The official coComment weblog

We will migrate our servers to a new network infrastructure in order to get better performance and reliability.

The operation will start at 6:00 am CET (3:00 am New York, 0:00 Los Angeles, 5:00 pm Tokyo)

The maximum estimated time for this upgrade is 4 hours, however, we will try to make this interruption as short as possible. Although we will not be receiving your comments during the shutdown, the sites integrating coComment will not be affected by additional latency as we will provide a temporary server to respond to the coComment client.

This blog will remain up and available at http://blog.cocomment.com. We will keep you informed of the progress of the operation.

Thanks for your understanding !

Wanted to keep you up to date on progress regarding this issue.

First, the good news, we have discovered no ‘massive hole’ in Citibank’s site. We have now spoken with Citibank and, it appears, what happened is that three users, almost certainly accidentally, sent the contents of a text input field to coComment and we then stored it. As coComment allows users to aggregate all comments on a site these three comments then appeared as a ‘conversation’ on a secure citibank site.

In reality, these were three completely unrelated inputs and the many tens of thousands of comments entered were not being tracked by us. No financial, password or username data was compromised nor was there the risk that this would happen.

The coComment extension can work in automatic mode to make the collection of comments simpler but this is deactivated for secure (https) sites. coComment will not automatically track conversations on any https secured site. So, you don’t have to worry that coComment will collect conversations in secure areas automatically and without your knowledge.

We have now blocked the Citibank site from any comment collection and Citibank will be providing us with a detailed list of all their sites so that we can block any collection from them whatever the user does.

We have posted in a couple of places about the advisability, or otherwise, of using simple text input for even slightly sensitive data. Given the number of extension and client tools now available for the user, it seems to us that alternative site strategies (secure java client input for example) would offer users much better security. We ended up with slightly sensitive data in our database simply because we didn’t actively block Citibank’s site. It does concern us what someone actively criminal might therefore be able to achieve.

As ever, would appreciate your comments/feedback/suggestions as to what we could do better.

Best regards,

Matt

We were alerted to a potential risk over the weekend thanks to the diligence of two users. Many thanks to Tom Biro (Click Here)
and John Ratcliffe-Lee (Click Here).

Although, as was pointed out, this shouldn’t happen and site security policy should prevent it we would just like to remind users that we do provide privacy solutions to protect you.

We allow you to Blacklist any site to prevent coComment storing any comments you enter there. We also offer you the option to recommend the site for inclusion in the global blacklist. No comments for any site on the global blacklist will be stored by coComment for any user.

The functionality looks like this:

Select Blacklist (highlighted in the screen grab) and the Blacklist dialogue window opens. You can then Blacklist that site for yourself and/or also recommend that the site be blacklisted for all users.

As ever, would be delighted to get your feedback on any improvement you think we could make here.

Happy, and safe, commenting.

The coComment Team

As some of you will have already noticed (thanks Andy for pointing that out to us !), the integration between coComment and Technorati is not working properly at the moment.

You might be able to claim your comments as a blog in Technorati, but your comments will not be indexed. However, you will still be able to manage your blog and post titles in coComment (for blogs you already claimed in Technorati).

We are currently investigating that issue and we will keep you posted on any progress.

Thanks for your understanding

As the leading repository of all the great, good, bizarre, disgusting, wild, extreme, funny and downright strange comments that you all make we thought that the following suggestion we recently received made a log of sense …

“You guys have got loads of comments and conversations going on … but which are the great ones … the ones I really want to know about but don’t now ? I use coComment as a functionality tool but I also really want to use it to find interesting content. How about I and a bunch of others let you know if something is really good and you then highlight it ?” – AnnaNonymous

Well, we thought this was a great idea BUT we thought it was kind of hard to decide what categories to suggest. After all, a simple … “Best of this month’s Comments” is kind of hard to pick and probably not particularly interesting.

The other thing that occurred to us is that we’re not necessarily the best people to be picking the winners anyway. So, we’re looking for nominations for ‘celebrity’ bloggers and commenters to judge and for what the categories should be.

We came up with the following, probably rather lame, suggestion list:

The Britney coCoNut – For the strangest and most bizarre comment/blog of the month

The Bush coCoNut – For the stupidest and most insane comment on a serious political issue (or blog – yes, whoever you are, we saw your comment on Hilary’s site)

The Blair coCoNut – For the most egregious attempted manipulation of the media for your own ends

The Osborne coCoNut – For the maddest comment

The Douglas Adams coCoNut – For the most gratuitous use of the word ‘Fuck’ in a serious conversation or blog (sorry, couldn’t help it ….)

So, are these lame or what ? Let us know your suggestions for the categories and the judges (you can nominate yourself) and we’ll get this running at once.

Cheers,

coCo Team

Yee ha … or some suitable cultural version depending on where and who you are. We’ve now exceeded 5 million comments and 200,000 users.

Hey, it’s not yet Google but it’s growing very fast and we’re happy.

See you down the bar/pub/suitable celebratory venue

Cheers,

Matt

PS. Please keep the comments coming as to how to improve coComment – we really do take note and respond.

coComment, the leading window to internet conversations, wants to inform its users about a major new version of its technology. Among other improvements, the new version includes two key developments: integration with Technorati and Privacy functionality.

Technorati Integration

The Technorati feature is a seamless integration of coComment with Technorati profiles. The integration allows you to: own and manage your own blog and blogs you’ve claimed on Technorati in coComment (i.e. edit blog and conversation titles; obtain comments in the blogosphere and on blogs indexed by Technorati, etc.). The integration also enables you to get your coComment profile associated with the content page returned by Technorati (sidebar) and to get all comments you post indexed by Technorati.

We believe users will find these features useful as they provide increased visibility and ease of managing and editing both blogs and comments. We encourage your feedback regarding these features as well as input on other functionalities we could implement in order to serve users’ needs.

Privacy Function

The power of the coComment extension is that it allows you to automatically track your comments without having to do anything. Privacy settings allow you to mark certain sites or areas as ‘private’. This means that coComment will not track any comments you’ve entered there.

To activate this, visit the site you want to mark as ‘private’ and click on the ‘Blacklist’ button. You can then delete all existing comments, block any new ones and mark this site as ‘private’ for the future.

We also offer the ability for you to propose that the site/area should be on the global ‘Blacklist’ which means that no comment will be collected there for any coComment user.