Rums

@Strbacfr We add our sell settings next to the search, so it takes away from the width of this element (CSFloat uses CSS max-width here). BetterFloat is heavily optimized for performance & functionality, so these smaller styling conflicts are the price we pay

@rumscsgo without:

@rumscsgo why the text lookin like this when betterfloat is on

@HKPhooey__ @skinscom We don’t seriously assume that a site owned by an online casino plans to adhere to any laws?

@skinscom You’ll owe VAT when selling to any European users your spread is nowhere near high enough to cover this. You’re creating a time bomb without knowing it.

We've been getting a lot of questions about how Skins plans to monetize as a platform. We want to take the time to break it down in the thread below, as well as dispel any other concerns that members of the community may have in an open Q&A.

@Eton_64 Not quite, the account gets a 30d trade ban, the items itself would be tradable again in 7 days. If these items now were permanently untradeable, that would completely remove any way of abusing the system. And it would basically lower the existing supply, another huge plus.

@rumscsgo These items are untradeable for 30d (:

Observing the recent shift in sentiment regarding trade reversals got me thinking. The general concept of reversals is really good, but it's just too abusable in its current state. What if Valve made reversed items untradeable / unmarketable for the initiating party?

@keppler10002446 yo, send the guides and I'll check it out

@rumscsgo yo rums... another request. could add max blue, pink and green gems for dopplers? the guides are pretty well established.

@oranges0401 @Erroden_ Update: You were right. I reverted it back to individual sites x.com/rumscsgo/statu…

@rumscsgo @Erroden_ then make it an opt in feature that requests access to the specific websites as needed? Why do you blanket need access to everything

well, good bye betterfloat

@SpectralOwl I totally understand the purpose of minimum required permission. I didn't really think this decision through enough, given how requesting the "all" permission has become the default for extensions. You guys reminded me and you were absolutely right to do so.

@rumscsgo Totally understand why you made the decision to change the permissions to begin with, but this is the "proper" way. Lots of people are fairly nervous when it comes to security, especially in the skins community where the security of their browser can be worth thousands of $

Thank you, the community, for you involvement in BetterFloat. I read lots of justified concerns about our new permissions today. I heard you and changed the "all" permission back to individual sites to provide additional transparency (v.3.2.2). Thank you for your support 🖤

@_pedantic_dev We did include a few more markets in the list, which we are going to support in the near future (including Youpin). So yeah, this is the approach we should have taken from the beginning.

@rumscsgo No, I mean include youpin on your permission list even if you don't support them yet, so when you do it's already on the list.

@_pedantic_dev That's what we tried to do with the "all" permission. There's really no in-between solution. Nevertheless, we will now just continue as before and update permissions every ~6 months now to add new markets.

@rumscsgo Might be possible to have the list include all marketplaces, that way you can expand markets and only need to add the up and coming ones.

@netstatcs2 @Erroden_ I very much acknowledge that extensions are always a security concern. And I am very much a fan of verify over trust, which is why we are open-source. In this scene (see SIH) I am surprised this is such a big deal given our transparency (betterfloat.com/permissions).

@rumscsgo @Erroden_ The steamguard part is true. With the latest change you can't even list a $0.03 item on steam market without 2FA. I overreacted a bit in my initial post, you clearly are clean, but me, as a security guy, I always stay away from stuff like this.

@netstatcs2 @Erroden_ Changing requests requires a special permission called "webrequest", which we DONT request. Also MV3 heavily limits what extensions are able to do. Without your Steam Guard or 2FA, we still can't do those things if you setup your account correctly.

@rumscsgo @Erroden_ amigo, MITM is totally doable by chrome extensions, generally speaking. That doesn't mean that you are doing it. Respectfully, don't get too offended.

@netstatcs2 @Erroden_ Of course, that it s well in your right to limit the permissions you grant. Doesn't change anything about the fact that we CANNOT do the things you talked about like replacing responses or randomly taking your skins. Please do not talk about stuff you got no idea about.

@rumscsgo @Erroden_ It's not braindead, it's reality. True, I wasn't aware that the code is open source, but don't expect the average user to accept that. My opinion is just to stick to the most important websites without asking for perms as you did before.

@oranges0401 @Erroden_ You realise that extensions don't just "work" forever? I would have to maintain two separate code bases and update both of them on the regular to stay up-to-date with CSFloat's website changes.

@rumscsgo @Erroden_ I don't see a significant time cost, money cost, or punishment for paying users to releasing a lite version that just works on float.

@oranges0401 @Erroden_ Because it costs time and money. I don't see how punishing our paying users makes sense here. I'd rather spend the little time I can into developing cool stuff for the people that are willing to support the project.

@rumscsgo @Erroden_ Then why not release a 'lite' version of the extension that isn't future proofed for the users happy with what already is?

@MDLcsgo @Erroden_ You aren't wrong. That would mean that every time we add a new market, the extension would get disabled for every single user and you would have to manually accept this single permission for the new market. Please read my article about it: betterfloat.com/permissions

@rumscsgo @Erroden_ ..? It's literally just a manifest change to add each new website without operating on a dangerous wildcard - max. 72h delay from commit -> live. I don't want to call this being lazy, but it's just unnecessary when Extensions support multiple forms of wildcard host entries.

@DrexCS2 @kirincs Of course, check out Pricempire's API prices, which we've been using from the beginning: pricempire.com/api

@rumscsgo @kirincs Ah i didn’t know that it costs money

@kirincs @DrexCS2 Totally understandable, I won't judge anyone that uninstalls the extension as a consequence. Our permissions hindered us in development for a long time, so this was a necessary change. Extension development isn't as fun as it may seem at this scale.

@rumscsgo @DrexCS2 Yep thx for the clarification, tool is awesome still and I understand the permission thing even though as you say probably understand I’m not loving the idea of it 🙏

@DrexCS2 @kirincs While it would be possible, I personally just don't have the capabilities to do it. In the end, actively developing and maintaining an extension costs money and our Pro users are the ones supporting us financially here.

@rumscsgo @kirincs Would a Pro and a Normal version be possible so that the normal doesn’t need access to all sites since it only has 4 markets anyways? Or would that be way too difficult/too much work?