litphoria

message

You're not signed-in. If you're new, why don't you take a moment to read the site's intro?
View litphoria Introduction

Feedback · Mutual Contacts (in review)

Right now, Contacts acts as a way to keep track of profiles that you're interested in playing with. That's useful, but making the leap from "I want to play with this person" to "I'm going to bravely message this person" can be a real challenge sometimes.

Mutual Contacts would ease that burden.

The idea behind Mutual Contacts is that in addition of a Mutual Contacts tab in the Profiles section. If you add a profile to your list of Contacts and the owner of that profile adds one of your profiles to their list of Contacts, then that profile isn't just one of your Contacts, they are a Mutual Contact.

The great thing about Mutual Contacts is that when you see you have some, then you know beforehand that the profile is interested in you too, taking the lion's share of pressure off of messaging that person.

The feature could also be expanded upon in useful ways. You could search through a list of just your Mutual Contacts that have been online in the past hour, or day or week, for instance.

It could be implemented so that when you go LFRP, you'll get a ping and inbox notification when one of your Mutual Contacts also goes LFRP.

There are of course some concerns with a feature like this.

Concern #1: Contact flooding. Someone thinks, "Gee, I really want rp and I don't care who it's with. I know! I'll just add everyone to my contacts list! That way I'll get a hit with anyone that adds me!" This is okay, because the 2nd party still needs to add this person to their Contacts.

Concern #2: Alt fishing. You find a cool profile, add it to your list of Contacts. It hops up on your list of Mutual Contacts as one profile. But this person has been adding everyone too, and they suddenly see 10 new profiles that added to their list of Mutual Contacts all at once, outing all your alts. This one is a lot trickier to deal with. The simplest solution would be to change it so that when you add a Contact, you link that Contact to one or more profiles of yours. This would also come in handy so that a switch-y profile could have three groups of profiles, for their submissive, dominant, and switch profiles. The submissive profiles would add dominants to their contacts, the dominant profiles would add submissive, and the switch would add everything.

How exactly it's implemented is still largely up in the air, but it seems like it wouldn't be too difficult within the existing framework and could add a lot of value for those having trouble finding roleplay.

meta info

endorsement points: 130

created: 05 March 17 at 03:12 AM (build: 8/21/2016 1:52 AM beta)

Griz

Yeah, the idea behind this is that it would provide a real big incentive to use Contacts even if you've never used them before.

Korra

Concern #2 shows a very real vector for malicious attack: suppose I write a script that'll add every profile on the site to my contacts. (It'll only take an hour or two and a series of HTTP requests.) Anyone who adds me as a contact suddenly gives up a whole lot more private information (all their alts) than they bargained for. If I distribute this script and make it publicly known, I've shut down usage of the contact feature as unsafe, because anyone I add as a contact could potentially be a user of this script and suddenly find out all of my alts.

However this sounds like a really nice Tinder-style matchmaking system. Riffing off on your proposed solution to concern #2, it could look like this:

  • If I'm interested in playing with a profile X, I hit something to suggest I'm interested, and then pick some characters (A, B and C) who I'd be interested in using in roleplays with profile X.
  • Later at some point the owner of profile X finds profile A, hits the thing to say they're interested, and picks characters X, Y and Z as ones they'd be interested in using with profile A.
  • When they do this, the owner of profile X gets an alert of some form saying "Profile A is interested in your profile X as well! You should message them!". No mention of profile B or C; no simultaneous obvious reveal of alts. If the owner of profile X does the same for profiles B and C, they get similar alerts and specific no clue as to whether they belong to the same account as profile A or someone else.

However, the reverse of bullet point 3 (as the owner of profile A) has a vulnerability: if I've added profiles X Y and Z as interesting from profile A, I get simultaneously pinged profile X, Y and Z liked me, which gives me high confidence they're alts. Thus, the second actor to mark someone as interested has a vulnerability in using this feature of giving up (some portion of) their alts, while the first actor is protected. I'm not sure how to resolve this vulnerability; leaving it in wouldn't be acceptable.

Genevieve Lilliana

However, the reverse of bullet point 3 (as the owner of profile A) has a vulnerability: if I've added profiles X Y and Z as interesting from profile A, I get simultaneously pinged profile X, Y and Z liked me, which gives me high confidence they're alts.

Four possible solutions, essentially elaborations on a theme:

  • Set an upper limit on the number of contacts allowed per-account, and encourage people to use the friend system instead. Mitigates the scripted attack of adding the whole site to contacts, but doesn't help this feature much and doesn't prevent Korra's quoted attack.

  • Forbid adding more than a single profile (A,B,C) as interested in another (X,Y,Z) at a time. Contact requests are one-to-many between a user and target profiles - the profile the request is made as is a variable of this relationship, but non-identifying, forcing the owner of A,B,C to use only one of these for each contact at a time. Completely prevents alt-disclosure but diminishes the utility of this feature considerably (it is barely more useful than simply adding notification to the current implementation).

  • Forbid adding more than a single profile (A,B,C) as interested in another (X,Y,Z) in a single request. Contact requests are one-to-one between profiles and user-agnostic. This makes A»X and B»X possible, but this requires two requests to perform. Accompany this with a visual warning to users to not perform the requests too closely together if they wish to conceal their alts. Preserves functionality and weakly guards Korra's attack vector by undermining request simultaneousness, but depends upon user vigilance. Permits of voluntary/accidental disclosure (by ignoring the warning).

  • Allow adding more than a single profile (A,B,C) as interested in another (X,Y,Z) in a single request, providing an optional (default enabled) feature to delay effectiveness of the notification being made by a random interval (jitter) between certain (user-set?) bounds of a few minutes to hours (essentially an automation of the previous solution). Contact requests are one-to-one between profiles and user-agnostic. If A,B,C adds A»X and B»X, and subsequently X,Y,Z adds X»A and X»B but sets the jitter to an hour X»A becomes effective immediately, and at some random interval between, e.g. 50% and 100% of an hour (preventing the randomness from shortening the interval too much - alternatively users could set both bounds?) X»B becomes effective (order of contacts becoming effective should be selectable/random?). These delays occur server-side, completely defeating both of the aforementioned attacks (unless too-short jitter intervals are used, which could be warned/constrained).

I think it's important to preserve the capability of voluntary alt-disclosure while making it difficult to do accidentally; some people don't mind (and even actively encourage) people to seek out their alts, and won't be worried about the security implications. Any implementation of this feature should of course make pessimistic assumptions, though.

Quenthell

If people want you to know their alts, they'll tell you.

Genevieve Lilliana

This is true, but doesn't actually solve the problem of preventing a different feature unintentionally outing your alts where that is not desired.

  Got something to say? Why don't you register and participate?
Litphoria has a unique community feedback system, where the community decides what profile options are available, and what order new features are developed.

I want my voice heard! tell me more!