
Show HN: A friend and I made a beautiful pastebin - StavrosK
https://www.pastery.net/
======
flashman
Well, you passed the "Big List of Naughty Strings" test[1], as far as I can
tell: [https://www.pastery.net/fnfpmw/](https://www.pastery.net/fnfpmw/)

[1][https://github.com/minimaxir/big-list-of-naughty-
strings](https://github.com/minimaxir/big-list-of-naughty-strings)

~~~
StavrosK
Django makes that easy, at least, we didn't have to do anything special.

------
briantmaurer
Looks nice – but it is not 'private'.

Using only 6 characters as a 'private' URL is too small. How long does it take
to have a bot that can make 1000 requests per second to download every single
URL in your URL space?

((alphabet_size^number_url_characters)/(request_speed))/secs/mins/hrs =
time_in_days

((26^6)/(1000))/60/60/24 = 3.6 days

Reading every single paste in 3.6 days is not private.

You want to reduce the probability of a single URL guess colliding with an
existing 'private' URL so that it would take years for a bot to have a decent
chance of finding a URL that is already in use.

Read up on the probability of hashing collisions and how fast bots can make
requests. Make sure it takes a long time to make enough guesses to have a
chance at collision.

If you don't want to do math, just use as many characters as an established
company that already has 'private URL sharing'. ex Dropbox, I think they use
~40 case-sensitive-alphanumeric-characters or something.

~~~
StavrosK
I'll just ratelimit it to two requests per second, thanks.

~~~
anilgulecha
So only those with access to a botnet can do this in a shorter time than 3.6
days?

The right fix would be to increase the length of your key.

~~~
StavrosK
"Right" by what metric? Short keys are easier to type, so it would be the
wrong fix, in that respect.

~~~
Nadya
Doing what giphycat does would make it better, with a large enough dictionary
of adjectives/colors/animals.

Then you get URL's with easy-to-remember names like
"TyrannicLavendarOrangutan"

And "right" as in your solution _doesn 't solve the problem_. It just limits
it to "people with botnets".

------
Albright
Nice! I like it. I'm gonna add it to the "pastebin?" FAQ on the bot of a
couple IRC channels I hang out in.

I'm a bit confused by the language selector menu, though. It looks like it's
disabled ("faded out") until I hover over it. At first I thought it was just
permanently disabled and wondered why it was on the page in the first place. I
think you guys might be trying to do something a little unnecessarily fancy
there.

(Also, and you may already know this, all of the links in the footer are
broken.)

~~~
StavrosK
Thanks for the feedback! Yeah, I agree about the language selector, we tried
to save some space but I don't know if it's working that well there.

I fixed the links, thanks for the heads up! I pushed a refactoring a few
minutes ago that broke them, I need to write some more tests. They're up now,
if you want to read!

------
chmielewski
Where are the options? Not trying to be too critical, but paste.debian.net is
my go-to. Sent a message to my love interest and to my hackathon team; the
first said my messages were cut off (told them to click and drag to see it
(they use iOS and are not familiar with pastebins)) and the latter said that
the code selector was preventing them from editing the end of their message
(Android).

~~~
StavrosK
Thanks for the feedback! Hmm, what options do you mean? For the account
options, you need to click your email after you log in.

------
atmosx
Design-wise the only thing that I don't like, is the full length of code
window. Maybe a 3/4 container with a thin border would be better looking,
can't tell without trying.

~~~
StavrosK
We had it much narrower earlier, but it seemed to waste a lot of horizontal
space. We'll try a narrow margin and see, thanks!

------
binwiederhier
Is it open source? If not, do you plan to open source it?

~~~
StavrosK
We're very tempted to, yep.

------
tugberkk
It looks great and simple. Looks very useful, congrats.

~~~
StavrosK
Thank you! I also made a Vim plug-in, and I'm loving it.

