I immediately edited it with a new signed message after realizing my mistake. I had formatted the post and then decided to sign it without thinking of the consequences. If the code block rendered the BBCode it would break the signed message anyhow.

Putting everything inside a code block fixes the formatting of a PGP-signed message. Aesthetic is a small price to pay for functionality in some cases.

Fair enough. +1

That's why God invented a bbcode for [ code]. It was sometime shortly after Bulletin Boards became a thing. The OP is the dev of this entire forum, right?

our glorious hugbunter

First off want to say thanks to HB for providing this forum to us. Second I want to thank this guy for pointing out the more obvious parts of HB life being a raging addict and not being able to tell the truth or complete work correctly and in a timely matter. He has no problem adding filters to block out the work Trade-Rou-te due to a guilty concious though.

The site was extremely fast as other's can testify to, pre-DDOS attacks. You may have not been around for them but there was a user(s?) attacking the site daily which was hard to prevent with the constraints we see in onion land with all connections essentially being anonymous. Following the queue system I put in place to try and prevent this, which proved successful and the attacker(s) conceeded, it left us with the site being slow, mainly because it wasn't something I put too much thought into, just as long as I got the site back up. The forum is highly dynamic in terms of voting and post sorting so the caches are very short in lifetime for the most part. You read into it too much, I'm assuming just to make a point out of it as you have done in other comments previously, the queue system is blocking, so all requests are handled after the previous one is completed. By reworking the system it is essentially becoming asynchronous compared to the current handling. English isn't my first language, so not sure if this is just a misunderstanding between us, either way I meant was I said and believe it is a factual statement. I want to remove the queueing system completely if possible, whilst still providing adequate protection to any future attacks, I wasn't referring to anything on-going, however there is some sort of stress test someone performs on a monthly basis, which doesn't seem to affect much overall other than holding the queue for a moment before their captcha cookie(s) are cleared from all of the requests they are sending. I am just making sure I prioritize overall up-time over speed since attacks can happen at any time and it left us with almost a week of down time last time it occurred since I was trying to develop a less intrusive method of protection previously, holding out to completely avoid a captcha screen. You do also underestimate the size of the forum, I can't track everything specifically, but based on the number of unique sessions and daily requests it is a lot to handle, especially with it all going through the queue system currently.

this is a lot to read, anything im missing other than person mad at hug, hug defends self, hug gets shit for defending self, but with a lot of fluff added in the middle?

It's german. I just made a post about this. You made a typo on Trade-Rout-e I mean Wallstreet. Why did you ban that word?

Because you spammed your conspiracies about said market constantly, it was filtered so I didn't have to spend more time cleaning it up.

You read into it too much.. the queue system is blocking, so all requests are handled after the previous one is completed LOL oy, OK so what's the point of the queue then HugBunter? I want to remove the queueing system completely if possible, whilst still providing adequate protection to any future attacks, I wasn't referring to anything on-going Good then get rid of it. The forum is highly dynamic in terms of voting and post sorting so the caches are very short in lifetime for the most part. I was pretty obviously using the term non-dynamic web forum to refer to it being non-dynamic on the client-side. The prior sentence being about JavaScript and all. And seeing as how we're obviously having some sort of a discussion, that I wasn't implying that Dread is implemented as a static HTML web page LOL. I am just making sure I prioritize overall up-time over speed since attacks can happen at any time and it left us with almost a week of down time last time it occurred since I was trying to develop a less intrusive method of protection previously, holding out to completely avoid a captcha screen. You're not getting rid of captcha screens. All that you've said is that you admit to crippling the performance of your forum 24/7 every day of the year --> for the sake of this site (hopefully/hypothetically) being available whenever this next attack happens. This is not how DDOS mitigation works. DDOS mitigation is frequently expensive, and is customized to the specific attack. Nothing you've described will make a difference with an actual Tor DOS. You do also underestimate the size of the forum, I can't track everything specifically, but based on the number of unique sessions and daily requests it is a lot to handle, especially with it all going through the queue system currently. I'm not doubting that Dread receives a fair amount of passive visitors compared to the average onion forum. I can pretty readily guesstimate the degree of actual load by the amount of content being created here; and the transaction rate is certainly not enough to induce the degree of latency this forum has. And the queue system, this is still very odd, but yeah, I suppose because of the selective language impairment, it's probably better for me to explain it with the help of hand puppets: "Hi folks! I'm Dread Service (1). When a user visits URI X and requests resource Y I send a message to Dread Service (2), which gets intercepted and stored by an intermediary queue. The queue the forwards the message to Dread Service (2), and while Service (2) is processing the message, I, Service (1) am freed from memory." English isn't my first language, so not sure if this is just a misunderstanding between us No, I don't believe it's a misunderstanding. I understand you just fine. English isn't your first language to the exact same degree that you run this site and make darknet vendor shops without profitting personally, just because you "enjoy it". Not saying there's anything wrong with that. It's just amusing that you would think to insult anyone's intelligence with those statements though.

One thing is for sure, you have no experience in running a hidden service of this degree, otherwise you'd have an understanding of the limitations I am facing. The queue system prevented the specific attack, there is no need for it you are right, it was left in place to ensure uptime and never changed, which is why I am making changes. All you are doing is attacking me once again by referring to things either out of my control or that I am trying to work towards resolving. By doing so, you are achieving nothing other than wasting both of our time in such a discussion, I'd appreciate something more productive. You choose to believe whatever you want, I'm not insulting anyone's intelligence by stating what I believe in, just because you cannot grasp such an outlook on things, does not mean others can't. What is your intentions with all of this, considering you have also responded with similar using alt accounts recently? Your comments are literally outlining everything I have said as intended overall. Yes I did cause the slow load times, I know that, everyone knows that. Who mentioned Tor DOS? You, no one else. This was for a specific application level attack. It is funny that you are trying to make a point out of anything I say, but I still cannot work out your motivation for doing so.

One thing is for sure, you have no experience in running a hidden service of this degree, otherwise you'd have an understanding of the limitations I am facing. facepalm mate. LOL you are either the most deeply insecure person I've ever spoken to or you're a cop who isn't terribly familiar with technology. Based on your overly-emotional responses, I'm actually inclined to think that it's not the latter. Your comments are literally outlining everything I have said as intended overall. Correct. Congratulations. I responded to your remarks point-by-point. Because your idea with the queue is fucking retarded. To refute this, is pretty simple Hugs. What, pray tell, what was the nature of this magical attack that could only be solved by the use of a request queue. I'm sure all of the technical literati in the crowd would love to hear specific details on this.....I'll wait (I'm not sure why it's apparently my job to teach you how to argue effectively, but Okkk) You choose to believe whatever you want, I'm not insulting anyone's intelligence by stating what I believe in, just because you cannot grasp such an outlook on things, does not mean others can't. Thanks mate. I can choose to believe whatever you want, which is true. Just because I don't believe a person's lies does not prevent some others from believing those same lies. Which is perfectly fine mate. Nobody said you weren't allowed to con and trick people Hugs. But it certainly does make you look like a lamer if you go trying to feign some false-righteous indignancy about it whenever you get called out on your wacky bullshit. Is that clear enough for you now Mr. Bounty?

Again, you can't seem to handle a response that cleared up every point you made. There is nothing to be insecure about, I was clearly stating that you do not have any idea what you are talking about, especially regarding the queuing system. Temporary measure that ended up sticking as I haven't had much time to push many updates to Dread since. The queue was required to ensure requests were handled one at a time and any potentially malicious requests would be filtered, it was just the best method of handling it at the time. With a hidden service is isn't a straight forward process to handle such attacks and an unconventional method worked best, with the side-effect of a slow load time. You will notice load times vary throughout the day based on traffic. Correct. Congratulations. I responded to your remarks point-by-point. Again, rewording what I said to fit your own narrative. You literally just repeated what I said but some how tried to make it sound like it was a negative. There were no lies involved, so by you plucking these ideas out of your head shows you clearly have ultereor motives. What exactly are you trying to achieve?

Hey man stop wasting your time arguing with this guy. If he's so smart and good at running a darknet site why doesn't he just go out and do it himself instead of bashing yours. Love the service man keep up the good work. You don't OWE these people anything. /u/WhispersInTheWind acts so damn entitled

"Cleaning" a free speach forum. Righhhhttttt

Mhm, you still can't accept that there are still rules that apply?

There are no rules on TOR when you are anonymous..

Well that would mean scams are allowed on markets too, I thought your presense here was to prevent that?

Exactly my point.

You just said there are no rules, yet you want there to be rules against scamming. There are rules on this platform, don't respect them and you will be banned, again and again.

I'll consider adding it into this update, if not then it will be added January. Edit: Also, any bugs you are aware of, please list so I can make sure I covered them, I know you reported a couple to me a while back that I likely didn't get around to fixing.

Thanks sir. If I see any bug I will report.

Trust me, if I had any sort of pentesting/programming skills, GP wouldn't be here. I'm incredibly petty like that.

We all love you Witchman

Well, that's doubtful, from what I've seen, but thanks.

Hover over your name in the top bar, next to the search icon. Click "Account" in the drop-down menu that comes up. Decrypt the verification message it gives you with your old PGP key, and then you're free to remove your PGP key, or add a new one.

Saw your PM earlier, will have time to resolve this for you tomorrow, sorry for the delay.

i cant decrypt it, my OS crashed and I lost all that info