Why did a post telling people to report bugs make 3,000 USD in upvotes and my actual post about a legitimate security issue that the developers directly thanked me get less than 100 USD?

in steem •  8 years ago 

I wrote these two posts before the hack:

[Security/Bug Report] Steemit.com is vulnerable to "Slow Post" and "Slowloris" DOS attacks

Steemit.com Administrators: You should not allow root login, you should not accept passwords, and you should not let anyone just connect via 22. You need to secure this server better.

The second one is a serious security problem that was fixed thankfully very quickly. These posts were voted up less than 100 USD. Yet after the hack, posts about how white hats should help out, stating they would be paid if they would, get voted up orders of magnitude higher, over 3,000 USD. In this system we think stating demonstrably untrue empty statements with pictures is more important than important posts.

I'm honestly confused, and to be frank, disheartened. I started working on libraries for Steem too because they are woefully lacking but it seems that the community doesn't seem to value those efforts as much as vanity and memes from other sites.

Is there anything that can be done or is the system just not meant to create a meritocracy?

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Why is Kim Kardashian worth more than 99%+ of scientists? Don't be fooled by randomness. accept the role luck can play in earnings and that the average person doesn't understand or care about important issues. As Steemit gets bigger, the quality of the userbase will steadily decrease until only a small minority would care about or understand its underlying technology. This is the fate of all growing social networks. Nothing anyone can do about it.

There is a lot you can do. You can improve the interface so people can find the kind of posts they want. Right now we look in the topics and there is spam all over, and posts which often don't have anything at all with the topic being voted up. Also Trending is the default setting when maybe we should just let people configure an agent and let that agent search for articles according to their criteria.

The underutilized recommended posts feature is quite good in my experience. Probably your mileage will vary depending on your voting pattern.

I agree the "Trending" topic is a bad fit for my tastes personally.

I click straight to new, then start the wild goose chase of guessing hashtags and looking for something related and interesting. Whenever I check trending, other than site updates, I'm usually not interested in anything there at all.

I often click "new" as well and find more options than "trending", but Steem has changed the system so if you vote on things too new, your curation rewards don't count. I just don't worry about that though then. But its another design choice that doesn't work for some of us.

And about your hashtags point, its a shame you can't be sure that later in the day hashtags you looked at will still be listed, you need to be sure to remember them or write them down externally. Even when you click to view more hashtags, ones you saw just a few hours ago are gone.

This is actually an intriguing solution. I'm still skeptical about the nature of the currency in that nobody is spending or risking anything on the transactions.

Totally agree with this, somekind of subthread system should be implemented, just like in Reddit.

I think it's a real problem. I mean are people really getting "more value" from Kim than scientists? Are people really getting more value from clickbaits than actual important articles? No, they're not. Those articles/celebrities and whatever else are getting paid a disproportionate amount for the amount of value they add.

Sure, it's like this in all of society, not just on Steemit. But then before Steem, social media sites did not pay any content creators or curators at all. That was the norm. But Steem saw a problem in that, and tries to fix it. Similarly, I believe as intelligent creatures, we can find a solution that will make things more fair.

It depends on the people. Some people get more value from whatever they get more value from. Science doesn't reach everyone at the same time. It's like with life extension but where the drugs are too expensive for anyone who isn't already rich in dollars. Certain technologies benefit very wealthy people first.

Many people who will come to Steemit have been conditioned by the main stream media to be someone they are not. Steemit gives us the power as a community to over time let us all focus on the really important issues, but that won't happen overnight. We all have to make a contribution to get to that point.

Part of that will be to accept people as they are when they arrive and let the community develop and share their knowledge from that point on.

"Nothing anyone can do about it."

Not exactly true. The direction of Steemit.com can be manipulated by those in charge of the site and the platform in general. A constitution, code of conduct, and changes to how the upvotes and downvotes work could at the very least reduce and slow the onslaught of empty and corrosive "content".

Agreed. If we all sit on our hands waiting for it to 'come good' we'll end up with another dead social media project and a withering crypto currency. The developers are likely making considerable money the way things are but long term the community and the developers need to find a way to allow quality content to survive against shit posting and tit picks.

Step one I think would be curbing the power that early adopters have through abusing their steem power to give themselves additional steam power.

Step two would be facilitating better sorting filtering and provision of content based on what a user wants so that niche content can be linked with the users that want it.

Do you not see the problems in what you just said? This is not a decentralized platform when they have so much control over it. Steemit is pretty much private and Steem is simply stock in Steemit. Steem is inherently inflationary and centralized and acts nothing like Bitcoin. Of there's censorship, then this is no better than Reddit. The problem is with the underlying incentive structure, not the superficial things you mentioned

I think this mentality is toxic, and not beneficial to Steem.

What is important is a reddit or other information hub so that Steemit blockchain can be separate from specific implementations.

Like all major cryptos already do.

I hope the Steemit platform will survive and succeed, but as a user, I also have a right to express intellectual criticism.

Wasn't replying to you which the client doesn't make clear by not nesting comments logically.

Yeah, I hate that.

Secondly Steemit is a blockchain. Different clients can implement it differently. E.g. aggressively censoring chaff

Its unlikely an alternative to the steemit client is viable against the established product and the developers insider positioning with the tech. It 'could' happen, it just wont.

This comes down to the fact that steemit is actually a very bad social media platform. It doesn't have the robust feature set we've come to expect over the last two decades of web 2.0 development.

I do expect it to come but if we don't vocalise our desire for it, the developers won't prioritise the issue. Squeeky wheel gets the grease and all that.

You possibly should have put a cat picture at the top of your original post? ;0)

The way i see it ... ?
The voters make the difference. It´s not strange that a post about a girl with and a picture from her vacation gets a lot of votes. This is the world we live in , look around us. I am here because i needed somewhere to start writing my shit out,some kind of publishing. Money ? Yes i welcome money, but i have to say that if you are here for the money, than you have to give the masses what they want, sell your self. You have to choose. Everything has a price :)

  1. Any blockchain without a significant bounty program will be an insecure blockchain.

  2. Client should be separated from blockchain.

  ·  8 years ago (edited)
legitimate security issue Postpost telling people to report bugs
Target Audience: DevelopersTarget Audience: The Average Steem User

You could make a post using both of them.

  ·  8 years ago (edited)

Nail met head on this one.

But it's even more specific than that, in terms of developers that understand not only what you're talking about but the implications of it. Much smaller pool of people that even care, and smaller still of those that will read and care.

I think this is an example of the craziness we're seeing with all the people rushing to cash in on Steemit and focusing on that first, instead of picking the most valuable content.

Note: didn't see you're original posts beforehand, but tossing you votes now.

Steemit is great for sharing content dynamically but not great for distributing important information. No stickies, no easily accessible hub people can go to get problems fixed. It's a bizarre mix of client security flaws, and blockchain based reflection with fluff pieces that would nauseate Ok Magazine editors.

oh god! What a biting observation! Good!

As you have said, steemit lacks on the social media side. It little more than a MU Wordpress with a build in tipping crypto that has recently skyrocketed in fiat value. It needs to move onto facilitating its social media promise.

This nailed it...and your new post is exactly targeting that audience. As of this comment, well over $7k! Congratulations and thank you for your service!

  ·  8 years ago (edited)

I'll restate in my own words the comments from @limitless and @suchnewb that I completely agree with. Votes come from the audience. The size of the audience will, in general, decide the size of the payout. The audience for a technical bug report post is relatively small.

Posting rewards are not a bug bounty. If one is desired, it should be administered a different way.

However, you did learn another lesson with this post (currently earning $6500 as I write this), which is that by making valid and technically interesting bug reports, and then blogging about it, you become more relevant to a wider audience, leading to larger rewards.

Dude, everything you vote on gets paid $xxxx, it's unreal.

Your original report was valuable enough to be fixed immediately, but was still denied a good payout by the developers. It's a shame too. Because more testing and feedback is obviously needed.
The squeaky wheel gets the grease though. Good for you for shouting about it.

I thought your post was great and I upvoted it. I do make it a point to look through new submissions every day and keep looking until past the point where I get bored. So I was able to see your post by coincidence.

I think the key to getting spotted at the moment is a combination of content and marketing.

You have to be able to catch readers attention in the brief time that your post is at the top of the "new" listings. If you miss that opportunity then you are destined to get overlooked.

Currently the marketing portion of it seems to be to include some sexual innuendo or something to grab attention. Or a really exciting title.

At some point in the future I would hope to see the site divided up by broad categories, each of which would feature a "new" filter so that people looking for content can focus on and search for content relevant to their interests. And at the same time these "new" postings would not scroll out of existence before a larger portion of the interested members get a chance to look at them.

You bring up valid points, but I think that's just the way the world works...

Cryptographic technologies was never about accepting how the world works, it was about changing how the world works... generally for some idealised version of betterment.

Ugh. I dislike those disrespectful pissing graphics. I know a lot of people do love them. Like ford pissing on chevy, and chevy pissing on ford.

It always leaves a foul taste in my mouth [pun intended]

I just find it really disrespectful. We still need those platforms to bring people to steem too. I think we should try to be a little more considerate.

Not all people understand security issues but people like to see other people's bad life (make them feel lucky) , or people try to work their way up (inspiration), or happy beautiful things (just peace in mind). You can see the trend here is emotion over brain thinking. We are human :)

The thing is that 80% of the users are not tech savvy and they don't get the most part of steem power,SD, ETC. they are either here for a quick buck, or for fun. But we have seen cases where making fool of yourself can bring thousands of dollars. And that's just sick.:))

Good points, contact me on Slack and I'll give you my full analysis as to why this happened and how to avoid it in the future.

We need people like you, so please don't be put off by this and at least this one has been properly rewarded :-)

CG

is it possible to connect to Slack at the moment?

A good way to support actual posts. The principle of "Pay It Forward". How it can work for Steemit? - https://steemit.com/payitforward/@lehard/pay-it-forward-i-ll-pay-50usd-to-three-people-for-your-undervalued-posts

Pay it forward works in real world scenarios because we receive an immediate return on investment. Ignoring karma and whatever other spiritual thing you are into, and the possibility of pay it forward offering a better environment for all we feel good when we do good. Its built into us at a biological level, it facilitates community, language and jolly co-operation.

I cannot help but share your sentiments on this situation. I understand that the posts that gain the most weight and money are done so because of the people whom control and hold the most power. Knowing how much power the likes of Dan, Ned, and others here have -- you would think they as devs would at least yield that power to those like you that are trying to help secure and protect our investments and the livelihood of the platform. Here's hoping you get a little harder look on your next vulnerability posts!

Link your post on slack in #postpromotion or hell in #general since your post are important. I'm sure they'll get far more attention from the proper people when linked there.

How ironic that the voting process of an opensource and transparent decentralized network is relying upon posting a link on a closed-source proprietary centralized system.

It's not relying on it, but if you want more of the right people to notice your post and not get lost in the sea of #circlejerk, then promoting it on Slack is +EV. Posting on Steemit and expecting everyone to notice it is like putting a website on the internet and expecting everyone to start shopping there within 24 hours. It's just not going to happen without some promotion. ;)

I'm not denying that it's a fact people who advertise their post on Slack tend to get more exposure. But is it something good? Slack is becoming a live spam box and the fact there is this bias sets it to get more and more people. I gave up reading #general because there is simply too much noise due to people advertising their stuff. Due to the 10k log lines limit the history is getting shorter and shorter and sometime it's not even possible to read stuff that has been posted less than 12h ago in a more interesting channel, because #general has been eating all the 10k lines quota. We already lack a forum which IMO cripples badly the communication. Steemit is too scattered. And Slack is becoming incredibly spammy. Where are we going with this?

No clue. But I advertised your post on Slack after you posted it here and now you have $6k. So I thought I answered the question you were asking in the post above. :)

I feel ya man. I stopped a scammer from getting $5,000+ by getting the whales to downvote the post after I researched it and determined it was a scam. The post I made about it made me $80. Someone else posted about me stopping the scammer and they made $5,500.

Months ago I made a post and meme about getting people to Steemit by using pretty women to advertise. The founders downvoted my post and took every bit of my rewards away and I was called a "misogynist" in another post for advertising Steemit using a woman in a bikini.

In the past few days a guy made a post saying Steemit post with women in bikini's earn the big bucks because the whales and other users want to see that more than some technical post. He made over $8,000 and was upvoted by both Founders like it was the greatest idea they'd heard since ... (insert your favorite cliche). Go figure.

I'm just trying to help man. You're not alone in your frustration with this system and the way people upvote. It seems those who do are rarely rewarded. Those who write about those who do get paid big rewards.

And to top it off the Founders voting habits are dysfunctional to say the least. They take money away from one person saying they don't agree with the idea then reward another for the same idea later. Or they upvote plagiarism giving the poster thousands while not rewarding those trying to fight the plagiarizers, but then reward someone who writes about the people fighting the plagiarizers.

Honestly I'm just going to post cat pictures for a while. They make far more money than spending hours a day trying to help out Steemit with advertising or fighting spam and scammers. :)

Sadly, I think you're right. I mean there's a post that's attracted $30,000 here, and whilst it's an awesome post - I don't think it's worth that.

Yet, I think the system is doing exactly what it was created for.

A highly complex evaluation of system vulnerabilities is going to appeal to only a few people that can understand such things. Whereas a post about make-up or every day things, everyone understands - so has a wider audience.

In my opinion if we want to earn more money (which I really don't think we should be weighting this platform on, or we're all fucked) then we should appeal to the masses and put our own spin on it :)

I think its important we don't attack the posts that are 'winning' unless they are purposely gaming the system. What we need is a system to uplift valuable content not punish general content.

Don't forget that steemit is becoming big in users. Timing and reputable names go far right now. You might've just been unlucky and no one with a lot of voting power happened to read your post and vote for it. It usually takes one big one to get the ball rolling nowadays, in the future it will be more balanced. :)

sorry man, we can't all get lucky and make 0.01 cent per day.
https://steemit.com/steemit/@ma3/how-i-made-0-01-cents-in-one-day

stop crying you just made 5000$ on this post

The problem is the user interface. Steem is still too new and disorganized. It's hard to find relevant posts without looking for them for an unreasonable amount of time. Better UI, more features such as follow, or subscribe, can help.

Also the sections which used to be clean and organized are now filled with spam unrelated to the topic. Just look at the basic income topic for example.

This is something that we all think is unfair right now on steem. We need a way to show an assortment of steem posts on the top not just the same posts that are trending. I believe that they need to alternate on trending high post with one trending low post on their list and then rotate through them so that people are seeing a more real representation of what people are posting and not just a very small percentage that have gotten attention and climbed.

Plus I see many votes for some posts with low income and some post with high income with low votes this means the power of the Steem Power can be used to hype some posts more giving those who have a lot of stem power also the power to choose which posts actually get more attention which isn't necessarily fair to the representation of the greater collective. This makes a decentralized voting system centralized to those who have more Steem Power. This curve may adjust more fairly over time but for now not sure.

I even promoted that post (by you), but deleted it because it received no responses and a flag. I have tons of worthless original content on my blog. Im ready to retire this place to the BOTS - since everyone is apparently apathetic to the damage they do here.

It seems that original posts do not attract people as well.I'm disappointed about this too.

  ·  8 years ago (edited)

Haha. You think that is weird ? What is weird to me is how makeup tutorials are becoming the most rewarded posts of steemit. I am waiting for a makeup tutorial for babies to get blast the $50.000 point :-)

Watch out for your idea! Maybe someone will make a babies make-up tutorial before you!

Can you link the posts?

You cant control what people do. just keep posting your very insigtful messages and they will get votes.

I feel its important to experiment, I've shared extremely personal details about my life and got less than 100.00 But there are times when I share extremely short bursts of almost "venting" and I make a few hundred. I started here for the money, BUt now I am here for the community and for sharing, Maybe you need to focus on having more fun! This post did really well.

We live in a society with strange values, with this crap of politically correct taking over the correct values of things...

I can assist with making the photos and your title more appealing. I get what you're saying and I agree that it's not fair. Adding photos definitely helps. Lots of images. That's my two cents. I think you ask great questions.

Well, is it fair what you get for making a post about getting hacked and people not sharing your opinions being a dark horse?

Is that fair, considering there are children working on cotton fields 12 hr a day?

It seems that there is still hope in the universe! As we speak it's over 6k.
Keep up the good work and in the future the things will sort out themselves (in your favor).

The struggle is real, my friend... uh, never mind. I just saw how much a rant post about "how a previous post made such little money" can make. lol

Well, there you go. I wrote useful informations and didn't receive anything for it, with just a complaint you received what you should have received before, so enjoy

I've posted yesterday on similar copyright problems: https://steemit.com/steemit/@murh/rant-original-vs-reposted

You sir have my upvote. Enjoying the conversation in the comment section as well.

i guess only when the users get it on to panic they start care for security issue i mean because after all is you account is on risk so we have to take some measure .

Lol, I guess you are happy with your payout now. :-)

I wrote an article 5 days ago, how to report bugs: https://steemit.com/steamit/@noisy/steem-bug-bounty-program-how-to-reports-bugs-and-new-ideas

Why I earn only 0.75? Just because...

Totally agree and I hope this post vindicates you. Well done.

what? i create post about bug https://steemit.com/steemit/@ratel/bug-report-i-found-a-bug-in-the-editor and earn only 0.05$!

Would it be because the specificity of your initial posts makes them of limited interest (outside of the dev community) whereas the more generic "Make sure you stay safe people" posts have a global appeal?

Audience relevance and context drive upvotes?

Just a thought.

Inspired to write up https://steemit.com/steemit/@hobbitjerry/steemit-rewards-fair-or-biased

I think it is biased. on the way to unbiased.

Being that I see 7k, guessing issue resolved.

I think one big problem is the difficulty and lack of incentives in discovering hidden gems, and posters who post amazing content but are not well established.

I made a suggestion here, what do you think?

It is like fishing. You can't expect to get a bite. Just do your thing and be thankful when one does take a bite. It looks like THIS post of yours is bringing in a good haul.

There are a lot of good posts that don't get votes or good payouts. I think a lot of it is timing, and whether your post happened to be of interest to anyone with decent steem power at a given time. I'd expect this to spread out more as MORE people get significant steem power as that will broaden the interests. Yet it is still possible even then for a good post to fail. Sunday night was pretty SLOW for everyone.

ok- just start at New and go from there - but thanks for the article

Security will be the deal breaker for steemit.