idea

make DistBB but in the browser, with WebRTC
all data = cookies

I thought we already told you WebRTC is shit for fags?

>>2
b-but..
='(

>>3
No buts.

made this real quick http://anonymous-trollfest.herokuapp.com/
now all we need is a protocol for storing data in cookies and syncing up peers
also, is it possible to maintain a websocket and many webrtc connections while changing pages? (as long as its the same domain?)
if not, maybe it'd be better to have all page changes be just javascript changing the elements

>>5
It doesn't even work without Javashit enabled. Sorry, I refuse to use this.

>>6
How would you use WebRTC (the only p2p technology available in the browser, if you don't count flash) without javascript in the first place?

>>7
Ι guess the answer is clear: I won't.

Wow, I didn't know there was a max of 4093 bytes of cookies per domain http://browsercookielimits.x64.me/
guess it all comes tumbling down, unless there is another way to store data in the browser

>>9
Give up already, ``the web'' is shit.

>>10
``the web" is accessible, no need for downloads, no need to be distrustful, everyone has everything it needs to run already

just found out about IndexedDB, where the limit is 50MB but the user can increase it at will, and my firefox seems to support it ^^

>>11

accessible

Is this supposed to be a good thing?

>>11
The
web
is
shit
, Luke.

>>12
Yes, it is. Accessible is a good thing.

>>11

accessible

No it's not. Whatever thingy-majigger you're using, it doesn't run for me. I can't access it.

no need for downloads

Wait - maybe I've misjudged the web. Are you telling me that data shows up on my machine without having to download it? I've heard of this theoretically, but I haven't heard of an implementation. Does it violate causality? What's the transfer limit? Do I need any special hardware?

No it's not. Whatever thingy-majigger you're using, it doesn't run for me. I can't access it.

If you enable javascript and have a up-to-date modern browser, it will
If not, please show me your console log

Wait - maybe I've misjudged the web(...)

You know what I mean, downloading exes that might be spyware, adware, etc...

>>16

You know what I mean, downloading exes that might be spyware, adware, etc...

This is solved with open source and signed packages. If it can be peer reviewed it can be judged to be safe by a large paranoid community, then it can be reasonably trusted.

The problem with the web is that the application is reloaded everytime you visit the page. You could say this isn't efficient, but more importantly it makes it impossible to review the source before executing it. You could be visiting a page for years that uses the same javascript application every page load, but one day some 1337 h4x0r has compromised the server and made it serve you malicious javascript that exploits your browser. It isn't easy to keep an interpreter secure when the code it executes can be made arbitrary (although you'd think this would be easy. are all runtime writers for javascript, java, and flash incompetent or something?) As long as exploits exist, web languages will be just as dangerous as exe files, except they are more dangerous because the code is fresh on every page load. It's like downloading an exe from a server and running it every day and hoping the server never tries to screw you over.

If it can be peer reviewed

yeah, but how will you get it to be popular enough to be peer reviewed first if people don't trust it because it isn't peer reviewed yet?

it makes it impossible to review the source before executing it

http://onlinecurl.com/

>>18
I guess another solution is to introduce the concept of privileges so an application can run with the minimal access to you machine required. Games can run in file system jails with only access to audio, video, and key events within their window. Something like that could help. But there's always the danger of jail escaping. Just like a javascript exploit in a browser finding a way to execute arbitrary code on the victim's machine. If it's open source, exploit attempts will be obvious to see. All it takes is one programmer to see the source, spot the suspicious code, and start a pr storm on it online.

2nd thing

what the fuck is this and why did you link to it?

yeah, that'd be nice. While that isn't here, there's still sandboxing, but casuals won't use it. JS is actually pretty secure too, I think all it can do is either lag your browser, CSRF if the target site doesn't use sessions correctly, or XSS if it doesn't escape html as it should. But yes, nothing is immune to newfound exploits

what the fuck is this and why did you link to it?

online curl, you can see any page's source code before opening it

>>20
people are terrible at writing secure interpreters. They'll never be secure. Sandboxes can still be escaped.

I can't believe that actually exists. I suppose it could be used as a proxy with the right userscript.

people are terrible at writing secure interpreters. They'll never be secure. Sandboxes can still be escaped.

I don't know much about that, so I won't opine

I suppose it could be used as a proxy with the right userscript.

yeah, but without cookies
but there are already a lot of proxies out there

>>19,20,21
Hardware capabilities would have saved the world from browser as a virtual machine based program distribution.

http://en.wikipedia.org/wiki/Capability-based_security

If you enable javascript and have a up-to-date modern browser

For fuck's sake, is it that hard to get through your fucking thick skull? We won't enable Javashit, the web is shit. How many times do we have to tell you this?

>>16

If you enable javascript and have a up-to-date modern browser, it will

It really won't. eix -I www-client/* shows that all the browsers on my system are completely up to date, and I explicitly set USE=javascript when I rebuilt just now. Your page does absolutely nothing. Visiting your page doesn't generate anything called [m]console.log[/m] either, but that may be because I run all browsers inside a chroot with no write capabilities.

You know what I mean, downloading exes that might be spyware, adware, etc...

No, I don't know what you mean. Your method of transferring data (which I guess would rely on new hardware which I haven't heard of and haven't bought) is completely unknown to me. Rereading your post, you even make claims that ``no need to be distrustful'' - and I certainly haven't heard of any communication standard with built-in encryption that would generate that kind of response.

I'm not quite sure what ``exes'' are, the only thing that word brings to mind is the extension .exe used to denote ``executable file'' on DOS and Windows, but I don't see how that is at all relevant to this transfer mechanism. But it's clear that I don't know a lot of the technology you're talking about - could you point me to a paper or at least a press release?

>>25
What browser are you using? What version? You get absolutely no logs? That is impossible unless your browser doesn't support it (in which case it is not modern or up-to-date), or that chroot thing is affecting it.

Your method of transferring data

It's WebRTC (http://webrtc.org/), but it also uses WebSockets (http://www.websocket.org/‎) for the handshakes.
I meant no need to be distrustful as you would if you were downloading and running unknown executables, nothing to do with connections.

I'm not quite sure what ``exes'' are

I meant executables in general, be it windows, linux or whatever your system is.

>>26
I use stable and experimental versions of Elinks (0.12_pre6) and variations of w3m (0.5.3-r4, as well as integration interfaces with emacs, versioned at 1.4.513), the W3 browser (1.35), Dillo (3.0.4), as well as wrappers around patched versions of webkit-gtk 2.2.4-r200. Frankly, your website seems shoddily put together since I can't find a browser on which it does anything. I don't see why I should get a log, either. There's nothing about viewing an HTML document that should cause a browser to crash or otherwise generate an error log. Try fixing your site up to work with the browsers I mentioned, then I may give it a second look.

I meant no need to be distrustful as you would if you were downloading and running unknown executables ... I meant executables in general, be it windows, linux or whatever your system is.

What on earth are you talking about? I have investigated the links you posted, and they certainly offer executable code that any interested party would need to download (in some horrible, obfuscated form, no less) and run. Yet you've repeatedly mentioned that you have a communication system that does not involve downloading any executable code. Well? Where is it?

>>1
I don't hate the web and browser as much as some retards here (because it's the pragmatic way to reach a wide audience, and you do what you gotta do), but I don't love it much either. You're not after a wide audience. Given the choice I'd much prefer a small Emacs Lisp program.

>>27
I tried googling to see if Elinks supports webrtc and websockets, and couldn't find one page saying yes or otherwise, so I guess it's never even crossed the mind of anybody...

I can't find a browser on which it does anything

did you try firefox 26+ or google chrome latest version?

There's nothing about viewing an HTML document that should cause a browser to crash or otherwise generate an error log.

I log for debugging, since it is a in-development app... yes, there's a lot of javascript, it's not your ideal only text with some layout tags webpage

What on earth are you talking about?

Ok, I guess I'll have to spell it out... A downloaded file that runs independently of any browser (it is not executed/interpreted by the browser so no way for the browser to limit what it can do) and usually has access to your local directories and many other things you wouldn't trust just anyone with

>>29

did you try firefox 26+ or google chrome latest version?

No. I consider those programs fundamentally broken and have no wish to run broken software, since it would be far too much effort for me to patch them correctly.

I log for debugging

A good practice.

A downloaded file that runs independently of any browser...

That's an awkwardly specific definition of the term ``downloaded executable'' and seems completely useless except for allowing you to make the statement ``I can do X without any downloaded executables'', since it doesn't actually relect either the concept of downloading or execution. Maybe you should write down explicitly what you want to accomplish, then read it back to yourself without any of your own invented definitions applied.

No. I consider those programs fundamentally broken...

welp, then just say that you don't have a modern browser and stop blaming me

and seems completely useless except for allowing you to make the statement ``I can do X without any downloaded executables''

the statement would be: I can do X without any INDEPENDENT executable, i.e. you only need to trust your browser to run X, it is guaranteed to not mess with your local files and whatnot
When I say executables I mean independent ones, binaries you know

There's very few independent binaries. Most assume services e.g. a loader, a dynamic linker etc.

>>31

welp, then just say that you don't have a modern browser and stop blaming me

How about this instead: You stop trying to push broken software on us? You've made many claims about your product that have proven completely false. Maybe you'll get a better reception where people don't consider your foundational technology a steaming pile of shite. Try HN.

you only need to trust your browser

And why would I do that? The two browsers you've mentioned are some of the most complicated pieces of software on the consumer market, made by organizations that have very little interest in making sure that they work correctly, and on top of that have directly demonstrated themselves to me to be unfit for any kind of use.

Trust? Bah. The source code for Chromium is over 2 Gigabytes, and has precious few external eyes observing it. You are willing to put your complete trust in every line of those 2 Gigabytes, then ask me to do the same? Buddy, I've got a bridge to sell you.

I dont know whats with the JS hate, tough i can understand why you would not want scripts for fucking everything.
As a see it a site like this should not depend on jabbascript, tough i think its ok having it in place where it might make the this place easier to use.

Another idea: why no have this palce run as backend and frontend system?
I mean that you could use this place from some neutral interface, tough i dont know which would be viable.
So people could make their own systems to access this place, like say even from telnet for example, and have the web frontend kept in place for users who would just like to use their browsers.

>>34
Even though Tablecat outputs in a nice format, parsing BBCode through HTML tags is very annoying, so I would appreciate something like that. However, I remember Admin-sama say he doesn't really like to touch the board software, so without a patch from our side, I assume not much is going to happen.

Regarding the system, the imageboards got a JSON API in the past, but for obvious reasons, it doesn't allow posts. Might be worth considering since JSON is relatively sane, text-based and easy to parse. On the other hand, I have no idea whether or how to represent parsed BBCode, but parsing it client-side wouldn't be that much of a problem IMO.

>>34

I dont know whats with the JS hate

Are you serious, nigger?

>>36
Tsk.

>>34
Are you talking about /prog/rider or the distBB idea? (Both the original and this idiot's fruit of the imagination.)