Jump to content

Unregistered users can't download (or, apparently, register))


Recommended Posts

See here - http://forums.ni.com/t5/LabVIEW/Write-to-STDOUT-from-Labview-EXE-Ran-from-Console/m-p/3297020#M964175

I can confirm that unregistered users can't download attachments, as that's easy enough to check with a private window - you get an access permission error page with the text "The page you are trying to access is not available for your account" and the error code 2C171/1

I'm not sure what his issue is with creating an account.

Link to comment
On 20.5.2016 at 2:55 AM, Michael Aivaliotis said:

So what's the problem? You always needed an account to download stuff. That's not new.

Maybe you should take it up with this guy? Or this guy?

 

As for the registration, I was simply pointing it out. I have no idea what his specific issue was.

  • Like 1
Link to comment
On 5/22/2016 at 1:36 AM, Yair said:

Maybe you should take it up with this guy? Or this guy?

That was over 5 years ago. Always means less than 5 years. :P

But seriously, those posts you link to are referring to the CR downloads. Which you can still download without logging in, BTW. The NI forum complaint is referring to forum post downloads. That's always (more than 5 years) been like that.

Now that I think about it. I'm not sure why the CR area doesn't require login to download. That doesn't make sense. I might have to change that.

Link to comment
12 hours ago, Michael Aivaliotis said:

Now that I think about it. I'm not sure why the CR area doesn't require login to download. That doesn't make sense. I might have to change that.

I would argue that the opposite is preferable - open all downloads. While registration isn't a super tall barrier, I think the default should be for this to be open, both practically and as a policy matching the spirit of LAVA, unless there is a particular technical reason or principle which should make it blocked. Is there?

Link to comment
2 minutes ago, Yair said:

I would argue that the opposite is preferable - open all downloads. While registration isn't a super tall barrier, I think the default should be for this to be open, both practically and as a policy matching the spirit of LAVA, unless there is a particular technical reason or principle which should make it blocked. Is there?

You can't ban malicious people that hog your server resources by downloading every file on your site from just a couple of computers if it's open to everyone. At least if they have to register you increase the work they have to do to and can mitigate it somewhat without having to spend huge amounts on DDOS services.

Link to comment
1 minute ago, ShaunR said:

You can't ban malicious people that hog your server resources by downloading every file on your site from just a couple of computers if it's open to everyone. At least if they have to register you increase the work they have to do to and can mitigate it somewhat without having to spend huge amounts on DDOS services.

I know what the potential technical reasons are. The decision should be about whether LAVA wants to preemptively protect against such DOS attacks and whether it's worth it for the hassle of people having to register to download. My question is about that balance and not so much about the actual reasons.

Link to comment
18 minutes ago, Yair said:

I know what the potential technical reasons are. The decision should be about whether LAVA wants to preemptively protect against such DOS attacks and whether it's worth it for the hassle of people having to register to download. My question is about that balance and not so much about the actual reasons.

You said unless there where technical reasons and I gave you a very important one.Now your objection is about DDOS policies and registration? . 

I'm struggling to understand the vehemence of your objection to a standard practice for websites (which is standard because of the reason I outlined) and why it is such an issue for you on LavaG.:blink:

Edited by ShaunR
Link to comment

Vehemence is a strong word, considering the term I used was "preferable".

It's a simple binary choice between require or don't require and the considerations for it are either conceptual ("we want minimal barriers", "we want people to commit", etc.) or technical ("defend against DOS", etc.). I'm just saying that my preference is for it to be open unless there's a good reason for it to be closed. DDOS protection is a good argument, but you can argue in return that LAVA is not a likely target or that even if it is attacked, it might be worth it. Then you could counter-argue that Michael's peace of mind of not having to deal with it takes precedence over users ease of use of not having to register. All are valid arguments, but in the end it's easier for users if they don't have to register.

Link to comment

I second Yair, and think that looking from the user point of view only, no registration for downloads promotes the LAVA spirit.

The comparison coming to my mind is sourceforge. My perception as an user is "hey, I can get a lot of interesting stuff from here for free. And I can also give technical feedback, contribute, and even start my projects, but for that it's legitimate that they know who I am". They certainly have orders of magnitude larger technical staff to deal with server issues, though.

Link to comment

Who has to deal with DDOS, spammers and abusers?  Primarily Michael, forum members to a lesser extent because we are affected too.  So I think it should be clear that this decision is in Michael's hands.  If I had a vote I'd say to have it open, until something goes wrong, like some script kiddy downloading all CR items continually for days.  If that happened once I'd lock it down.  But if Michael thinks you should be required to login to perform some actions then that'd be fine with me.

Link to comment
47 minutes ago, hooovahh said:

If I had a vote I'd say to have it open, until something goes wrong, like some script kiddy downloading all CR items continually for days.

Yes. But that's not really how it works and depends a lot on the provider. The service provider will either black-hole your server address for 24-48 hours at a time - so no-one can see it - until it goes away or you may get stung for exceeding your bandwidth and have to pay extortionate amounts per GB (if you have a limit).

The rest of your sentiments I agree with, though, I'm just boggled why Michaels decision is even being questioned because I consider it is a black and white choice for the site owner and he's made the decision.

Link to comment
On 26.5.2016 at 4:32 PM, ShaunR said:

 I'm just boggled why Michaels decision is even being questioned because I consider it is a black and white choice for the site owner and he's made the decision.

You may consider it black and white, but you're not the site owner. Mike is, and he hasn't responded, so we don't know what his reasoning is for his position (not that it really matters, because he can do whatever he deems fit).

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.