4 years later: let's talk about 2.0

Super120 said:
On their original announcement they said it was going to be released "later 2013"... after 1.3 HYS threads they changed their mind and now say it will be ready Q2 2014.
Click to expand...
You clearly do not understand what you are talking about. :)
 
  • Like
Reactions: Naz
Alfa1 said:
  1. just in time registration. it's great to get a lot of traffic but there should be a much better conversion from visitors to posters.
  2. develop the trophy system into a mature gamification system.
  3. Q&A functionality. sites like stack overflow are eating our traffic.
Click to expand...
These are some real improvements in terms of user experience and will equip us to handle the competition. Stackoverflow, quora are just the few and they are doing well probably because they are easy to use and have much better gamification.
 
I don't think xenforo needs to suffer from the firefox syndrome. People may think that a software is better if its first point release number is greater but in truth xenforo with its first first point release arguably beats the competition with their 3.x/4.x/5.x first point releases.
 
Luxus said:
I don't think xenforo needs to suffer from the firefox syndrome. People may think that a software is better if its first point release number is greater but in truth xenforo with its first first point release arguably beats the competition with their 3.x/4.x/5.x first point releases.
Click to expand...
Can't agree more with you!
 
Luxus said:
I don't think xenforo needs to suffer from the firefox syndrome. People may think that a software is better if its first point release number is greater but in truth xenforo with its first first point release arguably beats the competition with their 3.x/4.x/5.x first point releases.
Click to expand...

There's nothing wrong with Mozilla Firefox...
 
Amaury said:
There's nothing wrong with Mozilla Firefox...
Click to expand...
His point I believe is more with the version release schedule than the actual software. To make his point clearer, what is the difference between the last two first point releases they've done. To be fair, chrome is the same in this regard.
 
Daniel Hood said:
His point I believe is more with the version release schedule than the actual software. To make his point clearer, what is the difference between the last two first point releases they've done. To be fair, chrome is the same in this regard.
Click to expand...

Bug and security fixes.

I believe in version 29 or 30, that display issue with the YouTube video playing icon will be fixed.
 
Garamond said:
One-click upgrade, like Wordpress.
Click to expand...

How does that work though? It's easy to say that when you deal with a free product. I mean a quick license check probably isn't that hard but I also feel like there is a spoofable element to where they would rather keep the delivery here instead.
 
It's quite easy, I know of at least one add-on which does it.
You just need to enter the customer log in details and then 'get' the file.
 
Brogan said:
It's quite easy, I know of at least one add-on which does it.
You just need to enter the customer log in details and then 'get' the file.
Click to expand...

Its not about the difficulty. Yes we can do it tomorrow if we wanted. Its about security. Yes the customer login info is the security in that scenario. The concern with the addon is the info being stored in some form of reversible encryption or obfuscation.

But in a core implementation with the backend supporting it the installation becomes the key does it not? A key or hash and the site claiming to be the domain that is on file requesting the update is what were using as security for that. Is there not a concern?
 
Last edited:
rainmotorsports said:
Its not about the difficulty. Yes we can do it tomorrow if we wanted. Its about security. Yes the customer login info is the security in that scenario. The concern with the addon is the info being stored in some form of reversible encryption or obfuscation.

But in a core implementation with the backend supporting it the installation becomes the key does it not? A key or hash and the site claiming to be the domain that is on file requesting the update is what were using as security for that. Is there not a concern?
Click to expand...
Wordpress is by far the most popular blogging software in the world (and also powering large websites). One-click upgrade has been standard a couple of years now, don't you think they have sorted out the security issues? It has worked (as far as I'm concerned) flawlessly since they launched it. There are simply no reasons for Xenforo not to have such an option, and by doing that it would stand out even further from other forum softwares.
 
Garamond said:
Wordpress is by far the most popular blogging software in the world (and also powering large websites). One-click upgrade has been standard a couple of years now, don't you think they have sorted out the security issues? It has worked (as far as I'm concerned) flawlessly since they launched it. There are simply no reasons for Xenforo not to have such an option, and by doing that it would stand out even further from other forum softwares.
Click to expand...

I think your head is in the wrong place. Your thinking as a consumer and not as a developer. Wordpress is free, there is no license security to be compromised. Their main concern is preventing bandwidth issues. What does any system wordpress have for updates that have to do with securing delivery of paid viewable source software?

As Brogan points out there is an addon which utilizes the current method of getting the file. A site admin assumes the risk in running this due to the fact that his customer info is stored in a reversible fashion on the server. Likely a core system for updates will not use the actual customer login info to verify the license. But as a developer of even the most easily pirated software, you have to take steps to mitigate your customers from being an accidental source. You don't just trust the first server sporting the right credentials pretending to be the site on file. The actual update system is one thing. But in the core functionality you are requesting we go from the customer area being the method of protecting file delivery to another system of authenticating the license.
 
Last edited:
rainmotorsports said:
I think your head is in the wrong place. Your thinking as a consumer and not as a developer. Wordpress is free, there is no security to be compromised. Their main concern is preventing bandwidth issues. What does any system wordpress have for updates that have to do with securing delivery of paid viewable source software?
Click to expand...
I see your point, but Brogan has already told us there is no problem with such an implementation.
 
Garamond said:
I see your point, but Brogan has already told us there is no problem in such an implementation.
Click to expand...

Its easily possible yes, Brogan pointed out an add on using the existing method of delivery. The user assumes the risk in storing his own data on his server. The software might be safe (exclusing addons) but is the host? It's not something we as customers worry too much about but would you trust your customer login info to your email inbox? I wouldn't and I sure wouldn't have it on my server even encrypted (it has to be reversed by the software to pass to the customer login system).

It can be done as a core feature and honestly there is little use in worrying about a customer unknowingly being exploited to get updates files to be nulled and distributed. Likely there are paying customers that are the actual sources for those sites. But piracy is something a developer does think about when they decide how to distribute their files and thats just where I was coming from with my initial reply to you.
 
You must log in or register to reply here.

Similar threads

BikeGremlin
Optimization, security, customization or: How I jumped on my own sword :)
Replies
1
Views
477
BassMan
BassMan
K
Consent Management
2
Replies
20
Views
3K
twollert
twollert
Fullmental
Dedicated server recommendations?
2 3
Replies
50
Views
4K
Vroomm
V
Baby Community
Baby Community Site Display Area
Replies
1
Views
869
Baby Community
Baby Community
sbj
  • Locked
Current state of XF and the participation of the XF Team
6 7 8
Replies
150
Views
15K
Kier
Kier
Top Bottom