Conversation

DHH
@dhh
We've pulled the public links feature from HEY. After Kylie and others called out the problems around consent, I first dug in, thinking that's how forwards work, but that's a technical framing. And HEY is here to IMPROVE email, not repeat its past mistakes ✌️❤️
Quote Tweet
Kylie
@kyliestew
·
Hmm... didn't realize all Hey emails can be publicly shared without the consent of both parties 🤔 public.hey.com/p/8kCjHBTLievK
Show this thread
26
61
754
DHH
@dhh
So, I apologize to anyone who already used this, but we've removed the existing links, and the feature for now. We gotta come up with a better version of this that factors in the potential for abuse. What riled me up so much about spy pixels is echoed here. We can do better.
7
207
DHH
@dhh
It's also a broad invitation here. We spent two years building HEY. We poured our heart and craft into this thing. But no way will we have gotten everything right from day one. The only way to take HEY from good to great is by listening. So keep feedback/critique/etc flowing! ❤️
18
6
200
Jesse Powell
@jespow
Replying to
@dhh
I'm curious about the use case for public threads. Downsides: 1. hacker can dump your whole account to the public quite easily (and it's not easy to track/manage which threads are public) 2. address spoofing aside, it's higher quality proof than a forwarded message
1:20 AM · Jun 24, 2020Twitter Web App
2
Likes
DHH
@dhh
Replying to
@jespow
The use case we designed for was "forwarding a long thread is a nested mess that always ends up looking shit". That's still a problem! But we gotta come up with a better solution than what we had in place, which didn't consider the abuse angles.
2
2
Jesse Powell
@jespow
Hm.. yeah, that does suck. Damage is potentially mitigated with: * define # of page loads before link is burnt * define password to view the page * expire link time * share/invite by email, requiring Hey auth to view * notify counter parties when a thread has been shared
2
2
Show replies