Hitbox on LiveJournal

[kevink]

I want to address the questions and concerns we have heard from users about Hitbox code on LiveJournal. There are several points that have been raised and I'll try to touch on each one.

Comments

[queerbychoice]

I do hope you'll learn from the experience and not do that sort of thing anymore. Nonetheless, I personally am willing to forgive the situation, this time. I'm just glad that LiveJournal cares enough to stop using Hitbox until all the security concerns can be properly researched.

[snarkophagus]

The apology is much appreciated, and at the risk of beating a dead goat, I'd like to elaborate a bit on why I was so vehemently opposed to this. It's not the fact that a site tracker was used. It's the fact that there was no advance announcement of it like there is with almost every other feature that's implemented after the managers have been excited about it

[karen2205]

We didn't communicate well with you when we implemented Hitbox. We weren't trying to pull a fast one on you -- the [info]changelog commits are there in the open -- but we just didn't take the time to spell it all out clearly. I know that some folks might assume that we were trying to sneak something by them. We weren't, but what's done is done. I apologize for the poor communication. It felt slimy to some of you and that's a big bummer for me -- I know you love LiveJournal and I do too. The communication (and the site) will improve.I'm not sure how to react to this - on one level it's great that you've recognised that you've made a mistake and are promising to learn from it for the future, which is all anyone can really expect. We're all human, mistakes happen, learning from them is the best anyone can do. On another level it seems that LJ/6A seem to repeat this mistake every six months or so - eg. the problems over rewriting the abuse policies/the uproar when LJ was sold to 6A/going back in time to when there were lots of technical

[jc]

My sentiments exactly. I strongly suspect that neither this post, nor marksmith's post in lj_support, would exist had LiveJournal not been caught. This coupled with both external and internal dissent forced the above rethink, and the significant level of internal dissent is the only thing that distinguishes this debacle from its numerous predecessors.

No one person within Six Apart or LiveJournal (or its userbase) has a complete understanding of LiveJournal's userbase, or can claim to know What The Users Want Or Are OK With. It's through initiatives such as feedback and groups like the dozens-strong Support/Abuse teams that the company discovers the wants, needs and opinions of the userbase, and this tracking initiative is by no means something that should have bypassed all of these forums completely before it was pushed live.

I, too, hope that this incident serves as the mother of all lessons to those concerned.

[jiggery_pokery]

Very nicely put.

I don't think that the save LJ made on this particular incident was too bad, but LJ having to make a save like this at all is generally poor form.

[anildash]

I think making discrete examples fit an "every six months" pattern is kind of disingenuous. For example, you list "the uproar when LJ was sold to 6A" as something that was a mistake, when I think most people I talk to recognize the reason stuff like tags or My LJ or whatever are able to come out more quickly is because being part of 6A freed up some resources that might have been tied up on less interesting stuff otherwise.

What I mean is, there might be an individual mistake that draws a tiny (but admittedly loud) percentage of people into complaining once or twice a year. There's over 8 million accounts on LJ now, though -- with that many people, someone's getting pissed off at LJ *every day*, whether there are changes or not.

Let's let individual mistakes be individual mistakes, just like every person in our community is an individual. Stringing them all together doesn't do justice to how hard the team works to try to do the right thing, and makes an assumption of malice that just isn't fair.

[jamesd]

Thank you for your post. There is one inaccuracy in it

[zarhooie]

They weren't thinking. Silly LJ folk.

[flick]

the subject line of a post on a S1-styled journal's Post Comment page. That was a bug -- an unfortunate oversight. I'm sorry we didn't think ahead about these isolated cases when we decided to use the page title to populate the variable that identifies the page for Hitbox.

What proportion of the userbase is still using S1? LJ-as-a-company seems to have completely abandoned it, but I can't believe that the number of people who use it is low enough to make the term "isolated" even remotely accurate.

That said, props to you for pulling it, and hopefully there *will* be a proper announcement before it's reinstated, if it is.

[phoenixdreaming]

It's actually inaccurate to say "the subject line of a post on a S1-styled journal's Post Comment page" is all that's affected. Anyone using site-scheme comment pages was affected -- all free users and Early Adopters, all paid users in S1, all of the many S2 users who enable old-style comment pages. Add to that entry page views from those people using ?style=mine, which forces even styled comment pages into a sitescheme view.

[christine]

Not only that, but I end up on site scheme styled all the time as soon as I'm twice removed from my friends page. In fact, the page I'm commenting from right now is in site scheme. To me it seems that phrasing it in such a way to make it sound like it as only those s1 users is intentionally minimizing.

[flick]

Wow - that just makes it even worse.

"Isolated", right. [sigh]