Date   

moderated Re: User-friendly message rejection after attempt to post to a locked thread #suggestion

Marv Waschke
 

I should add that I fully defer to the arguments that locked threads are necessary and a user friendly response is desirable, but I won't endorse a solution that relaxes security because Groups.io is too obscure to be worth defending. I will wait for a solution that maintains the current level of security and supports the desired functionality. Put some heart into both security and functionality.


Re: Members Removed for Marking Messages as spam AUTO-Message suggested modification

ro-esp
 

On Fri, Apr 26, 2019 at 10:54 PM, Ken Schweizer wrote:


Another confusing factor with the Auto-Message is that it appears to be coming
from the Owner of the member's group rather than from GROUPS.IO itself as can
be seen in the FAQ sample message. In our case that was a major factor in the
member's reaction. I find it unusual and confusing for the "email group
service" to send a message in the name of one of its groups.
Yes. Since there is no owner/moderator activity involved, it would be better to have it read something like "system@groups.io" as sender

groetjes, Ronaldo


Re: Members Removed for Marking Messages as spam AUTO-Message suggested modification

Dave Sergeant
 

As well as the points already discussed, it is worth pointing out that
the process of being removed for marking as spam and the resulting
email exchange is as far as I know unique to groups.io. I know of no
other email list service, or forum for that matter, that does this. So
to get a strange email, from an address that in itself is different
from normal list postings, with this rather strange content and
instructions can only be confusing, even to those who are computer
savvy.

I know the reason Mark has added this process to groups.io but why does
nobody else do similar?

Dave

http://davesergeant.com


moderated Re: "Likes" revisited

dave w
 

On Thu, Apr 18, 2019 at 02:38 AM, Brian Vogel wrote:
Another head scratcher.  I've said it before, and I'll say it again, it doesn't go with the medium.  It's an insane workaround.  
The same could be, and is, said for inane sig lines and witticisms some think are humorous in messages.
Another reason I have never subscribed via email- either here at at Y* on near 30 groups of interest.

My only reason for reading this thread is the apparent banning of an inane feature, that, ostensibly does nothing to or for groups anyway. It massages an ego but you have to look for it on the site.

I've been waiting to see some effort to quantify likes- my own or others- as there's no other way to highlight useful/ efficient/ accurate information contained in or attached to messages, other than copying each and every piece of documentation/ text out to a separate dbase.

FWIW, contrarily,
d


moderated Re: User-friendly message rejection after attempt to post to a locked thread #suggestion

Duane
 

On Fri, Apr 26, 2019 at 06:59 PM, Brian Vogel wrote:
Taking active measures against something like this is a waste of time.
Please see https://beta.groups.io/g/main/message/20525

Duane


moderated Re: User-friendly message rejection after attempt to post to a locked thread #suggestion

 

Brian,


That payload exists today, and could be exploited and would be if it were worth the effort.

No, it does not.
As things are now nothing is sent "back" to anyone. The server that is attempting to deliver the message is told "no", and given the error code and short text at connection time. There is no possibility of backscatter because Groups.io does not create and send a new message. The importance of that statement is that there's no way for a miscreant to cause the error text to go to any server but his own.

Shal


moderated Re: User-friendly message rejection after attempt to post to a locked thread #suggestion

Brian Vogel <britechguy@...>
 

On Fri, Apr 26, 2019 at 12:46 PM, Marv Waschke wrote:
solutions that reduce security become mistakes.
Except it doesn't.   The request to remove the original message from the locked message eliminates "the payload" as described entirely.   That payload exists today, and could be exploited and would be if it were worth the effort.

There's a big difference, huge in fact, between actually doing something that reduces security and acknowledging that a known security risk should probably be way, way, way down the list of worries.  

The hemming and hawing about backscatter is about something that is not happening, could easily be made to happen as things stand now (and not just here), and is not happening because it's not worth the effort at the present time.  Taking active measures against something like this is a waste of time.
 
--

Brian - Windows 10 Pro, 64-Bit, Version 1809, Build 17763  

     Presenting the willfully ignorant with facts is the very definition of casting pearls before swine.

              ~ Brian Vogel


Re: Members Removed for Marking Messages as spam AUTO-Message suggested modification

Sharon Villines
 

On Apr 26, 2019, at 5:27 PM, Brian Vogel <@britechguy> wrote:
I agree with all your points — and just as soon as we learn what we are doing, things will change again. I groan every time Apple updates the iOS. I use the iPhone minimally and don’t need almost any of the wonderful new features that actually just make reentry difficult.

They also tend to have a fear factor related to computers of the "if I do {insert virtually anything here} will I break it!} type.
This is one problem with HTML in wikis. The people in my cohousing community are very good at entering information about facilities repairs and replacements. The love it. But if I use a wiki that has any HTML on the screen, they are convinced the whole thing will crash if they put their cursor in the wrong place.

It’s like a visual block.

Sharon
----
Sharon Villines
Takoma Village Cohousing, Washington DC
http://www.takomavillage.org


Re: Members Removed for Marking Messages as spam AUTO-Message suggested modification

Brian Vogel <britechguy@...>
 

On Fri, Apr 26, 2019 at 03:57 PM, Sharon Villines wrote:
Older people have a huge problem understanding all the routing and who does what in email. I still can’t get direct answers when I ask “Do you read on the web or do you download messages to an email program.” I have to ask "what browser do you use” and that totally confuses the Outlook users. Then the confusion about yahoo the email account, yahoo the website, etc. Google is a nightmare.

As people die, this problem will go away
Sharon, what follows is not, in any way, intended as an argument with what you've said but really reinforcing its core points while tossing out a few of the "around the edges" assertions.

I am in my mid-50s, and had my degree in computer science granted in 1984.  I have been involved in IT in some capacity ever since, sometimes more so than others, but it's been continuous in one way or another.

It's not just older people who have the problem understanding the "under the hood" aspects of computing in general and e-mail in particular.   There is an age demographic, of which I am a part, that came of "computer age" when the end of punch cards was drawing nigh and the birth of the PC was just beginning.  Nothing was really "automatic" at that point and if you intended to use computers you had to have at least a decent knowledge of how to be a "software mechanic" at the very least.

I've always understood why those 60 (at the very lowest end, probably) and up have no real knowledge of any "under the hood" aspects of computers because they came to them, if they came to them, after things had become very automated (say, the Windows 7 era and on), and so didn't need to.  They also tend to have a fear factor related to computers of the "if I do {insert virtually anything here} will I break it!} type.

Now we have the demographic significantly younger, I'd say under 40 for the most part, that came of age when their entry point was after everything was automatic.  They tend to be end users extraordinaire, but they often have little knowledge of the correct terminology for anything (e-mail client?  What's an e-mail client? though they tend to get webmail as a concept but cannot fathom that Gmail on their Android phone is not webmail, but an e-mail client or something very similar anyway).   If anything goes wrong they're like most people are with their cars, on the phone to someone to get it fixed without ever thinking about what goes into fixing it.

I don't think that these issues are going to go away due to "die off," at least not the core issues of not knowing, not understanding, and not caring to do either and getting frustrated when those attempting to assist require way more precise information than, "It's not working!!," in order to do so.   I get the generic, "It's not working!!," from both my elderly clients and college students.   I seldom do from those above 40 and under 60 at this point in time, and of course both of those end points are constantly shifting up and "the dinosaurs among us" who get this stuff will soon enough be dying off.   I wonder just how much of a very small "dark art" working in nuts and bolts hardware and software manipulation and repair, the "under the hood" knowledge and ability to apply it, is going to become?
 
--

Brian - Windows 10 Pro, 64-Bit, Version 1809, Build 17763  

     Presenting the willfully ignorant with facts is the very definition of casting pearls before swine.

              ~ Brian Vogel


Re: Members Removed for Marking Messages as spam AUTO-Message suggested modification

Ken Schweizer
 

Another confusing factor with the Auto-Message is that it appears to be coming from the Owner of the member's group rather than from GROUPS.IO itself as can be seen in the FAQ sample message. In our case that was a major factor in the member's reaction. I find it unusual and confusing for the "email group service" to send a message in the name of one of its groups.

From: groupname+owner@groups.io

To: (Whom it may concern)
Subject:
You have been removed from ...

Ken

 

“If you will not fight for the right when you can easily win without bloodshed, if you will not fight when your victory will be sure and not too costly, you may come to the moment when you will have to fight with all the odds against you and only a small chance of survival. There may even be a worse case: you may have to fight when there is no hope of victory, because it is better to perish than to live as slaves.” — Winston Churchill

 

 


Re: Members Removed for Marking Messages as spam AUTO-Message suggested modification

Sharon Villines
 

On Apr 26, 2019, at 11:48 AM, Ken Schweizer <@KenSch> wrote:

I don't think we can be too simplistic when telling a member that they have been removed from a group. I'd like to suggest a few small changes, including strategic CAPITALIZATION, to the message to ensure our members read it as intended.

You have been automatically removed from GROUPNAME because "YOUR" Email Service Provider reported to us that one or more messages "SENT TO YOU" from GROUPNAME has been marked as spam "BY YOU OR YOUR E-MAIL PROVIDER and NOT DUE TO ANY POST FROM YOU". We suggest that you check your spam box as soon as possible to see if "YOUR" Email Service Provider has diverted legitimate messages into it.
The age of list members makes a huge difference on email lists. I have a range of people from 90 to 21. Older people have a huge problem understanding all the routing and who does what in email. I still can’t get direct answers when I ask “Do you read on the web or do you download messages to an email program.” I have to ask "what browser do you use” and that totally confuses the Outlook users. Then the confusion about yahoo the email account, yahoo the website, etc. Google is a nightmare.

As people die, this problem will go away but I have people in their 40s who get stressed and confused, so that time is still out there some place in the future. A deadline to meet when your email goes down can produce frenzy. And the more Groups.io has enterprise accounts, the more frequent this will be.

One of the best ways to emphasize a statement is white space between short sentences and center them.

bbbbbbbbb

cccc

xxxxxxxxxxxxxxx

Sharon
----
Sharon Villines
TakomaDC@Groups.io
"Neighbors Talking to Neighbors”
Takoma Park DC and MD


Re: Members Removed for Marking Messages as spam AUTO-Message suggested modification

Ken Schweizer
 

Brian,

 

I would agree with not using caps if we were only dealing with cyber savvy people, but in many cases our members have no idea the caps suggest they are being yelled at, but it does bring their attention to the words and their meaning.

 

Yet, you make a good point.

 

Ken

 

“Silence in the face of evil is itself evil: God will not hold us guiltless.

Not to speak is to speak.

Not to act is to act.”

Dietrich Bonhoeffer

,_._,_


Re: Members Removed for Marking Messages as spam AUTO-Message suggested modification

Brian Vogel <britechguy@...>
 

Personally, I don't like the use of all caps because it is considered yelling in cyber parlance.

Yet, I like the idea you have.  The use of bold, italic, and/or underline as appropriate in the phrases you have capitalized should give as much, if not more, emphasis than the all caps does.
--

Brian - Windows 10 Pro, 64-Bit, Version 1809, Build 17763  

     Presenting the willfully ignorant with facts is the very definition of casting pearls before swine.

              ~ Brian Vogel


moderated Re: User-friendly message rejection after attempt to post to a locked thread #suggestion

Marv Waschke
 

I will stick to my opposition to "security by obscurity" because I've seen too much. I've been writing code and designing systems since the late 60s. I have heard the "you don't need Fort Knox..." argument many times in defense of back doors, not bothering to encrypt, and a slough of other practices that now make hacking a game for fourteen year-olds. Those practices may seem obvious today, but in its day, a criminal finding a back door and exploiting it seemed as improbable as getting hit by a meteorite at a baseball game. In the day when coding was a rare skill and compute cycles were expensive, the whole idea that anything more than a casual XOR of the payload was enough to keep network traffic private was building Fort Knox to protect a broken bicycle.

The world has changed. Today I know a 16 year old who reads the Android code for fun and decompiles the parts Google keeps private. He's a curious kid, not a criminal hacker, but if he can do it, so can a lot of others. Sure, a criminal taking advantage of back scatter from Groups.io locked threads is improbable, but this is a case where a practice that blocks a potential breach is known and already in place. I cannot see relying on improbability as protection when the wall is already built. Certainly, there are many more obvious dangers, my experience is that eventually solutions that reduce security become mistakes.
Best, Marv


Members Removed for Marking Messages as spam AUTO-Message suggested modification

Ken Schweizer
 

Hi Mark,

 

I know this topic has been beaten to death, but we had a situation that caused some very hard feelings because a member didn't read the auto unsubscribe message as was intended, but read into it what they had feared.

 

In our case this long-time member has been hesitant to post to the group and the auto-Unsubscribe-message coincidently went out the day after their first post. I believe the member read the auto post as saying that they were unsubscribed due to posting a message the owners thought was SPAM. In our case the member's primary language is English, thus a language barrier is not the issue. I believe the member quickly read the auto-message, read what they had "FEARED MAY" be the reaction to their post and reacted emotionally to what they "THOUGHT" was intended in the auto-message.

 

I don't think we can be too simplistic when telling a member that they have been removed from a group. I'd like to suggest a few small changes, including strategic CAPITALIZATION, to the message to ensure our members read it as intended.

 

You have been automatically removed from GROUPNAME because "YOUR" Email Service Provider reported to us that one or more messages "SENT TO YOU" from GROUPNAME has been marked as spam "BY YOU OR YOUR E-MAIL PROVIDER and NOT DUE TO ANY POST FROM YOU". We suggest that you check your spam box as soon as possible to see if "YOUR" Email Service Provider has diverted legitimate messages into it.

 

Thanks for your consideration,

Ken

 

“You do what you can for as long as you can, and when you finally can’t, you do the next best thing. You back up but you don’t give up.” ―Chuck Yeager

 


moderated More efficient page navigation of member and other lists #suggestion

Barry_M
 

I'm new to groups.io but, now a week or so in, came across something that, very probably, must have been suggested before or just decided against. But, on the off chance it hasn't been...

When looking at "Members" for a group, at lower right are the page numbers and obvious how one can click on whatever page or click through them to see the entirety of a list.  But, to the left and right of a small range (maybe 5-8) page number options are single arrows which, if clicked, move one page left or right.  I'd love to suggest the inclusion of double arrows at left and right of those single arrows to speed navigation.  Clicking on one of those would bring you to the first or last page of a membership list versus just one page left or right.  Screenshot attached. 


moderated Re: User-friendly message rejection after attempt to post to a locked thread #suggestion

 

Oops. That was a mental typo. Should say “ is not really automatic” 


On Apr 25, 2019, at 10:12 AM, J_Catlady via Groups.Io <j.olivia.catlady@...> wrote:

I had one more thought on the idea that rejection, etc., should not be done "automatically" lest nefarious individuals take advantage of the situation:

I submit that having groups.io send a "This topic is locked" rejection notice in response to attempted posts to a locked topic is really "automatic." The rejection notice has, in effect, been requested by the moderator who locked the topic. It is simply a blanket (although still explicit) request at one level "up" from rejecting an individual message. Groups.io would simply be acting as the moderator's agent in sending the boilerplate message.
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


moderated Re: User-friendly message rejection after attempt to post to a locked thread #suggestion

 

I had one more thought on the idea that rejection, etc., should not be done "automatically" lest nefarious individuals take advantage of the situation:

I submit that having groups.io send a "This topic is locked" rejection notice in response to attempted posts to a locked topic is really "automatic." The rejection notice has, in effect, been requested by the moderator who locked the topic. It is simply a blanket (although still explicit) request at one level "up" from rejecting an individual message. Groups.io would simply be acting as the moderator's agent in sending the boilerplate message.
--
J

Messages are the sole opinion of the author, especially the fishy ones.
My humanity is bound up in yours, for we can only be human together. - Desmond Tutu


moderated Re: User-friendly message rejection after attempt to post to a locked thread #suggestion

Jeremy H
 

My thought on this is: what would happen if the topic was not locked? The message (posting to topic) would AIUI be dealt with 'normally' (posted through, moderated, whatever), even if from a spammer: that being the case, I fail to see what the real problem in sending a reply (with or without original message), saying 'This is a locked topic, your message has been rejected' (or words to that effect), and that should be the 'normal' response in that case.

Jeremy


moderated Re: User-friendly message rejection after attempt to post to a locked thread #suggestion

Glenn Glazer
 

On 4/25/2019 09:16, Brian Vogel wrote:
Locking topics is a basic function under any forum/e-mail system that I have used over the course of decades.  It needs to work.

No one is proposing "security by obscurity."   The fact, and it is a fact, is that spammers look for ease of putting a message out scattershot.  They do not target, and they certainly do not target in the way discussed here.  One takes precautionary measures based upon a realistic risk assessment.  It is a waste of time and effort to try to prevent the highly improbable.  If the highly improbable becomes easy or starts being used, then one takes remedial measures.  'Twas ever thus when keeping up with what spammers will try next.

The idea of a spammer employing backscatter is, to put it mildly, highly improbable.   I don't worry about being hit by a meteorite when sitting in my living room (though it's conceivably possible) just as I don't worry about the issue of backscatter and spammers.   If it were an easy and worthwhile effort to achieve their ends it would have been in use long before now, as the capability has existed long before now.

Hear, hear! I couldn't agree more.

In the computer security field, we often say that one doesn't need Fort Knox to safeguard a broken bicycle, which is a metaphorical way of saying exactly what Brian says above.

Best,

Glenn
M.S. '07 UCLA Security and Cryptography

--
We must work to make the Democratic Party the Marketplace of Ideas not the Marketplace of Favors.

Virus-free. www.avast.com