What if you move hosting to glitch.com?

[joker314]

Have you considered moving to glitch.com for hosting? It has a limit of 4k requests per hour. That can roughly handle about 400 users. Here is how I calculated that

4000 / (5 + x)

"5" because you make 5 requests per hour (to confirm you're online); and then "x" for any additional requests you make. I set x to 5, because this is my guess for how many profiles are viewed per hour. This might be inaccurate, so I guess you can tweak x and figure out whether this is viable for you.

Pros:

• The server-side code is publicly visible. Therefore, all users can confirm that you aren't secretly running other code;
• It has private files for data storage (in /.data)
• A big thing hosts it so it's unlikely to go offline
• Free (for now)

Cons:

• Rate limiting
• File size limit (but like you should be able to stay within the limits)

Thoughts?

[MasterOfTheTiger]

This sounds good. What are you doing right now?

[joker314]

The team is currently hosting it on Herohamp's server, last I checked. I left the team on moral objections, but if this happens those moral objections will disappear.

[joker314]

I think to make this decision, we need to know roughly how many iO users there are.

[MasterOfTheTiger]

@joker314 So what is wrong with Herohamp's server?

[joker314]

We don't know what he's running on it. The published source code could be different to the one he's running.

[MasterOfTheTiger]

Ah. Okay, so similar problems to what I have with @edxtech's ScratchNetwork (except that all of his code is entirely non-free).

[joker314]

@MasterOfTheTiger The webpages look like they have a comment that first says "Closed source" and then says "Apache licence". It doesn't really make sense.

EDIT: My interpretation is that it's Apache licence, as "closed source" is vague; and all changes are "unauthorised" because the licence gives the authorisation". However, this isn't legal advice.

[MasterOfTheTiger]

@joker314 I just saw that after you posted this. It looks confusing. Either way, the internal stuff is proprietary.

Back on topic:

So you can use glitch.com to do the same thing as Herohamps server? And don't you have more than 400 people using isOnline?

[Sheshank-s]

I honestly think that herohamps server is just fine

[MasterOfTheTiger]

@GreenBayRules Why?

[WorldLanguages]

I'm indifferent, if Herohamp wants to do it he will. The request limit is just too... limitating...

[MasterOfTheTiger]

@WorldLanguages That's what I thought when I saw that.

[lholliger]

The server has excellent uptime and it can handle a lot of traffic, and we also know who is running it so though some may disagree, it makes it a little bit safer

[WorldLanguages]

Herohamp will move to another country so he won't be able to host Scratchtools for up to 2 months, starting June 1st. If he wants, we can use glitch temporarily, or permanently. I'll let him decide. isOnline is pretty much dead now. It will slowly get to 1000 users, then 100, and then none.

[MasterOfTheTiger]

@WorldLanguages I will always use it.

[joker314]

Aaack 1000 is too many tbh, that leaves 4 requests per hour which is more than the keep-alive ones that are sent in the background. Except, not everyone will be online at the same time?

Or, we could split it into two servers? No, because they can't share their database! :(

[WorldLanguages]

Together with Herohamp we have chosen to tell isOnline users about the downtime and to decide after it if we'll still host iO or not.

Maybe after the downtime it will die, maybe the other way, it will revive... We don't know... The future will decide.

[MasterOfTheTiger]

Is it possible for someone else to install the software on their own server?

[joker314]

@MasterOfTheTiger Yes, the server side code is publicly viewable (and under a libre licence) on GitHub. Not sure where, though...

I've been doing some thinking. Assuming it's allowed by Glitch's terms of service; we could have two servers hosting the same copy of isOnline. Let's call these A, and B. In the first half of an hour, all users use A. In the second half, all users use B. At the half-hour mark, server A internally makes a request to B to tell it who is online; and at the hour mark, server B does the same to A.

So when the switch happens, both servers know who is online. Afterwards, only one is in control.

Assuming nobody is mean and does a DoS on glitch, this works. We can grab 3 servers, and do the same thing, and then we have capacity for 20000 users (double the current value). Thoughts?

[MasterOfTheTiger]

@joker314 That is a good idea, but they do not seem to want to do anything about it because they think it is unnecessary.

[joker314]

I think we've seen what can happen when we trust black boxes. isOnline used to collect the top ten requests. This showed the most active user's stalking list. I consider this morally wrong. I'm sorry to say this; but I think it's what led to the ban on extensions.

[MasterOfTheTiger]

@joker314 Really? It was isOnline that caused the Scratch Team to ban extensions? I thought isOnline was good.

[joker314]

@MasterOfTheTiger It was me, who emailed the ST about isOnline. Yes, it's public code was good--but the server it was running on was collecting too much analytical data

[WorldLanguages]

Ahahaha do you really think a top 10 most requested URLs list would make the Scratch Team ban all extensions, userscripts and all other types of programs?

Man, we all have our own views on how much data we want to share on the net, but thinking that something like that caused the extension ban is another level.

[WorldLanguages]

I'm looking for a word that would describe that behavior, but I can't seem to find one.

[joker314]

I think the whole issue was that they had no idea what you were collecting. In theory, the one running the server had access to people's IP addresses[1], visit history, etc. How can the ST know what you're collecting? They can't. They have to trust you, until you become decentralised and people host their own "isOnline" servers (e.g. "https://isonline-jokebookservice1.io")

[1] - and apparently that's not good

[WorldLanguages]

"Ahahaha" again. Apparently we are Cambridge Analytica now 🤣

I'll close this issue since Glitch, while being very convenient in almost every way (pricing, transparency, etc,), its request limit is very low for current iO usage.