/tech/ - Tech

Technology.

catalog
Mode: Reply
Name
E-mail
Subject
Message

Max message length: 8192

Files

Max file size: 80.00 MB

Max files: 5

Password

(used to delete files and postings)

Misc

Remember to follow the rules


(250.14 KB 2331x2400 hammer-keyboard-2.png)
PROGRAMMERS WANTED: SOCIAL MEDIA APP Comrade 09/30/2020 (Wed) 10:19:59 No. 5049
>clown license >Centralized ``Comrad Operator'' will be hosted by the security services, unless you inhabit a rose-tinted fantasy world. >up-vote or down-vote posts (~Reddit) >It verifies identities. Comrad's server, "The Operator", keeps a permanent record of one thing only: every comrad's name and public key, and requires that new comrades choose a unique name. Whenever you send or receive mail, the Operator will make sure that the name and public key on the letter matches what it has on file, verifying the identity of both parties. >Claims tor is secure, zero mention of measures against dragnet surveillance. Worked really well for silk road. >comrad.app registraNT in California, where patriot act and national security letters apply. comrad.app registraR in Ann Arbor, where patriot act and national security letters apply. badjoke/10
Switch to a more serious license like AGPL. https://www.gnu.org/licenses/agpl-3.0.en.html
Also since I see you're using Kivy, it suggests to me you want this on Android eventually. Someone can take your code, rename it, get it running on Android and sell it for profit. If it's ever discovered that the app is using your code, you're going to have a hard time paying for any lawyers to try to take it down, when GNU licenses are backed by an institution, FSF, that has the resources and experience to help you with any lawsuits. This is why you should never use joke licenses with untested, possibly non-binding agreements.
>AGPL Add a no wartime use clause to better it even more.
>>5096 That could still be manipulated by fiddling with whether ``wartime is in effect. For example the US gov is forbidden by law to financially support countries where a coup d'etat overthrew the elected gov. But the determination for ``coup d'etat is ultimately under the control of the same clique. So when Egypt restored military dictatorship after its brief experiment with elections, the US got around the law simply by asserting its fantasy that removal of the elected gov by the military was not a coup.
>>5049 > Installs in ~ FUCKING FOLLOW THE XDG STANDARD FOR ONCE
fyi, i got to until the opengl check on wsl 2. i haven't bothered to get the kernel update that lets me access the gpu, but this could be a solution for windows.
>>5370 scratch that, i got it to launch, but it is unresponsive
> github botnet > Show profile only to your local area Requires you to share your location to everyone => botnet > Anonymously up-vote or down-vote posts Impossible, unless you make it vulnerable to sybil attacks (which makes it useless) > Untraceable connection Impossible, unless you are communicating to someone directly. > P2P networks almost always expose your IP address > blah blah Tor is better Tor is the same as other P2P networks in that regard as all relays you connect to directly can see your IP address and whatever you're sending > Posts to the public are encrypted to @Comrades, a special account which automatically re-encrypts its messages back to any key-registered requester of them. Useless because anyone can simply make an account and view all of those messages anyway. > Whenever you send or receive mail, the Operator will make sure that the name and public key on the letter matches what it has on file, verifying the identity of both parties. That's ... not how public key cryptography works. > Direct messages auto-delete from the server as soon as they are downloaded Impossible to verify. > Posts to the world auto-delete in however many days you specify. Completely useless because anyone who views those posts can simply log them. > No invitation or server is needed on startup Which means it uses a central server and thus has a single point of failure. TL;DR: It's shit.
(Disclaimer: I am the developer) >>5077 > Switch to a more serious license like AGPL. You might be right. Ideologically however I agree with the ACSL ()'s critique of open source licenses: that they privilege the freedom of code and information over the freedom of people and the conditions of their labor. >>5218 > FUCKING FOLLOW THE XDG STANDARD FOR ONCE woops, ok, sorry >>5371 > scratch that, i got it to launch, but it is unresponsive is this in windows? >>5373 > > Anonymously up-vote or down-vote posts > Impossible, unless you make it vulnerable to sybil attacks (which makes it useless) There must be ways to limit accounts: enforce maximum number of accounts/keypairs on one device, make user prove not a bot, etc. If really impossible, we can sacrifice certain features like this. > Tor is the same as other P2P networks in that regard as all relays you connect to directly can see your IP address and whatever you're sending Sure, but the relays you use change every time you connect, so no one relay can ever see all of your activity. And the content of what you're sending is encrypted and illegible to the relays. > Useless because anyone can simply make an account and view all of those messages anyway. That's by design. They're meant to be readable to anyone using the app. Messages to individuals or groups work differently: they're encrypted end-to-end user-to-user. > > Whenever you send or receive mail, the Operator will make sure that the name and public key on the letter matches what it has on file, verifying the identity of both parties. > That's ... not how public key cryptography works. More precisely, a sender, using their private key, signs and encrypts a message to a recipient's public key. The encrypted message is sent through Tor to the Operator. The Op verifies the sender's signature by checking it against the sender's public key on file (a key part of public key cryptography), to verify the authenticity of the sender. It then stores the message, encrypted to the recipient (and so illegible to the Operator), in the recipient's mailbox. The recipient, when they request their mail, can then also check the sender's signature against the public key for the sender that they have on file; and they can then decrypt it with their private key. What's wrong with this picture? > > Direct messages auto-delete from the server as soon as they are downloaded > Impossible to verify. This is true of any website or app or server, to some extent. At least here the code is open source and the governing entity is/will be a transparent non profit organization. A p2p network would be even less likely to ever fully delete a piece of data, once uploaded. > > Posts to the world auto-delete in however many days you specify. > Completely useless because anyone who views those posts can simply log them. This is true of all messages sent between all sentient beings. > > No invitation or server is needed on startup > Which means it uses a central server and thus has a single point of failure. You can always set up mirror servers located around world. The data storage is minimal and it's all encrypted. > TL;DR: It's shit. Whatever dude, it's a hobby project improving as comrades help out
>>5445 Thanks for taking the time to respond to this guy. Not in a position to help right now, but I will lurk
>>5049 Holy shit, he actually did it: http://linktomanifesto.tk
>>5445 >they privilege the freedom of code and information over the freedom of people what a bullshit anti-GPL argument. <"oh no! I can't take other people's work, close the source and sell it. I wish I was code, so I could be free :(
>>5461 Open source software is complicit today with Big Tech capitalism. It exists in a toxic ecosystem with it, in which companies open source their code while also extracting free labor from the unpaid work of idealistic (but ideologically mystified) developers around the world. That's all the proof you need that the copyleft idea wasn't enough to protect the internet from its takeover from big corporate interests, much less protect actual workers from their deeper exploitation by capital. (Besides, the MIT license, which isn't even copyleft and is happy to let companies make more money, is now more popular than GPL anyway.) The fundamental divide within the free software movement today is, or should be, between libertarians and leftists. So many people fetishize decentralization and open-source while failing to realize that these commitments to 'freedom' do nothing to protect against, and even acclerate, the 'freeing' of markets and the new forms of cognitive labor extraction and exploitation which 'cybernetic capitalism' has developed. For more on this I recommend Nick Dyer-Witheford, Cyber-Proletariat: Global Labour in the Digital Vortex (Pluto, 2015).
The Internet was developed for the usage of the M.I.C. and the empire. It then was sold off to the telecom corporations. Afterwards, more software oriented corporations took over the cyberspace itself.
Technological fixes to inherent problems with capitalism are akin to strategies of reform through cases in court.
>>5445 Thanks for responding by the way. > enforce maximum number of accounts/keypairs on one device There is no good definition for "one device", especially over Tor. > make user prove not a bot This is necessary to prevent spam (even if you remove upvotes), but automatic verification would be difficult since it has to work in terminal and GUI. Additionally, Comrad does not seem to have any moderation, whether by users or by admins, meaning any verified user can easily spam. > If really impossible, we can sacrifice certain features like this. Anonymous from the users' perspective is possible and easy. Truly anonymous is impossible. In order to prevent a user from upvoting a post multiple times, the server must store all of the user's upvotes. Since the user has no way to verify that this information is not stored indefinitely, they have to act as if it were to maintain privacy, and so they gain no anonymity. If you really want to have upvotes, make them non-anonymous. That way, an upvote is just a shorthand for replying "Good post". > Sure, but the relays you use change every time you connect, so no one relay can ever see all of your activity. Same as every other anonymous P2P network (e.g. I2P, Freenet) > They're meant to be readable to anyone using the app Which is why it's pointless to encrypt them. There is no improvement to privacy compared to storing them in plain text. > The Op verifies the sender's signature by checking it against the sender's public key on file Is there any point to this being done by the server, rather than the client? > > Impossible to verify. > At least here the code is open source. Except it's also impossible to verify that the server is running unmodified code. > A p2p network would be even less likely to ever fully delete a piece of data, once uploaded. For publicly shared data, sure. But privately shared data would only reach its intended recipents unencrypted, meaning you only have to trust them. I suggest you look into anonymous P2P networks. > > Completely useless because anyone who views those posts can simply log them > This is true of all messages sent between all sentient beings. Good point, but the auto-deletion might make people more okay with sharing confidential information. > You can always set up mirror servers located around world. The majority of people would just use the default server due to convenience. Since Comrad servers are not federated, if you decided to use an alternative instance you would only be able to communicate with the other 3 people who use it. There are already far too many social networks. What advantages does Comrad have compared to: - PGP encrypted email (for activists) - Mastodon (*) (for normal people) - Freenet or I2P (for autists) - Any other non-meme network (i.e. not written in node.js) (*) No, privacy doesn't count. Mastodon has the same level of privacy as Comrad if you use Tor and PGP encrypt your private messages.
> Thanks for responding by the way. Same to you. Mobile apps and cryptography are admittedly not my day job, so talking over these details with folks is really helpful. > enforce maximum number of accounts/keypairs on one device Comrad makes heavy use of client's hardware: it compiles Themis, a high level cryptography library, so that all the encryption keys can be generated locally and only public keys need be transferred over the network; and it also uses torpy, a python-based implementation of a Tor SOCKS proxy. (This is why it can't work in a browser and needs to be an app.) So, similarly, the app could also just detect whether any encryption keys are already stored on the device's hardware that the app is running on, before allowing the creation of a new user/set of keys. You could probably get around this restricting by re-engineering the app software, but at least that's made more difficult to do. > > make user prove not a bot > This is necessary to prevent spam (even if you remove upvotes), but automatic verification would be difficult since it has to work in terminal and GUI. Hm. Are there no client-based/pythonic ways to test humanity? Some math problems? A funny socialist quote requiring some basic reading comprehension? Again, maybe not foolproof, but it adds another barrier. > Additionally, Comrad does not seem to have any moderation, whether by users or by admins, meaning any verified user can easily spam. Not yet anyway. For group accounts, the idea is that moderation could be achieved through a 'web of trust'. If A vouches for B, then B 'joins' the group. If B then vouches for C and D, potentially A would have to approve it for C and D to join. Then if B writes to the group, the message is actually only sent to A, C, and D (i.e. B's immediate neighbors in the web of trust). Each of those recipients would then have to accept B's message as legitimate in order for B's message to keep propagating through the web of trust to the rest of the group. The additional advantage of that model is that every message remains encrypted E2E between specific users, so no one actually needs the group's key; and the server doesn't need to store who vouches for whom, since every user can simply store whom they've vouched for on their hardware. At least, that's the idea so far. > If you really want to have upvotes, make them non-anonymous. That way, an upvote is just a shorthand for replying "Good post". Hm, that's interesting. So in that case the server could store which users have liked any given post. (Everything the server stores btw is in a simple key-value store: the value is encrypted with a symmetric key hidden on hardware, and the key is 'hidden' by running it through a hash algorithm using an extra 'salt' string, which is also hidden on hardware.) My worry (maybe paranoid) with allowing UserX-upvotes-PostY to be public is that someone could potentially reconstruct your real-life social network from whose posts you like, and from there guesstimate who you are depending on other creepy data the FBI or whoever has. But that level of paranoia may run counter to the logic of a social network, which is semi-public by design, anyway. I can imagine two other potential solutions to this problem, all half satisfactory: * Store only on your hardware whether you've upvoted PostY. Keeps anonymity, but leaves it susceptible to someone rewriting the client software. * UserX sends a message encrypted to the author of PostY that they liked the post. The server stores how many people liked the post, but only UserX and the author of PostY can read the E2E encrypted fact of the upvote. * Store on the server whether UserX-upvoted-PostY, but store this fact as an encrypted value with a salt-hashed key, so it's at least hard to find or read. Keeps anonymity but leaves anonymity vulnerable to attack on server (which would have to be hacking based, since you'd need hardware access to find the server's encryption key and hash salt phrase). > Same as every other anonymous P2P network (e.g. I2P, Freenet) I looked into that: I2P, Freenet, IPFS, etc. None of them (afaik) work on a mobile client, and some are hard to set up even on a desktop. I really want this to run on mobile and be easy to set up, since your average comrade/leftist has no idea how to set up all this stuff. > > They're meant to be readable to anyone using the app > Which is why it's pointless to encrypt them. There is no improvement to privacy compared to storing them in plain text. Maybe so, but it ensures that nothing unencrypted is ever stored or transmitted, which at least makes it more difficult for an outside actor (like an ISP) to listen in and decipher it. It also means that every message a user receives is encrypted E2E personally to them: since all group/direct messages are already direct, and since messages to the world are encrypted automatically to the user from the Operator. It also lets the Operator change its private/public key and notify users of the change, so that only someone storing the history of every public key over time could decrypt older data. > > The Op verifies the sender's signature by checking it against the sender's public key on file > Is there any point to this being done by the server, rather than the client? It's done by both. I guess the Op doing it too just makes sure nothing illegitimate is stored or sent to the client, even if the client could also determine the same thing. > Except it's also impossible to verify that the server is running unmodified code. True. Not sure what to do. Perhaps a public and legally binding commitment of some kind. But again, this seems standard. We can't ever fully know what bunkerchan or mastodon or any other server is doing with the data we send them. > > A p2p network would be even less likely to ever fully delete a piece of data, once uploaded. > For publicly shared data, sure. But privately shared data would only reach its intended recipents unencrypted, meaning you only have to trust them. > I suggest you look into anonymous P2P networks. See above: they don't currently work on a mobile client, as far as I know. Also, I thought that networks like IPFS never actually delete a piece of data. Which anonymous private networks are you thinking of? I initially set up a custom Kademlia P2P network for Comrad users, with the server just acting as the seed/prime node. All the data was encrypted E2E, but the users/nodes needed to know and remember each other's IP addresses in order to communicate. > Good point, but the auto-deletion might make people more okay with sharing confidential information. Fair enough. I guess you'd have to educate people what the risks are for any given action on the app. > Since Comrad servers are not federated, if you decided to use an alternative instance you would only be able to communicate with the other 3 people who use it. I meant something closer to piratebay: if the worry is that it could be shut down because it's only a single server, then it would be easy to spring it back up somewhere, and just change the .onion API address the app uses. > There are already far too many social networks. What advantages does Comrad have compared to: ... I try to lay that out [here](https://github.com/ComradOrg/Comrad/wiki/Comparison-of-alternative-social-networks), but I guess in short it's basically just a more accessible mixture of those elements. It makes public key crypto and Tor accessible to normal people: it all works behind the scenes in a single app, which to all appearances works just like twitter. Sorry for the long post, but thanks for your and everyone's comments, I appreciate it.
>>5478 > Mobile apps and cryptography are admittedly not my day job Same here. Most of what I know is from various internet schizos. > the app could also just detect whether any encryption keys are already stored on the device's hardware This could be circumvented easily by moving the keys to a different directory or renaming them. > Some math problems? A funny socialist quote requiring some basic reading comprehension? Math problems could be solved by a simple parser. The quote questions could be solved manually and then added to a script. > Each of those recipients would then have to accept B's message as legitimate in order for B's message to keep propagating If I understood this correctly: 1. Every message has to be manually accepted by its sender's WoT neighbors. 2. There is no way to distrust an identity rather than its individual messages. Point 1 means that any node can selectively censor messages that are sent to it, making its neighbors think they are seeing all of a given user's posts when they aren't. It also means that idle nodes do not propogate messages, and that all of a trusted identity's messages must be trusted one by one. Point 2 means that any user can flood the group with spam messages without being kicked out. Freenet implements WoT in a saner way. Freenet's release manager explains it better than I could: http://www.draketo.de/english/freenet/friendly-communication-with-anonymity > someone could potentially reconstruct your real-life social network from whose posts you like This is still possible with anonymous upvotes, it just takes server access. And of course, there's no replacement for basic opsec. > Store only on your hardware whether you've upvoted PostY. Keeps anonymity, but leaves it susceptible to someone rewriting the client software. Not only that, it's susceptible to someone who can type: grep -R "upvotes" comrad/ > UserX sends a message encrypted to the author of PostY that they liked the post. The server stores how many people liked the post How do you distinguish between regular messages and upvotes without metadata? How does the server verify that someone did indeed upvote without knowing who? How do you prevent a user from upvoting multiple times? > Store on the server whether UserX-upvoted-PostY, but store this fact as an encrypted value This is just as vulnerable to the server being seized, and the user still cannot trust the server. > None of them (afaik) work on a mobile client I2P has an android client: https://geti2p.net/en/download#android Freenet doesn't have one, but it's also written in Java, so it should be easier to make an android client. > some are hard to set up even on a desktop Both Freenet and I2P have simple installers, and Freenet has a simple social networking guide for microblogging, email, chats and forums. (I'm not sure if I2P has an equivalent) > I really want this to run on mobile and be easy to set up, since your average comrade/leftist has no idea how to set up all this stuff It's better to focus on making existing networks easier to use instead of making new easy to use networks and splitting the userbase further. It's harder to make something secure than it is to make it easy to use. And your average leftist is not an activist. You don't need ultra secure encryption for wojaks. > > There is no improvement to privacy compared to storing them in plain text > Maybe so, but it ensures that nothing unencrypted is ever stored or transmitted, which at least makes it more difficult for an outside actor (like an ISP) to listen in and decipher it Since you're running a hidden service, the connection never leaves the Tor network and your ISP can't spy on it. > It also means that every message a user receives is encrypted E2E personally to them > since messages to the world are encrypted automatically to the user from the Operator If you send a message to a special account, which then decrypts it, encrypts it again and sends it to everyone else, then that's not E2E encryption, it's a man-in-the-middle attack. So despite all the encryption, the user can not trust any public messages. > It also lets the Operator change its private/public key and notify users of the change, so that only someone storing the history of every public key over time could decrypt older data In what situation would someone have access to old encrypted data but not its decrypted form? > I guess the Op doing it too just makes sure nothing illegitimate is stored or sent to the client That an incorrectly signed message was sent is potentially useful information to the client. > I thought that networks like IPFS never actually delete a piece of data IPFS is specifically designed to be a distributed, permanent, filesystem, so of course it doesn't delete anything. > Which anonymous private networks are you thinking of? Freenet and I2P, but there are other, lesser known networks. > I initially set up a custom Kademlia P2P network That's where you went wrong. You should know what problems with existing P2P networks you're trying to solve before making a new one. > if the worry is that it could be shut down because it's only a single server What I meant is that if this one server is compromised, the entire network's privacy is compromised. This is why P2P networks are generally superior. To do something similar, you'd have to control half the network, not one node. > https://github.com/ComradOrg/Comrad/wiki/Comparison-of-alternative-social-networks I did look at that, but I don't think it's a useful comparison. It claims that anonymity and confidentiality are properties of design, when any network could be made anonymous and confidential with Tor and PGP, by the comparison's standards. And it compares networks which were not designed for privacy at all, like Scuttlebutt and Cabal (both written in Javascript) Additionally, it claims that some networks have identity verification when they do not have webs of trust for keys. (Comrad doesn't even allow you to use your own PGP keys and keyring)
Brainlet here, i saw this posted on leftypol a while ago, is the construction of this proceeding?
>>5542 Yes, though a bit more slowly now. A few of us are hanging out in this encrypted Matrix chat room -- https://matrix.to/#/!YojbxvZclfEsvIeeUi:matrix.org?via=matrix.org -- if you'd like to come discuss things
>>5567 I know zero shit about programming though
>>5571 don't worry, based on this thread they don't know much about it either
>>5567 You should contact this guy called Ben Seattle. He can be found on /r/Marxists_USCA or his website. He can give you some insight on what a democratic social media platform would need http://communism.org/
>>5049 okay i dont wanna be another naysayer cause i have lots of love for p2p networks and im just fascinated with what goes on in the background for it all to work and the problems of them, but >Although the internet began with anarchic design principles first of all, this just isnt true. Sure there was utopianism around the potential of the internet, but it never has been structured anarchically and attempts to do this like meshnets are more recent (and should be supported i think). I think it should be understood that the internet is inherently very unfriendly to privacy and decentralization by default, and thats why you have all sorts of protocols that go on top in order to bring some anonymity and privacy. >Exploitation inheres in that relation, whether in the industrial factory or the digital platform, because the value you produce is taken from you, concentrated and privatized. this is a theoretical quibble but i think privacy advocates understand this relationship better than you pose it here - capitalists are exploiting your communication here, but they're not exploiting it in the sense of you signed some contract and are getting stiffed, you're being exploited like land. Like how capitalists can unleash he latent value of the amazon and turn it into vast soy plantations or ranch land. Value is found where there was none. How does this happen? People are taking your data and using it to manipulate you in order to get your money. This is really where you get stiffed, its by the data collection, not the fact that they arent paying you for the words you say or something. Its not that the value you make is taken, the horrible thing is that your speech is turned into something valuable >vouching to be honest i dont see the point. Ive thought about this before, like how do you moderate who has access to what, but i think vouching is maybe better for revoking access to rotating encryption keys than for entrance, because it makes joining a group unreasonably hard (you need off-site bootstrapping, so its annoying, but also you dont need any sort of actual vetting, just someone to check off on letting you in basically, which could nullify itself if its the norm, also if one bad actor gets in they could let in more and basically fill the network with identities, possibly all belonging to one person, all vouched for in a web that validates each other - i.e. its a hard problem but this isnt the way to solve it. I wish your matrix room worked for me because id love to nerd about this more) >tor i hope you've looked into cwtch and ricochet, the creator gives good arguments for using tor as a backbone, and so i think this is a great point, using tor with a protocol on top. But also: why not just a hidden service? >semi-decentralized blah blah have you looked in to bitmessage? just reminded me of it. I love that method. Anyways i dont really see how this is a better alternative to an app like element/riot I guess its styled more after twitter? honestly i think that whole paradigm of design is shit to begin with. Its not about communication, its about small-scale publication, which is hugely different. Everyone becomes an author often with inflated ego. It stops being about the action of communication, and about the things your believe and putting yourself out there. Two very different things that i think shape the outcome of the what the bulk of activity on the network looks like. Also if i were you i'd look into raddle onion site. Also has upvoting, and anonymity, and posting shit and whatever i dont see the difference for lots of this honestly, except that it puts everything in one and would be maintained by a handful max of unpaid amatuer devs and be super super niche because of overt politics Another project that i kind of love is retroshare, which people seem to hate because they cant get it to work? but it does the same thing, its myspace+reddit+forums+irc+file sharing+IM p2p with your ip hidden over tor if you want and everyone hates it and thinks its ugly and overcomplicated :^) >>5611 i think the ideal of high signal to noise ratio but also spreading a certain message (in "give a voice to: ") is destined to fail. You'd need constant moderation. Even aided by bots, you'd need people overseeing appeals and shit and it might be transparent but how accountable can it really be to the desires of all its users? I think democracy is fundamentally not right for a platform like that. Real democracy i think is more embodied in something like matrix, which has no way to moderate anything but is fully controlled by its users. And all vibrant communities are filled with noise, honestly one area that really interests me is what media facilitate tuning out the noise? I think imageboards are good for this, its easy to spot shitposts. But id never want the shitposts gone. Forums are good but always slow and filled to the brim with ego and wreckers, and how would you give a voice to anyone in particular i wonder? unless just a forum with ultra mods who are trigger happy? I really wonder how big the potential is for good discussion on any large scale site. What I think works best is plasticity, and an ability for there to be different levels of speed and intimacy. For example, large and lively communities make good memes, have fun, can build a sense of larger community and inspire each other. But you need the quiet slow enclaves where you get to know each other and really have long discussions to ever get to the real meat of any disagreements and your actual feelings on things. This isnt suited to totally public forum model or style i think. There has to be a pool of users, an ability for users to narrow down by their interests and join or be active in various communities, and then the ability for people to talk in groups outside of those communities, but pulling people from them. The only thing i can see that does this is discord, but discord is shit also. And element... is shit for other reasons, there's no sense of wider user base and vibrant community anywhere that ive seen. In general, no one uses it. I dont know why. I think the more social platforms you add, the less people use any, idk. Lots of people migrating to twitter and tumblr for that cheap dopamine i guess who knows. oh also OP look into onelon, i love that place even tho its dead basically, its a fun style that i think has potential. Like news board with forum style comments with a blog section.
>>5617 >onelon tf is dat

Delete
Report

no cookies?