Open Mic: How secure should preset sharing be?

I'm just finishing up on the preset sharing feature, and I'm seriously wrestling with the security implications. It is always dangerous whenever you let people upload arbitrary stuff onto your server. But that's not even my main concern, I can code around those security issues. The problem is when you guys download it!

It's Not Me, It's You

I'm 99.9% sure I can keep people from hacking the site through the preset uploads, but I have zero ways of preventing people from uploading malicious shit that could hack you. Okay, not quite zero, I can prevent people uploading .exe and .dmg files.

But there are hundreds of apps with their own unique way of handling presets. I can't just say "only allow files of this type" because there are just too many different types. Maintaining a list of filetypes used by every app is impossible.

So when you download a file from here, I cannot begin to guarantee that it will work or even that it won't brick your devices. Now this might not come up, and no one will ever abuse the system, but you don't design a system on hope.

Danger Zone

The best I can come up with is either limiting uploads to select users, like Patrons, or have a free-for-all with a reporting system. I'm disinclined to limit it to Patrons, because I worry that this is going to dramatically limit the amount of people sharing on the site. Over 3,000 people come to the site every day, and only about 50 of you are Patrons. I doubt very much that anyone who wants to give away free presets is going to want to give me money for the privilege. I know Apple and Google expect you to pay them license fees to "sell" free apps, but I don't think I can pull that off.

There's a whole reporting system on comments that has been in there since day one of discchord v3. I don't know if you know that or not, because in the 10 months the site has been running on discchord v3 you guys have reported exactly 0 comments. If you're logged into the site you'll see a little exclamation mark in a triangle below every comment.

The system keeps nearly all the spam out, so there haven't been a lot of opportunities for you guys to report things. However, there have been some comments that were sketchy or xenophobic... yet no one reported them. This makes me worried about relying on reports to alert me about potentially harmful files being distributed from the site.

Help Me, Help You

I will be putting up legal disclaimers left and right, but that only covers my ass and not yours. I'm interested in hearing your thoughts on the subject and how you'd like me to insure your devices stay safe. Once again: this is probably irrelevant, and no one will ever abuse the system, but I have anxiety so I'm really good at thinking about security and insecurity. Right now I'm toying with the idea of a hybrid system; where Patrons can upload freely, but non-Patrons have to jump through some hoops to upload.

I'd also like to hear from anyone that has found the comment reporting Easter Egg. That shit was hilarious to me when I made it, but I don't think anyone's found it yet. There's all sorts of Easter Eggs in here for hackers too. Try sending weird POST messages at my API and it warns you off with goofy messages.

thesoundtestroom: Echo Pitch - Pitch Shifting Delay

Doug Woods from thesoundtestroom brings us a demo of Echo Pitch. Released last December, we haven't seen a lot from this rhythmic multi-delay effect with pitch shifting. In fact the only other video was done back in June, by The Audio Dabbler.

Video Description:

Please help support thesoundtestroom by becoming a Patreon for as little as $1 a month.
You will also have access to exclusive Patreon only content and videos.

If you would like to make a donation to help support me and Jo you can use this easy link below.
Many many thanks for your support.

Follow The Sound Test Room on Twitter

You can also visit my Bandcamp Page and listen to or buy some of my music.

Check Out Doug Woods And Colin Powell At Bandcamp Too If You Like Progressive Rock

qlasbeats - Ff 2

Reader qlasbeats shared this Instrumental Hip Hop album that explores a lot of territory. The sound design on this one is way more intense than you'd expect from most Hip Hop. I think my favorite is Friendly Fire, and encourage you to start with that, but I love the synthesis on Future Forgetter and Phenomenon.

He's also released a set of 4 free Reaktor ensembles. You need the full version of Native Instruments Reaktor on desktop to use them, but he's designed them all to be controlled by an iPad. Each ensemble includes a touchOSC template!

LumaFusion Tutorial: Glitch Effect

Matt Keil did a detailed tutorial on creating a Glitch Effect using just the iOS video editor LumaFusion.

Video Description:

This video shows you how to achieve a glitch effect in Luma Fusion - no other apps needed! Luma Fusion is currently the best video editor available for the iPad with an array of powerful editing features and functionality. If you haven't got it yet, you should take a look.

And finally, please subscribe to the channel and follow me on social media:

Instagram for Vinyl:

Yehezkel Raz - Bolsa Bass & iPad Improvisation

YouTuber Yehezkel Raz did a jam on Critter & Guitari's fun Bolsa Bass, with an iPad loaded up on apps!

Video Description:

Using Patterning, Ribbons, AUM, Quantiloop and Critter & Guitari Bolsa Bass. All Improvised

« Prev Page | 1 ... 3 4 5 6 7 ... 1686 | Next Page »