Live journal is a wacky beast.
They're trying to do the right thing,
really they are. But its wacky nonetheless.
Ok, so the basic model is that there are two security levels -
'public' and 'friends.' Things you post publicly, randoms
can look at, things you post privately only friends can look
at. Randoms can still tell that you've been posting, though,
because the calendar/archive view just does a database
query and reports how many posts you've made on a given
day, not how many posts you've made that the person asking
the question can see. (This is actually a common database
error, because its expensive to do the right thing computationally).
Anyway, so now let's say that you want to add the 'rilly sekrit
stuph' group, for, well, really secret stuff. So they made an
extension to the 'friends only' portion of the model to allow
you to set up a subgroup of friends, and lock individual
messages to that subgroup. However, if a reader is a
member of the subgroup, they can't tell which messages are
set to 'friends only' and which messages are set to 'subgroup
only.' In fact, they may not know that they are even a member
of a subgroup, and they can't tell who else is and is not also
a member of the subgroup. This is Not Ideal, from
the standpoint of trying to keep people from accidently creating
serious social lossage and distress. How is somebody supposed
to know that shouldn't discuss something in public if they have
no way of telling that its private? Argh!
And the comments control model is also badly broken.
And this is without even looking at the client::server db spec.
I don't even want to think about what sins I'd find if I looked
at it. But at least they're trying to do the right thing...
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
