At my work people delete slack messages and recall emails occasionally. It is almost always for one of two reasons: there was an error in the message or it was sent to the wrong channel / group. By deleting or recalling the message they're showing respect for other people's time. In general, I trust my colleagues to use this power benevolently. If I felt otherwise, I'd probably be looking for another job rather than installing something like this.
If this is an entirely corporate offering, with supporting EULA - you could accept it as simple monitoring requirements. But without that clear separation of corporate, and potential end user devices, this feels more to me perverse - like spying - than anything.
You are removing the right for someone to make a mistake.
That being said; the idea of a system to which a conversation is mutually engaged (“contract”), but to which a single party can immediately and entirely redact their contributions is flawed at best.
Feels like some kind of in-between is required - hopefully with clear end user understanding.
Slack already does offer an in-between, as you can allow edits and redaction for a specific time frame, after which the chat history becomes immutable to all non-admins.
Doesn't stop the email with the original message though (you can get emails of messages). I once saw a coworker cussing out someone while the coworker was asleep. By the time we all woke up, the message had been edited into something nice and cordial. But knowing how much they were actually frustrated was a hint (at least to me) that I needed to take the cordial response seriously.
Being able to see the original message someone shot off in anger and then revised into something nice is really handy as a manager. Especially if the entire team is remote and you can't tell things by body language.
I know it should probably be on the org itself to inform new users that those settings are being used, but I wish that Slack would do a better job of letting users know too. It's a weird experience noticing a typo in a message and not having the option to edit without any feedback as too _why_.
> You are removing the right for someone to make a mistake
You aren't stopping them from making a mistake, and you aren't even stopping them from removing evidence from their PoV. You're merely retaining all communication on your side.
I understand OP's sentiment, and even share it to a degree.
It's 50% FOMO, and 50% a certain arrogance of "It made it to my client desktop, the bits are HERE, therefore they're mine now. How DARE you reach out remotely and remove them." Feels like a violation.
But these feelings are silly, and life is too short to worry about such things. There are better things to optimize for and spend time on.
This is a cool tech demo, but anyone who's thinking of using it PRACTICALLY should consider why they also don't root through their building's trash for nuggets others threw out.
See I'm pro freegan nugget liberating but as you said, definitely anti-this. I had a friend w an IM client in 2010 or so (maybe trillian?) with a plugin that notified him if I opened his profile to chat w him, as well as telling him whether I was really invisible, and finally one that gave a desktop notif if i was typing to him (NOT the typing indicator in a chat window with me).
We were both into computers so he acted like it was a funny/novel piece of tech but he used it in daily life. Felt like stalkerware. You don't stalk your friends, and you don't violate their consent in the same way that friends dont use a patched snapchat client that disables screenshot notifs/keeps photos. Thats creeper shit!!!
aMSN had this feature because the MSN protocol would establish a connection as soon as a you opened a chat window (before you started typing!) in order to be able to retrieve the display picture from the other user. So you would be able to know that someone opened a chat window but decided against starting to type (or haven't decided quite yet they would want to type).
It'd be ok if that's the expectation. The social contract is such that both parties have agreed (by using the same client/network that offers those features), so changing it on only one side feels invasive because you had the expectation of privacy that you didn't actually have.
there were options for all these things, yes. i also remember it in a multi im client like gaim or pidgin.
i checked out that "open chat window once someone starts typing" once out of novelty value... but it felt to stalky to keep it active, and wasnt really handy at all. sometimes ppl misclick and open the wrong window and realize later, others are reading past discussions... really not that useful as a feature
I imagine the intent of something like this is not really that people should install it, just a fully working PoC to show that your deleted messages are not really deleted and you should act appropriately if you type something you shouldn't have. It's just smart practice anyway, as even if the delete was foolproof you don't know who managed to see the message before you deleted it.
(I will admit to an illicit thrill when I click no on the outlook pop-up that informs me someone wants to recall their message...)
But if my password, or any other credentials, were leaked because someone in a trusted environment was scraping deleted messages, then storing it unsecurely, i wouldn't be impressed.
One thing that really doesn't help here is that Unix password entry traditionally hides the input text completely, instead of showing bullets. Normally you would notice pretty quickly if you're typing in the wrong place, since nothing is showing up where you expect it, but Unix terminals train users to expect no feedback when typing passwords, so they're more likely to type the full thing and press enter before noticing anything is amiss.
It astounds me that people use notification sounds for messenger and e-mail clients. How do you get anything done when being repeatedly distracted all day?
> How do you get anything done when being repeatedly distracted all day?
You're confusing productivity with reachability.
I currently have my Slack set to be pretty sensitive to topics that concern me, but that's voluntary. In a previous workplace, Slack was noisy af and I felt pressured to keep it at maximum sensitivity. Of course that just made me more anxious.
It depends on the job. A large part of my job is collaboration. The times that I have to put my head down and focus are the exception and in those cases I will put myself on DND anyway.
I think as a developer it would be very different.
I dont find them as distracting. I think I am good at context switching. They only become an annoyance if you were following a thread and people are discussing in it with you nothing to add, in which case I unfollow it.
I even find them sometimes helpful, they provide short breaks.
If I want to focus hard on something I can just ignore them to check later
When I was younger Constant context switching kept me productive all day long.
Eventually was diagnosed as ADHD. Apparently keeping half a dozen things going at once was my coping method.
First time on medication was surreal oh how I just worked on one thing at a time.
Some clients / chat services will have a delay on notifications, which is probably the way to go; chat shouldn't be about "you have to be aware of this within one second".
When building a chat system with notifications, it's also important that you can recall notifications. Wouldn't want someone's accidentally pasted password to be retained in notifications.
I hired a contractor on Upwork once and he worked alongside us in our Slack workspace. He did great work for a few weeks and then I suspected him of outsourcing his persona to someone else. The smoking gun was that the presumed guy behind the scenes sent a PayPal invoice via his Slack account and immediately deleted it. I have regretted not having fast enough fingers since then and wish I had this.
I did end up catching him- the app he was working on enabled geolocation and he went from Chatanooga, Tennessee to Romania in an hour. I'm surprised he accepted geolocation! I also later confirmed IP addresses via Firebase deployments in the same region.
EDIT: since a lot of people are commenting saying that this is fine by IRS laws of subcontracting etc I should clarify:
1. This wasn't a legal matter, but a business matter. I needed to federate access to sensitive infrastructure for this project, and this person failed to disclose (or denied) any additional involvement.
2. The work was not up to spec which is why there was a problem.
3. The reason for using a 1099 as opposed to a w2 in this case had nothing to do with trying to flout benefit obligations. I don't think saying you need to know who's touching your codebase and hiring someone on a contract basis is trying to have your cake and eat it too. This type of contract is much more expensive for us than a full-time employee.
"The general rule is that an individual is an independent contractor if the payer has the right to control or direct only the result of the work and not what will be done and how it will be done."
independent contractors are free to sub out work. this is the law. they also probably should not be on your slack unless you're considering the whole thing a consulting arrangement.
i understand where you're coming from, especially in trying to make use of upwork in some actually useful way for your business. but you should also be aware of the law.
> independent contractors are free to sub out work. this is the law.
I’ve never seen a contracting agreement that didn’t specifically prohibit subcontracting without the explicit written consent of the client. It’s not that it wouldn’t be federally legal, it’s that it would violate the specific contract with the client.
There isn’t a jurisdiction on the planet that would reject a contract clause that the person hired to do a job cannot covertly outsource the work by providing their credentials to a third party. That’d likely be breaking multiple clauses of any sane contracting agreement.
The important caveat that is that in many jurisdictions, there’s a significant difference in the tax treatment of contractors vs. employees, and so by producing such a contract (that forbids subcontracting) you are plausibly creating an employment arrangement and are on the hook for tax consequences.
Here in the UK, for example, if you wrote such a contract, it would be enforceable… but you would be considered (by the tax authority) to be trying to evade employment taxes, and hit with something starting in the range of a low 5-figure financial consequence (assuming the contract was a few months at current average rate for tech workers).
All of my contracts explicitly allow subcontracting in order to comply with tax law.
> you are plausibly creating an employment arrangement and are on the hook for tax consequences.
I realize this thread is full of armchair lawyers, but that is definitely not the case in the US.
Most importantly, there are plenty of valid business reasons to prevent subcontracting that don't have to do with "locus of control" issues that would warrant someone being a full-time employee.
There is a difference between "allowing it" and "allowing it secretly without your knowledge". There are issues of confidentiality (and potentially NDAs and therefore IP issues) and possibly issues of export depending what you're working on.
There's also an issue of 'what you bought' - this isn't necessarily a contractual thing. I work for a consultancy, if we sell you a project based on the skills and knowledge of a few of our experts and then when the project starts we actually staff the project with a few grads, you'd be annoyed right? Very carefully our contracts don't name individuals to allow us flexibility (e.g. someone gets ill, goes on leave etc.) so we're fine legally but you'd be understandably upset and might want to end the contract. [this by the way, is exactly what Accenture does quite a lot]
3. RESPONSIBILITY FOR EMPLOYEES AND SUBCONTRACTORS, INCLUDING AGENCY MEMBERS
If a User subcontracts with or employs third parties to perform Freelancer Services on behalf of the User for any Engagement, the User represents and warrants that it does so as a legally recognized entity or person and in compliance with all applicable laws and regulations. Further, at all times a User that agreed to perform services under a Services Contract remains responsible for the quality of the services and represents and warrants that User has entered into agreements with any such employees and subcontractors on confidentiality and intellectual property at least as strong as those in these Optional Service Terms.
it's a business to business agreement. a contractor is free to sub.
No a contract is a contract and the contract defines what the agreement is. The IRS might have a view of the tax implications of contract law but it doesn't control anything.
They can also include clauses that the company's code and other materials won't be shared with 3rd parties, aka an NDA. These are standard and well-accepted practice.
The contract will also be very clear that access to the systems is only granted to the person signing the contract. They don't get to grant access to other people just because they have contractor status.
> independent contractors are free to sub out work. this is the law.
Practically speaking, there is no way a software contractor can sub out work without violating a litany of contractual obligations in the contracting agreement. Even minimalistic contracting boilerplate agreements will have clauses that cover these situations.
For example, if you sign an NDA with a company covering the work and then turn around and send the codebase to a contractor in Romania to work on it, you've very clearly violated the terms of the NDA.
So no, the law doesn't automatically allow engineering contractors to do whatever they want with the work.
> For example, if you sign an NDA with a company covering the work and then turn around and send the codebase to a contractor in Romania to work on it, you've very clearly violated the terms of the NDA.
I find that unlikely. What if you were instead handing it to an employee?
(Also, different NDAs are... different, it's pretty tough to talk about them all in general and expect a statement to be true.)
> So no, the law doesn't automatically allow engineering contractors to do whatever they want with the work.
Yes, it does. Just because you might have terms in a contract prohibiting it doesn't mean the law prohibits it.
> I find that unlikely. What if you were instead handing it to an employee?
> (Also, different NDAs are... different, it's pretty tough to talk about them all in general and expect a statement to be true.)
If you sign a contract that says you're not going to share the company's code and then you share the company's code, you've violated the NDA. It's as simple as that.
Being a contractor doesn't grant someone magical immunity to the contracts they've signed. At most, the employee could argue that the contract made them a full-time employee and sue for benefits and such. They can't, however, simply ignore contractual obligations that they've agreed to.
The original commenter didn't say what happened as a result, just that he caught the contractor subbing out work.
If it were me, I would not renew a contract with someone who sub-contracted work out to someone I don't know and didn't approve without informing me. Whether it is or not, it certainly seems shady, and I don't want to work with people who have violated my trust.
When I was a contractor, our clients usually had a number of clauses in the contract that would have allowed them to end the engagement early for pulling something like that.
And, of course, in the end they could always just have said "go to hell, we're not working with you anymore," and it would come down to who wants to go to court the least.
> When I was a contractor, our clients usually had a number of clauses in the contract that would have allowed them to end the engagement early for pulling something like that.
At minimum, any NDA would have been violated by sharing the company's code and/or access with a third party.
Being a contractor doesn't give someone carte blanche authority to pull random people into confidential work. Any reasonable contracting agreement will make it clear that the materials are not to be shared with anyone outside of the contract.
Yeah I get this and it doesn't apply here. The payer in this case did not have the right to control only the result of the work which is the crux of the situation.
The law, nor the linked resource, stipulates that any 1099 relationship can be subcontracted out by anyone, let alone without disclosure. If that were the case the explicit option to hire onshore vs offshore on sites like Upwork would be meaningless, or a matter of arbitrage.
Not having the right to control only the result makes them an employee which in turn makes them eligible for benefits and so on. This is the specific difference between a contractor and an employee.
The problem is that you can't just have what are effectively employees but on a contract basis under law. It opens you up to liabilities, as Uber has been experiencing.
The closest I think you could get is actually contracting a PEO that takes the individual under employee status and assigns them specifically to your company under contract. Being an employee of the PEO means that they can in fact control these aspects of the job, and you aren't contracting them, you are contracting the PEO who subs out to them.
> Not having the right to control only the result makes them an employee which in turn makes them eligible for benefits and so on. This is the specific difference between a contractor and an employee.
This isn't actually even the root issue.
The contractor almost certainly violated their contract by sharing NDA-covered materials with an unauthorized third party.
The contractor also shared access credentials to the company's systems with someone else and then facilitated fraudulent interactions wherein one person claimed to be someone else.
Being a contractor doesn't give someone carte blanche authority to do whatever they want with the company's materials (codebase, design documents) and secured systems.
It seems intuitively like you can't just ghost in someone who didnt even sign the copyright assignment stuff with the right party, ndas, or undergo a possible background check.
there's a whole industry that does this. they're called agencies. taking responsibility for quality and ensuring no subs or staff do anything sketchy is expensive and hard, as such they typically add a 100% cut to what gets billed out to the client.
They can be, provided that disclosure is handled up-front and the contract is structured for it. Dropping that on someone who had every reasonable expectation - and possibly even contractual language - about you doing the work yourself is quite a different matter.
They certainly can be the same. In this case the contract I had with this person stipulated that they would be doing the work and this person denied having another person involved ahead of time. Moreover, there were security clearances associated with this person and expanding the footprint was a relevant consideration for the project.
The person or entity who hired the prime contractor is also on the hook. If you are in that position, it is better to detect and stop a contractor doing things behind your back than it is to explain that you didn’t know that a contractor subcontracted the work to the person who installed the backdoor.
> In construction, parts of projects are routinely subcontracted out. The primary contractor is on the hook for ensuring quality.
> I don't see why software projects can't be the same.
Contractors can't automatically give subcontractors access to the plans, the construction site, and so on. The contracting agreement will have provisions about who can access the site, how they get approved, on what terms, and so on. Becoming a construction contractor doesn't give someone carte blanche to invite other people to a site without regard to the terms of the contract.
Likewise, a software contractor can't just decide to share your codebase and design documents with a subcontractor because it almost certainly violates many of the contractual clauses they agreed to.
The terms are negotiated between the company and the contractors.
Being a contractor doesn't automatically grant someone the right to delegate access to sites and such.
I think a lot of people in this thread have misunderstand what the law is actually saying. The law doesn't say that if you're given contractor status you can do whatever you want. The law says that if the job is misclassified as a contracting position when it should be a full-time position, then the employee is owed benefits and such.
If you sign a contract with a company that says you will not share the code, design docs, system access credentials, physical building access, or other common stipulations, you can't automatically ignore those because you're a contractor.
I mean, yes, that’s right. The primary contractor runs the job site, manages who’s allowed to be on the site, and will absolutely complain if the known subcontractors smuggle in random unauthorized people to run cabling. It’s not like they’re being obnoxious just to make money; in construction, as in software, there are many regulatory and compliance related reasons that who does the work matters.
The employee / contractor thing may be a violation of IRS regulations (depends on a lot of factors). Lying to obtain a contract, and lying about who is doing the work and who has access to any sensitive materials related to the work is straight up fraud, so I wouldn’t want to get into a legal pissing match over it.
> lying about who is doing the work and who has access to any sensitive materials related to the work is straight up fraud
Fraud would require a contract saying X is doing the work, which is controlling what will be done and how it will be done which means they would be classified as an employee.
I feel like there has to be a legal difference between treating someone like an employee and requiring, say, your contractor Bob to be the one signing in with their credentials bob01 and not his subcontractor Bill.
Why would it matter who is signing in as long as whoever does the work follows the same agreement standards? Sounds an awful lot like controlling what will be done and how it will be done, which is the definition of an employee.
I guess I can't imagine a situation where Bill is contracted at a temp agency, turns around and hires Bob, and when Bob shows up with Bill's badge and is refused entry, and Bill somehow wins a lawsuit on the theory that Bill must be allowed to subcontract and anyone he subcontracts to must be allowed on-site to perform the work, no matter what.
Like, not giving out your password (or badge, or key, or whatever) to someone else is a pretty core job responsibility!
If they are contracted at a temp agency, then they are taking on the risks Bill would be an employee of the temp agency... Employee misclassification is frequently abused so don't get me wrong, I think it happens a lot, but in many cases people are misclassified.
This is so unethical and sadly not rare. I have had people reach out to me (twice, recently) on LinkedIn to interview for them (using names and credentials of people who have work authorization for USA) and the offer is usually a fixed rate + commission per job per month for the lifetime of the job. They hire skilled engineers to secure the jobs for them while outsourcing the actual work. So the scam can go further than just outsourcing the work to people with potentially far lower skills.
I've been working remote for almost a decade, and most of the companies I've worked for have pulled me into the office at some point. All expenses paid of course. No, it does not stop an employee from outsourcing work, however a decent contract will.
Employers should also not frown upon those that have this type of behavior unless they specifically call this out in a contract or the employee handbook.
Note that I've never attempted to outsource my work since I like writing code and I get paid an awesome enough salary as it is, but I don't blame those that do unless they are breaking the rules.
I actually got laid off from a job because the lead programmer on my team was doing this. He had 3 folks working in India full time. He told me about it prior to the layoffs over beers. 3 folks on my team were let go. Note that we all found jobs within a month. The last time I spoke with him, he was still doing it. The only time he does any work is when the company has meetings he is asked to attend.
I can practically guarantee (without bothering to check) it's against Upwork's rules, and in many jurisdictions a form of fraud.
1. Legal/compliance/tax problems
2. If Upwork were to allow this, it effectively allows bad actors to reset their reputation whenever they want
3. If you're willing to lie about this, do I really want you working for me?
4. Just because you approve of them and think they're safe doesn't mean I do, and you're sending my confidential company secrets and source code to them
None of these are problems if you're upfront about it, but lying and claiming you're doing the work when you're actually outsourcing it is very bad.
I wonder, would you (or others complaining about subcontracting) be OK with it if the prime contractor was totally above board, disclosing the fact that he is subcontracting and allowing you to "vet" the subs?
In other words, is it the misrepresentation that's the problem, is it your need to scrutinize the subcontractors, or is it simply that the prime contractor isn't personally toiling sufficiently for you?
Personally, I don't see what the big deal is. A client is paying some agreed amount of money for some agreed results in some agreed time period. What difference does it make if the contractor personally types in the code or if he finds 5 Indian guys to do it?
I put in some hours in the world of defense/government contracting, where in many cases, the prime contractor never does any work at all. His only job is to "be the prime contractor" but he subcontracts everything, and I mean everything out to others as soon as the ink is dried.
> I wonder, would you (or others complaining about subcontracting) be OK with it if the prime contractor was totally above board, disclosing the fact that he is subcontracting and allowing you to "vet" the subs?
Yes, the misrepresentation is the key part. For example, if I grant you access to a server that doesn't mean that I want a bunch of randos I never meant having access to the same server as you — if nothing else, you'd want them to have had whatever you consider necessary security training and you'd want your ops people to know that a connection from Romania isn't an immediate sign that you've been hacked.
This is especially true when you're crossing country boundaries and things like IP law or similar concerns vary widely. Most contracting agreements cover things like handling corporate IP carefully and I'd expect at least a request to confirm that this is okay.
Now, there are cases where it might be more forgivable: for example, if I'm hiring you to work on a project which involves an open source component and you turn around and hire one of the developers on that project to add a feature we need, that seems entirely reasonable because it's a) not my IP and b) totally above board that J. Random Maintainer made those commits and shipped v1.2.3 which you're using. Similarly, if you found an artist to contribute assets but didn't give them access to my server or a copy of our code, that seems fine, too. None of that seems anything like the situation described, however.
> I put in some hours in the world of defense/government contracting, where in many cases, the prime contractor never does any work at all. His only job is to "be the prime contractor" but he subcontracts everything, and I mean everything out to others as soon as the ink is dried.
Yes but speaking from experience on the .gov side they do that with the full knowledge of the agency and a contractor will be terminated and banned from future work if they violate security policies such as having unauthorized people access a government system or sharing source code without authorization.
Yeah I definitely wouldn't care if it was disclosed ahead of time. In my case it was not disclosed and ultimately denied when asked. It represented a security threat to a system where we specifically federated access to specific people.
> In other words, is it the misrepresentation that's the problem, is it your need to scrutinize the subcontractors, or is it simply that the prime contractor isn't personally toiling sufficiently for you?
There seem to be quite a few comments specifically calling out the misrepresentation as the main problem. I guess we could speculate that the motivation is actually that they want the prime contractor to toil for them, but I dunno. Caring who exactly is toiling seems kind of weird and controlling, we should be generous to the community and not ascribe weird motivation to them if they've got some other perfectly reasonable reason to care.
Depends on the contract. Part of being a contractor by IRS standards is being able to subcontract.
> Personal performance of services: An independent contractor should have the freedom to hire assistants or subcontract work to other workers or firms at his or her expense (this is where profit or loss could enter the picture). If you require the worker to perform the work personally, that's a sign of control and therefore indicative of employee status.
You misunderstand: someone is an employee when they fall under many of those categories, not just one. They aren't some kind of requirements/'standards' contractors must completely (or even mostly) adhere to.
Someone would be an employee rather than a contractor if they couldn't subcontract AND they had set hours AND they had to use your tools AND you set the work on a day to day basis. Many of those things need to be true, not just one to push someone from contractor to employee.
A. The worker is free from the employer's control or direction in performing the work.
B. The work takes place outside the usual course of the business of the company and off the site of the business.
C. Customarily, the worker is engaged in an independent trade, occupation, profession, or business.
In this case, again, depending on the contract signed, A would cover subcontracting unless it was explicitly prohibited by the contract. And maybe it was. But I have signed plenty of contracts with my personal name not my fictitious or LLC name that would not have been violated by having someone else perform the work.
Legally, maybe. In practice, when I was freelancing, I don’t think any of my clients would have been okay with me subcontracting the work. Amongst other reasons, I think most clients wouldn’t be happy with the idea that they could have paid someone else less to do the same work. (And yes, I understand that there’s a management aspect to subcontracting that may justify the difference, but most clients wouldn’t see it that way if they were expecting you to do the work by yourself.)
I don’t feel sympathy for that, because to me the very aspect of contracting is that you should be able to subcontract out the work. If they wanted me specifically to do the work, then they should have taken the time and effort and paid the taxes to hire me as a W2 employee. You can’t have it both ways.
You could absolutely have it both ways if both parties agree to those terms though. If the agreement is for the work to be performed by a specific person, either in word or intent, then it could be breach of contract.
Absolutely! My point is that if you are making an agreement for a specific person to perform the work instead of worrying about the outcome itself, perhaps you are really seeking employment instead of a contractual agreement.
This whole thread got super litigious around my comment that there is a defendable reality where people subcontract what you contracted them to do. It all depends on the contract wording.
Good counter example to me defending be able to subcontract would be performance agreements (e.g. I pay Foo Fighters $1m for a concert they can't send Weird Al in their place).
> Part of being a contractor by IRS standards is being able to subcontract.
Yes, but the contractor must still respect the other contractual obligations.
For example, they almost certainly signed a contract that they wouldn't share the codebase (NDA) or share access to the company's systems. The contractor would have clearly violated this by giving the code to someone else to work on and giving that person access to the company's Slack under someone else's name.
If he would have subcontracted an isolated task involving no trade secrets, no confidential information, and no access to the company's systems he would have been fine.
But you can't just hire someone in Romania and have them pretend to be you and log in with your credentials and have access to the company's proprietary materials. Being a contractor isn't an automatic license to ignore all of the things you've agreed to.
This against their rules. And I had the same thing happen.
Hired an “American” contractor named Jeff. Had a video meeting with him, everything started off great.
Then when we got him into slack, his English went way down hill.
I tried to get a phone number for him and he resisted and gave excuses why he couldn’t talk right now.
So… because I suspect this is getting to be very common… Get a phone number for your contractor and call them periodically. Insist to speak with them on the phone about something they have done recently.
Even if the work would have been good, I won’t pay a liar like that.
Yep, I had to spend a lot of time talking with people offering proxy services or looking for proxies to understand exactly what it was, and we ended up banning this kind of requests because of how dishonest it is. Turns out it's common practice also for university exams!
Combining this with my bot that makes me “is typing…” any time anyone begins typing at me will surely make my Slack experience even more passive aggressive.
For what it's worth, I find the availability & typing indicators in Slack to be unreliable. When someone "is typing" for a long time I assume it's lying. In this circumstance, it's likely they needed more information or otherwise weren't able to answer your question right away, and they have deleted their message & are not actively typing.
This is a great "feature" of slack, because when somebody accuses me of ignoring then citing "is typing...", I can tell them it's Slack's fault (and half the time it is!)
I don't know about Slack, but ones I've used in the past would continually show that indicator if you accidentally hit a key and leave something in the input box, but have tabbed away.
The most awkward one is if someone is typing in a thread, it also shows the is typing in the main channel. You can be having a long conversation in a thread and it'll look as if you're typing some incredibly slow message to the main chat.
I found recently that my android phone had automatically front-run SMS messaging with some kind of google based imessage like wrapper. The only "feature" this provided to me (I'm sure it let google harvest my conversations) was that suddenly my SMS discussion had an "is typing" indicator which is how I knew it had been changed, and was literally the last thing I would want in a discussion. Thankfully I can turn it off so presumably google only steals my information in the background
I'm definitely guilty of that one. Though it's usually because if e.g. the question is "Will X software do Y", the answer is often "Usually, but watch out for somewhat complicated Z".
A while back i left my computer overnight running with an afk macro in a game. somehow discord got focus and i woke up to amused messages as i had been "typing" for 10 hours.
Those indicators aren't super accurate. I have had two accounts on Telegram and can see the other one "Typing" for quite a long time after I touched the input and exited the chat
A couple of lifetimes ago, when I was a videogame developer, we were having issues with a publisher. I sent them an email explaining why I felt that a certain situation was unfair to us, etc, etc.
A few minutes later I got an email from the producer, but obviously intended to be read by one of his colleagues, who I had CCd on my email. It said something to the effect of "you know, they kind of have a point, blah blah"
This was almost immediately followed by a plain-text email that said "recall" IIRC. I assumed this is how Outlook implements recalling an email internally, except that I was using some Linux email client that was blissfully unaware of this. I chuckled. Just seconds later yet another email begging me not to read the original email as it had been sent by mistake, apologies, etc.
I guess the moral of the story, if there is one, is that you can't really un-deliver a message once it has been delivered. Think twice before you send!
I've met a couple teens who, for Discord on mobile, have the hilarious workaround of just leaving screen recording running 24/7. This obviously gives you a complete log of every pixel you see, at the cost of having to go in and manually delete the files fairly often.
Somewhat relatedly, the Tweetdeck client for Twitter appears to be write-only, because I'll routinely see two or three instances of the same tweet where the author deleted to fix a typo, and other more embarrassing tweets, including at least one that was obviously meant to be a DM.
This applies to Twitter iOS and probably Web and Android too. If a tweet is in your feed and gets deleted, it’ll stay in your feed (but show “This tweet has been deleted” if you try to reply or look at replies)
This highlights one of the problems with treating chat clients as casual conversation by abusing that trust. Not sure I like this; it’s a problem that deserves a solution, and I guess calls attention to it.
I have never been able to accidentally broadcast my impolite opinions on the lukewarm breakfast burritos to everyone in my company in a casual conversation.
Yeah, but there's also defence in depth, right? Being unable to delete a message means you're exposed to anyone who can see your main Slack channel for the stretch of time between posting and rotating, as opposed to the smaller number of people who saw the message or who are running a weird patched Slack client.
Slack probably doesn't care about this, but I do find it slightly disingenuous that Signal offers a "delete message" feature, given its focus on security and not misleading the user that they're doing something that protects them. What's saying that I couldn't similarly patch Signal, and read all of my friend's deleted messages?
I think it's pretty obvious to anyone that your correspondant can read a message before you delete it. And no one assumes that deleting it from signal deletes it from people's brain.
Isn't the whole point of disappearing/delete-able messages that you leave the meaning in your recipient's brain but not on your phones? So if a third party later tries to read your chat logs they won't see anything (sensitive).
I think it's assumed that your recipient is not malicious. I swear at some point there was a warning saying that if you enable disappearing messages it wouldn't prevent your recipient (or you) from simply taking a screenshot of the messages.
If you do this (anywhere, in any context, not just Slack — a notable example is Discord where a lot of people have mods that keep deleted messages), you are uncool. If I delete something I want it gone and if you install mods like this I see that as disrespecting me
That’s probably best handled as a people problem rather than a technology problem. Ie some combination of Confront the moderator/abandon the forum/accept the moderation as is.
There will always be outliers. Life isn’t a binary system.
Sure, but I think that argument says we should consider people who locally retain server-deleted messages as not necessarily disrespectful demons (nor altruistic angels). And that mitigating people problems with a technological fix can be a reasonable choice, instead of expending huge efforts to fix them, with just walking away as your only other option. Hell, Discord/Slack seems to me to be essentially a platform to gather all your people problems in one place! :)
This strikes me as poor social etiquette. Just because the protocol allows something doesn’t mean you should. The workplace is a (mostly) trusted environment.
I'm going to build an extension that has a brief delayed send function.
I thought this was a novelty, but now it sounds like a lot of people are really waiting on a gotcha moment. Are you all in such bad circumstances that you actually want this?
This is cool. But on the other hand, it's not the way the world was intended to be. If someone sends you a nasty message which they immediately delete: then isn't the world a better place? It's a somewhat philosophical and moral question...
When I see a message pop up that gets deleted before I get a chance to read it, I'm left wondering for ages what it could have been.
I'm generally of the opinion people are free to say (almost) whatever they like to me, and deal with the consequences. Virtually though, I guess it's a little different. People type things they wouldn't say face to face, so maybe being able to delete them before they're read is the fix for that.
Quite the opposite, it’s precisely how things are intended to be - and pretty much always were. The law states clearly that correspondence belongs to its recipient.
History is anything but immutable... The past, however, is immutable. History is the story told by the prevailing parties over generations of violent conflict
The human mind does need privacy and the assumption that something you say wont last forever, go to a select group only or you can deny it or people forget is ingrained in our social hardware.
Then comes along computers and all that is out the window!
I've had to use Slack for a while, but never wanted to delete any messages --- or even edit them. On the contrary, I find it immensely irritating when others change/delete their messages, especially when I'm in the middle of reading them and writing a reply. However, instead of patching the official client, I just wrote (a read-only) one that uses their API to simply log all the messages/events that occur.
I wonder if it's a difference in culture/expectations. For me, once a message is sent, I expect it to be immutable, much like basically all forms of communication have been in the past. Email, IRC, etc. all work like that. If I intend to amend or otherwise change it, I'll simply send another one or use "correction asterisks". To do otherwise feels like a taboo, almost like trying to rewrite history.
Edit: seriously, immediate downvotes? What nerve did I strike this time...?
I think that I have that general approach to things that are relevant but it's nice to delete irrelevant messages. Not sure how often it happens in slack, but us senile 40-somethings type "Love you baby, have a great day!" into the wrong chat all the time. That, and phone numbers, search phrases, reminders. Sometimes it's better to just unclutter the thread.
Your opinion is just bizarre, as if editing chat messages to improve clarity is somehow a negative. Chat is not email. The point of chat is that it's fast and often a half-baked message is good enough.
While at my previous work, my manager deleted a message in such a way that it would make the conversation appear hostile from my part.
We were already not in good terms, and it was a small company so there was little to be done. But having seen the message and knowing the intention, and not being able to prove it felt horrible.
This does not prevent the other person from editing the message down to remove the substance, then proceeding to delete, right? Similar to how proper reddit deleters work.
My workplace administrators have disabled deleting messages on Slack perhaps with the intent of preventing this sort of thing. Usually if someone sends an "oops" message they'll edit it to ".".
I haven't read the code, but I'm guessing the API they're using would allow them to track _all_ changes. The only reason Reddit works that way is because they choose to only keep one version of the comment internally (or at least they did back when most reddit deleters were in use, in 2017 or so). It's architecture, not some fundamental limitation, that causes that to work, although it may not actually work anymore. Only reddit knows that.
> The backstory is kind of funny - not so long ago my friend had a rant about his former boss. He told me a story of how his former boss accidently sent him a nasty message and then immediately deleted it. My friend wanted to confront him but had no proof because the message was gone too quickly.
Great example, justified too. The message was read and had impact. Retracting it removes accountability and proof. Not something you want in a professional setting.
One can achieve the same with Snapchat.
In the end you can hexedit something like this as there is a statement involved "if message received is remove_message_id and is_owner_of_message are true or remove_message_id and is_admin are true its deleted. With something like Java (Android) decompiling yields pretty much something akin to the source. And everything has a native Android 'app' these days.
OTOH perhaps a good thing laymen cannot achieve this. We don't know the exact impact of the pros and cons of the feature.
Well, employers are able to retrieve deleted Slack messages from anyone in the company if they want to. Be careful what you write on Slack, and don't think that just "deleting" it will make it disappear.
This reminds me of how android backs up WhatsApp photos/videos on my phone so fast that it caught and accidental send and deletes. I received a video of a friend badly singing karaoke that wasn't meant for me.
This is providing to the user what the organization paying for slack already has available:
“On paid plans, workspace owners can customize their retention policies. They can choose to set a custom time frame to keep messages and files, and they can also choose to retain all versions of an edited or deleted message.”
Whether or not the company toggles the setting is another matter of course.
I always find it funny when developers introduce these client functionality kneecaps. This particular one is like security through obscurity. If a message reaches a recipient, there's no reason to believe you can delete it on their end. "Oh, well most people won't go through the trouble" is a lesson we have learned from already.
The other one that gives me a chuckle is read receipts and typing notifications. Chat apps put them in (I can't stand them so I turn them off, I don't want to see them or send them) and then they make both the setting to receive them and to send them tied together, like some sort of mommy telling you how to properly behave. "If you don't want to send them then you shouldn't be able to see them, its only fair." But it is handled in the client, a lot of the time a FOSS client, which can be patched. It's kind of ridiculous.
Circa 2000 I similarly "patched" (i.e. replaced the string "blink" with something else) my browser binary to disable the blink tag. I didn't have to worry about a crc or otherwise signed code back then.
Thankfully this person is described as a former boss, I sure hope nobody that values themselves would stick around long for abusive-then-deleted messages by slack.
TL;DR: I patched my Slack client to keep messages that others delete.
Let's say someone sent me a message, immediately regretted it and tried to delete it. They will think the message got deleted on both ends ("delete for everyone"), but using this patch my client will keep the message anyway and notify me that someone tried to delete it
The backstory is kind of funny - not so long ago my friend had a rant about his former boss. He told me a story of how his former boss accidently sent him a nasty message and then immediately deleted it. My friend wanted to confront him but had no proof because the message was gone too quickly..
My profile will state a disclaimer that I do not consent for you to keep any of my deleted messages, you must delete any messages I have deleted immediately.
Ah ha, but my profile will state that sending me a message is an affirmative act of agreement to the terms of service on my account, which state that you grant to me an irrevocable license to store, duplicate, transfer, sublicense, and republish any and all such content... which you, of course, under penalty of perjury, assert you have the rights to in the first place ;P.
"Hello HR, while working for the company I've used the company's computer to send a message to the company's other employees. But I think I own this message. Further, I think I can use this ownership to impose an additional contract upon the company's other employees, which they have to agree to in order to receive my work communications."
You should send it over Slack -- just make sure HR knows they also fall under your contract, at least that way they'll be laughing when they call you in for a chat.
Yes, telling HR you are mad that something you typed and sent was stored - is definitely better than just being more careful about what you type and send.
Maybe they never saw an official Facebook blog post with 100,000 comments all copy-pasting the same text about not consenting to their data being used. Or maybe they've seen too many, posted in earnest.
*Reading of this comment requires the READING PARTY, to agree to the terms and conditions of the comment. If you do not agree to these terms, you must delete the comment from your memory.
Terms: You are the READING PARTY
Conditions: The READING PARTY will agree with the comment.
