Reddit reveals security incident that looks more SNAFU than TIFU Colorful web forum Reddit has revealed it has suffered a security breach. In a post titled "We had a security incident. Here's what we know" Reddit's founding engineer and CTO "KeyserSosa" – aka Christopher Slowe – explained that late on February 5 "we became aware of a sophisticated phishing campaign that targeted Reddit …
You can be sure that employee won't make that mistake again!
It reminds me of a story (that I probably read here in the comments, or "who me?"), how a team shared the job of being responsible for some system backups. Anyway, one person screwed up something, meaning backups were lost, and they were needed. A lot of recovery time and cost later, the guy was called into the managers office.
Expecting to be fired, the manager put him solely responsible for backups from then on, saying that he was now the person least likely to screw up.
Many bosses go with the old "show me someone who's never screwed up, I'll show someone who's never done anything." Usually, it's been one screw up is ok... we'll deal with it. The second.... not so much but with the background understanding... "Murphy and crap happens".
On a Reddit-related note, I run a sub, and it looks like the devs silently added a *pinned* post (claiming to be pinned "by the moderators", i.e. ME) which *I* do *not* see when I'm logged in as me, promoting their "lounge", per-sub real-time chat.
So, yesterday, for the first time in a long time, I looked at the sub, without being logged in.
To my astonishment there was a pinned post, marked "pinned by the moderators", promoting the sub "lounge" (some new real-time chat feature the devs are pushing).
I logged in. When I look at the sub logged in as me (the mod), I do *not* see that post.
I then looked at the list of posts - a chronologically ordered list - of posts to the sub.
At the *bottom* of that list (and so, in the wrong place - evidently to hide it) is a unapproved post, put there evidently by the Reddit devs, which is the pinned post I saw when not logged in.
As you can tell, I was not informed, and it looks like the devs are actively hiding these posts from mods.
I deleted the post, and made my own post, explaining what had happened.
On the face of it, the Reddit devs cannot be trusted, and are actively deceiving mods and silently interfering with subs and in ways which knowingly deceive users.
(As an aside, the CF security check when I submitted thie post failed and destroyed my post here. I'm well used to forms failing to work, so I always copy my test before submitting, and once again, this saved me.)
The company is sadly dead weight we are dragging behind us.
Reading your post initially I was wondering if another Mod might have posted it, but by the end it sounds like you got to the bottom of the issue.
Sad, but not really a surprise from the current brain trust. These are the same jerks that messed up old. made the new web interface a hellscape, and dick with third party clients.
It's one of the few sites I access on mobile and don't ruthlessly adblock(like this one), but I'm fed up with Reddits B.S. with the constant nagging to install their crappy app, blocking people from viewing non adult/extreme/controversial posts unless logged in, etc.
One of the main reasons that I WASN'T freaking out about the news they got hacked is that Reddit has very little information on me. I never sign in unless I am posting, I provided no information that was closely associated to me in that account, and I don't spend a ton of time talking about myself. I also don't care about the karma game much, so I roll into a new account every few years. Not that IDing an old IP couldn't expose me to harassment, but I'd be more concerned if the user info for this forum got cracked that my Reddit history.
That is one of the things I liked about Reddit, but it also has rolled the welcome mat out to a lot of the toxic fringe. r/thedonald got all the press, but r/fuckcars, PCM, and sadly, even r/science have been taken over by a single viewpoint and set to full broadcast mode. 4chan and 8 have made playing with Reddit one of their favorite pastimes, shitposting, trolling, and raiding away. White nationalists constantly try to upvote racist dogwhistles and nazi pictures to the front page(Yeah, it just historical enthusiasm for military equipment from a very specific nation and time, sure buddy). "Wellness" influencers spread organic free range brain rot. And every sub has an stream of attractive girls cross posting that also casually drop that they have an OnlyFans page as often as they "forget" to pull up their top in the selfies they post. As the other social media sites bleed users, Reddit succumbed to the rot brought in with a tide of new users that were never part of the Reddit community before and tried unconsciously to make reddit like Tumblr, Instagram, Twitter, or whatever other place they came from.
Reddit the company need to tackle some of these problems instead of thinking they can keep boiling the frog. Twitter and Facebook have both crashed, snap is yesterdays news, and all the good TikTok content ends up on Reddit anyway. But the platform they provide isn't precious or special. And the constant harassment and nagging as the community becomes more polarized and toxic is how they will go over their own version of the same cliff. Most of the community than made the old Reddit take off were refugees from the beached wrecks of the last 5 "cool kid" forum sites.
slashdot and myspace and tribe and a dozen mostly forgotten names that dropped the ball and never really recovered.
Reddit needs to right the ship before it capsizes. Right now it's flailing around trying to monetize the site in ways that everyone hates, censoring speech while adding fake posts and sponsored content, while turning a blind eye to mod teams that have gone of the rails and hijacked high traffic subs to spread scams, propaganda, hate, and madness. Instead of banning whole subs or hiding them, they should be installing an editorial board to keep the mods from deleting posts that don't break guidelines but DO fact check the sub, or make a well argued case against the postion of the mods. That would help regardless of the specific "echo chamber" sub or it's political view.
Another issue us the way some mods act like a sub like r/news or r/science should be their personal fiefdom, with no checks on their authority and no accountability. I'd be fine if /u/smokemylog runs /r/trucknutsnewsdaily however they like. But with as much impact and traffic as the big subs like r/news and r/science get, it damages the credibly of Reddit as a whole and harms the community if those subs are solely policed with mods that refuse to do basic fact checking on the posts there. And no other sub that DID could get traction because the site framework of Reddit itself is sending all the traffic to the subs they know are broken. (cynically, I expect they KNOW this, but are making money off pushing crap articles to viewers and that some of those sites are also buying ads. The high profile campaign by the Hobby Lobby set being a fine example. They are buying ads as well as running subs to try and own the front page.)
As you say, it's the content posters that make Reddit.
So, whilst on that subject, can you help me with one question I've had for a long time.
Apart from the users, and their content, what's so special about it? I'm being serious. You mention the website design mess, but that's an understatement.
From what I can see, it's basically just a forum that would look and operate far better even on some free forum software, like phpBB.
What am I missing?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
