Jump to content

Anonymous suggestion box proposal


LadyCailin

Recommended Posts

One thing that I have wanted to implement for a while is an anonymous suggestion box, as a direct line to the admins. I think this would be a good way for players that have issues with the community to feel safer about speaking out about their concerns with staff, while not fearing any sort of retribution. To this end, I think an anonymous suggestion box would go a very long way. Here is the list of features I propose, along with some basic technical details about their implementation. Feel free to discuss the feature set, suggest technical changes, or otherwise voice your opinion.

 

  • The suggestion box will be anonymous. There will be some features in place to prevent abuse (via spam), but otherwise will be unrestricted.
    • When you want to make a submission, you will enter your username. A token will be sent to you in game. This will not be associated with the actual post in any way, but will simply be a way to keep non-community members from making a submission. (A captcha will also probably be in place as well.) The token will be valid for a limited time (24 hours or so).
  • You can optionally provide an email address, and responses will be emailed to you. While we will have to link your email address to your post, you can use a throwaway email account if you wish, and regardless, the email will be base64 encoded and put in the database (to prevent accidental viewing by techs), with the promise that we will not purposefully look up your email address in the database. If you still don't trust that promise, you can use a throwaway account. Places like mailinator.com provide these types of services for free.
  • Regardless of whether or not you provide an email, a "read receipt token" will be provided, which is a unique token that you can use to re-access the post and read replies. For accountability, all reads of the post will be publicly logged; when someone accesses the post with the read receipt or an admin views the post, it will log this information with the post.
  • An "edit token" will also be provided, and should be kept private. This will allow you to respond to the posts directly. To prevent abuse and sharing of this token, the IP of the computer using this edit token will be one way hashed (md5) and stored. Only a limited number of IP addresses will be allowed to use this token.
  • The source code for all this will be publicly available, and there will be a link to show the source code directly in the browser, so that the source is always viewable real time.
  • Only admins (server, head and techs) will have access to the posts.
  • When there are unhandled posts, admins will be notified in game when they sign in.
  • This would be implemented as a web feature in php, and would not be server specific.
  • At admins discretion, posts can be made publicly available, for instance, to quell concerns about incidents not being handled.
  • No data can be edited or deleted by a single admin. Only amendments may be made. However, if 3 different admins vote to delete a post or comment, t
  • The number of unhandled posts will be publicly available information.
  • Handled posts will be opened to the public after 24 hours of non-activity on the post. If the OP wishes to keep the post private permanently, they may check a box to keep it private by default, though admins will still reserve the right to publish any and all posts. Once posts are revealed, they will be publicly available to view by the community, including admin replies and records.

As this system can be easily abused by people that wish to ruin nice things, I'm open to suggestions on how we can prevent abuse without sacrificing the anonymous nature of it.

  • Upvote 13
Link to comment
Share on other sites

A couple of suggestions:

 

I think that rather than having one admin get back to you on the message, it should be spoken about in a group so that you don't just get a one sided answer, and that everyone is on the same wavelength.

 

After the suggestion/concern has been handled it should be made public. If it contains sensitive information (e.g. names) then they can be editted out. Maybe when submitting a suggestion, there could be a tickbox saying whether you mind this information being made public? 

 

Neat idea, I like it!

  • Upvote 2
Link to comment
Share on other sites

 the IP of the computer using this edit token will be one way hashed (md5) and stored. Only a limited number of IP addresses will be allowed to use this token.

 

There's a theoretical limit of 4294967296 IP addresses. Modern hardware can run more md5 hash operations than this every second. If your system were ever compromised, the hashes could be translated into IP addresses in less time than it would take to open a web browser and download the database dump.

  • Upvote 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...