Why did a post telling people to report bugs make 3,000 USD in upvotes and my actual post about a legitimate security issue that the developers directly thanked me get less than 100 USD?

in #steem8 years ago

I wrote these two posts before the hack:

[Security/Bug Report] Steemit.com is vulnerable to "Slow Post" and "Slowloris" DOS attacks

Steemit.com Administrators: You should not allow root login, you should not accept passwords, and you should not let anyone just connect via 22. You need to secure this server better.

The second one is a serious security problem that was fixed thankfully very quickly. These posts were voted up less than 100 USD. Yet after the hack, posts about how white hats should help out, stating they would be paid if they would, get voted up orders of magnitude higher, over 3,000 USD. In this system we think stating demonstrably untrue empty statements with pictures is more important than important posts.

I'm honestly confused, and to be frank, disheartened. I started working on libraries for Steem too because they are woefully lacking but it seems that the community doesn't seem to value those efforts as much as vanity and memes from other sites.

Is there anything that can be done or is the system just not meant to create a meritocracy?

Sort:  

Why is Kim Kardashian worth more than 99%+ of scientists? Don't be fooled by randomness. accept the role luck can play in earnings and that the average person doesn't understand or care about important issues. As Steemit gets bigger, the quality of the userbase will steadily decrease until only a small minority would care about or understand its underlying technology. This is the fate of all growing social networks. Nothing anyone can do about it.

There is a lot you can do. You can improve the interface so people can find the kind of posts they want. Right now we look in the topics and there is spam all over, and posts which often don't have anything at all with the topic being voted up. Also Trending is the default setting when maybe we should just let people configure an agent and let that agent search for articles according to their criteria.

The underutilized recommended posts feature is quite good in my experience. Probably your mileage will vary depending on your voting pattern.

I agree the "Trending" topic is a bad fit for my tastes personally.

I click straight to new, then start the wild goose chase of guessing hashtags and looking for something related and interesting. Whenever I check trending, other than site updates, I'm usually not interested in anything there at all.

I often click "new" as well and find more options than "trending", but Steem has changed the system so if you vote on things too new, your curation rewards don't count. I just don't worry about that though then. But its another design choice that doesn't work for some of us.

And about your hashtags point, its a shame you can't be sure that later in the day hashtags you looked at will still be listed, you need to be sure to remember them or write them down externally. Even when you click to view more hashtags, ones you saw just a few hours ago are gone.

This is actually an intriguing solution. I'm still skeptical about the nature of the currency in that nobody is spending or risking anything on the transactions.

Totally agree with this, somekind of subthread system should be implemented, just like in Reddit.

I think it's a real problem. I mean are people really getting "more value" from Kim than scientists? Are people really getting more value from clickbaits than actual important articles? No, they're not. Those articles/celebrities and whatever else are getting paid a disproportionate amount for the amount of value they add.

Sure, it's like this in all of society, not just on Steemit. But then before Steem, social media sites did not pay any content creators or curators at all. That was the norm. But Steem saw a problem in that, and tries to fix it. Similarly, I believe as intelligent creatures, we can find a solution that will make things more fair.

It depends on the people. Some people get more value from whatever they get more value from. Science doesn't reach everyone at the same time. It's like with life extension but where the drugs are too expensive for anyone who isn't already rich in dollars. Certain technologies benefit very wealthy people first.

Many people who will come to Steemit have been conditioned by the main stream media to be someone they are not. Steemit gives us the power as a community to over time let us all focus on the really important issues, but that won't happen overnight. We all have to make a contribution to get to that point.

Part of that will be to accept people as they are when they arrive and let the community develop and share their knowledge from that point on.

"Nothing anyone can do about it."

Not exactly true. The direction of Steemit.com can be manipulated by those in charge of the site and the platform in general. A constitution, code of conduct, and changes to how the upvotes and downvotes work could at the very least reduce and slow the onslaught of empty and corrosive "content".

Agreed. If we all sit on our hands waiting for it to 'come good' we'll end up with another dead social media project and a withering crypto currency. The developers are likely making considerable money the way things are but long term the community and the developers need to find a way to allow quality content to survive against shit posting and tit picks.

Step one I think would be curbing the power that early adopters have through abusing their steem power to give themselves additional steam power.

Step two would be facilitating better sorting filtering and provision of content based on what a user wants so that niche content can be linked with the users that want it.

Do you not see the problems in what you just said? This is not a decentralized platform when they have so much control over it. Steemit is pretty much private and Steem is simply stock in Steemit. Steem is inherently inflationary and centralized and acts nothing like Bitcoin. Of there's censorship, then this is no better than Reddit. The problem is with the underlying incentive structure, not the superficial things you mentioned

I think this mentality is toxic, and not beneficial to Steem.

What is important is a reddit or other information hub so that Steemit blockchain can be separate from specific implementations.

Like all major cryptos already do.

I hope the Steemit platform will survive and succeed, but as a user, I also have a right to express intellectual criticism.

Wasn't replying to you which the client doesn't make clear by not nesting comments logically.

Secondly Steemit is a blockchain. Different clients can implement it differently. E.g. aggressively censoring chaff

Its unlikely an alternative to the steemit client is viable against the established product and the developers insider positioning with the tech. It 'could' happen, it just wont.

This comes down to the fact that steemit is actually a very bad social media platform. It doesn't have the robust feature set we've come to expect over the last two decades of web 2.0 development.

I do expect it to come but if we don't vocalise our desire for it, the developers won't prioritise the issue. Squeeky wheel gets the grease and all that.

You possibly should have put a cat picture at the top of your original post? ;0)

The way i see it ... ?
The voters make the difference. It´s not strange that a post about a girl with and a picture from her vacation gets a lot of votes. This is the world we live in , look around us. I am here because i needed somewhere to start writing my shit out,some kind of publishing. Money ? Yes i welcome money, but i have to say that if you are here for the money, than you have to give the masses what they want, sell your self. You have to choose. Everything has a price :)

  1. Any blockchain without a significant bounty program will be an insecure blockchain.

  2. Client should be separated from blockchain.

legitimate security issue Postpost telling people to report bugs
Target Audience: DevelopersTarget Audience: The Average Steem User

You could make a post using both of them.

Nail met head on this one.

But it's even more specific than that, in terms of developers that understand not only what you're talking about but the implications of it. Much smaller pool of people that even care, and smaller still of those that will read and care.

I think this is an example of the craziness we're seeing with all the people rushing to cash in on Steemit and focusing on that first, instead of picking the most valuable content.

Note: didn't see you're original posts beforehand, but tossing you votes now.

Steemit is great for sharing content dynamically but not great for distributing important information. No stickies, no easily accessible hub people can go to get problems fixed. It's a bizarre mix of client security flaws, and blockchain based reflection with fluff pieces that would nauseate Ok Magazine editors.

oh god! What a biting observation! Good!

As you have said, steemit lacks on the social media side. It little more than a MU Wordpress with a build in tipping crypto that has recently skyrocketed in fiat value. It needs to move onto facilitating its social media promise.

This nailed it...and your new post is exactly targeting that audience. As of this comment, well over $7k! Congratulations and thank you for your service!

I'll restate in my own words the comments from @limitless and @suchnewb that I completely agree with. Votes come from the audience. The size of the audience will, in general, decide the size of the payout. The audience for a technical bug report post is relatively small.

Posting rewards are not a bug bounty. If one is desired, it should be administered a different way.

However, you did learn another lesson with this post (currently earning $6500 as I write this), which is that by making valid and technically interesting bug reports, and then blogging about it, you become more relevant to a wider audience, leading to larger rewards.

Dude, everything you vote on gets paid $xxxx, it's unreal.

Your original report was valuable enough to be fixed immediately, but was still denied a good payout by the developers. It's a shame too. Because more testing and feedback is obviously needed.
The squeaky wheel gets the grease though. Good for you for shouting about it.

I thought your post was great and I upvoted it. I do make it a point to look through new submissions every day and keep looking until past the point where I get bored. So I was able to see your post by coincidence.

I think the key to getting spotted at the moment is a combination of content and marketing.

You have to be able to catch readers attention in the brief time that your post is at the top of the "new" listings. If you miss that opportunity then you are destined to get overlooked.

Currently the marketing portion of it seems to be to include some sexual innuendo or something to grab attention. Or a really exciting title.

At some point in the future I would hope to see the site divided up by broad categories, each of which would feature a "new" filter so that people looking for content can focus on and search for content relevant to their interests. And at the same time these "new" postings would not scroll out of existence before a larger portion of the interested members get a chance to look at them.

You bring up valid points, but I think that's just the way the world works...

Cryptographic technologies was never about accepting how the world works, it was about changing how the world works... generally for some idealised version of betterment.

Ugh. I dislike those disrespectful pissing graphics. I know a lot of people do love them. Like ford pissing on chevy, and chevy pissing on ford.

It always leaves a foul taste in my mouth [pun intended]

I just find it really disrespectful. We still need those platforms to bring people to steem too. I think we should try to be a little more considerate.

Not all people understand security issues but people like to see other people's bad life (make them feel lucky) , or people try to work their way up (inspiration), or happy beautiful things (just peace in mind). You can see the trend here is emotion over brain thinking. We are human :)

The thing is that 80% of the users are not tech savvy and they don't get the most part of steem power,SD, ETC. they are either here for a quick buck, or for fun. But we have seen cases where making fool of yourself can bring thousands of dollars. And that's just sick.:))