WAKE UP KASEY!!!!

[Neville]

THE BAST....S ARE AT IT. WIPE THE LAST 3 ENTRIES.

THERE IS NO SLEEP FOR THE WICKED AND THE WEB MANAGERS.

[Ernie Hamm]

Actually, there are six entries to be eliminated. They 'invaded' three discussion areas.

[clpexco]

Sorry for the delay... difficult to keep up with this garbage during the day. We may have to move toward an approval process, where Steve and I would approve applicants for board membership. I had hoped to keep it automated, but at this rate Steve and I would both rather deal with that rather than react to this nonsense all the time.

Thanks for your patience... anyone can chime in... would you prefer that new sign-ups had to be "approved" prior to posting (and hence could not immediately post), or would you prefer to keep the delay out of the picture and live with this volume of spam posting?

-Kasey

[Pat A. Wertheim]

I like the idea of anonymous posts, although I don't give them the credibility that goes to a person whose name appears on a posting. I also believe spontaneous replies give insight that might be denied to the readers if a delay were part of the registration process. If preregistration is required, it would discourage anonymous posts and take spontanaity out of first time posts. True, I dislike the internet jerks selling their drugs and porn on this website, but my personal belief is that Kasey and Steve are doing a pretty good job of deleting the trash in a timely manner. I understand that while they are working their day jobs, they can't jump on it immediately when it appears. While I am irritated by the appearance of those postings, I exercise my option to not open or read them, much less go to their linked websites. So I would vote not to require registration through Kasey or Steve for members of the chat board unless this nonsense gets way out of control.

[Neville]

Well for me it is no issue I am a day ahead of you guys anyway, does anyone want to know tomorrow's best bets at the races??????

Seriously though, would it be easier, as is now the case, to just log on before any comments can be added and you manage the people able to log on, for instance, a person wishing to register needs a reputable person to give the OK, your Dad knows enough people to start with and you can soon see from who is making historical comments, no matter how controversial, those you do not want i.e. those last 6 spams.

Those wishing to join would need to provide a known persons email address. I think this may be workable as most people know of someone who is either a Fellow of the Fingerprint Society or a member of the IAI, or know someone who has been on an international conference or a DVI operation.

There are other organisations that you may wish to include like Solicitors Law Societies and Forensic Societies.

[Steve Everist]

As the standard phpbb exists right now, I've got all of the security features in place that are provided with the software. Even with the visual confirmation, the bots are being designed to get through this. The only thing built into the software that can currently be changed is who gets to enable account activation. Currently it's set to user, which means it's done via email confirmation. The other option is Admin, which means that anybody interested in participating by posting a new message or replying to a current one, who hasn't previously registered, must wait for the OK by an Admin before their registration is accepted and they are able to post. That creates a delay based on when we are available to OK their registration.

This has nothing to do with them being related to law enforcement, etc... which is really a different issue. For the most part, I can figure out who is a spammer and who is legit without having a note from their supervisor, friend, mother, etc... There are a few things that usually give it away.

The way it's set up now, only registered members can post. But if a spammer has nothing better to do than go through the process as it stands and make a post, it's hard to stop them beforehand. There are some mods that can be done to the code, but I don't have the skills to change code. I'm just an LPE trying to help out. The end result is that we'd likely be down completely and we don't want that. We may be able to get some people with experience modding phpbb's, but before doing that, we need to find what the best mods would be for the current issues. I'm working on that part.

Does anybody have skills in modding these programs? If so, contact Kasey. Otherwise we'll do what we can to take care of the issue. In the meantime we'll continue to clean things up as they come along. Usually that happens within 12 - 16 hours of it popping up, at worst. I'd recommend following Pat's choice and choose not to read the obvious ones. We have had some that included photos that your management and IT people wouldn't be thrilled about. Those that are done as replies to previous threads may be a little more difficult to decipher. In the case of today's posts, it was obvious that they were from the same person that posted the new porn messages.

[Neville]

"We have had some that included photos that your management and IT people wouldn't be thrilled about."

This is the issue in one; if I was to click onto a link or two that is well disguised as a forensic link but is a porn site I will have access to this site closed down real quick. I value my ability to access this page in a work environment, I really appreciate what you and Kasey are doing. I think that you are not just a LPE but a LPE with extra special ability, so do not sell yourself short.

Sorry I do not have the extra skills required.

My thinking is along the line of trying to ensure continued safe access. A quick look through the pages and pages of information accumulated through millions and millions of man hours right here on one site is mind blowing, keep up the good work guys.

[Steve Everist]

"We have had some that included photos that your management and IT people wouldn't be thrilled about."

This is the issue in one; if I was to click onto a link or two that is well disguised as a forensic link but is a porn site I will have access to this site closed down real quick. I value my ability to access this page in a work environment,

That's the first concern. The other one being that any sites that get overrun with spam are usually quickly abandoned. We don't want that happening. I've went back to the old forums, and that's exactly what happened - they're now full of spam. Yet there are some great posts that I even found myself referring to today from that board.

But if someone wants to take the time, jump through the hoops, etc... there's not a lot we can do other than try to catch it quickly.

I really appreciate what you and Kasey are doing. I think that you are not just a LPE but a LPE with extra special ability, so do not sell yourself short.

Hmmm, maybe I should put this on my CV!
Of course the other option is that I'm an LPE with too much time on his hands. I'll let y'all decide that one.

My thinking is along the line of trying to ensure continued safe access. A quick look through the pages and pages of information accumulated through millions and millions of man hours right here on one site is mind blowing, keep up the good work guys.

That's true. Another thing is making sure that the information is backed up so that it can be mostly recovered in case of something bad happening. I've seen secure boards taken over by not-too-friendly people. The result was a lot of archived information no longer being recoverable. That would be a shame.

[RL Tavernaro]

Will the current software allow incorporation of a visual confirmation code in the registration process? This could provide some relief from the 'bots' at least.
Regards, RLT

[Steve Everist]

Will the current software allow incorporation of a visual confirmation code in the registration process? This could provide some relief from the 'bots' at least.
Regards, RLT

That's been in place since we started requiring registrations for posting. Most bots can get right through that.

[RL Tavernaro]

Will the current software allow incorporation of a visual confirmation code in the registration process? This could provide some relief from the 'bots' at least.
Regards, RLT

That's been in place since we started requiring registrations for posting. Most bots can get right through that.

Guess it's been too long since I registered. Just to confirm, I was talking about a randomly generated code in a non-linear bitmap format in a graphical display (designed to defeat OCR), that requires typing in the code as visualized into a required registration field.

Is this what is already in place? Wasn't aware that 'bots' could now routinely defeat it.
RLT

[Steve Everist]

Will the current software allow incorporation of a visual confirmation code in the registration process? This could provide some relief from the 'bots' at least.
Regards, RLT

That's been in place since we started requiring registrations for posting. Most bots can get right through that.

Guess it's been too long since I registered. Just to confirm, I was talking about a randomly generated code in a non-linear bitmap format in a graphical display (designed to defeat OCR), that requires typing in the code as visualized into a required registration field.

Is this what is already in place? Wasn't aware that 'bots' could now routinely defeat it.
RLT

From the mod forums I was reading, it sounds like they can be designed to defeat the OCR. You joined in July of 2005, which was long before we turned on the OCR. There is no fool-proof way to stop all spammers, but there are ways to slow them down, which they will then write new code to defeat. The tough ones are the human spammers who will take the time to fill out the forms and go through the process.

[Shane Turnidge]

The real trouble with boards like this is the presence of "Lurkers".
I believe that a private board would add to some of the discussion rather than repress it.

A personal validation system would also ease any apprehension that the person to whom you are corresponding is legitimate.

FWIW. I'm a fan of a private site for topics as potentially contentious as those we are likely to discuss here. I too have no preference for real names over aliases.

As long as the landscape is present for a good discussion, count me in.

Shane Turnidge

[Pat A. Wertheim]

Okay, that does it. This morning we've got some DORK selling his software on this site. I change my earlier comment about letting anyone post. Go ahead and require preregistration to be approved by the webmaster BEFORE a new member is allowed to post.

[Heidi Fraser]

I don't really know which side to come down on in the pre-registration vs. not debate -- I can see advantages to both sides. However, I did want to throw in my $0.02 regarding references. While I see the value in having to have a "known" LPE vouch for you before you can get an account, I can see this as being harshly over-restrictive on several groups of people who we would want to participate in our discussions.

People from very small labs, people who are new to the discipline, people who are peripherally related to the discipline, but are not members of the IAI... I could probably think of other examples. The point is, if you are not already well-connected, this sort of endorsement could be difficult to obtain, and I think it would be sad to exclude people who legitimately want to be a part of this community simply because they don't know the right people to get invited in.

Heidi (who was new to the discipline not so long ago, and can sympathise)