My broken blog

I wanted to let people know I’m well-aware that Shtetl-Optimized has been suffering from the following problems lately:

  • Commenters are presented with the logins (handle, email address, and URL) of random other commenters, rather than with their own default login data.  In particular, this means that email addresses are leaking, and that when you comment, you should not (for the time being) enter your real email address if that’s information that you’d wanted to share only with me.  Another thing it means is that, when I try to comment, I’m not logged in as “Scott,” so even I have to enter my login data manually every time I comment.
  • Comments (including my own comments!) take about an hour to show up after I’ve approved them.
  • New blog posts also take a while to show up.

Since all three of these problems started happening around the same time, I assume they’re related.  But I don’t even know where to start in trying to solve them (Googling for “WordPress” plus descriptions of these bugs was unhelpful).  Would anyone like to help out?  If you earn my trust, I’ll even temporarily give you administrative privileges on this blog so you can poke around yourself.

Thanks so much, and hope to return to your regularly scheduled programming shortly…

41 Responses to “My broken blog”

  1. oh boy Says:

    sounds like a caching problem — you got a caching plugin? Turn it off.

  2. Elodil Says:

    The thing the problems have in common is caching. You must have some kind of caching misconfiguration.

  3. James Gallagher Says:

    Did you only recently update to 4.7? If so, there seems to be a common issue with the various caches and plugins you may be using see here

    (two posters above suggested similar, give them admin privs loil)

  4. Scott Says:

    James #3: Thanks!!! I tried deactivating all the plugins, then re-activating them one-by-one, as that page suggested, and that appears to have fixed the problem—at least for now.

    (Previously, I did suspect it was a cache or plugin problem, so I turned off and reactivated the plugins one at a time, but that didn’t do it.)

    Everyone: please let me know if you still experience the problem of getting someone else’s login info.

  5. Douglas Knight Says:

    Still getting Gallagher’s login info.

  6. Scott Says:

    Douglas #5: Yes, alas, the fix was short-lived. Back to the drawing board.

  7. James Gallagher Says:

    Knight #5

    I changed my email to an old unused hotmail address. I don’t get any unusual behaviour when I post. My post just goes to awaiting moderation as usual.

  8. Anon1 Says:

    If we are living in a simulation, and it quantum computer complexity research and experiments are straining the computational resources of the simulator, then we should consider the possibility that a glitch has been introduced to sabotage this blog.

  9. Jair Says:

    No, my name is not Jair Taylor from the University of Washington. Moreover, I should be banned at least through 2022 or indefinitely. Just click at my URL to see why!

  10. Adam M Says:

    Scott, which plugins do you have installed? If the problem was resolved temporarily when you deactivated all the plugins and then reactivated them, it’s (almost) certainly an issue with one of the plugins. This could be either a bug in the plugin itself or (more likely) an incompatibility with other plugins, current WordPress version, or (less likely) your theme.

    Are all the plugins and your theme up to date?

    I have some professional WordPress experience and would be happy to help fix this. I’m on an intercontinental flight today, though, so you might have it sorted before I’m back to earth and online. Otherwise, send mail to adam at photosynthesis dot ca if you’d like a hand.

  11. notsuggestedavatar Says:

    Attaining singularity getting closer by the minute. Only server caching to overcome and we are there. If we had basic problem of computer science solved we would write one program that solves all issues including blog caching!

  12. Andrew B. Says:

    Have you thought about installing Disqus to handle the comments?

  13. Jair Says:


  14. Cody Says:

    Yeah I had JeanTate for login info.

    Until very recently my wordpress site *never* remembered my login, but suddenly it is. Now I’m paranoid it could have this problem, lucky for me no one actually visits my site 😛

    Wish I could say I could help but I doubt I could.

    Good luck!

  15. Jair Says:

    I can see Jair’s comment awaiting moderation above.

  16. Tim McCormack Says:

    It looks like you have nginx sitting in front of WordPress, and it is adding an X-Proxy-Cache header that correlates with the issue (although this is not a smoking gun.)

    – If I load the page, I get someone else’s metadata, and a X-Proxy-Cache=HIT header (look at the Network tab of your browser’s devtools)
    – If I Ctrl-F5 (force-reload, and telling caches to get out of the way) I get a clean reply form and X-Proxy-Cache=BYPASS.
    – If I then reload again normally, I get someone else’s metadata and X-Proxy-Cache=HIT

    Did you recently change your nginx config in any way? Or upgrade nginx? Does nginx have logs that reveal trouble? What happens if you restart nginx?

  17. Jim C Says:

    Posting this with a bogus email address since potentially real email could get exposed.

    When first went to this part, there was a name and email filled in that were not mine.

    Getting back in after logging out fields were blank. So this looks somewhat intermittent.

    Thought it might be tied to cookies so was going to clear but can’t find any cookies for your site.

    One thought is this might not be WordPress per se but might be related to some server caching you have turned on. I could see Blue Host seems to offer that and it can be turned off.

  18. Jim C 2 Says:

    Precaution was justified, Jim C, your bogus email address got exposed. While your comment was awaiting moderation. Scott, please consider shutting down commenting until this is resolved.

  19. Jim C Says:

    This is interesting. After posting comment, two cookies appeared and my bogus name and email appeared on refresh. Even after deleting the cookies, shutting down browser, getting back in my bogus name and email are still appearing and there are no cookies.

    So my guess is that last view somebody had of this page will be the next view everybody gets perhaps until the cache expires something else happens. I strongly suspect the server itself is caching the page and not even hitting WordPress on the WordPress DB.

  20. Raoul Says:

    Something has my account confused with that of a Rabbi who died in 1941.

    On the same day as Trump fires the head of the FBI. Coincidence?

  21. Jud Says:

    Raoul #20 – I think it has more to do with Trump bringing historical figures like Frederick Douglass back to life.

  22. Jud Says:

    Oh, BTW, Science March signs: My favorite was “Science gives me a hadron!”

  23. JeanTate Says:

    I am JeanTate (Cody #14), and the Name and Mail fields were prefilled. There is this, in brackets after Mail: “will not be published)”.

    Do I now need to retire my email addy, and pick a new one?

  24. Juris Arts Says:

    Another symptom  (for me) FireFox and Safari sometimes show different comment lists — they remain out-of-sync by up to an hour (roughly), even after my own browser caches are cleared.

    Cause(s)  Perhaps at least part of Shtetl Optimized’s problems are upstream of WordPress (possibly in the service-provider).

    Fixes  (1) reinstall WordPress/plugins from scratch and (2) switch/reconfigure service-providers.

    Rational  Two heuristic rules of experimental science are (1) “It’s always the connector” (in this case, the service-provider), and (2) “When you’re persistently confused, take it as a sign that more than one thing is wrong” (so reinstall WordPress too).

  25. Guy Says:

    Jud, @22

    Seems like a “large” missed opportunity…

  26. Ajit R. Jadhav Says:

    Ummm… Checked this blog a couple of times (with a couple of reloads each time) over the last few days; knew, couldn’t possibly be of any help; but noticed that (i) the reloads kept the revealed email IDs the same, and (ii) the separate times I visited this blog, different IDs were pre-present. Thus, got to know two IDs. Have forgotten which ones, by now.

    But anyway, just to let you know: Right now, there is no leaked ID visible. … May be something you tried has worked.

    But the comment # it shows below in the preview (as I type) is 1, even if I can see that there are 25 comments visible above. … Just in case it’s of any help.



  27. skendo Says:

    Its not just your email that is being exposed. I was given your bank details and password.

    However I’m now starting to think that being a scientist doesn’t pay as much as I first thought 🙂

  28. Peter Gerdes Says:

    So I took a look at the html and the Name/email fields are being filled directly in the html itself (i.e. it is generated by the wordpress php code). This suggests that one of the following things is wrong:

    1) you installed some wordpress plugin that isn’t working right. So first step I suggest try disabling any plugins (especially those regarding commenting) and see if it fixes the problem.

    2) Something is wrong with your caching setup so it is serving cached pages when it shouldn’t. Try disabling any caching plugins you are running.

    3) I guess it could also be a corrupt database or perhaps your wordpress code got screwed up. Maybe try reinstalling/upgrading your wordpress install. It is possible the auto update process messed something up (e.g. upgraded only some files leaving you in an inconsistent state).

    I just spent far too much time when I should have been doing my computability theory research instead building my own wordpress theme so if you don’t get any better offers I would be happy to check things out.

    But at the moment I’m assuming someone will likely comment with the exact answer. Though if you want a better educated guess sharing what plugins you are using and the version of wordpress wouldn’t hurt.

  29. Peter Gerdes Says:

    I should have said is either generated by the php or improperly cached.

  30. Peter Gerdes Says:

    Ohh and if you have a caching plugin like W3Cache installed you might be able to get a sense if it is causing the problem by looking in the wp-content directory and seeing if there are any saved html files in there showing your comments (they might be zipped) already populated with names/emails. They shouldn’t be. But the easier thing to do is just going into it’s config it wp-admin and clear the cache or turn it off.

    Though, hmm, up until a few minutes ago I was running into the problem and now it is returning only my name. If it isn’t fixed it is sounding more and more like an issue with caching. Either on your server or someone is running a cache in front of it.

    Especially since something seems to populate my name and email into other browsers on this computer I’ve never used with your blog. That strongly suggests some process is caching the page returned based (in part) on IP and that got screwed up. Erase any caches you can.

  31. HopesBSisnotBS Says:

    So can we factor/discrete log with Boson Sampling? What classically hard task can Boson Sampling do?

  32. Amir Says:

    Hi, did you see the Quanta piece in which you’re quoted?
    How do you feel about the characterization “Scott is thinking in a theoretical sense”?

    (As if 1TB keys and 100 hours of CPU time for single message description, let alone quantum computers, are not theoretical)

  33. Scott Says:

    HopesBSisnotBS #31: BosonSampling is itself a classically hard task. The task, roughly speaking, is to output an nxn matrix A with probability ~μ(A) |Per(A)|2 (omitting normalization), where μ(A) is the probability of A according to the i.i.d., N(0,1) Gaussian measure, and Per(A) is the permanent of A. In other words, “sample a random matrix, but in a way that’s biased toward matrices with larger permanents.”

    As I’ve said loudly and clearly many, many times, it’s an open problem whether the ability to solve BosonSampling implies the ability to solve any classically-hard decision problems. Certainly we don’t know how to do (e.g.) factoring or discrete log this way, or anything else of relevance to cryptography. On the other hand, if we just want something that’s classically hard, the case that BosonSampling is classically hard is arguably stronger than the case that factoring and discrete log are.

  34. Scott Says:

    Amir #32: Yes, I saw that piece. I don’t agree that the worries about the resulting cryptosystem—that it requires terabyte-long keys, and is vulnerable to polynomial improvements in algorithms—are particularly “theoretical.”

    Maybe the best way to summarize the situation is as follows.
    We’ve long known that if scalable QCs are built, then RSA as we all know it collapses. This paper doesn’t challenge that conclusion, so much as study the question of how much cryptographic security could still be salvaged from the heap of charred rubble that was once RSA. (The answer, as it turns out, is “possibly some but at any rate not much.”)

    I don’t agree with the closing quote that “the conventional wisdom is wrong.” This seems to me more like an elaboration of the conventional wisdom (which long allowed for the possibility of “merely-polynomial” public-key security, as for example with Merkle puzzles, even supposing that factoring and discrete log were solvable in polynomial time).

  35. permanent Says:

    Scott #33. Is it even known if the ability to do Boson Sampling quickly and classically allows you compute permanents quickly? Might it be possible to Boson Sampling in 1.4^n time, for example, but still have to take n2^n time to compute the permanent of a matrix?

  36. Scott Says:

    permanent: No, the ability to do BosonSampling isn’t known to imply the ability to compute the permanent quickly—but it does imply the ability to approximate the permanent in the complexity class BPPNP (for arbitrary matrices or i.i.d. Gaussian matrices, depending on whether we’re talking about exact or approximate BosonSampling). So, with appropriate complexity conjectures, e.g. about the hardness of #P problems for the polynomial hierarchy, that does indeed imply exponential classical hardness for BosonSampling. All this is clearly explained in the introduction to our paper.

  37. permanent Says:

    Scott #36. That is interesting, thank you. Just to finish this line of reasoning, are there are any complexity consequences at all to the existence of a 1.00001^n BosonSamping algorithm?

  38. Scott Says:

    permanent #37: That’s a very interesting question, which is tricky to answer, because for convenience we phrased all our results as “if this can be done with polynomial resources in this model, then that can be done with polynomial resources in that model.” Once you start talking about moderately exponential resources, you have to be much more careful in accounting for blowup in the reductions if you want the end result to be nontrivial.

    Having said that, I’m virtually certain that the answer to your question is yes. I.e., if BosonSampling could be done classically in 1.00001n time, even up to 1/poly(n) error in variation distance, then surely we could convert that into a BPTIME(cn)NP algorithm to approximate the permanents of i.i.d. Gaussian matrices, for some c<2—which is something that seems pretty implausible.

    But I’d need to go through the reduction carefully in order to estimate what value of c we can get out the other end when we do this. If I get around to doing such an estimate, I can post an update here (or send me an email if you want me to email you).

  39. Tim McCormack Says:

    Looks like it’s working again, so I guess you did something? I hope you did something, and not that it just magically righted itself. D-:

  40. Scott Says:

    Tim #39: Well, it seems better than before, but it’s not fully back to normal yet. But the WordPress people got in touch with me so hopefully it will be fixed soon!

  41. Michael Says:

    I think there still might be a few bugs- I could see other people’s emails earlier.