this post was submitted on 03 May 2025
104 points (99.1% liked)

Casual Conversation

3204 readers
451 users here now

Share a story, ask a question, or start a conversation about (almost) anything you desire. Maybe you'll make some friends in the process.

RULES (updated 01/22/25)

  1. Be respectful: no harassment, hate speech, bigotry, and/or trolling. To be concise, disrespect is defined by escalation.
  2. Encourage conversation in your OP. This means including heavily implicative subject matter when you can and also engaging in your thread when possible. You won't be punished for trying.
  3. Avoid controversial topics (politics or societal debates come to mind, though we are not saying not to talk about anything that resembles these). There's a guide in the protocol book offered as a mod model that can be used for that; it's vague until you realize it was made for things like the rule in question. At least four purple answers must apply to a "controversial" message for it to be allowed.
  4. Keep it clean and SFW: No illegal content or anything gross and inappropriate. A rule of thumb is if a recording of a conversation put on another platform would get someone a COPPA violation response, that exact exchange should be avoided when possible.
  5. No solicitation such as ads, promotional content, spam, surveys etc. The chart redirected to above applies to spam material as well, which is one of the reasons its wording is vague, as it applies to a few things. Again, a "spammy" message must be applicable to four purple answers before it's allowed.
  6. Respect privacy as well as truth: Don’t ask for or share any personal information or slander anyone. A rule of thumb is if something is enough info to go by that it "would be a copyright violation if the info was art" as another group put it, or that it alone can be used to narrow someone down to 150 physical humans (Dunbar's Number) or less, it's considered an excess breach of privacy. Slander is defined by intentional utilitarian misguidance at the expense (positive or negative) of a sentient entity. This often links back to or mixes with rule one, which implies, for example, that even something that is true can still amount to what slander is trying to achieve, and that will be looked down upon.

Casual conversation communities:

Related discussion-focused communities

founded 2 years ago
MODERATORS
orangeNgreen@lemmy.world
neidu2@feddit.nl
BoozeOrWater@lemm.ee
104
Someone from my university took down my website (lemmy.world)
submitted 1 day ago by droning_in_my_ears@lemmy.world to c/casualconversation@lemm.ee
42 comments fedilink hide all child comments
 

So I have a small web app I made. I didn't really advertise much because there's a lot of things I wanna fix in it and I don't have the time. But I did tell a few classmates about it.

Last few days I noticed it had been running slowly. Until one day it just stopped working. I checked the server logs and there was a background worker trying and failing to insert some data into the db on loop because of a bug I didn't notice. The data it was trying to insert was spam so I knew this was an intentional thing. I took the server down and in the process accidentally deleted all the logs. Oops.

So I go and check the database and the user who inserted the spam data used their actual email. I google it, find their GitHub, their twitter, and their fiverr which has their actual name and picture. I search their name in my university system and find them. It's someone I don't know. Someone who heard from a classmate I told about it.

Fixed the bug now, banned the account, removed the spam. I guess you could say they did me a favor catching the bug but they could've just told me about it lol.

The only question left is: should I contact them? Send them a subtle 'I know what you did" message on the uni portal?

you are viewing a single comment's thread
view the rest of the comments
[–] recursive_recursion@lemmy.ca 76 points 23 hours ago (3 children)

I'd personally suggest sending an email to one of your profs about noticing potentially malicious network activity that originated from a fellow uni student with your attached proof.

In that same email you could ask them what's the proper procedure for the circumstance you're in.

[–] Draegur@lemm.ee 44 points 23 hours ago

I feel like this is the best option.

OP shouldn't even TRY to take matters into their own hands.

Document rigorously and then send all documentation to the designated people.

Then document who you sent it to and hold onto backups
~~so that if they try to turn it around on you, you can dump all their dirty laundry out into the open~~

[–] PennyRoyal@sh.itjust.works 17 points 23 hours ago

What are you doing here with your thoughtful and well-reasoned replies? This is the internet, we’ll have none of that kind of thing around here! Just because this is absolutely the right course of action doesn’t mean you can be promoting this kind of calm and unsensational behaviour!

[–] TWeaK@lemm.ee 3 points 22 hours ago (1 children)

The logs were deleted, sounds like there isn't any proof left.

[–] droning_in_my_ears@lemmy.world 2 points 21 hours ago (1 children)

There is. The db entries are still there, linked to their username and email. I'm not gonna report it obviously. That'd be silly

[–] tauren@lemm.ee 9 points 18 hours ago (1 children)

The db entries are still there, linked to their username and email.

But can you prove those db entries were created by that user?

I’m not gonna report it obviously. That’d be silly

Why would it be silly? Someone attacked your website. Even penetration testers with benign intentions can't do that without an explicit consent from the owner.

[–] droning_in_my_ears@lemmy.world 2 points 17 hours ago* (last edited 17 hours ago) (2 children)

But can you prove those db entries were created by that user?

Good point. The db entries are linked to the user, but I guess one could argue that was changed after the fact. The db logs are still around but that might not be enough.

Why would it be silly?

I don't know. I just feel like it would be an overreaction. Especially since they technically exploited a bug in my own code.

[–] MrTolkinghoen@lemmy.zip 10 points 17 hours ago

This person was being an asshole. Let's be clear. They didn't inform you of a bug they found. Instead they just wanted to destroy what you made for the fun of it. Let them face some reprecussions for once. At least it'll teach them to cover their tracks better.

[–] thepreciousboar@lemm.ee 3 points 15 hours ago

Especially since they technically exploited a bug in my own code.

Yeah that's called an intrusion, hackers do that and it's illegal. If you accidentaly leave you house door unlocked is it your fault if someone trashes your house?

Report them, no damage was done and it's a relatively minor thing so I wouldn't expect grave consequences, but maybe this person will be more more responsible in the future.