/en/cryptocurrency

I've notice this now. Thanks @Disroot Community, hope I can use it on the near future ;)

muppeth

Wed, 10 Oct 2018 08:43:38 +0200

@Xosé M :P Its been there for over a year

Kalipus

Wed, 10 Oct 2018 11:06:40 +0200

In my mind goes around a idea for some time.
I have a dream of abuse less services for everyone who is nice.

I am thinking of limitations of services who getting abused until you get peer2peer verification.

What I mean is that the people of the service verify themselves with some QR code if they think the person is trust able. Depends on service and level of trustiness from the verificator the level of the new increases. But the verification looses points after time, so that a reverification after months is necessary, cause people and the world change.

What you think?