What the hell, I saw your response over in this thread. Should have taken a screenshot, it looked like a normal top level reply. /u/dessalines this looks like some weird race condition on the frontend.
We have to come up with a way to replicate it. It probably has to do with the fact that new comments have multiple websocket sends: once to the user directly, and once to the post. I thought I had this filtered correctly but it might need some tweaking.
I’m 95% sure SELinux has undiscovered spyware. It’s a front to get NSA code into libre projects. Are they still updating/maintaining it? If so it’s even harder to prove that it’s not malicious because any one commit could have obfuscated spyware.
We would need to audit the entire code base initially and then every commit afterward.
Also, any account on GitHub or elsewhere could be a double agent from any country’s intelligence agency that wants to insert obfuscated spying code or a backdoor. All the security flaws found in software and hardware could just be honest mistakes, but they could also be intentionally placed there. It’s a terrifying prospect but it’s true.
deleted by creator
I dont konw how you managed to post this in the wrong thread the same second I created the thread :o
deleted by creator
What the hell, I saw your response over in this thread. Should have taken a screenshot, it looked like a normal top level reply. /u/dessalines this looks like some weird race condition on the frontend.
deleted by creator
What happened? That thread is empty.
I know. I created the thread, and right after it finished loading and i saw it for the first time, it had that comment that I replied to.
Hrm…
We have to come up with a way to replicate it. It probably has to do with the fact that new comments have multiple websocket sends: once to the user directly, and once to the post. I thought I had this filtered correctly but it might need some tweaking.
I’m almost certain it has something to do with the timing, probably because the thread and the comment were created in the same second or such.
I’m 95% sure SELinux has undiscovered spyware. It’s a front to get NSA code into libre projects. Are they still updating/maintaining it? If so it’s even harder to prove that it’s not malicious because any one commit could have obfuscated spyware.
deleted by creator
We would need to audit the entire code base initially and then every commit afterward.
Also, any account on GitHub or elsewhere could be a double agent from any country’s intelligence agency that wants to insert obfuscated spying code or a backdoor. All the security flaws found in software and hardware could just be honest mistakes, but they could also be intentionally placed there. It’s a terrifying prospect but it’s true.
deleted by creator
I want intelligence agents to keep their hands out of open source projects. There is a fundamental conflict of interest between the two.