Yesterday, the “Polish response to Facebook” was launched by government media owner Tomasz Sakiewicz - Albicla or “All Be Clear”.

Making the portal was not the pinnacle of professionalism, few key points:

  • The terms of the portal are copy-pasted facebook regulations within its fb hyperlinks

  • You can download the entire user base, because it is not protected in any way (a request was sent to the Personal Data Protection Office, but most probably nothing will be done due the fact the office is led by government representative)

  • If you want to post on the wall to a “stranger”, you can click rmb -> inspect element on the “publish” button (on your profile). Then you look for “input” in html which will open for you and change “Value” to the id of the person whose profile you want to write something on.

  • User password has no character limit, someone pasted the entire content of Pan Tadeusz (Master Thaddeus) polish poem as a password

  • Half the users are popes (its national treasure to post John Paul II memes everywhere)

  • The other half are fake accounts of government party activists, Trump and other famous figures,

  • Someone created an account called “login”, after clicking on his profile, you just log out

  • Someone else called himself “delete_account”, after clicking on his profile, you can delete your account (and currently it’s probably the only working method of deleting an account),

  • A lot of pedophile content passed through the night

  • barely some managed to receive an activation e-mail, the portal itself crashed after a few hours of operation

  • Others do not have a problem with it, apparently someone has already set up 500k multi accounts (even after a ban, you can register from the same email)

  • It seems possible to create an account without a name, without an email and without a password. In the source of the page, remove the required attribute from the input fields.

  • Sakiewicz is proud of his portal popularity

Poles literally trolled Albicla. No surprise tho, the majority of young people hate government and its tricks.

  • Christian@lemmy.ml
    link
    fedilink
    arrow-up
    4
    ·
    4 years ago

    Someone created an account called “login”, after clicking on his profile, you just log out

    I laughed out loud when I hit this one.

  • QuentinCallaghan@lemmy.ml
    link
    fedilink
    arrow-up
    2
    ·
    4 years ago

    A government funded centralized social media platform sounds already like a mess, what could possibly go wrong?

    Someone created an account called “login”, after clicking on his profile, you just log out

    Holy shit this is bad, and I thought Parler was done more hastily.

    • xelar@lemmy.mlOP
      link
      fedilink
      arrow-up
      2
      ·
      4 years ago

      Albicla.com has been prepared by the same group of IT specialists who have recently been working on new versions of the Niezalezna.pl and TVrepublika.pl portals. - It’s hard to believe, but none of these dozens of people has asked for money yet. Of course, we will want to settle accounts with everyone, unless someone declares that he worked socially - describes Tomasz Sakiewicz. 10-20 people are to work on a permanent basis for the service.

      translated article

      • Kohen Shaw@lemmy.ml
        link
        fedilink
        arrow-up
        1
        ·
        4 years ago

        Yeah… This is insane. Am not Polish, but am Eastern European. I know this smell very well. Doesn’t Poland have strict rules on how public contracts should go? Or this is not even treated as a contract since money didn’t exchange hands?

        In the next few years the people who were in charge of this project are going to get showered in public positions and / or contracts. This is sad.

  • DrivingForce@lemmy.ml
    link
    fedilink
    arrow-up
    1
    ·
    4 years ago

    Why is “User password has no character limit, someone pasted the entire content of Pan Tadeusz (Master Thaddeus) polish poem as a password” a bad thing? I make the most out of super long character passwords and create ssh key level entropy with it lol.

    • AgreeableLandscape@lemmy.ml
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      4 years ago

      Also, you’re supposed to hash passwords, which turns them into a set length. So you only really need to worry about uploading and hashing passwords on login, so as long as someone doesn’t have a gigabyte long password, I don’t see the problem.