Need help customizing this forum before PhD-student wide launch

Hey @ the-ministry / anyone else reading this

As I mentioned in our Slack conversation last night, CS Discuss seems ready for launch from my end. I want to make sure that all of you feel satisfied with what we have if we are going to rely on this for our long term decision-making/information needs.

Here’s what I need you to do to help before we launch:

  1. [*] Make sure you are able to login using your CNetID and password
  2. [*] Since I mentioned the group above, you all should have received an email, can you confirm that by looking into your email clients? If it went to spam, it will help if you let your email client know it is not spam by marking it as such.
  3. [*] Look around and explore for a couple of minutes, respond below if you think something should be there or not (you should also be able to just respond to this email if you are seeing this through your email client).
  4. I am told some people are not happy with this forum, I want you to know that I am listening and deeply care about making sure everyone is happy before we launch it to a wider audience. Please share your concerns below and we will do our best to reach a consensus and satisfy our needs.
  5. Let us know if you have any questions about governance, moderation, privacy or any other needs, so we have a better understanding of what we are choosing. Here’s something you should read for more clarity on this point: FAQ - CS Discuss
  6. [*] If you are a CS PhD student, make sure you can see #phd category. If not go to CS Discuss and Request to join the phd group.
  7. See that your Full Name populated correctly at https://discuss.cs.uchicago.edu/my/preferences/account, if not please take a moment to correct it (there was a bug until Mar 12 that meant full names were being populated by cnetid for new users). You should also consider adding a little about me, etc at https://discuss.cs.uchicago.edu/my/preferences/profile which will show up in your profile card. Click on my display picture for an example.

This topic will auto-close on Wednesday, April 10, 2019 4:59 AM. I hope this is a sufficient amount of time to weed out all issues. I will mark the above as DONE once we reach consensus on each point.


Known issues:

  • The TechStaff SSO login currently just refreshes to itself if you enter your CNet credentials wrongly, it doesn’t say what you entered was wrong.
  • Email responses sent from a different email ID than a user’s UChicago email ID may get rejected, if you prefer to use a different email ID as your primary, go to https://discuss.cs.uchicago.edu/my/preferences/account to add it.
  • For new users, an approval step is currently necessary because TechStaff provided SSO login can’t distinguish between actual CS users and anyone else who has ever taken a CS class. We now are confident in welcoming anyone with current or past affiliation with CS.
  • Clicking on #events sometimes results in a blank page, expect to have this resolved by April 15: https://discourse.angusmcleod.com.au/t/events-naked-url-redirect-issue/856

PS: anyone else active on the forum is also welcome to help test it, this topic is not restricted to just CS Ministers. Thanks for your help!

The privacy policy at Privacy - CS Discuss appears to be at least partly copied from a template. Having (and following) a clear privacy policy is important, so can you double-check that it contains correct information? At the very least, the “last updated” date on the bottom is definitely wrong.

Can you make the default email notification behavior send out an email only if someone is mentioned?
I got an email for new topic and a new category being created.

In each case, there was a group mention – ministry and then phd. First one was intentional as I wrote in the OP above. The second one was by mistake, I was trying to edit the category description, which still generated an email notification, sorry about that.

Anne, the policy is indeed the default shipped by Discourse software. The last updated date is correct for when it was last updated by Discourse. Since we are not doing anything differently from the Discourse the software, I think that policy still applies. If you think there are specific changes we need to make to the policy, we should discuss that.

I just tried to reply to this via email, and it didn’t work because I have my email set up to always send from my cs email. In case it’s useful, here’s the error message I got:

We’re sorry, but your email message to [“40aa511b9e048338ed976d495b3801df@discuss.cs.uchicago.edu”] (titled Re: [CS Discuss] [Site Feedback] Need help customizing this forum before PhD-student wide launch) didn’t work.

Your reply was sent from a different email address than the one we expected, so we’re not sure if this is the same person. Try sending from another email address, or contact a staff member.

1 Like

This is the email response re:privacy policy that I meant to send:

The policy looks pretty reasonable, but it’s not really clear who has access to the server logs and other data. I would expect that techstaff has access, but what about other parts of the university (e.g. IT Services)? Are there any students with access? I know you can see some (all?) of the logs, Kartik, but it wouldn’t be obvious to any new students (or anyone who isn’t aware who created the forum) that a grad student would have access to any of this information.

Also, the last bit under Privacy - CS Discuss says “non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses,” which seems weird. We’re not planning to put ads on the site, right?

1 Like

Thanks for this bug report Anne. I will add your CS email ID as a secondary email in the system, hope is that it will then accept emails coming from that address. We will have to test it to make sure it actually works.

This is a crucial point. There’s a lot of information and analytics regarding user behavior on this site, including engagement time, posts read/submitted/liked etc. Given that this site and slack is a time sink, i’m sure grad students don’t want this information available to anyone, including other grad students, staff, faculty.

@amfarrell I just made that change, you should be able to respond by email now from your CS email ID. Please let me know if it works/does not work.

If you can see this, it’s working.

1 Like

These are good points, I will talk to TechStaff to figure out how they deal with this stuff on their other deployments. I don’t want to take more responsibility for this than I or the ministry can handle in the future.

Here’s what I know – we need to be able to trust humans running our systems (mistrust by default (blockchain!) isn’t the answer to everything):

  • TechStaff has access to literally anything including all of our CNet passwords. Don’t be alarmed, just be aware that it’s part of their job and know that they respect the trust we have in them.
  • I, as an admin, indeed have access to a lot of logs. But again, you will need to be able to trust me in my role as Minister of Infra and a fellow PhD student as part of our community, if we want to do anything together. I strongly object to the notion of mistrust by default even for our own peers.

This sounds somewhat alarmist to me. But for people with hyper privacy concerns for public visitors, they can choose to select the option “Hide my public profile and presence features” at https://discuss.cs.uchicago.edu/my/preferences/interface

I don’t have clear cut answers for the worst case scenarios. This is something we could consider adding to privacy policy over time as any bad situation arise.

I updated the policy to remove the unnecessary line, see: Privacy - CS Discuss

As an alternative, we could use a simpler but much vaguer policy: Generate a Terms & Privacy Policy for your website Though I would rather stick to Discourse’s default as it is more specific.

TechStaff are our hosting provider, so indeed they do. IT Services not really.

I thought more about this, I think the about page makes it completely clear: About - CS Discuss It will always show who is the Staff on the forum – Admins and Moderators. Hope that’s good enough. There is always a downside to adding more to things to maintain.

I investigated this further and learned that the email notification for the category was only generated for those who had not previously seen it and skipped for those who saw it the first time. So I think the behavior is as expected.

As you are already aware you have complete freedom in choosing what if any kind of emails you want to receive from the forum.

Please, let me know if I can explain anything else.

I talked to Bob and he confirmed that they don’t touch the privacy policy stuff, and go with safe defaults. They do believe in strong notion of privacy and with all their power make sure that they will not read anyone’s private email (for example) without permission unless there is an emergency.

Confirmed this as well. Currently, CS systems are off limit to university level IT Services, but there is talk of that changing and TechStaff is fighting back.

I would suggest to make Latest as default mode, instead of Categories.

That’s a good suggestion @riza. In fact, I had it set up as Latest until Thursday last week, when @suhail pointed out in person that it didn’t make sense to him. Since his comment, my thinking has changed too, there are two reasons why it makes sense to show categories by default:

  1. We have some hidden categories, such as #phd which will not be apparent to new users unless they could see a list of categories somewhere easily.
  2. On the desktop (as opposed to the mobile version of the site), both Categories and Latest posts appear side by side, so we get more than just showing Latest on the homepage.

One of the things that I really like about Discourse is the amount of flexibility it provides to varying user needs, so if you really prefer to see Latest when you are logged in, you can just choose to see that in your own preferences, see “Default Home Page” at https://discuss.cs.uchicago.edu/my/preferences/interface

I forgot to mention, but this should not be at all an issue anymore as techstaff created a phd group in their system which can filter people directly during SSO login. :slight_smile:

Wait, TechStaff has access to our CNet passwords?? They’re not stored encrypted?